2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A/*
2N/A * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A
2N/A#include <cryptoutil.h>
2N/A#include <strings.h>
2N/A#include <stdio.h>
2N/A#include <tzfile.h>
2N/A#include <ctype.h>
2N/A
2N/A#pragma init(cryptoutil_init)
2N/A
2N/Aextern void pkcs11_acquire_all_random_mutexes();
2N/Aextern void pkcs11_release_all_random_mutexes();
2N/A
2N/Astatic void cryptoutil_fork_prepare();
2N/Astatic void cryptoutil_fork_after();
2N/A
2N/A/*
2N/A * This function returns a fullpath based on the "dir" and "filepath" input
2N/A * arguments.
2N/A * - If the filepath specified does not start with a "/" and the directory
2N/A * is also given, prepend the directory to the filename.
2N/A * - If only dir or filepath is given, this function returns a copy of the
2N/A * given argument.
2N/A * - If the filepath is fully qualified already and the "dir" is also
2N/A * given, return NULL to indicate an error.
2N/A */
2N/Achar *
2N/Aget_fullpath(char *dir, char *filepath)
2N/A{
2N/A char *fullpath = NULL;
2N/A int pathlen = 0;
2N/A int dirlen = 0;
2N/A
2N/A if (filepath != NULL)
2N/A pathlen = strlen(filepath);
2N/A
2N/A if (dir != NULL)
2N/A dirlen = strlen(dir);
2N/A
2N/A if (pathlen > 0 && dirlen > 0) {
2N/A if (filepath[0] != '/') {
2N/A int len = pathlen + dirlen + 2;
2N/A fullpath = (char *)malloc(len);
2N/A if (fullpath != NULL)
2N/A (void) snprintf(fullpath, len, "%s/%s",
2N/A dir, filepath);
2N/A } else {
2N/A return (NULL);
2N/A }
2N/A } else if (pathlen > 0) {
2N/A fullpath = (char *)strdup(filepath);
2N/A } else if (dirlen > 0) {
2N/A fullpath = (char *)strdup(dir);
2N/A }
2N/A
2N/A return (fullpath);
2N/A}
2N/A
2N/A/*
2N/A * This function converts the input string to the value of time
2N/A * in seconds.
2N/A * - If the input string is NULL, return zero second.
2N/A * - The input string needs to be in the form of:
2N/A * number-second(s), number-minute(s), number-hour(s) or
2N/A * number-day(s).
2N/A */
2N/Aint
2N/Astr2lifetime(char *ltimestr, uint32_t *ltime)
2N/A{
2N/A int num;
2N/A char timetok[10];
2N/A
2N/A if (ltimestr == NULL || !strlen(ltimestr)) {
2N/A *ltime = 0;
2N/A return (0);
2N/A }
2N/A
2N/A (void) memset(timetok, 0, sizeof (timetok));
2N/A if (sscanf(ltimestr, "%d-%08s", &num, timetok) != 2)
2N/A return (-1);
2N/A
2N/A if (!strcasecmp(timetok, "second") ||
2N/A !strcasecmp(timetok, "seconds")) {
2N/A *ltime = num;
2N/A } else if (!strcasecmp(timetok, "minute") ||
2N/A !strcasecmp(timetok, "minutes")) {
2N/A *ltime = num * SECSPERMIN;
2N/A } else if (!strcasecmp(timetok, "day") ||
2N/A !strcasecmp(timetok, "days")) {
2N/A *ltime = num * SECSPERDAY;
2N/A } else if (!strcasecmp(timetok, "hour") ||
2N/A !strcasecmp(timetok, "hours")) {
2N/A *ltime = num * SECSPERHOUR;
2N/A } else {
2N/A *ltime = 0;
2N/A return (-1);
2N/A }
2N/A
2N/A return (0);
2N/A}
2N/A
2N/A/*
2N/A * memcmp_pad_max() is a specialized version of memcmp() which
2N/A * compares two pieces of data up to a maximum length. If the
2N/A * the two data match up the maximum length, they are considered
2N/A * matching. Trailing blanks do not cause the match to fail if
2N/A * one of the data is shorted. Note that we really do mean just ' '
2N/A * not isspace(3C), as required by PKCS#11.
2N/A *
2N/A * Examples of matches:
2N/A * "one" |
2N/A * "one " |
2N/A * ^maximum length
2N/A *
2N/A * "Number One | X" (X is beyond maximum length)
2N/A * "Number One " |
2N/A * ^maximum length
2N/A *
2N/A * Examples of mismatches:
2N/A * " one"
2N/A * "one"
2N/A *
2N/A * "Number One X|"
2N/A * "Number One |"
2N/A * ^maximum length
2N/A */
2N/Aint
2N/Amemcmp_pad_max(void *d1, uint_t d1_len, void *d2, uint_t d2_len, uint_t max_sz)
2N/A{
2N/A uint_t len, extra_len;
2N/A char *marker;
2N/A
2N/A /* No point in comparing anything beyond max_sz */
2N/A if (d1_len > max_sz)
2N/A d1_len = max_sz;
2N/A if (d2_len > max_sz)
2N/A d2_len = max_sz;
2N/A
2N/A /* Find shorter of the two data. */
2N/A if (d1_len <= d2_len) {
2N/A len = d1_len;
2N/A extra_len = d2_len;
2N/A marker = d2;
2N/A } else { /* d1_len > d2_len */
2N/A len = d2_len;
2N/A extra_len = d1_len;
2N/A marker = d1;
2N/A }
2N/A
2N/A /* Have a match in the shortest length of data? */
2N/A if (memcmp(d1, d2, len) != 0)
2N/A /* CONSTCOND */
2N/A return (1);
2N/A
2N/A /* If the rest of longer data is nulls or blanks, call it a match. */
2N/A while (len < extra_len)
2N/A if (marker[len] != '\0' && marker[len++] != ' ')
2N/A /* CONSTCOND */
2N/A return (1);
2N/A return (0);
2N/A}
2N/A
2N/Astatic void
2N/Acryptoutil_init()
2N/A{
2N/A (void) pthread_atfork(cryptoutil_fork_prepare, cryptoutil_fork_after,
2N/A cryptoutil_fork_after);
2N/A}
2N/A
2N/Astatic void
2N/Acryptoutil_fork_prepare()
2N/A{
2N/A pkcs11_acquire_all_random_mutexes();
2N/A}
2N/A
2N/Astatic void
2N/Acryptoutil_fork_after()
2N/A{
2N/A pkcs11_release_all_random_mutexes();
2N/A}