/src/nss/lib/softoken/sftkpars.c

Source (jump to first uncovered line)
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/*
 *  The following code handles the storage of PKCS 11 modules used by the
 * NSS. This file is written to abstract away how the modules are
 * stored so we can deside that later.
 */
#include "pkcs11i.h"
#include "sdb.h"
#include "prprf.h"
#include "prenv.h"
#include "utilpars.h"

#define FREE_CLEAR(p) \
    if (p) {          \
        PORT_Free(p); \
        p = NULL;     \
    }

static void
sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed)
{
    parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
    parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
    parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags", "noKeyDB", tmp);
    parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
    parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
    parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
    return;
}

static void
sftk_parseFlags(char *tmp, sftk_parameters *parsed)
{
    parsed->noModDB = NSSUTIL_ArgHasFlag("flags", "noModDB", tmp);
    parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
    /* keep legacy interface working */
    parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
    parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
    parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
    parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
    return;
}

static CK_RV
sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed)
{
    int next;
    char *tmp = NULL;
    const char *index;
    index = NSSUTIL_ArgStrip(param);

    while (*index) {
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updCertPrefix, "updateCertPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updKeyPrefix, "updateKeyPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->certPrefix, "certPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->keyPrefix, "keyPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->tokdes, "tokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updtokdes, "updateTokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->slotdes, "slotDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(
            index, tmp, "minPWLen=",
            if (tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; })
        NSSUTIL_HANDLE_STRING_ARG(
            index, tmp, "flags=",
            if (tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
        NSSUTIL_HANDLE_FINAL_ARG(index)
    }
    return CKR_OK;
}

static void
sftk_parseTokens(char *tokenParams, sftk_parameters *parsed)
{
    const char *tokenIndex;
    sftk_token_parameters *tokens = NULL;
    int i = 0, count = 0, next;

    if ((tokenParams == NULL) || (*tokenParams == 0))
        return;

    /* first count the number of slots */
    for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex;
         tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {
        count++;
    }

    /* get the data structures */
    tokens = (sftk_token_parameters *)
        PORT_ZAlloc(count * sizeof(sftk_token_parameters));
    if (tokens == NULL)
        return;

    for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0;
         *tokenIndex && i < count; i++) {
        char *name;
        name = NSSUTIL_ArgGetLabel(tokenIndex, &next);
        tokenIndex += next;

        tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name);
        tokens[i].readOnly = PR_FALSE;
        tokens[i].noCertDB = PR_FALSE;
        tokens[i].noKeyDB = PR_FALSE;
        if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {
            char *args = NSSUTIL_ArgFetchValue(tokenIndex, &next);
            tokenIndex += next;
            if (args) {
                sftk_parseTokenParameters(args, &tokens[i]);
                PORT_Free(args);
            }
        }
        if (name)
            PORT_Free(name);
        tokenIndex = NSSUTIL_ArgStrip(tokenIndex);
    }
    parsed->token_count = i;
    parsed->tokens = tokens;
    return;
}

CK_RV
sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
{
    int next;
    char *tmp = NULL;
    const char *index;
    char *certPrefix = NULL, *keyPrefix = NULL;
    char *tokdes = NULL, *ptokdes = NULL, *pupdtokdes = NULL;
    char *slotdes = NULL, *pslotdes = NULL;
    char *fslotdes = NULL, *ftokdes = NULL;
    char *minPW = NULL;
    index = NSSUTIL_ArgStrip(param);

    PORT_Memset(parsed, 0, sizeof(sftk_parameters));

    while (*index) {
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->secmodName, "secmod=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->man, "manufacturerID=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, parsed->libdes, "libraryDescription=", ;)
        /* constructed values, used so legacy interfaces still work */
        NSSUTIL_HANDLE_STRING_ARG(index, certPrefix, "certPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, keyPrefix, "keyPrefix=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, tokdes, "cryptoTokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, ptokdes, "dbTokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, slotdes, "cryptoSlotDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, pslotdes, "dbSlotDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, fslotdes, "FIPSSlotDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, ftokdes, "FIPSTokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, pupdtokdes, "updateTokenDescription=", ;)
        NSSUTIL_HANDLE_STRING_ARG(index, minPW, "minPWLen=", ;)

        NSSUTIL_HANDLE_STRING_ARG(
            index, tmp, "flags=",
            if (tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
        NSSUTIL_HANDLE_STRING_ARG(
            index, tmp, "tokens=",
            if (tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); tmp = NULL; })
        NSSUTIL_HANDLE_FINAL_ARG(index)
    }
    if (parsed->tokens == NULL) {
        int count = isFIPS ? 1 : 2;
        int i = count - 1;
        sftk_token_parameters *tokens = NULL;

        tokens = (sftk_token_parameters *)
            PORT_ZAlloc(count * sizeof(sftk_token_parameters));
        if (tokens == NULL) {
            goto loser;
        }
        parsed->tokens = tokens;
        parsed->token_count = count;
        tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
        tokens[i].certPrefix = certPrefix;
        tokens[i].keyPrefix = keyPrefix;
        tokens[i].minPW = minPW ? atoi(minPW) : 0;
        tokens[i].readOnly = parsed->readOnly;
        tokens[i].noCertDB = parsed->noCertDB;
        tokens[i].noKeyDB = parsed->noCertDB;
        tokens[i].forceOpen = parsed->forceOpen;
        tokens[i].pwRequired = parsed->pwRequired;
        tokens[i].optimizeSpace = parsed->optimizeSpace;
        tokens[0].optimizeSpace = parsed->optimizeSpace;
        certPrefix = NULL;
        keyPrefix = NULL;
        if (isFIPS) {
            tokens[i].tokdes = ftokdes;
            tokens[i].updtokdes = pupdtokdes;
            tokens[i].slotdes = fslotdes;
            fslotdes = NULL;
            ftokdes = NULL;
            pupdtokdes = NULL;
        } else {
            tokens[i].tokdes = ptokdes;
            tokens[i].updtokdes = pupdtokdes;
            tokens[i].slotdes = pslotdes;
            tokens[0].slotID = NETSCAPE_SLOT_ID;
            tokens[0].tokdes = tokdes;
            tokens[0].slotdes = slotdes;
            tokens[0].noCertDB = PR_TRUE;
            tokens[0].noKeyDB = PR_TRUE;
            pupdtokdes = NULL;
            ptokdes = NULL;
            pslotdes = NULL;
            tokdes = NULL;
            slotdes = NULL;
        }
    }

loser:
    FREE_CLEAR(certPrefix);
    FREE_CLEAR(keyPrefix);
    FREE_CLEAR(tokdes);
    FREE_CLEAR(ptokdes);
    FREE_CLEAR(pupdtokdes);
    FREE_CLEAR(slotdes);
    FREE_CLEAR(pslotdes);
    FREE_CLEAR(fslotdes);
    FREE_CLEAR(ftokdes);
    FREE_CLEAR(minPW);
    return CKR_OK;
}

void
sftk_freeParams(sftk_parameters *params)
{
    int i;

    for (i = 0; i < params->token_count; i++) {
        FREE_CLEAR(params->tokens[i].configdir);
        FREE_CLEAR(params->tokens[i].certPrefix);
        FREE_CLEAR(params->tokens[i].keyPrefix);
        FREE_CLEAR(params->tokens[i].tokdes);
        FREE_CLEAR(params->tokens[i].slotdes);
        FREE_CLEAR(params->tokens[i].updatedir);
        FREE_CLEAR(params->tokens[i].updCertPrefix);
        FREE_CLEAR(params->tokens[i].updKeyPrefix);
        FREE_CLEAR(params->tokens[i].updateID);
        FREE_CLEAR(params->tokens[i].updtokdes);
    }

    FREE_CLEAR(params->configdir);
    FREE_CLEAR(params->secmodName);
    FREE_CLEAR(params->man);
    FREE_CLEAR(params->libdes);
    FREE_CLEAR(params->tokens);
    FREE_CLEAR(params->updatedir);
    FREE_CLEAR(params->updateID);
}

PRBool
sftk_RawArgHasFlag(const char *entry, const char *flag, const void *pReserved)
{
    CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *)pReserved;

    /* if we don't have any params, the flag isn't set */
    if ((!init_args || !init_args->LibraryParameters)) {
        return PR_FALSE;
    }

    return NSSUTIL_ArgHasFlag(entry, flag, (const char *)init_args->LibraryParameters);
}

Coverage Report

Created: 2025-06-24 06:49

Line	Count	Source (jump to first uncovered line)
1		/* This Source Code Form is subject to the terms of the Mozilla Public
2		* License, v. 2.0. If a copy of the MPL was not distributed with this
3		* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4		/*
5		* The following code handles the storage of PKCS 11 modules used by the
6		* NSS. This file is written to abstract away how the modules are
7		* stored so we can deside that later.
8		*/
9		#include "pkcs11i.h"
10		#include "sdb.h"
11		#include "prprf.h"
12		#include "prenv.h"
13		#include "utilpars.h"
14
15		#define FREE_CLEAR(p) \
16	407	if (p) { \
17	88	PORT_Free(p); \
18	88	p = NULL; \
19	88	}
20
21		static void
22		sftk_parseTokenFlags(char tmp, sftk_token_parameters parsed)
23	0	{
24	0	parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
25	0	parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
26	0	parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags", "noKeyDB", tmp);
27	0	parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
28	0	parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
29	0	parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
30	0	return;
31	0	}
32
33		static void
34		sftk_parseFlags(char tmp, sftk_parameters parsed)
35	11	{
36	11	parsed->noModDB = NSSUTIL_ArgHasFlag("flags", "noModDB", tmp);
37	11	parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
38		/* keep legacy interface working */
39	11	parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
40	11	parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
41	11	parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
42	11	parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
43	11	return;
44	11	}
45
46		static CK_RV
47		sftk_parseTokenParameters(char param, sftk_token_parameters parsed)
48	0	{
49	0	int next;
50	0	char *tmp = NULL;
51	0	const char *index;
52	0	index = NSSUTIL_ArgStrip(param);
53
54	0	while (*index) {
55	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
56	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
57	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updCertPrefix, "updateCertPrefix=", ;)
58	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updKeyPrefix, "updateKeyPrefix=", ;)
59	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
60	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->certPrefix, "certPrefix=", ;)
61	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->keyPrefix, "keyPrefix=", ;)
62	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->tokdes, "tokenDescription=", ;)
63	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updtokdes, "updateTokenDescription=", ;)
64	0	NSSUTIL_HANDLE_STRING_ARG(index, parsed->slotdes, "slotDescription=", ;)
65	0	NSSUTIL_HANDLE_STRING_ARG(
66	0	index, tmp, "minPWLen=",
67	0	if (tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; })
68	0	NSSUTIL_HANDLE_STRING_ARG(
69	0	index, tmp, "flags=",
70	0	if (tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
71	0	NSSUTIL_HANDLE_FINAL_ARG(index)
72	0	}
73	0	return CKR_OK;
74	0	}
75
76		static void
77		sftk_parseTokens(char tokenParams, sftk_parameters parsed)
78	0	{
79	0	const char *tokenIndex;
80	0	sftk_token_parameters *tokens = NULL;
81	0	int i = 0, count = 0, next;
82
83	0	if ((tokenParams == NULL) \|\| (*tokenParams == 0))
84	0	return;
85
86		/* first count the number of slots */
87	0	for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex;
88	0	tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {
89	0	count++;
90	0	}
91
92		/* get the data structures */
93	0	tokens = (sftk_token_parameters *)
94	0	PORT_ZAlloc(count * sizeof(sftk_token_parameters));
95	0	if (tokens == NULL)
96	0	return;
97
98	0	for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0;
99	0	*tokenIndex && i < count; i++) {
100	0	char *name;
101	0	name = NSSUTIL_ArgGetLabel(tokenIndex, &next);
102	0	tokenIndex += next;
103
104	0	tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name);
105	0	tokens[i].readOnly = PR_FALSE;
106	0	tokens[i].noCertDB = PR_FALSE;
107	0	tokens[i].noKeyDB = PR_FALSE;
108	0	if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {
109	0	char *args = NSSUTIL_ArgFetchValue(tokenIndex, &next);
110	0	tokenIndex += next;
111	0	if (args) {
112	0	sftk_parseTokenParameters(args, &tokens[i]);
113	0	PORT_Free(args);
114	0	}
115	0	}
116	0	if (name)
117	0	PORT_Free(name);
118	0	tokenIndex = NSSUTIL_ArgStrip(tokenIndex);
119	0	}
120	0	parsed->token_count = i;
121	0	parsed->tokens = tokens;
122	0	return;
123	0	}
124
125		CK_RV
126		sftk_parseParameters(char param, sftk_parameters parsed, PRBool isFIPS)
127	11	{
128	11	int next;
129	11	char *tmp = NULL;
130	11	const char *index;
131	11	char certPrefix = NULL, keyPrefix = NULL;
132	11	char tokdes = NULL, ptokdes = NULL, *pupdtokdes = NULL;
133	11	char slotdes = NULL, pslotdes = NULL;
134	11	char fslotdes = NULL, ftokdes = NULL;
135	11	char *minPW = NULL;
136	11	index = NSSUTIL_ArgStrip(param);
137
138	11	PORT_Memset(parsed, 0, sizeof(sftk_parameters));
139
140	121	while (*index) {
141	110	NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
142	99	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
143	88	NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
144	77	NSSUTIL_HANDLE_STRING_ARG(index, parsed->secmodName, "secmod=", ;)
145	66	NSSUTIL_HANDLE_STRING_ARG(index, parsed->man, "manufacturerID=", ;)
146	66	NSSUTIL_HANDLE_STRING_ARG(index, parsed->libdes, "libraryDescription=", ;)
147		/* constructed values, used so legacy interfaces still work */
148	66	NSSUTIL_HANDLE_STRING_ARG(index, certPrefix, "certPrefix=", ;)
149	55	NSSUTIL_HANDLE_STRING_ARG(index, keyPrefix, "keyPrefix=", ;)
150	44	NSSUTIL_HANDLE_STRING_ARG(index, tokdes, "cryptoTokenDescription=", ;)
151	44	NSSUTIL_HANDLE_STRING_ARG(index, ptokdes, "dbTokenDescription=", ;)
152	44	NSSUTIL_HANDLE_STRING_ARG(index, slotdes, "cryptoSlotDescription=", ;)
153	44	NSSUTIL_HANDLE_STRING_ARG(index, pslotdes, "dbSlotDescription=", ;)
154	44	NSSUTIL_HANDLE_STRING_ARG(index, fslotdes, "FIPSSlotDescription=", ;)
155	44	NSSUTIL_HANDLE_STRING_ARG(index, ftokdes, "FIPSTokenDescription=", ;)
156	44	NSSUTIL_HANDLE_STRING_ARG(index, pupdtokdes, "updateTokenDescription=", ;)
157	33	NSSUTIL_HANDLE_STRING_ARG(index, minPW, "minPWLen=", ;)
158
159	33	NSSUTIL_HANDLE_STRING_ARG(
160	33	index, tmp, "flags=",
161	33	if (tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
162	22	NSSUTIL_HANDLE_STRING_ARG(
163	22	index, tmp, "tokens=",
164	22	if (tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); tmp = NULL; })
165	22	NSSUTIL_HANDLE_FINAL_ARG(index)
166	110	}
167	11	if (parsed->tokens == NULL) {
168	11	int count = isFIPS ? 1 : 2;
169	11	int i = count - 1;
170	11	sftk_token_parameters *tokens = NULL;
171
172	11	tokens = (sftk_token_parameters *)
173	11	PORT_ZAlloc(count * sizeof(sftk_token_parameters));
174	11	if (tokens == NULL) {
175	0	goto loser;
176	0	}
177	11	parsed->tokens = tokens;
178	11	parsed->token_count = count;
179	11	tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
180	11	tokens[i].certPrefix = certPrefix;
181	11	tokens[i].keyPrefix = keyPrefix;
182	11	tokens[i].minPW = minPW ? atoi(minPW) : 0;
183	11	tokens[i].readOnly = parsed->readOnly;
184	11	tokens[i].noCertDB = parsed->noCertDB;
185	11	tokens[i].noKeyDB = parsed->noCertDB;
186	11	tokens[i].forceOpen = parsed->forceOpen;
187	11	tokens[i].pwRequired = parsed->pwRequired;
188	11	tokens[i].optimizeSpace = parsed->optimizeSpace;
189	11	tokens[0].optimizeSpace = parsed->optimizeSpace;
190	11	certPrefix = NULL;
191	11	keyPrefix = NULL;
192	11	if (isFIPS) {
193	0	tokens[i].tokdes = ftokdes;
194	0	tokens[i].updtokdes = pupdtokdes;
195	0	tokens[i].slotdes = fslotdes;
196	0	fslotdes = NULL;
197	0	ftokdes = NULL;
198	0	pupdtokdes = NULL;
199	11	} else {
200	11	tokens[i].tokdes = ptokdes;
201	11	tokens[i].updtokdes = pupdtokdes;
202	11	tokens[i].slotdes = pslotdes;
203	11	tokens[0].slotID = NETSCAPE_SLOT_ID;
204	11	tokens[0].tokdes = tokdes;
205	11	tokens[0].slotdes = slotdes;
206	11	tokens[0].noCertDB = PR_TRUE;
207	11	tokens[0].noKeyDB = PR_TRUE;
208	11	pupdtokdes = NULL;
209	11	ptokdes = NULL;
210	11	pslotdes = NULL;
211	11	tokdes = NULL;
212	11	slotdes = NULL;
213	11	}
214	11	}
215
216	11	loser:
217	11	FREE_CLEAR(certPrefix);
218	11	FREE_CLEAR(keyPrefix);
219	11	FREE_CLEAR(tokdes);
220	11	FREE_CLEAR(ptokdes);
221	11	FREE_CLEAR(pupdtokdes);
222	11	FREE_CLEAR(slotdes);
223	11	FREE_CLEAR(pslotdes);
224	11	FREE_CLEAR(fslotdes);
225	11	FREE_CLEAR(ftokdes);
226	11	FREE_CLEAR(minPW);
227	11	return CKR_OK;
228	11	}
229
230		void
231		sftk_freeParams(sftk_parameters *params)
232	11	{
233	11	int i;
234
235	33	for (i = 0; i < params->token_count; i++) {
236	22	FREE_CLEAR(params->tokens[i].configdir);
237	22	FREE_CLEAR(params->tokens[i].certPrefix);
238	22	FREE_CLEAR(params->tokens[i].keyPrefix);
239	22	FREE_CLEAR(params->tokens[i].tokdes);
240	22	FREE_CLEAR(params->tokens[i].slotdes);
241	22	FREE_CLEAR(params->tokens[i].updatedir);
242	22	FREE_CLEAR(params->tokens[i].updCertPrefix);
243	22	FREE_CLEAR(params->tokens[i].updKeyPrefix);
244	22	FREE_CLEAR(params->tokens[i].updateID);
245	22	FREE_CLEAR(params->tokens[i].updtokdes);
246	22	}
247
248	11	FREE_CLEAR(params->configdir);
249	11	FREE_CLEAR(params->secmodName);
250	11	FREE_CLEAR(params->man);
251	11	FREE_CLEAR(params->libdes);
252	11	FREE_CLEAR(params->tokens);
253	11	FREE_CLEAR(params->updatedir);
254	11	FREE_CLEAR(params->updateID);
255	11	}
256
257		PRBool
258		sftk_RawArgHasFlag(const char entry, const char flag, const void *pReserved)
259	0	{
260	0	CK_C_INITIALIZE_ARGS init_args = (CK_C_INITIALIZE_ARGS )pReserved;
261
262		/* if we don't have any params, the flag isn't set */
263	0	if ((!init_args \|\| !init_args->LibraryParameters)) {
264	0	return PR_FALSE;
265	0	}
266
267	0	return NSSUTIL_ArgHasFlag(entry, flag, (const char *)init_args->LibraryParameters);
268	0	}