1 : /* ***** BEGIN LICENSE BLOCK *****
2 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 : *
4 : * The contents of this file are subject to the Mozilla Public License Version
5 : * 1.1 (the "License"); you may not use this file except in compliance with
6 : * the License. You may obtain a copy of the License at
7 : * http://www.mozilla.org/MPL/
8 : *
9 : * Software distributed under the License is distributed on an "AS IS" basis,
10 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 : * for the specific language governing rights and limitations under the
12 : * License.
13 : *
14 : * The Original Code is the Netscape security libraries.
15 : *
16 : * The Initial Developer of the Original Code is
17 : * Netscape Communications Corporation.
18 : * Portions created by the Initial Developer are Copyright (C) 2000
19 : * the Initial Developer. All Rights Reserved.
20 : *
21 : * Contributor(s):
22 : * Ian McGreer <mcgreer@netscape.com>
23 : *
24 : * Alternatively, the contents of this file may be used under the terms of
25 : * either the GNU General Public License Version 2 or later (the "GPL"), or
26 : * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 : * in which case the provisions of the GPL or the LGPL are applicable instead
28 : * of those above. If you wish to allow use of your version of this file only
29 : * under the terms of either the GPL or the LGPL, and not to allow others to
30 : * use your version of this file under the terms of the MPL, indicate your
31 : * decision by deleting the provisions above and replace them with the notice
32 : * and other provisions required by the GPL or the LGPL. If you do not delete
33 : * the provisions above, a recipient may use your version of this file under
34 : * the terms of any one of the MPL, the GPL or the LGPL.
35 : *
36 : * ***** END LICENSE BLOCK ***** */
37 :
38 : #include "nsPKCS11Slot.h"
39 : #include "nsPK11TokenDB.h"
40 :
41 : #include "nsCOMPtr.h"
42 : #include "nsISupportsArray.h"
43 : #include "nsString.h"
44 : #include "nsReadableUtils.h"
45 : #include "nsCRT.h"
46 :
47 : #include "secmod.h"
48 :
49 : #ifdef PR_LOGGING
50 : extern PRLogModuleInfo* gPIPNSSLog;
51 : #endif
52 :
53 4984 : NS_IMPL_ISUPPORTS1(nsPKCS11Slot, nsIPKCS11Slot)
54 :
55 256 : nsPKCS11Slot::nsPKCS11Slot(PK11SlotInfo *slot)
56 : {
57 512 : nsNSSShutDownPreventionLock locker;
58 256 : if (isAlreadyShutDown())
59 : return;
60 :
61 256 : PK11_ReferenceSlot(slot);
62 256 : mSlot = slot;
63 256 : mSeries = PK11_GetSlotSeries(slot);
64 256 : refreshSlotInfo();
65 : }
66 :
67 : void
68 256 : nsPKCS11Slot::refreshSlotInfo()
69 : {
70 : CK_SLOT_INFO slot_info;
71 256 : if (PK11_GetSlotInfo(mSlot, &slot_info) == SECSuccess) {
72 : // Set the Description field
73 256 : const char *ccDesc = (const char*)slot_info.slotDescription;
74 : const nsACString &cDesc = Substring(
75 : ccDesc,
76 512 : ccDesc+PL_strnlen(ccDesc, sizeof(slot_info.slotDescription)));
77 256 : mSlotDesc = NS_ConvertUTF8toUTF16(cDesc);
78 256 : mSlotDesc.Trim(" ", false, true);
79 : // Set the Manufacturer field
80 256 : const char *ccManID = (const char*)slot_info.manufacturerID;
81 : const nsACString &cManID = Substring(
82 : ccManID,
83 512 : ccManID+PL_strnlen(ccManID, sizeof(slot_info.manufacturerID)));
84 256 : mSlotManID = NS_ConvertUTF8toUTF16(cManID);
85 256 : mSlotManID.Trim(" ", false, true);
86 : // Set the Hardware Version field
87 256 : mSlotHWVersion = EmptyString();
88 256 : mSlotHWVersion.AppendInt(slot_info.hardwareVersion.major);
89 256 : mSlotHWVersion.AppendLiteral(".");
90 256 : mSlotHWVersion.AppendInt(slot_info.hardwareVersion.minor);
91 : // Set the Firmware Version field
92 256 : mSlotFWVersion = EmptyString();
93 256 : mSlotFWVersion.AppendInt(slot_info.firmwareVersion.major);
94 256 : mSlotFWVersion.AppendLiteral(".");
95 256 : mSlotFWVersion.AppendInt(slot_info.firmwareVersion.minor);
96 : }
97 :
98 256 : }
99 :
100 768 : nsPKCS11Slot::~nsPKCS11Slot()
101 : {
102 512 : nsNSSShutDownPreventionLock locker;
103 256 : if (isAlreadyShutDown())
104 : return;
105 :
106 224 : destructorSafeDestroyNSSReference();
107 480 : shutdown(calledFromObject);
108 1024 : }
109 :
110 32 : void nsPKCS11Slot::virtualDestroyNSSReference()
111 : {
112 32 : destructorSafeDestroyNSSReference();
113 32 : }
114 :
115 256 : void nsPKCS11Slot::destructorSafeDestroyNSSReference()
116 : {
117 256 : if (isAlreadyShutDown())
118 0 : return;
119 :
120 256 : if (mSlot) {
121 256 : PK11_FreeSlot(mSlot);
122 256 : mSlot = nsnull;
123 : }
124 : }
125 :
126 : /* readonly attribute wstring name; */
127 : NS_IMETHODIMP
128 0 : nsPKCS11Slot::GetName(PRUnichar **aName)
129 : {
130 0 : nsNSSShutDownPreventionLock locker;
131 0 : if (isAlreadyShutDown())
132 0 : return NS_ERROR_NOT_AVAILABLE;
133 :
134 0 : char *csn = PK11_GetSlotName(mSlot);
135 0 : if (*csn) {
136 0 : *aName = ToNewUnicode(NS_ConvertUTF8toUTF16(csn));
137 0 : } else if (PK11_HasRootCerts(mSlot)) {
138 : // This is a workaround to an Root Module bug - the root certs module has
139 : // no slot name. Not bothering to localize, because this is a workaround
140 : // and for now all the slot names returned by NSS are char * anyway.
141 0 : *aName = ToNewUnicode(NS_LITERAL_STRING("Root Certificates"));
142 : } else {
143 : // same as above, this is a catch-all
144 0 : *aName = ToNewUnicode(NS_LITERAL_STRING("Unnamed Slot"));
145 : }
146 0 : if (!*aName) return NS_ERROR_OUT_OF_MEMORY;
147 0 : return NS_OK;
148 : }
149 :
150 : /* readonly attribute wstring desc; */
151 : NS_IMETHODIMP
152 0 : nsPKCS11Slot::GetDesc(PRUnichar **aDesc)
153 : {
154 0 : nsNSSShutDownPreventionLock locker;
155 0 : if (isAlreadyShutDown())
156 0 : return NS_ERROR_NOT_AVAILABLE;
157 :
158 0 : if (mSeries != PK11_GetSlotSeries(mSlot)) {
159 0 : refreshSlotInfo();
160 : }
161 :
162 0 : *aDesc = ToNewUnicode(mSlotDesc);
163 0 : if (!*aDesc) return NS_ERROR_OUT_OF_MEMORY;
164 0 : return NS_OK;
165 : }
166 :
167 : /* readonly attribute wstring manID; */
168 : NS_IMETHODIMP
169 0 : nsPKCS11Slot::GetManID(PRUnichar **aManID)
170 : {
171 0 : if (mSeries != PK11_GetSlotSeries(mSlot)) {
172 0 : refreshSlotInfo();
173 : }
174 0 : *aManID = ToNewUnicode(mSlotManID);
175 0 : if (!*aManID) return NS_ERROR_OUT_OF_MEMORY;
176 0 : return NS_OK;
177 : }
178 :
179 : /* readonly attribute wstring HWVersion; */
180 : NS_IMETHODIMP
181 0 : nsPKCS11Slot::GetHWVersion(PRUnichar **aHWVersion)
182 : {
183 0 : if (mSeries != PK11_GetSlotSeries(mSlot)) {
184 0 : refreshSlotInfo();
185 : }
186 0 : *aHWVersion = ToNewUnicode(mSlotHWVersion);
187 0 : if (!*aHWVersion) return NS_ERROR_OUT_OF_MEMORY;
188 0 : return NS_OK;
189 : }
190 :
191 : /* readonly attribute wstring FWVersion; */
192 : NS_IMETHODIMP
193 0 : nsPKCS11Slot::GetFWVersion(PRUnichar **aFWVersion)
194 : {
195 0 : if (mSeries != PK11_GetSlotSeries(mSlot)) {
196 0 : refreshSlotInfo();
197 : }
198 0 : *aFWVersion = ToNewUnicode(mSlotFWVersion);
199 0 : if (!*aFWVersion) return NS_ERROR_OUT_OF_MEMORY;
200 0 : return NS_OK;
201 : }
202 :
203 : /* nsIPK11Token getToken (); */
204 : NS_IMETHODIMP
205 0 : nsPKCS11Slot::GetToken(nsIPK11Token **_retval)
206 : {
207 0 : nsNSSShutDownPreventionLock locker;
208 0 : if (isAlreadyShutDown())
209 0 : return NS_ERROR_NOT_AVAILABLE;
210 :
211 0 : nsCOMPtr<nsIPK11Token> token = new nsPK11Token(mSlot);
212 0 : if (!token)
213 0 : return NS_ERROR_OUT_OF_MEMORY;
214 0 : *_retval = token;
215 0 : NS_ADDREF(*_retval);
216 0 : return NS_OK;
217 : }
218 :
219 : /* readonly attribute wstring tokenName; */
220 : NS_IMETHODIMP
221 0 : nsPKCS11Slot::GetTokenName(PRUnichar **aName)
222 : {
223 0 : nsNSSShutDownPreventionLock locker;
224 0 : if (isAlreadyShutDown())
225 0 : return NS_ERROR_NOT_AVAILABLE;
226 :
227 0 : if (!PK11_IsPresent(mSlot)) {
228 0 : *aName = nsnull;
229 0 : return NS_OK;
230 : }
231 :
232 0 : if (mSeries != PK11_GetSlotSeries(mSlot)) {
233 0 : refreshSlotInfo();
234 : }
235 :
236 :
237 0 : *aName = ToNewUnicode(NS_ConvertUTF8toUTF16(PK11_GetTokenName(mSlot)));
238 0 : if (!*aName) return NS_ERROR_OUT_OF_MEMORY;
239 0 : return NS_OK;
240 : }
241 :
242 : NS_IMETHODIMP
243 2244 : nsPKCS11Slot::GetStatus(PRUint32 *_retval)
244 : {
245 4488 : nsNSSShutDownPreventionLock locker;
246 2244 : if (isAlreadyShutDown())
247 0 : return NS_ERROR_NOT_AVAILABLE;
248 :
249 2244 : if (PK11_IsDisabled(mSlot))
250 0 : *_retval = SLOT_DISABLED;
251 2244 : else if (!PK11_IsPresent(mSlot))
252 0 : *_retval = SLOT_NOT_PRESENT;
253 2244 : else if (PK11_NeedLogin(mSlot) && PK11_NeedUserInit(mSlot))
254 35 : *_retval = SLOT_UNINITIALIZED;
255 2209 : else if (PK11_NeedLogin(mSlot) && !PK11_IsLoggedIn(mSlot, NULL))
256 0 : *_retval = SLOT_NOT_LOGGED_IN;
257 2209 : else if (PK11_NeedLogin(mSlot))
258 0 : *_retval = SLOT_LOGGED_IN;
259 : else
260 2209 : *_retval = SLOT_READY;
261 2244 : return NS_OK;
262 : }
263 :
264 0 : NS_IMPL_ISUPPORTS1(nsPKCS11Module, nsIPKCS11Module)
265 :
266 0 : nsPKCS11Module::nsPKCS11Module(SECMODModule *module)
267 : {
268 0 : nsNSSShutDownPreventionLock locker;
269 0 : if (isAlreadyShutDown())
270 : return;
271 :
272 0 : SECMOD_ReferenceModule(module);
273 0 : mModule = module;
274 : }
275 :
276 0 : nsPKCS11Module::~nsPKCS11Module()
277 : {
278 0 : nsNSSShutDownPreventionLock locker;
279 0 : if (isAlreadyShutDown())
280 : return;
281 :
282 0 : destructorSafeDestroyNSSReference();
283 0 : shutdown(calledFromObject);
284 0 : }
285 :
286 0 : void nsPKCS11Module::virtualDestroyNSSReference()
287 : {
288 0 : destructorSafeDestroyNSSReference();
289 0 : }
290 :
291 0 : void nsPKCS11Module::destructorSafeDestroyNSSReference()
292 : {
293 0 : if (isAlreadyShutDown())
294 0 : return;
295 :
296 0 : if (mModule) {
297 0 : SECMOD_DestroyModule(mModule);
298 0 : mModule = nsnull;
299 : }
300 : }
301 :
302 : /* readonly attribute wstring name; */
303 : NS_IMETHODIMP
304 0 : nsPKCS11Module::GetName(PRUnichar **aName)
305 : {
306 0 : nsNSSShutDownPreventionLock locker;
307 0 : if (isAlreadyShutDown())
308 0 : return NS_ERROR_NOT_AVAILABLE;
309 :
310 0 : *aName = ToNewUnicode(NS_ConvertUTF8toUTF16(mModule->commonName));
311 0 : return NS_OK;
312 : }
313 :
314 : /* readonly attribute wstring libName; */
315 : NS_IMETHODIMP
316 0 : nsPKCS11Module::GetLibName(PRUnichar **aName)
317 : {
318 0 : nsNSSShutDownPreventionLock locker;
319 0 : if (isAlreadyShutDown())
320 0 : return NS_ERROR_NOT_AVAILABLE;
321 :
322 0 : if ( mModule->dllName ) {
323 0 : *aName = ToNewUnicode(NS_ConvertUTF8toUTF16(mModule->dllName));
324 : } else {
325 0 : *aName = NULL;
326 : }
327 0 : return NS_OK;
328 : }
329 :
330 : /* nsIPKCS11Slot findSlotByName(in wstring name); */
331 : NS_IMETHODIMP
332 0 : nsPKCS11Module::FindSlotByName(const PRUnichar *aName,
333 : nsIPKCS11Slot **_retval)
334 : {
335 0 : nsNSSShutDownPreventionLock locker;
336 0 : if (isAlreadyShutDown())
337 0 : return NS_ERROR_NOT_AVAILABLE;
338 :
339 0 : char *asciiname = ToNewUTF8String(nsDependentString(aName));
340 0 : PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting \"%s\"\n", asciiname));
341 0 : PK11SlotInfo *slotinfo = NULL;
342 : PK11SlotList *slotList = PK11_FindSlotsByNames(mModule->dllName,
343 0 : asciiname /* slotName */, NULL /* token Name */, false);
344 0 : if (!slotList) {
345 : /* name must be the token name */
346 : slotList = PK11_FindSlotsByNames(mModule->dllName,
347 0 : NULL /*slot Name */, asciiname /* token Name */, false);
348 : }
349 0 : if (slotList) {
350 : /* should only be one */
351 0 : if (slotList->head && slotList->head->slot) {
352 0 : slotinfo = PK11_ReferenceSlot(slotList->head->slot);
353 : }
354 0 : PK11_FreeSlotList(slotList);
355 : }
356 0 : if (!slotinfo) {
357 : // workaround - the builtin module has no name
358 0 : if (asciiname == nsnull) {
359 0 : return NS_ERROR_FAILURE;
360 0 : } else if (nsCRT::strcmp(asciiname, "Root Certificates") == 0) {
361 0 : slotinfo = PK11_ReferenceSlot(mModule->slots[0]);
362 : } else {
363 : // give up
364 0 : nsMemory::Free(asciiname);
365 0 : return NS_ERROR_FAILURE;
366 : }
367 : }
368 0 : nsMemory::Free(asciiname);
369 0 : nsCOMPtr<nsIPKCS11Slot> slot = new nsPKCS11Slot(slotinfo);
370 0 : PK11_FreeSlot(slotinfo);
371 0 : if (!slot)
372 0 : return NS_ERROR_OUT_OF_MEMORY;
373 0 : *_retval = slot;
374 0 : NS_ADDREF(*_retval);
375 0 : return NS_OK;
376 : }
377 :
378 : /* nsIEnumerator listSlots (); */
379 : NS_IMETHODIMP
380 0 : nsPKCS11Module::ListSlots(nsIEnumerator **_retval)
381 : {
382 0 : nsNSSShutDownPreventionLock locker;
383 0 : if (isAlreadyShutDown())
384 0 : return NS_ERROR_NOT_AVAILABLE;
385 :
386 0 : nsresult rv = NS_OK;
387 : int i;
388 : /* get isupports array */
389 0 : nsCOMPtr<nsISupportsArray> array;
390 0 : rv = NS_NewISupportsArray(getter_AddRefs(array));
391 0 : if (NS_FAILED(rv)) return rv;
392 : /* applications which allow new slot creation (which Firefox now does
393 : * since it uses the WaitForSlotEvent call) need to hold the
394 : * ModuleList Read lock to prevent the slot array from changing out
395 : * from under it. */
396 0 : SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
397 0 : SECMOD_GetReadLock(lock);
398 0 : for (i=0; i<mModule->slotCount; i++) {
399 0 : if (mModule->slots[i]) {
400 0 : nsCOMPtr<nsIPKCS11Slot> slot = new nsPKCS11Slot(mModule->slots[i]);
401 0 : array->AppendElement(slot);
402 : }
403 : }
404 0 : SECMOD_ReleaseReadLock(lock);
405 0 : rv = array->Enumerate(_retval);
406 0 : return rv;
407 : }
408 :
409 3536 : NS_IMPL_ISUPPORTS2(nsPKCS11ModuleDB, nsIPKCS11ModuleDB, nsICryptoFIPSInfo)
410 :
411 38 : nsPKCS11ModuleDB::nsPKCS11ModuleDB()
412 : {
413 38 : }
414 :
415 76 : nsPKCS11ModuleDB::~nsPKCS11ModuleDB()
416 : {
417 152 : }
418 :
419 : /* nsIPKCS11Module getInternal (); */
420 : NS_IMETHODIMP
421 0 : nsPKCS11ModuleDB::GetInternal(nsIPKCS11Module **_retval)
422 : {
423 0 : nsNSSShutDownPreventionLock locker;
424 : SECMODModule *nssMod =
425 0 : SECMOD_CreateModule(NULL,SECMOD_INT_NAME, NULL,SECMOD_INT_FLAGS);
426 0 : nsCOMPtr<nsIPKCS11Module> module = new nsPKCS11Module(nssMod);
427 0 : SECMOD_DestroyModule(nssMod);
428 0 : if (!module)
429 0 : return NS_ERROR_OUT_OF_MEMORY;
430 0 : *_retval = module;
431 0 : NS_ADDREF(*_retval);
432 0 : return NS_OK;
433 : }
434 :
435 : /* nsIPKCS11Module getInternalFIPS (); */
436 : NS_IMETHODIMP
437 0 : nsPKCS11ModuleDB::GetInternalFIPS(nsIPKCS11Module **_retval)
438 : {
439 0 : nsNSSShutDownPreventionLock locker;
440 : SECMODModule *nssMod =
441 0 : SECMOD_CreateModule(NULL, SECMOD_FIPS_NAME, NULL, SECMOD_FIPS_FLAGS);
442 0 : nsCOMPtr<nsIPKCS11Module> module = new nsPKCS11Module(nssMod);
443 0 : SECMOD_DestroyModule(nssMod);
444 0 : if (!module)
445 0 : return NS_ERROR_OUT_OF_MEMORY;
446 0 : *_retval = module;
447 0 : NS_ADDREF(*_retval);
448 0 : return NS_OK;
449 : }
450 :
451 : /* nsIPKCS11Module findModuleByName(in wstring name); */
452 : NS_IMETHODIMP
453 0 : nsPKCS11ModuleDB::FindModuleByName(const PRUnichar *aName,
454 : nsIPKCS11Module **_retval)
455 : {
456 0 : nsNSSShutDownPreventionLock locker;
457 0 : NS_ConvertUTF16toUTF8 aUtf8Name(aName);
458 : SECMODModule *mod =
459 0 : SECMOD_FindModule(const_cast<char *>(aUtf8Name.get()));
460 0 : if (!mod)
461 0 : return NS_ERROR_FAILURE;
462 0 : nsCOMPtr<nsIPKCS11Module> module = new nsPKCS11Module(mod);
463 0 : SECMOD_DestroyModule(mod);
464 0 : if (!module)
465 0 : return NS_ERROR_OUT_OF_MEMORY;
466 0 : *_retval = module;
467 0 : NS_ADDREF(*_retval);
468 0 : return NS_OK;
469 : }
470 :
471 : /* This is essentially the same as nsIPK11Token::findTokenByName, except
472 : * that it returns an nsIPKCS11Slot, which may be desired.
473 : */
474 : /* nsIPKCS11Module findSlotByName(in wstring name); */
475 : NS_IMETHODIMP
476 256 : nsPKCS11ModuleDB::FindSlotByName(const PRUnichar *aName,
477 : nsIPKCS11Slot **_retval)
478 : {
479 512 : nsNSSShutDownPreventionLock locker;
480 512 : NS_ConvertUTF16toUTF8 aUtf8Name(aName);
481 : PK11SlotInfo *slotinfo =
482 256 : PK11_FindSlotByName(const_cast<char*>(aUtf8Name.get()));
483 256 : if (!slotinfo)
484 0 : return NS_ERROR_FAILURE;
485 512 : nsCOMPtr<nsIPKCS11Slot> slot = new nsPKCS11Slot(slotinfo);
486 256 : PK11_FreeSlot(slotinfo);
487 256 : if (!slot)
488 0 : return NS_ERROR_OUT_OF_MEMORY;
489 256 : *_retval = slot;
490 256 : NS_ADDREF(*_retval);
491 256 : return NS_OK;
492 : }
493 :
494 : /* nsIEnumerator listModules (); */
495 : NS_IMETHODIMP
496 0 : nsPKCS11ModuleDB::ListModules(nsIEnumerator **_retval)
497 : {
498 0 : nsNSSShutDownPreventionLock locker;
499 0 : nsresult rv = NS_OK;
500 : /* get isupports array */
501 0 : nsCOMPtr<nsISupportsArray> array;
502 0 : rv = NS_NewISupportsArray(getter_AddRefs(array));
503 0 : if (NS_FAILED(rv)) return rv;
504 : /* get the default list of modules */
505 0 : SECMODModuleList *list = SECMOD_GetDefaultModuleList();
506 : /* lock down the list for reading */
507 0 : SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
508 0 : SECMOD_GetReadLock(lock);
509 0 : while (list) {
510 0 : nsCOMPtr<nsIPKCS11Module> module = new nsPKCS11Module(list->module);
511 0 : array->AppendElement(module);
512 0 : list = list->next;
513 : }
514 : /* Get the modules in the database that didn't load */
515 0 : list = SECMOD_GetDeadModuleList();
516 0 : while (list) {
517 0 : nsCOMPtr<nsIPKCS11Module> module = new nsPKCS11Module(list->module);
518 0 : array->AppendElement(module);
519 0 : list = list->next;
520 : }
521 0 : SECMOD_ReleaseReadLock(lock);
522 0 : rv = array->Enumerate(_retval);
523 0 : return rv;
524 : }
525 :
526 0 : NS_IMETHODIMP nsPKCS11ModuleDB::GetCanToggleFIPS(bool *aCanToggleFIPS)
527 : {
528 0 : nsNSSShutDownPreventionLock locker;
529 0 : *aCanToggleFIPS = SECMOD_CanDeleteInternalModule();
530 0 : return NS_OK;
531 : }
532 :
533 :
534 : /* void toggleFIPSMode (); */
535 0 : NS_IMETHODIMP nsPKCS11ModuleDB::ToggleFIPSMode()
536 : {
537 0 : nsNSSShutDownPreventionLock locker;
538 : // The way to toggle FIPS mode in NSS is extremely obscure.
539 : // Basically, we delete the internal module, and voila it
540 : // gets replaced with the opposite module, ie if it was
541 : // FIPS before, then it becomes non-FIPS next.
542 : SECMODModule *internal;
543 :
544 : // This function returns us a pointer to a local copy of
545 : // the internal module stashed in NSS. We don't want to
546 : // delete it since it will cause much pain in NSS.
547 0 : internal = SECMOD_GetInternalModule();
548 0 : if (!internal)
549 0 : return NS_ERROR_FAILURE;
550 :
551 0 : SECStatus srv = SECMOD_DeleteInternalModule(internal->commonName);
552 0 : if (srv != SECSuccess)
553 0 : return NS_ERROR_FAILURE;
554 :
555 0 : return NS_OK;
556 : }
557 :
558 : /* readonly attribute boolean isFIPSEnabled; */
559 0 : NS_IMETHODIMP nsPKCS11ModuleDB::GetIsFIPSEnabled(bool *aIsFIPSEnabled)
560 : {
561 0 : nsNSSShutDownPreventionLock locker;
562 0 : *aIsFIPSEnabled = PK11_IsFIPS();
563 0 : return NS_OK;
564 : }
565 :
566 0 : NS_IMETHODIMP nsPKCS11ModuleDB::GetIsFIPSModeActive(bool *aIsFIPSModeActive)
567 : {
568 0 : return GetIsFIPSEnabled(aIsFIPSModeActive);
569 : }
|