NSS: Old Win fixes

security/nss/lib/ckfw/capi/cobject.c

@@ -341,6 +341,151 @@ nss_ckcapi_WideSize
   return size*sizeof(WCHAR);
 }
 
+/*** UTF16<-->UTF-8 functions minicking WideCharToMultiByte/MultiByteToWideChar ***/
+int utf8GetMaskIndex(unsigned char n) {
+  if((unsigned char)(n + 2) < 0xc2) return 1; // 00~10111111, fe, ff
+  if(n < 0xe0)                      return 2; // 110xxxxx
+  if(n < 0xf0)                      return 3; // 1110xxxx
+  if(n < 0xf8)                      return 4; // 11110xxx
+  if(n < 0xfc)                      return 5; // 111110xx
+                                    return 6; // 1111110x
+}
+
+int wc2Utf8Len(wchar_t ** n, int *len) {
+  wchar_t *ch = *n, ch2;
+  int qch;
+  if((0xD800 <= *ch && *ch <= 0xDBFF) && *len) {
+    ch2 = *(ch + 1);
+    if(0xDC00 <= ch2 && ch2 <= 0xDFFF) {
+	  qch = 0x10000 + (((*ch - 0xD800) & 0x3ff) << 10) + ((ch2 - 0xDC00) & 0x3ff);
+	  (*n)++;
+	  (*len)--;
+	}
+  }
+  else
+    qch = (int) *ch;
+
+  if (qch <= 0x7f)           return 1;
+  else if (qch <= 0x7ff)     return 2;
+  else if (qch <= 0xffff)    return 3;
+  else if (qch <= 0x1fffff)  return 4;
+  else if (qch <= 0x3ffffff) return 5;
+  else                       return 6;
+}
+
+int Utf8ToWideChar(unsigned int unused1, unsigned long unused2, char *sb, int ss, wchar_t * wb, int ws) {
+  static const unsigned char utf8mask[] = { 0, 0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01 };
+  char *p = (char *)(sb);
+  char *e = (char *)(sb + ss);
+  wchar_t *w = wb;
+  int cnt = 0, t, qch;
+
+  if (ss < 1) {
+    ss = lstrlenA(sb);
+    e = (char *)(sb + ss);
+  }
+
+  if (wb && ws) {
+    for (; p < e; ++w) {
+	  t = utf8GetMaskIndex(*p);
+	  qch = (*p++ & utf8mask[t]);
+	  while(p < e && --t)
+	    qch <<= 6, qch |= (*p++) & 0x3f;
+	  if(qch < 0x10000) {
+	    if(cnt <= ws)
+		  *w = (wchar_t) qch;
+	    cnt++;
+	  } else {
+	    if (cnt + 2 <= ws) {
+		  *w++ = (wchar_t) (0xD800 + (((qch - 0x10000) >> 10) & 0x3ff)),
+		    *w = (wchar_t) (0xDC00 + (((qch - 0x10000)) & 0x3ff));
+		}
+	    cnt += 2;
+	  }
+	}
+    return (cnt <= ws) ? cnt : ws;
+  } else {
+    for (t; p < e;) {
+	  t = utf8GetMaskIndex(*p);
+	  qch = (*p++ & utf8mask[t]);
+	  while (p < e && --t)
+	    qch <<= 6, qch |= (*p++) & 0x3f;
+	  if (qch < 0x10000)
+	    cnt++;
+	  else
+	    cnt += 2;
+	}
+    return cnt;
+  }
+}
+
+int WideCharToUtf8(unsigned int unused1, unsigned long unused2, wchar_t * wb, int ws, char *sb, int ss) {
+  wchar_t *p = (wchar_t *)(wb);
+  wchar_t *e = (wchar_t *)(wb + ws);
+  wchar_t *oldp;
+  char *s = sb;
+  int cnt = 0, qch, t;
+
+  if (ws < 1) {
+    ws = lstrlenW(wb);
+    e = (wchar_t *)(wb + ws);
+  }
+
+  if (sb && ss) {
+    for (t; p < e; ++p) {
+	  oldp = p;
+	  t = wc2Utf8Len(&p, &ws);
+
+	  if (p != oldp) { /* unicode surrogates encountered */
+	    qch = 0x10000 + (((*oldp - 0xD800) & 0x3ff) << 10) + ((*p - 0xDC00) & 0x3ff);
+	  } else
+	    qch = *p;
+
+	  if (qch <= 0x7f)
+	    *s++ = (char) (qch),
+	    cnt++;
+	  else if (qch <= 0x7ff)
+	    *s++ = 0xc0 | (char) (qch >> 6),
+	    *s++ = 0x80 | (char) (qch & 0x3f),
+	    cnt += 2;
+	  else if (qch <= 0xffff)
+	    *s++ = 0xe0 | (char) (qch >> 12),
+	    *s++ = 0x80 | (char) ((qch >> 6) & 0x3f),
+	    *s++ = 0x80 | (char) (qch & 0x3f),
+	    cnt += 3;
+	  else if (qch <= 0x1fffff)
+	    *s++ = 0xf0 | (char) (qch >> 18),
+	    *s++ = 0x80 | (char) ((qch >> 12) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 6) & 0x3f),
+	    *s++ = 0x80 | (char) (qch & 0x3f),
+	    cnt += 4;
+	  else if (qch <= 0x3ffffff)
+	    *s++ = 0xf8 | (char) (qch >> 24),
+	    *s++ = 0x80 | (char) ((qch >> 18) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 12) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 6) & 0x3f),
+	    *s++ = 0x80 | (char) (qch & 0x3f),
+	    cnt += 5;
+	  else
+	    *s++ = 0xfc | (char) (qch >> 30),
+	    *s++ = 0x80 | (char) ((qch >> 24) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 18) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 12) & 0x3f),
+	    *s++ = 0x80 | (char) ((qch >> 6) & 0x3f),
+	    *s++ = 0x80 | (char) (qch & 0x3f),
+	    cnt += 6;
+	}
+      return (cnt <= ss) ? cnt : ss;
+  } else {
+    for (t; p < e; ++p) {
+	  t = wc2Utf8Len(&p, &ws);
+	  cnt += t;
+	}
+    return cnt;
+  }
+}
+/*** UTF16<-->UTF-8 functions ends ***/
+
 /*
  * Covert a Unicode wide character string to a UTF8 string
  */
@@ -357,12 +502,12 @@ nss_ckcapi_WideToUTF8
     return (char *)NULL;
   }
 
-  size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, NULL, 0, NULL, 0);
+  size = WideCharToUtf8(CP_UTF8, 0, wide, -1, NULL, 0, NULL);
   if (size == 0) {
     return (char *)NULL;
   }
   buf = nss_ZNEWARRAY(NULL, char, size);
-  size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, buf, size, NULL, 0);
+  size = WideCharToUtf8(CP_UTF8, 0, wide, -1, buf, size, NULL);
   if (size == 0) {
     nss_ZFreeIf(buf);
     return (char *)NULL;
@@ -412,12 +557,12 @@ nss_ckcapi_UTF8ToWide
     return (LPWSTR) NULL;
   }
     
-  size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, NULL, 0);
+  size = Utf8ToWideChar(CP_UTF8, 0, buf, -1, NULL, 0);
   if (size == 0) {
     return (LPWSTR) NULL;
   }
   wide = nss_ZNEWARRAY(NULL, WCHAR, size);
-  size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, wide, size);
+  size = Utf8ToWideChar(CP_UTF8, 0, buf, -1, wide, size);
   if (size == 0) {
     nss_ZFreeIf(wide);
     return (LPWSTR) NULL;

security/nss/lib/freebl/win_rand.c

@@ -131,28 +131,47 @@ EnumSystemFilesInFolder(Handler func, PRUnichar* szSysDir, int maxDepth)
     FindClose(lFindHandle);
 }
 
+typedef BOOL 
+(WINAPI *SHGetSpecialFolderPathWFn)(
+    HWND hwndOwner,
+    LPWSTR lpszPath,
+    int nFolder,
+    BOOL fCreate);
+
 static BOOL
 EnumSystemFiles(Handler func)
 {
+    HMODULE hModule;
+    SHGetSpecialFolderPathWFn pSHGetSpecialFolderPathW;
     PRUnichar szSysDir[_MAX_PATH];
     static const int folders[] = {
-    	CSIDL_BITBUCKET,  
-	CSIDL_RECENT,
-	CSIDL_INTERNET_CACHE, 
-	CSIDL_HISTORY,
-	0
+        CSIDL_BITBUCKET,  
+        CSIDL_RECENT,
+#ifndef WINCE     
+        CSIDL_INTERNET_CACHE, 
+        CSIDL_HISTORY,
+#endif
+        0
     };
     int i = 0;
     if (_MAX_PATH > (i = GetTempPathW(_MAX_PATH, szSysDir))) {
         if (i > 0 && szSysDir[i-1] == L'\\')
-	    szSysDir[i-1] = L'\0'; // we need to lop off the trailing slash
+            szSysDir[i-1] = L'\0'; // we need to lop off the trailing slash
         EnumSystemFilesInFolder(func, szSysDir, MAX_DEPTH);
     }
-    for(i = 0; folders[i]; i++) {
-        DWORD rv = SHGetSpecialFolderPathW(NULL, szSysDir, folders[i], 0);
-        if (szSysDir[0])
-            EnumSystemFilesInFolder(func, szSysDir, MAX_DEPTH);
-        szSysDir[0] =  L'\0';
+    hModule = LoadLibrary("shell32.dll");
+    if (hModule != NULL) {
+      pSHGetSpecialFolderPathW = (SHGetSpecialFolderPathWFn)
+        GetProcAddress(hModule, "SHGetSpecialFolderPathW");
+      if (pSHGetSpecialFolderPathW) {
+        for(i = 0; folders[i]; i++) {
+            DWORD rv = pSHGetSpecialFolderPathW(NULL, szSysDir, folders[i], 0);
+            if (szSysDir[0])
+                EnumSystemFilesInFolder(func, szSysDir, MAX_DEPTH);
+            szSysDir[0] =  L'\0';
+        }
+      }
+      FreeLibrary(hModule);
     }
     return PR_TRUE;
 }
@@ -366,6 +385,40 @@ void RNG_FileForRNG(const char *filename)
 }
 
 
+/*
+ * CryptoAPI requires Windows NT 4.0 or Windows 95 OSR2 and later.
+ * Until we drop support for Windows 95, we need to emulate some
+ * definitions and declarations in <wincrypt.h> and look up the
+ * functions in advapi32.dll at run time.
+ */
+
+#ifndef WIN64
+typedef unsigned long HCRYPTPROV;
+#endif
+
+#define CRYPT_VERIFYCONTEXT 0xF0000000
+
+#define PROV_RSA_FULL 1
+
+typedef BOOL
+(WINAPI *CryptAcquireContextAFn)(
+    HCRYPTPROV *phProv,
+    LPCSTR pszContainer,
+    LPCSTR pszProvider,
+    DWORD dwProvType,
+    DWORD dwFlags);
+
+typedef BOOL
+(WINAPI *CryptReleaseContextFn)(
+    HCRYPTPROV hProv,
+    DWORD dwFlags);
+
+typedef BOOL
+(WINAPI *CryptGenRandomFn)(
+    HCRYPTPROV hProv,
+    DWORD dwLen,
+    BYTE *pbBuffer);
+
 /*
  * Windows XP and Windows Server 2003 and later have RtlGenRandom,
  * which must be looked up by the name SystemFunction036.
@@ -379,19 +432,50 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
 {
     HMODULE hModule;
     RtlGenRandomFn pRtlGenRandom;
+    CryptAcquireContextAFn pCryptAcquireContextA;
+    CryptReleaseContextFn pCryptReleaseContext;
+    CryptGenRandomFn pCryptGenRandom;
+    HCRYPTPROV hCryptProv;
     size_t bytes = 0;
 
     usedWindowsPRNG = PR_FALSE;
     hModule = LoadLibrary("advapi32.dll");
     if (hModule == NULL) {
-	return bytes;
+	return rng_systemFromNoise(dest,maxLen);
     }
     pRtlGenRandom = (RtlGenRandomFn)
 	GetProcAddress(hModule, "SystemFunction036");
-    if (pRtlGenRandom && pRtlGenRandom(dest, maxLen)) {
-	bytes = maxLen;
-	usedWindowsPRNG = PR_TRUE;
+    if (pRtlGenRandom) {
+	if (pRtlGenRandom(dest, maxLen)) {
+	    bytes = maxLen;
+	    usedWindowsPRNG = PR_TRUE;
+	} else {
+	    bytes = rng_systemFromNoise(dest,maxLen);
+	}
+	goto done;
     }
+    pCryptAcquireContextA = (CryptAcquireContextAFn)
+	GetProcAddress(hModule, "CryptAcquireContextA");
+    pCryptReleaseContext = (CryptReleaseContextFn)
+	GetProcAddress(hModule, "CryptReleaseContext");
+    pCryptGenRandom = (CryptGenRandomFn)
+	GetProcAddress(hModule, "CryptGenRandom");
+    if (!pCryptAcquireContextA || !pCryptReleaseContext || !pCryptGenRandom) {
+	bytes = rng_systemFromNoise(dest,maxLen);
+	goto done;
+    }
+    if (pCryptAcquireContextA(&hCryptProv, NULL, NULL,
+	PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+	if (pCryptGenRandom(hCryptProv, maxLen, dest)) {
+	    bytes = maxLen;
+	    usedWindowsPRNG = PR_TRUE;
+	}
+	pCryptReleaseContext(hCryptProv, 0);
+    }
+    if (bytes == 0) {
+	bytes = rng_systemFromNoise(dest,maxLen);
+    }
+done:
     FreeLibrary(hModule);
     return bytes;
 }

security/nss/lib/softoken/config.mk

@@ -20,21 +20,23 @@ IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)
 RES = $(OBJDIR)/$(LIBRARY_NAME).res
 RESNAME = $(LIBRARY_NAME).rc
 
+#	-l$(SQLITE_LIB_NAME) 
 ifdef NS_USE_GCC
 EXTRA_SHARED_LIBS += \
 	-L$(DIST)/lib \
-	-l$(SQLITE_LIB_NAME) \
 	-L$(NSSUTIL_LIB_DIR) \
 	-lnssutil3 \
 	-L$(NSPR_LIB_DIR) \
 	-lplc4 \
 	-lplds4 \
 	-lnspr4 \
+	-lsqlite3 \
 	$(NULL)
 else # ! NS_USE_GCC
 
+#	$(DIST)/lib/$(SQLITE_LIB_NAME).lib 
 EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/$(SQLITE_LIB_NAME).lib \
+	$(DIST)/lib/sqlite3.lib \
 	$(NSSUTIL_LIB_DIR)/nssutil3.lib \
 	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
 	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \

security/nss/lib/softoken/manifest.mn

@@ -13,6 +13,7 @@ MAPFILE = $(OBJDIR)/softokn.def
 
 DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
 
+SQLITE_INCLUDE_DIR=$(DIST)/include/sqlite3
 ifdef SQLITE_INCLUDE_DIR
 INCLUDES += -I$(SQLITE_INCLUDE_DIR)
 endif

security/nss/lib/softoken/sdb.c

@@ -268,8 +268,8 @@ sdb_getTempDir(sqlite3 *sqlDB)
     char *foundSeparator = NULL;
 
     /* Obtain temporary filename in sqlite's directory for temporary tables */
-    sqlrv = sqlite3_file_control(sqlDB, 0, SQLITE_FCNTL_TEMPFILENAME,
-				 (void*)&tempName);
+    sqlrv = SQLITE_NOTFOUND;/*sqlite3_file_control(sqlDB, 0, SQLITE_FCNTL_TEMPFILENAME,
+				 (void*)&tempName);*/
     if (sqlrv == SQLITE_NOTFOUND) {
 	/* SQLITE_FCNTL_TEMPFILENAME not implemented because we are using
 	 * an older SQLite. */