PageRenderTime 106ms CodeModel.GetById 14ms app.highlight 80ms RepoModel.GetById 1ms app.codeStats 1ms

/security/nss/lib/ckfw/wrap.c

http://github.com/zpao/v8monkey
C | 5708 lines | 4510 code | 658 blank | 540 comment | 572 complexity | 09aec1885d373ac5355d1d8903bec7ae MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1/* ***** BEGIN LICENSE BLOCK *****
   2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   3 *
   4 * The contents of this file are subject to the Mozilla Public License Version
   5 * 1.1 (the "License"); you may not use this file except in compliance with
   6 * the License. You may obtain a copy of the License at
   7 * http://www.mozilla.org/MPL/
   8 *
   9 * Software distributed under the License is distributed on an "AS IS" basis,
  10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11 * for the specific language governing rights and limitations under the
  12 * License.
  13 *
  14 * The Original Code is the Netscape security libraries.
  15 *
  16 * The Initial Developer of the Original Code is
  17 * Netscape Communications Corporation.
  18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
  19 * the Initial Developer. All Rights Reserved.
  20 *
  21 * Contributor(s):
  22 *
  23 * Alternatively, the contents of this file may be used under the terms of
  24 * either the GNU General Public License Version 2 or later (the "GPL"), or
  25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  26 * in which case the provisions of the GPL or the LGPL are applicable instead
  27 * of those above. If you wish to allow use of your version of this file only
  28 * under the terms of either the GPL or the LGPL, and not to allow others to
  29 * use your version of this file under the terms of the MPL, indicate your
  30 * decision by deleting the provisions above and replace them with the notice
  31 * and other provisions required by the GPL or the LGPL. If you do not delete
  32 * the provisions above, a recipient may use your version of this file under
  33 * the terms of any one of the MPL, the GPL or the LGPL.
  34 *
  35 * ***** END LICENSE BLOCK ***** */
  36
  37#ifdef DEBUG
  38static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.20 $ $Date: 2010/04/03 18:27:29 $";
  39#endif /* DEBUG */
  40
  41/*
  42 * wrap.c
  43 *
  44 * This file contains the routines that actually implement the cryptoki
  45 * API, using the internal APIs of the NSS Cryptoki Framework.  There is
  46 * one routine here for every cryptoki routine.  For linking reasons
  47 * the actual entry points passed back with C_GetFunctionList have to
  48 * exist in one of the Module's source files; however, those are merely
  49 * simple wrappers that call these routines.  The intelligence of the
  50 * implementations is here.
  51 */
  52
  53#ifndef CK_T
  54#include "ck.h"
  55#endif /* CK_T */
  56
  57/*
  58 * NSSCKFWC_Initialize
  59 * NSSCKFWC_Finalize
  60 * NSSCKFWC_GetInfo
  61 * -- NSSCKFWC_GetFunctionList -- see the API insert file
  62 * NSSCKFWC_GetSlotList
  63 * NSSCKFWC_GetSlotInfo
  64 * NSSCKFWC_GetTokenInfo
  65 * NSSCKFWC_WaitForSlotEvent
  66 * NSSCKFWC_GetMechanismList
  67 * NSSCKFWC_GetMechanismInfo
  68 * NSSCKFWC_InitToken
  69 * NSSCKFWC_InitPIN
  70 * NSSCKFWC_SetPIN
  71 * NSSCKFWC_OpenSession
  72 * NSSCKFWC_CloseSession
  73 * NSSCKFWC_CloseAllSessions
  74 * NSSCKFWC_GetSessionInfo
  75 * NSSCKFWC_GetOperationState
  76 * NSSCKFWC_SetOperationState
  77 * NSSCKFWC_Login
  78 * NSSCKFWC_Logout
  79 * NSSCKFWC_CreateObject
  80 * NSSCKFWC_CopyObject
  81 * NSSCKFWC_DestroyObject
  82 * NSSCKFWC_GetObjectSize
  83 * NSSCKFWC_GetAttributeValue
  84 * NSSCKFWC_SetAttributeValue
  85 * NSSCKFWC_FindObjectsInit
  86 * NSSCKFWC_FindObjects
  87 * NSSCKFWC_FindObjectsFinal
  88 * NSSCKFWC_EncryptInit
  89 * NSSCKFWC_Encrypt
  90 * NSSCKFWC_EncryptUpdate
  91 * NSSCKFWC_EncryptFinal
  92 * NSSCKFWC_DecryptInit
  93 * NSSCKFWC_Decrypt
  94 * NSSCKFWC_DecryptUpdate
  95 * NSSCKFWC_DecryptFinal
  96 * NSSCKFWC_DigestInit
  97 * NSSCKFWC_Digest
  98 * NSSCKFWC_DigestUpdate
  99 * NSSCKFWC_DigestKey
 100 * NSSCKFWC_DigestFinal
 101 * NSSCKFWC_SignInit
 102 * NSSCKFWC_Sign
 103 * NSSCKFWC_SignUpdate
 104 * NSSCKFWC_SignFinal
 105 * NSSCKFWC_SignRecoverInit
 106 * NSSCKFWC_SignRecover
 107 * NSSCKFWC_VerifyInit
 108 * NSSCKFWC_Verify
 109 * NSSCKFWC_VerifyUpdate
 110 * NSSCKFWC_VerifyFinal
 111 * NSSCKFWC_VerifyRecoverInit
 112 * NSSCKFWC_VerifyRecover
 113 * NSSCKFWC_DigestEncryptUpdate
 114 * NSSCKFWC_DecryptDigestUpdate
 115 * NSSCKFWC_SignEncryptUpdate
 116 * NSSCKFWC_DecryptVerifyUpdate
 117 * NSSCKFWC_GenerateKey
 118 * NSSCKFWC_GenerateKeyPair
 119 * NSSCKFWC_WrapKey
 120 * NSSCKFWC_UnwrapKey
 121 * NSSCKFWC_DeriveKey
 122 * NSSCKFWC_SeedRandom
 123 * NSSCKFWC_GenerateRandom
 124 * NSSCKFWC_GetFunctionStatus
 125 * NSSCKFWC_CancelFunction
 126 */
 127
 128/* figure out out locking semantics */
 129static CK_RV
 130nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
 131                           CryptokiLockingState *pLocking_state) {
 132  int functionCount = 0;
 133
 134  /* parsed according to (PKCS #11 Section 11.4) */
 135  /* no args, the degenerate version of case 1 */
 136  if (!pInitArgs) {
 137    *pLocking_state = SingleThreaded;
 138    return CKR_OK;
 139  } 
 140
 141  /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
 142  if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
 143    *pLocking_state = MultiThreaded;
 144    return CKR_OK;
 145  }
 146  if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
 147  if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
 148  if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
 149  if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
 150
 151  /* CKF_OS_LOCKING_OK is not set, and not functions supplied, 
 152   * explicit case 1 */
 153  if (0 == functionCount) {
 154    *pLocking_state = SingleThreaded;
 155    return CKR_OK;
 156  }
 157
 158  /* OS_LOCKING_OK is not set and functions have been supplied. Since
 159   * ckfw uses nssbase library which explicitly calls NSPR, and since 
 160   * there is no way to reliably override these explicit calls to NSPR,
 161   * therefore we can't support applications which have their own threading 
 162   * module.  Return CKR_CANT_LOCK if they supplied the correct number of 
 163   * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will 
 164   * fail the initialize */
 165  return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
 166}
 167
 168static PRInt32 liveInstances;
 169
 170/*
 171 * NSSCKFWC_Initialize
 172 *
 173 */
 174NSS_IMPLEMENT CK_RV
 175NSSCKFWC_Initialize
 176(
 177  NSSCKFWInstance **pFwInstance,
 178  NSSCKMDInstance *mdInstance,
 179  CK_VOID_PTR pInitArgs
 180)
 181{
 182  CK_RV error = CKR_OK;
 183  CryptokiLockingState locking_state;
 184
 185  if( (NSSCKFWInstance **)NULL == pFwInstance ) {
 186    error = CKR_GENERAL_ERROR;
 187    goto loser;
 188  }
 189
 190  if (*pFwInstance) {
 191    error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
 192    goto loser;
 193  }
 194
 195  if (!mdInstance) {
 196    error = CKR_GENERAL_ERROR;
 197    goto loser;
 198  }
 199
 200  error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
 201  if( CKR_OK != error ) {
 202    goto loser;
 203  }
 204
 205  *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
 206  if (!*pFwInstance) {
 207    goto loser;
 208  }
 209  PR_ATOMIC_INCREMENT(&liveInstances);
 210  return CKR_OK;
 211
 212 loser:
 213  switch( error ) {
 214  case CKR_ARGUMENTS_BAD:
 215  case CKR_CANT_LOCK:
 216  case CKR_CRYPTOKI_ALREADY_INITIALIZED:
 217  case CKR_FUNCTION_FAILED:
 218  case CKR_GENERAL_ERROR:
 219  case CKR_HOST_MEMORY:
 220  case CKR_NEED_TO_CREATE_THREADS:
 221    break;
 222  default:
 223  case CKR_OK:
 224    error = CKR_GENERAL_ERROR;
 225    break;
 226  }
 227
 228  return error;
 229}
 230
 231/*
 232 * NSSCKFWC_Finalize
 233 *
 234 */
 235NSS_IMPLEMENT CK_RV
 236NSSCKFWC_Finalize
 237(
 238  NSSCKFWInstance **pFwInstance
 239)
 240{
 241  CK_RV error = CKR_OK;
 242
 243  if( (NSSCKFWInstance **)NULL == pFwInstance ) {
 244    error = CKR_GENERAL_ERROR;
 245    goto loser;
 246  }
 247
 248  if (!*pFwInstance) {
 249    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 250    goto loser;
 251  }
 252
 253  error = nssCKFWInstance_Destroy(*pFwInstance);
 254
 255  /* In any case */
 256  *pFwInstance = (NSSCKFWInstance *)NULL;
 257
 258 loser:
 259  switch( error ) {
 260  PRInt32 remainingInstances;
 261  case CKR_OK:
 262    remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
 263    if (!remainingInstances) {
 264	nssArena_Shutdown();
 265    }
 266    break;
 267  case CKR_CRYPTOKI_NOT_INITIALIZED:
 268  case CKR_FUNCTION_FAILED:
 269  case CKR_GENERAL_ERROR:
 270  case CKR_HOST_MEMORY:
 271    break;
 272  default:
 273    error = CKR_GENERAL_ERROR;
 274    break;
 275  }
 276
 277  /*
 278   * A thread's error stack is automatically destroyed when the thread
 279   * terminates or, for the primordial thread, by PR_Cleanup.  On
 280   * Windows with MinGW, the thread private data destructor PR_Free
 281   * registered by this module is actually a thunk for PR_Free defined
 282   * in this module.  When the thread that unloads this module terminates
 283   * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
 284   * module.  Therefore we need to destroy the error stack before the
 285   * module is unloaded.
 286   */
 287  nss_DestroyErrorStack();
 288  return error;
 289}
 290
 291/*
 292 * NSSCKFWC_GetInfo
 293 *
 294 */
 295NSS_IMPLEMENT CK_RV
 296NSSCKFWC_GetInfo
 297(
 298  NSSCKFWInstance *fwInstance,
 299  CK_INFO_PTR pInfo
 300)
 301{
 302  CK_RV error = CKR_OK;
 303
 304  if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
 305    error = CKR_ARGUMENTS_BAD;
 306    goto loser;
 307  }
 308
 309  /*
 310   * A purify error here means a caller error
 311   */
 312  (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
 313
 314  pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
 315
 316  error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
 317  if( CKR_OK != error ) {
 318    goto loser;
 319  }
 320
 321  pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
 322
 323  error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
 324  if( CKR_OK != error ) {
 325    goto loser;
 326  }
 327
 328  pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
 329
 330  return CKR_OK;
 331
 332 loser:
 333  switch( error ) {
 334  case CKR_CRYPTOKI_NOT_INITIALIZED:
 335  case CKR_FUNCTION_FAILED:
 336  case CKR_GENERAL_ERROR:
 337  case CKR_HOST_MEMORY:
 338    break;
 339  default:
 340    error = CKR_GENERAL_ERROR;
 341    break;
 342  }
 343
 344  return error;
 345}
 346  
 347/*
 348 * C_GetFunctionList is implemented entirely in the Module's file which
 349 * includes the Framework API insert file.  It requires no "actual"
 350 * NSSCKFW routine.
 351 */
 352
 353/*
 354 * NSSCKFWC_GetSlotList
 355 *
 356 */
 357NSS_IMPLEMENT CK_RV
 358NSSCKFWC_GetSlotList
 359(
 360  NSSCKFWInstance *fwInstance,
 361  CK_BBOOL tokenPresent,
 362  CK_SLOT_ID_PTR pSlotList,
 363  CK_ULONG_PTR pulCount
 364)
 365{
 366  CK_RV error = CKR_OK;
 367  CK_ULONG nSlots;
 368
 369  if (!fwInstance) {
 370    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 371    goto loser;
 372  }
 373
 374  switch( tokenPresent ) {
 375  case CK_TRUE:
 376  case CK_FALSE:
 377    break;
 378  default:
 379    error = CKR_ARGUMENTS_BAD;
 380    goto loser;
 381  }
 382
 383  if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
 384    error = CKR_ARGUMENTS_BAD;
 385    goto loser;
 386  }
 387
 388  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 389  if( (CK_ULONG)0 == nSlots ) {
 390    goto loser;
 391  }
 392
 393  if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
 394    *pulCount = nSlots;
 395    return CKR_OK;
 396  } 
 397    
 398  /*
 399   * A purify error here indicates caller error.
 400   */
 401  (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
 402
 403  if( *pulCount < nSlots ) {
 404    *pulCount = nSlots;
 405    error = CKR_BUFFER_TOO_SMALL;
 406    goto loser;
 407  } else {
 408    CK_ULONG i;
 409    *pulCount = nSlots;
 410    
 411    /* 
 412     * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
 413     * just index one when we need it.
 414     */
 415
 416    for( i = 0; i < nSlots; i++ ) {
 417      pSlotList[i] = i+1;
 418    }
 419
 420    return CKR_OK;
 421  }
 422
 423 loser:
 424  switch( error ) {
 425  case CKR_BUFFER_TOO_SMALL:
 426  case CKR_CRYPTOKI_NOT_INITIALIZED:
 427  case CKR_FUNCTION_FAILED:
 428  case CKR_GENERAL_ERROR:
 429  case CKR_HOST_MEMORY:
 430    break;
 431  default:
 432  case CKR_OK:
 433    error = CKR_GENERAL_ERROR;
 434    break;
 435  }
 436
 437  return error;
 438}
 439 
 440/*
 441 * NSSCKFWC_GetSlotInfo
 442 *
 443 */
 444NSS_IMPLEMENT CK_RV
 445NSSCKFWC_GetSlotInfo
 446(
 447  NSSCKFWInstance *fwInstance,
 448  CK_SLOT_ID slotID,
 449  CK_SLOT_INFO_PTR pInfo
 450)
 451{
 452  CK_RV error = CKR_OK;
 453  CK_ULONG nSlots;
 454  NSSCKFWSlot **slots;
 455  NSSCKFWSlot *fwSlot;
 456
 457  if (!fwInstance) {
 458    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 459    goto loser;
 460  }
 461
 462  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 463  if( (CK_ULONG)0 == nSlots ) {
 464    goto loser;
 465  }
 466
 467  if( (slotID < 1) || (slotID > nSlots) ) {
 468    error = CKR_SLOT_ID_INVALID;
 469    goto loser;
 470  }
 471
 472  if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
 473    error = CKR_ARGUMENTS_BAD;
 474    goto loser;
 475  }
 476
 477  /*
 478   * A purify error here indicates caller error.
 479   */
 480  (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
 481
 482  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
 483  if( (NSSCKFWSlot **)NULL == slots ) {
 484    goto loser;
 485  }
 486
 487  fwSlot = slots[ slotID-1 ];
 488
 489  error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
 490  if( CKR_OK != error ) {
 491    goto loser;
 492  }
 493
 494  error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
 495  if( CKR_OK != error ) {
 496    goto loser;
 497  }
 498
 499  if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
 500    pInfo->flags |= CKF_TOKEN_PRESENT;
 501  }
 502
 503  if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
 504    pInfo->flags |= CKF_REMOVABLE_DEVICE;
 505  }
 506
 507  if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
 508    pInfo->flags |= CKF_HW_SLOT;
 509  }
 510
 511  pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
 512  pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
 513
 514  return CKR_OK;
 515
 516 loser:
 517  switch( error ) {
 518  case CKR_CRYPTOKI_NOT_INITIALIZED:
 519  case CKR_DEVICE_ERROR:
 520  case CKR_FUNCTION_FAILED:
 521  case CKR_GENERAL_ERROR:
 522  case CKR_HOST_MEMORY:
 523  case CKR_SLOT_ID_INVALID:
 524    break;
 525  default:
 526  case CKR_OK:
 527    error = CKR_GENERAL_ERROR;
 528  }
 529
 530  return error;
 531}
 532
 533/*
 534 * NSSCKFWC_GetTokenInfo
 535 *
 536 */
 537NSS_IMPLEMENT CK_RV
 538NSSCKFWC_GetTokenInfo
 539(
 540  NSSCKFWInstance *fwInstance,
 541  CK_SLOT_ID slotID,
 542  CK_TOKEN_INFO_PTR pInfo
 543)
 544{
 545  CK_RV error = CKR_OK;
 546  CK_ULONG nSlots;
 547  NSSCKFWSlot **slots;
 548  NSSCKFWSlot *fwSlot;
 549  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
 550
 551  if (!fwInstance) {
 552    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 553    goto loser;
 554  }
 555
 556  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 557  if( (CK_ULONG)0 == nSlots ) {
 558    goto loser;
 559  }
 560
 561  if( (slotID < 1) || (slotID > nSlots) ) {
 562    error = CKR_SLOT_ID_INVALID;
 563    goto loser;
 564  }
 565
 566  if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
 567    error = CKR_ARGUMENTS_BAD;
 568    goto loser;
 569  }
 570
 571  /*
 572   * A purify error here indicates caller error.
 573   */
 574  (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
 575
 576  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
 577  if( (NSSCKFWSlot **)NULL == slots ) {
 578    goto loser;
 579  }
 580
 581  fwSlot = slots[ slotID-1 ];
 582
 583  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
 584    error = CKR_TOKEN_NOT_PRESENT;
 585    goto loser;
 586  }
 587
 588  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
 589  if (!fwToken) {
 590    goto loser;
 591  }
 592
 593  error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
 594  if( CKR_OK != error ) {
 595    goto loser;
 596  }
 597
 598  error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
 599  if( CKR_OK != error ) {
 600    goto loser;
 601  }
 602
 603  error = nssCKFWToken_GetModel(fwToken, pInfo->model);
 604  if( CKR_OK != error ) {
 605    goto loser;
 606  }
 607
 608  error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
 609  if( CKR_OK != error ) {
 610    goto loser;
 611  }
 612
 613  if( nssCKFWToken_GetHasRNG(fwToken) ) {
 614    pInfo->flags |= CKF_RNG;
 615  }
 616
 617  if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
 618    pInfo->flags |= CKF_WRITE_PROTECTED;
 619  }
 620
 621  if( nssCKFWToken_GetLoginRequired(fwToken) ) {
 622    pInfo->flags |= CKF_LOGIN_REQUIRED;
 623  }
 624
 625  if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
 626    pInfo->flags |= CKF_USER_PIN_INITIALIZED;
 627  }
 628
 629  if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
 630    pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
 631  }
 632
 633  if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
 634    pInfo->flags |= CKF_CLOCK_ON_TOKEN;
 635  }
 636
 637  if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
 638    pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
 639  }
 640
 641  if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
 642    pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
 643  }
 644
 645  pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
 646  pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
 647  pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
 648  pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
 649  pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
 650  pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
 651  pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
 652  pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
 653  pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
 654  pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
 655  pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
 656  pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
 657  
 658  error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
 659  if( CKR_OK != error ) {
 660    goto loser;
 661  }
 662
 663  return CKR_OK;
 664
 665 loser:
 666  switch( error ) {
 667  case CKR_DEVICE_REMOVED:
 668  case CKR_TOKEN_NOT_PRESENT:
 669    if (fwToken)
 670      nssCKFWToken_Destroy(fwToken);
 671    break;
 672  case CKR_CRYPTOKI_NOT_INITIALIZED:
 673  case CKR_DEVICE_ERROR:
 674  case CKR_DEVICE_MEMORY:
 675  case CKR_FUNCTION_FAILED:
 676  case CKR_GENERAL_ERROR:
 677  case CKR_HOST_MEMORY:
 678  case CKR_SLOT_ID_INVALID:
 679  case CKR_TOKEN_NOT_RECOGNIZED:
 680    break;
 681  default:
 682  case CKR_OK:
 683    error = CKR_GENERAL_ERROR;
 684    break;
 685  }
 686
 687  return error;
 688}
 689
 690/*
 691 * NSSCKFWC_WaitForSlotEvent
 692 *
 693 */
 694NSS_IMPLEMENT CK_RV
 695NSSCKFWC_WaitForSlotEvent
 696(
 697  NSSCKFWInstance *fwInstance,
 698  CK_FLAGS flags,
 699  CK_SLOT_ID_PTR pSlot,
 700  CK_VOID_PTR pReserved
 701)
 702{
 703  CK_RV error = CKR_OK;
 704  CK_ULONG nSlots;
 705  CK_BBOOL block;
 706  NSSCKFWSlot **slots;
 707  NSSCKFWSlot *fwSlot;
 708  CK_ULONG i;
 709
 710  if (!fwInstance) {
 711    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 712    goto loser;
 713  }
 714
 715  if( flags & ~CKF_DONT_BLOCK ) {
 716    error = CKR_ARGUMENTS_BAD;
 717    goto loser;
 718  }
 719
 720  block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
 721
 722  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 723  if( (CK_ULONG)0 == nSlots ) {
 724    goto loser;
 725  }
 726
 727  if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
 728    error = CKR_ARGUMENTS_BAD;
 729    goto loser;
 730  }
 731
 732  if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
 733    error = CKR_ARGUMENTS_BAD;
 734    goto loser;
 735  }
 736
 737  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
 738  if( (NSSCKFWSlot **)NULL == slots ) {
 739    goto loser;
 740  }
 741
 742  fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
 743  if (!fwSlot) {
 744    goto loser;
 745  }
 746
 747  for( i = 0; i < nSlots; i++ ) {
 748    if( fwSlot == slots[i] ) {
 749      *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
 750      return CKR_OK;
 751    }
 752  }
 753
 754  error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
 755
 756 loser:
 757  switch( error ) {
 758  case CKR_CRYPTOKI_NOT_INITIALIZED:
 759  case CKR_FUNCTION_FAILED:
 760  case CKR_GENERAL_ERROR:
 761  case CKR_HOST_MEMORY:
 762  case CKR_NO_EVENT:
 763    break;
 764  default:
 765  case CKR_OK:
 766    error = CKR_GENERAL_ERROR;
 767    break;
 768  }
 769
 770  return error;
 771}
 772
 773/*
 774 * NSSCKFWC_GetMechanismList
 775 *
 776 */
 777NSS_IMPLEMENT CK_RV
 778NSSCKFWC_GetMechanismList
 779(
 780  NSSCKFWInstance *fwInstance,
 781  CK_SLOT_ID slotID,
 782  CK_MECHANISM_TYPE_PTR pMechanismList,
 783  CK_ULONG_PTR pulCount
 784)
 785{
 786  CK_RV error = CKR_OK;
 787  CK_ULONG nSlots;
 788  NSSCKFWSlot **slots;
 789  NSSCKFWSlot *fwSlot;
 790  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
 791  CK_ULONG count;
 792
 793  if (!fwInstance) {
 794    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 795    goto loser;
 796  }
 797
 798  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 799  if( (CK_ULONG)0 == nSlots ) {
 800    goto loser;
 801  }
 802
 803  if( (slotID < 1) || (slotID > nSlots) ) {
 804    error = CKR_SLOT_ID_INVALID;
 805    goto loser;
 806  }
 807
 808  if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
 809    error = CKR_ARGUMENTS_BAD;
 810    goto loser;
 811  }
 812
 813  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
 814  if( (NSSCKFWSlot **)NULL == slots ) {
 815    goto loser;
 816  }
 817
 818  fwSlot = slots[ slotID-1 ];
 819
 820  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
 821    error = CKR_TOKEN_NOT_PRESENT;
 822    goto loser;
 823  }
 824
 825  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
 826  if (!fwToken) {
 827    goto loser;
 828  }
 829
 830  count = nssCKFWToken_GetMechanismCount(fwToken);
 831
 832  if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
 833    *pulCount = count;
 834    return CKR_OK;
 835  }
 836
 837  if( *pulCount < count ) {
 838    *pulCount = count;
 839    error = CKR_BUFFER_TOO_SMALL;
 840    goto loser;
 841  }
 842
 843  /*
 844   * A purify error here indicates caller error.
 845   */
 846  (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
 847
 848  *pulCount = count;
 849
 850  if( 0 != count ) {
 851    error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
 852  } else {
 853    error = CKR_OK;
 854  }
 855
 856  if( CKR_OK == error ) {
 857    return CKR_OK;
 858  }
 859
 860 loser:
 861  switch( error ) {
 862  case CKR_DEVICE_REMOVED:
 863  case CKR_TOKEN_NOT_PRESENT:
 864    if (fwToken)
 865      nssCKFWToken_Destroy(fwToken);
 866    break;
 867  case CKR_ARGUMENTS_BAD:
 868  case CKR_BUFFER_TOO_SMALL:
 869  case CKR_CRYPTOKI_NOT_INITIALIZED:
 870  case CKR_DEVICE_ERROR:
 871  case CKR_DEVICE_MEMORY:
 872  case CKR_FUNCTION_FAILED:
 873  case CKR_GENERAL_ERROR:
 874  case CKR_HOST_MEMORY:
 875  case CKR_SLOT_ID_INVALID:
 876  case CKR_TOKEN_NOT_RECOGNIZED:
 877    break;
 878  default:
 879  case CKR_OK:
 880    error = CKR_GENERAL_ERROR;
 881    break;
 882  }
 883
 884  return error;
 885}
 886
 887/*
 888 * NSSCKFWC_GetMechanismInfo
 889 *
 890 */
 891NSS_IMPLEMENT CK_RV
 892NSSCKFWC_GetMechanismInfo
 893(
 894  NSSCKFWInstance *fwInstance,
 895  CK_SLOT_ID slotID,
 896  CK_MECHANISM_TYPE type,
 897  CK_MECHANISM_INFO_PTR pInfo
 898)
 899{
 900  CK_RV error = CKR_OK;
 901  CK_ULONG nSlots;
 902  NSSCKFWSlot **slots;
 903  NSSCKFWSlot *fwSlot;
 904  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
 905  NSSCKFWMechanism *fwMechanism;
 906
 907  if (!fwInstance) {
 908    error = CKR_CRYPTOKI_NOT_INITIALIZED;
 909    goto loser;
 910  }
 911
 912  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
 913  if( (CK_ULONG)0 == nSlots ) {
 914    goto loser;
 915  }
 916
 917  if( (slotID < 1) || (slotID > nSlots) ) {
 918    error = CKR_SLOT_ID_INVALID;
 919    goto loser;
 920  }
 921
 922  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
 923  if( (NSSCKFWSlot **)NULL == slots ) {
 924    goto loser;
 925  }
 926
 927  fwSlot = slots[ slotID-1 ];
 928
 929  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
 930    error = CKR_TOKEN_NOT_PRESENT;
 931    goto loser;
 932  }
 933
 934  if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
 935    error = CKR_ARGUMENTS_BAD;
 936    goto loser;
 937  }
 938
 939  /*
 940   * A purify error here indicates caller error.
 941   */
 942  (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
 943
 944  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
 945  if (!fwToken) {
 946    goto loser;
 947  }
 948
 949  fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
 950  if (!fwMechanism) {
 951    goto loser;
 952  }
 953
 954  pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
 955  pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
 956
 957  if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
 958    pInfo->flags |= CKF_HW;
 959  }
 960  if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
 961    pInfo->flags |= CKF_ENCRYPT;
 962  }
 963  if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
 964    pInfo->flags |= CKF_DECRYPT;
 965  }
 966  if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
 967    pInfo->flags |= CKF_DIGEST;
 968  }
 969  if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
 970    pInfo->flags |= CKF_SIGN;
 971  }
 972  if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
 973    pInfo->flags |= CKF_SIGN_RECOVER;
 974  }
 975  if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
 976    pInfo->flags |= CKF_VERIFY;
 977  }
 978  if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
 979    pInfo->flags |= CKF_VERIFY_RECOVER;
 980  }
 981  if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
 982    pInfo->flags |= CKF_GENERATE;
 983  }
 984  if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
 985    pInfo->flags |= CKF_GENERATE_KEY_PAIR;
 986  }
 987  if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
 988    pInfo->flags |= CKF_WRAP;
 989  }
 990  if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
 991    pInfo->flags |= CKF_UNWRAP;
 992  }
 993  if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
 994    pInfo->flags |= CKF_DERIVE;
 995  }
 996  nssCKFWMechanism_Destroy(fwMechanism);
 997
 998  return error;
 999
1000 loser:
1001  switch( error ) {
1002  case CKR_DEVICE_REMOVED:
1003  case CKR_TOKEN_NOT_PRESENT:
1004    if (fwToken)
1005      nssCKFWToken_Destroy(fwToken);
1006    break;
1007  case CKR_ARGUMENTS_BAD:
1008  case CKR_CRYPTOKI_NOT_INITIALIZED:
1009  case CKR_DEVICE_ERROR:
1010  case CKR_DEVICE_MEMORY:
1011  case CKR_FUNCTION_FAILED:
1012  case CKR_GENERAL_ERROR:
1013  case CKR_HOST_MEMORY:
1014  case CKR_MECHANISM_INVALID:
1015  case CKR_SLOT_ID_INVALID:
1016  case CKR_TOKEN_NOT_RECOGNIZED:
1017    break;
1018  default:
1019  case CKR_OK:
1020    error = CKR_GENERAL_ERROR;
1021    break;
1022  }
1023
1024  return error;
1025}
1026
1027/*
1028 * NSSCKFWC_InitToken
1029 *
1030 */
1031NSS_IMPLEMENT CK_RV
1032NSSCKFWC_InitToken
1033(
1034  NSSCKFWInstance *fwInstance,
1035  CK_SLOT_ID slotID,
1036  CK_CHAR_PTR pPin,
1037  CK_ULONG ulPinLen,
1038  CK_CHAR_PTR pLabel
1039)
1040{
1041  CK_RV error = CKR_OK;
1042  CK_ULONG nSlots;
1043  NSSCKFWSlot **slots;
1044  NSSCKFWSlot *fwSlot;
1045  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1046  NSSItem pin;
1047  NSSUTF8 *label;
1048
1049  if (!fwInstance) {
1050    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1051    goto loser;
1052  }
1053
1054  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1055  if( (CK_ULONG)0 == nSlots ) {
1056    goto loser;
1057  }
1058
1059  if( (slotID < 1) || (slotID > nSlots) ) {
1060    error = CKR_SLOT_ID_INVALID;
1061    goto loser;
1062  }
1063
1064  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1065  if( (NSSCKFWSlot **)NULL == slots ) {
1066    goto loser;
1067  }
1068
1069  fwSlot = slots[ slotID-1 ];
1070
1071  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1072    error = CKR_TOKEN_NOT_PRESENT;
1073    goto loser;
1074  }
1075
1076  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1077  if (!fwToken) {
1078    goto loser;
1079  }
1080
1081  pin.size = (PRUint32)ulPinLen;
1082  pin.data = (void *)pPin;
1083  label = (NSSUTF8 *)pLabel; /* identity conversion */
1084
1085  error = nssCKFWToken_InitToken(fwToken, &pin, label);
1086  if( CKR_OK != error ) {
1087    goto loser;
1088  }
1089
1090  return CKR_OK;
1091
1092 loser:
1093  switch( error ) {
1094  case CKR_DEVICE_REMOVED:
1095  case CKR_TOKEN_NOT_PRESENT:
1096    if (fwToken)
1097      nssCKFWToken_Destroy(fwToken);
1098    break;
1099  case CKR_ARGUMENTS_BAD:
1100  case CKR_CRYPTOKI_NOT_INITIALIZED:
1101  case CKR_DEVICE_ERROR:
1102  case CKR_DEVICE_MEMORY:
1103  case CKR_FUNCTION_FAILED:
1104  case CKR_GENERAL_ERROR:
1105  case CKR_HOST_MEMORY:
1106  case CKR_PIN_INCORRECT:
1107  case CKR_PIN_LOCKED:
1108  case CKR_SESSION_EXISTS:
1109  case CKR_SLOT_ID_INVALID:
1110  case CKR_TOKEN_NOT_RECOGNIZED:
1111  case CKR_TOKEN_WRITE_PROTECTED:
1112    break;
1113  default:
1114  case CKR_OK:
1115    error = CKR_GENERAL_ERROR;
1116    break;
1117  }
1118
1119  return error;
1120}
1121
1122/*
1123 * NSSCKFWC_InitPIN
1124 *
1125 */
1126NSS_IMPLEMENT CK_RV
1127NSSCKFWC_InitPIN
1128(
1129  NSSCKFWInstance *fwInstance,
1130  CK_SESSION_HANDLE hSession,
1131  CK_CHAR_PTR pPin,
1132  CK_ULONG ulPinLen
1133)
1134{
1135  CK_RV error = CKR_OK;
1136  NSSCKFWSession *fwSession;
1137  NSSItem pin, *arg;
1138
1139  if (!fwInstance) {
1140    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1141    goto loser;
1142  }
1143
1144  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1145  if (!fwSession) {
1146    error = CKR_SESSION_HANDLE_INVALID;
1147    goto loser;
1148  }
1149
1150  if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1151    arg = (NSSItem *)NULL;
1152  } else {
1153    arg = &pin;
1154    pin.size = (PRUint32)ulPinLen;
1155    pin.data = (void *)pPin;
1156  }
1157
1158  error = nssCKFWSession_InitPIN(fwSession, arg);
1159  if( CKR_OK != error ) {
1160    goto loser;
1161  }
1162
1163  return CKR_OK;
1164
1165 loser:
1166  switch( error ) {
1167  case CKR_SESSION_CLOSED:
1168    /* destroy session? */
1169    break;
1170  case CKR_DEVICE_REMOVED:
1171    /* (void)nssCKFWToken_Destroy(fwToken); */
1172    break;
1173  case CKR_ARGUMENTS_BAD:
1174  case CKR_CRYPTOKI_NOT_INITIALIZED:
1175  case CKR_DEVICE_ERROR:
1176  case CKR_DEVICE_MEMORY:
1177  case CKR_FUNCTION_FAILED:
1178  case CKR_GENERAL_ERROR:
1179  case CKR_HOST_MEMORY:
1180  case CKR_PIN_INVALID:
1181  case CKR_PIN_LEN_RANGE:
1182  case CKR_SESSION_READ_ONLY:
1183  case CKR_SESSION_HANDLE_INVALID:
1184  case CKR_TOKEN_WRITE_PROTECTED:
1185  case CKR_USER_NOT_LOGGED_IN:
1186    break;
1187  default:
1188  case CKR_OK:
1189    error = CKR_GENERAL_ERROR;
1190    break;
1191  }
1192
1193  return error;
1194}
1195
1196/*
1197 * NSSCKFWC_SetPIN
1198 *
1199 */
1200NSS_IMPLEMENT CK_RV
1201NSSCKFWC_SetPIN
1202(
1203  NSSCKFWInstance *fwInstance,
1204  CK_SESSION_HANDLE hSession,
1205  CK_CHAR_PTR pOldPin,
1206  CK_ULONG ulOldLen,
1207  CK_CHAR_PTR pNewPin,
1208  CK_ULONG ulNewLen
1209)
1210{
1211  CK_RV error = CKR_OK;
1212  NSSCKFWSession *fwSession;
1213  NSSItem oldPin, newPin, *oldArg, *newArg;
1214
1215  if (!fwInstance) {
1216    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1217    goto loser;
1218  }
1219
1220  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1221  if (!fwSession) {
1222    error = CKR_SESSION_HANDLE_INVALID;
1223    goto loser;
1224  }
1225
1226  if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1227    oldArg = (NSSItem *)NULL;
1228  } else {
1229    oldArg = &oldPin;
1230    oldPin.size = (PRUint32)ulOldLen;
1231    oldPin.data = (void *)pOldPin;
1232  }
1233
1234  if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1235    newArg = (NSSItem *)NULL;
1236  } else {
1237    newArg = &newPin;
1238    newPin.size = (PRUint32)ulNewLen;
1239    newPin.data = (void *)pNewPin;
1240  }
1241
1242  error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1243  if( CKR_OK != error ) {
1244    goto loser;
1245  }
1246
1247  return CKR_OK;
1248
1249 loser:
1250  switch( error ) {
1251  case CKR_SESSION_CLOSED:
1252    /* destroy session? */
1253    break;
1254  case CKR_DEVICE_REMOVED:
1255    /* (void)nssCKFWToken_Destroy(fwToken); */
1256    break;
1257  case CKR_ARGUMENTS_BAD:
1258  case CKR_CRYPTOKI_NOT_INITIALIZED:
1259  case CKR_DEVICE_ERROR:
1260  case CKR_DEVICE_MEMORY:
1261  case CKR_FUNCTION_FAILED:
1262  case CKR_GENERAL_ERROR:
1263  case CKR_HOST_MEMORY:
1264  case CKR_PIN_INCORRECT:
1265  case CKR_PIN_INVALID:
1266  case CKR_PIN_LEN_RANGE:
1267  case CKR_PIN_LOCKED:
1268  case CKR_SESSION_HANDLE_INVALID:
1269  case CKR_SESSION_READ_ONLY:
1270  case CKR_TOKEN_WRITE_PROTECTED:
1271    break;
1272  default:
1273  case CKR_OK:
1274    error = CKR_GENERAL_ERROR;
1275    break;
1276  }
1277
1278  return error;
1279}
1280
1281/*
1282 * NSSCKFWC_OpenSession
1283 *
1284 */
1285NSS_IMPLEMENT CK_RV
1286NSSCKFWC_OpenSession
1287(
1288  NSSCKFWInstance *fwInstance,
1289  CK_SLOT_ID slotID,
1290  CK_FLAGS flags,
1291  CK_VOID_PTR pApplication,
1292  CK_NOTIFY Notify,
1293  CK_SESSION_HANDLE_PTR phSession
1294)
1295{
1296  CK_RV error = CKR_OK;
1297  CK_ULONG nSlots;
1298  NSSCKFWSlot **slots;
1299  NSSCKFWSlot *fwSlot;
1300  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1301  NSSCKFWSession *fwSession;
1302  CK_BBOOL rw;
1303
1304  if (!fwInstance) {
1305    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1306    goto loser;
1307  }
1308
1309  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1310  if( (CK_ULONG)0 == nSlots ) {
1311    goto loser;
1312  }
1313
1314  if( (slotID < 1) || (slotID > nSlots) ) {
1315    error = CKR_SLOT_ID_INVALID;
1316    goto loser;
1317  }
1318
1319  if( flags & CKF_RW_SESSION ) {
1320    rw = CK_TRUE;
1321  } else {
1322    rw = CK_FALSE;
1323  }
1324
1325  if( flags & CKF_SERIAL_SESSION ) {
1326    ;
1327  } else {
1328    error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1329    goto loser;
1330  }
1331
1332  if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1333    error = CKR_ARGUMENTS_BAD;
1334    goto loser;
1335  }
1336
1337  if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1338    error = CKR_ARGUMENTS_BAD;
1339    goto loser;
1340  }
1341
1342  /*
1343   * A purify error here indicates caller error.
1344   */
1345  *phSession = (CK_SESSION_HANDLE)0;
1346
1347  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1348  if( (NSSCKFWSlot **)NULL == slots ) {
1349    goto loser;
1350  }
1351
1352  fwSlot = slots[ slotID-1 ];
1353
1354  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1355    error = CKR_TOKEN_NOT_PRESENT;
1356    goto loser;
1357  }
1358
1359  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1360  if (!fwToken) {
1361    goto loser;
1362  }
1363
1364  fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1365               Notify, &error);
1366  if (!fwSession) {
1367    goto loser;
1368  }
1369
1370  *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1371                 fwSession, &error);
1372  if( (CK_SESSION_HANDLE)0 == *phSession ) {
1373    goto loser;
1374  }
1375
1376  return CKR_OK;
1377
1378 loser:
1379  switch( error ) {
1380  case CKR_SESSION_CLOSED:
1381    /* destroy session? */
1382    break;
1383  case CKR_DEVICE_REMOVED:
1384    /* (void)nssCKFWToken_Destroy(fwToken); */
1385    break;
1386  case CKR_CRYPTOKI_NOT_INITIALIZED:
1387  case CKR_DEVICE_ERROR:
1388  case CKR_DEVICE_MEMORY:
1389  case CKR_FUNCTION_FAILED:
1390  case CKR_GENERAL_ERROR:
1391  case CKR_HOST_MEMORY:
1392  case CKR_SESSION_COUNT:
1393  case CKR_SESSION_EXISTS:
1394  case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1395  case CKR_SESSION_READ_WRITE_SO_EXISTS:
1396  case CKR_SLOT_ID_INVALID:
1397  case CKR_TOKEN_NOT_PRESENT:
1398  case CKR_TOKEN_NOT_RECOGNIZED:
1399  case CKR_TOKEN_WRITE_PROTECTED:
1400    break;
1401  default:
1402  case CKR_OK:
1403    error = CKR_GENERAL_ERROR;
1404    break;
1405  }
1406
1407  return error;
1408}
1409
1410/*
1411 * NSSCKFWC_CloseSession
1412 *
1413 */
1414NSS_IMPLEMENT CK_RV
1415NSSCKFWC_CloseSession
1416(
1417  NSSCKFWInstance *fwInstance,
1418  CK_SESSION_HANDLE hSession
1419)
1420{
1421  CK_RV error = CKR_OK;
1422  NSSCKFWSession *fwSession;
1423
1424  if (!fwInstance) {
1425    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1426    goto loser;
1427  }
1428
1429  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1430  if (!fwSession) {
1431    error = CKR_SESSION_HANDLE_INVALID;
1432    goto loser;
1433  }
1434
1435  nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1436  error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1437
1438  if( CKR_OK != error ) {
1439    goto loser;
1440  }
1441
1442  return CKR_OK;
1443
1444 loser:
1445  switch( error ) {
1446  case CKR_SESSION_CLOSED:
1447    /* destroy session? */
1448    break;
1449  case CKR_DEVICE_REMOVED:
1450    /* (void)nssCKFWToken_Destroy(fwToken); */
1451    break;
1452  case CKR_CRYPTOKI_NOT_INITIALIZED:
1453  case CKR_DEVICE_ERROR:
1454  case CKR_DEVICE_MEMORY:
1455  case CKR_FUNCTION_FAILED:
1456  case CKR_GENERAL_ERROR:
1457  case CKR_HOST_MEMORY:
1458  case CKR_SESSION_HANDLE_INVALID:
1459    break;
1460  default:
1461  case CKR_OK:
1462    error = CKR_GENERAL_ERROR;
1463    break;
1464  }
1465
1466  return error;
1467}
1468
1469/*
1470 * NSSCKFWC_CloseAllSessions
1471 *
1472 */
1473NSS_IMPLEMENT CK_RV
1474NSSCKFWC_CloseAllSessions
1475(
1476  NSSCKFWInstance *fwInstance,
1477  CK_SLOT_ID slotID
1478)
1479{
1480  CK_RV error = CKR_OK;
1481  CK_ULONG nSlots;
1482  NSSCKFWSlot **slots;
1483  NSSCKFWSlot *fwSlot;
1484  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1485
1486  if (!fwInstance) {
1487    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1488    goto loser;
1489  }
1490
1491  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1492  if( (CK_ULONG)0 == nSlots ) {
1493    goto loser;
1494  }
1495
1496  if( (slotID < 1) || (slotID > nSlots) ) {
1497    error = CKR_SLOT_ID_INVALID;
1498    goto loser;
1499  }
1500
1501  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1502  if( (NSSCKFWSlot **)NULL == slots ) {
1503    goto loser;
1504  }
1505
1506  fwSlot = slots[ slotID-1 ];
1507
1508  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1509    error = CKR_TOKEN_NOT_PRESENT;
1510    goto loser;
1511  }
1512
1513  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1514  if (!fwToken) {
1515    goto loser;
1516  }
1517
1518  error = nssCKFWToken_CloseAllSessions(fwToken);
1519  if( CKR_OK != error ) {
1520    goto loser;
1521  }
1522
1523  return CKR_OK;
1524
1525 loser:
1526  switch( error ) {
1527  case CKR_DEVICE_REMOVED:
1528    /* (void)nssCKFWToken_Destroy(fwToken); */
1529    break;
1530  case CKR_CRYPTOKI_NOT_INITIALIZED:
1531  case CKR_DEVICE_ERROR:
1532  case CKR_DEVICE_MEMORY:
1533  case CKR_FUNCTION_FAILED:
1534  case CKR_GENERAL_ERROR:
1535  case CKR_HOST_MEMORY:
1536  case CKR_SLOT_ID_INVALID:
1537  case CKR_TOKEN_NOT_PRESENT:
1538    break;
1539  default:
1540  case CKR_OK:
1541    error = CKR_GENERAL_ERROR;
1542    break;
1543  }
1544
1545  return error;
1546}
1547
1548/*
1549 * NSSCKFWC_GetSessionInfo
1550 *
1551 */
1552NSS_IMPLEMENT CK_RV
1553NSSCKFWC_GetSessionInfo
1554(
1555  NSSCKFWInstance *fwInstance,
1556  CK_SESSION_HANDLE hSession,
1557  CK_SESSION_INFO_PTR pInfo
1558)
1559{
1560  CK_RV error = CKR_OK;
1561  NSSCKFWSession *fwSession;
1562  NSSCKFWSlot *fwSlot;
1563
1564  if (!fwInstance) {
1565    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1566    goto loser;
1567  }
1568
1569  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1570  if (!fwSession) {
1571    error = CKR_SESSION_HANDLE_INVALID;
1572    goto loser;
1573  }
1574
1575  if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1576    error = CKR_ARGUMENTS_BAD;
1577    goto loser;
1578  }
1579
1580  /*
1581   * A purify error here indicates caller error.
1582   */
1583  (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1584
1585  fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1586  if (!fwSlot) {
1587    error = CKR_GENERAL_ERROR;
1588    goto loser;
1589  }
1590
1591  pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1592  pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1593
1594  if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1595    pInfo->flags |= CKF_RW_SESSION;
1596  }
1597
1598  pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1599
1600  pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1601
1602  return CKR_OK;
1603
1604 loser:
1605  switch( error ) {
1606  case CKR_SESSION_CLOSED:
1607    /* destroy session? */
1608    break;
1609  case CKR_DEVICE_REMOVED:
1610    /* (void)nssCKFWToken_Destroy(fwToken); */
1611    break;
1612  case CKR_CRYPTOKI_NOT_INITIALIZED:
1613  case CKR_DEVICE_ERROR:
1614  case CKR_DEVICE_MEMORY:
1615  case CKR_FUNCTION_FAILED:
1616  case CKR_GENERAL_ERROR:
1617  case CKR_HOST_MEMORY:
1618  case CKR_SESSION_HANDLE_INVALID:
1619    break;
1620  default:
1621  case CKR_OK:
1622    error = CKR_GENERAL_ERROR;
1623    break;
1624  }
1625
1626  return error;
1627}
1628
1629/*
1630 * NSSCKFWC_GetOperationState
1631 *
1632 */
1633NSS_IMPLEMENT CK_RV
1634NSSCKFWC_GetOperationState
1635(
1636  NSSCKFWInstance *fwInstance,
1637  CK_SESSION_HANDLE hSession,
1638  CK_BYTE_PTR pOperationState,
1639  CK_ULONG_PTR pulOperationStateLen
1640)
1641{
1642  CK_RV error = CKR_OK;
1643  NSSCKFWSession *fwSession;
1644  CK_ULONG len;
1645  NSSItem buf;
1646
1647  if (!fwInstance) {
1648    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1649    goto loser;
1650  }
1651
1652  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1653  if (!fwSession) {
1654    error = CKR_SESSION_HANDLE_INVALID;
1655    goto loser;
1656  }
1657
1658  if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1659    error = CKR_ARGUMENTS_BAD;
1660    goto loser;
1661  }
1662
1663  len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1664  if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1665    goto loser;
1666  }
1667
1668  if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1669    *pulOperationStateLen = len;
1670    return CKR_OK;
1671  }
1672
1673  if( *pulOperationStateLen < len ) {
1674    *pulOperationStateLen = len;
1675    error = CKR_BUFFER_TOO_SMALL;
1676    goto loser;
1677  }
1678
1679  buf.size = (PRUint32)*pulOperationStateLen;
1680  buf.data = (void *)pOperationState;
1681  *pulOperationStateLen = len;
1682  error = nssCKFWSession_GetOperationState(fwSession, &buf);
1683
1684  if( CKR_OK != error ) {
1685    goto loser;
1686  }
1687
1688  return CKR_OK;
1689
1690 loser:
1691  switch( error ) {
1692  case CKR_SESSION_CLOSED:
1693    /* destroy session? */
1694    break;
1695  case CKR_DEVICE_REMOVED:
1696    /* (void)nssCKFWToken_Destroy(fwToken); */
1697    break;
1698  case CKR_BUFFER_TOO_SMALL:
1699  case CKR_CRYPTOKI_NOT_INITIALIZED:
1700  case CKR_DEVICE_ERROR:
1701  case CKR_DEVICE_MEMORY:
1702  case CKR_FUNCTION_FAILED:
1703  case CKR_GENERAL_ERROR:
1704  case CKR_HOST_MEMORY:
1705  case CKR_OPERATION_NOT_INITIALIZED:
1706  case CKR_SESSION_HANDLE_INVALID:
1707  case CKR_STATE_UNSAVEABLE:
1708    break;
1709  default:
1710  case CKR_OK:
1711    error = CKR_GENERAL_ERROR;
1712    break;
1713  }
1714
1715  return error;
1716}
1717
1718/*
1719 * NSSCKFWC_SetOperationState
1720 *
1721 */
1722NSS_IMPLEMENT CK_RV
1723NSSCKFWC_SetOperationState
1724(
1725  NSSCKFWInstance *fwInstance,
1726  CK_SESSION_HANDLE hSession,
1727  CK_BYTE_PTR pOperationState,
1728  CK_ULONG ulOperationStateLen,
1729  CK_OBJECT_HANDLE hEncryptionKey,
1730  CK_OBJECT_HANDLE hAuthenticationKey
1731)
1732{
1733  CK_RV error = CKR_OK;
1734  NSSCKFWSession *fwSession;
1735  NSSCKFWObject *eKey;
1736  NSSCKFWObject *aKey;
1737  NSSItem state;
1738
1739  if (!fwInstance) {
1740    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1741    goto loser;
1742  }
1743  
1744  if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1745    error = CKR_ARGUMENTS_BAD;
1746    goto loser;
1747  }
1748
1749  /* 
1750   * We could loop through the buffer, to catch any purify errors
1751   * in a place with a "user error" note.
1752   */
1753
1754  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1755  if (!fwSession) {
1756    error = CKR_SESSION_HANDLE_INVALID;
1757    goto loser;
1758  }
1759
1760  if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1761    eKey = (NSSCKFWObject *)NULL;
1762  } else {
1763    eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1764    if (!eKey) {
1765      error = CKR_KEY_HANDLE_INVALID;
1766      goto loser;
1767    }
1768  }
1769
1770  if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1771    aKey = (NSSCKFWObject *)NULL;
1772  } else {
1773    aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1774    if (!aKey) {
1775      error = CKR_KEY_HANDLE_INVALID;
1776      goto loser;
1777    }
1778  }
1779
1780  state.data = pOperationState;
1781  state.size = ulOperationStateLen;
1782
1783  error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1784  if( CKR_OK != error ) {
1785    goto loser;
1786  }
1787
1788  return CKR_OK;
1789
1790 loser:
1791  switch( error ) {
1792  case CKR_SESSION_CLOSED:
1793    /* destroy session? */
1794    break;
1795  case CKR_DEVICE_REMOVED:
1796    /* (void)nssCKFWToken_Destroy(fwToken); */
1797    break;
1798  case CKR_CRYPTOKI_NOT_INITIALIZED:
1799  case CKR_DEVICE_ERROR:
1800  case CKR_DEVICE_MEMORY:
1801  case CKR_FUNCTION_FAILED:
1802  case CKR_GENERAL_ERROR:
1803  case CKR_HOST_MEMORY:
1804  case CKR_KEY_CHANGED:
1805  case CKR_KEY_NEEDED:
1806  case CKR_KEY_NOT_NEEDED:
1807  case CKR_SAVED_STATE_INVALID:
1808  case CKR_SESSION_HANDLE_INVALID:
1809    break;
1810  default:
1811  case CKR_OK:
1812    error = CKR_GENERAL_ERROR;
1813    break;
1814  }
1815
1816  return error;
1817}
1818
1819/*
1820 * NSSCKFWC_Login
1821 *
1822 */
1823NSS_IMPLEMENT CK_RV
1824NSSCKFWC_Login
1825(
1826  NSSCKFWInstance *fwInstance,
1827  CK_SESSION_HANDLE hSession,
1828  CK_USER_TYPE userType,
1829  CK_CHAR_PTR pPin,
1830  CK_ULONG ulPinLen
1831)
1832{
1833  CK_RV error = CKR_OK;
1834  NSSCKFWSession *fwSession;
1835  NSSItem pin, *arg;
1836
1837  if (!fwInstance) {
1838    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1839    goto loser;
1840  }
1841  
1842  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1843  if (!fwSession) {
1844    error = CKR_SESSION_HANDLE_INVALID;
1845    goto loser;
1846  }
1847
1848  if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1849    arg = (NSSItem *)NULL;
1850  } else {
1851    arg = &pin;
1852    pin.size = (PRUint32)ulPinLen;
1853    pin.data = (void *)pPin;
1854  }
1855
1856  error = nssCKFWSession_Login(fwSession, userType, arg);
1857  if( CKR_OK != error ) {
1858    goto loser;
1859  }
1860
1861  return CKR_OK;
1862
1863 loser:
1864  switch( error ) {
1865  case CKR_SESSION_CLOSED:
1866    /* destroy session? */
1867    break;
1868  case CKR_DEVICE_REMOVED:
1869    /* (void)nssCKFWToken_Destroy(fwToken); */
1870    break;
1871  case CKR_CRYPTOKI_NOT_INITIALIZED:
1872  case CKR_DEVICE_ERROR:
1873  case CKR_DEVICE_MEMORY:
1874  case CKR_FUNCTION_FAILED:
1875  case CKR_GENERAL_ERROR:
1876  case CKR_HOST_MEMORY:
1877  case CKR_PIN_EXPIRED:
1878  case CKR_PIN_INCORRECT:
1879  case CKR_PIN_LOCKED:
1880  case CKR_SESSION_HANDLE_INVALID:
1881  case CKR_SESSION_READ_ONLY_EXISTS:
1882  case CKR_USER_ALREADY_LOGGED_IN:
1883  case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1884  case CKR_USER_PIN_NOT_INITIALIZED:
1885  case CKR_USER_TOO_MANY_TYPES:
1886  case CKR_USER_TYPE_INVALID:
1887    break;
1888  default:
1889  case CKR_OK:
1890    error = CKR_GENERAL_ERROR;
1891    break;
1892  }
1893
1894  return error;
1895}
1896
1897/*
1898 * NSSCKFWC_Logout
1899 *
1900 */
1901NSS_IMPLEMENT CK_RV
1902NSSCKFWC_Logout
1903(
1904  NSSCKFWInstance *fwInstance,
1905  CK_SESSION_HANDLE hSession
1906)
1907{
1908  CK_RV error = CKR_OK;
1909  NSSCKFWSession *fwSession;
1910
1911  if (!fwInstance) {
1912    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1913    goto loser;
1914  }
1915  
1916  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1917  if (!fwSession) {
1918    error = CKR_SESSION_HANDLE_INVALID;
1919    goto loser;
1920  }
1921
1922  error = nssCKFWSession_Logout(fwSession);
1923  if( CKR_OK != error ) {
1924    goto loser;
1925  }
1926
1927  return CKR_OK;
1928
1929 loser:
1930  switch( error ) {
1931  case CKR_SESSION_CLOSED:
1932    /* destroy session? */
1933    break;
1934  case CKR_DEVICE_REMOVED:
1935    /* (void)nssCKFWToken_Destroy(fwToken); */
1936    break;
1937  case CKR_CRYPTOKI_NOT_INITIALIZED:
1938  case CKR_DEVICE_ERROR:
1939  case CKR_DEVICE_MEMORY:
1940  case CKR_FUNCTION_FAILED:
1941  case CKR_GENERAL_ERROR:
1942  case CKR_HOST_MEMORY:
1943  case CKR_SESSION_HANDLE_INVALID:
1944  case CKR_USER_NOT_LOGGED_IN:
1945    break;
1946  default:
1947  case CKR_OK:
1948    error = CKR_GENERAL_ERROR;
1949    break;
1950  }
1951
1952  return error;
1953}
1954
1955/*
1956 * NSSCKFWC_CreateObject
1957 *
1958 */
1959NSS_IMPLEMENT CK_RV
1960NSSCKFWC_CreateObject
1961(
1962  NSSCKFWInstance *fwInstance,
1963  CK_SESSION_HANDLE hSession,
1964  CK_ATTRIBUTE_PTR pTemplate,
1965  CK_ULONG ulCount,
1966  CK_OBJECT_HANDLE_PTR phObject
1967)
1968{
1969  CK_RV error = CKR_OK;
1970  NSSCKFWSession *fwSession;
1971  NSSCKFWObject *fwObject;
1972
1973  if (!fwInstance) {
1974    error = CKR_CRYPTOKI_NOT_INITIALIZED;
1975    goto loser;
1976  }
1977  
1978  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1979  if (!fwSession) {
1980    error = CKR_SESSION_HANDLE_INVALID;
1981    goto loser;
1982  }
1983
1984  if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1985    error = CKR_ARGUMENTS_BAD;
1986    goto loser;
1987  }
1988
1989  /*
1990   * A purify error here indicates caller error.
1991   */
1992  *phObject = (CK_OBJECT_HANDLE)0;
1993
1994  fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
1995               ulCount, &error);
1996  if (!fwObject) {
1997    goto loser;
1998  }
1999
2000  *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
2001  if( (CK_OBJECT_HANDLE)0 == *phObject ) {
2002    nssCKFWObject_Destroy(fwObject);
2003    goto loser;
2004  }
2005
2006  return CKR_OK;
2007
2008 loser:
2009  switch( error ) {
2010  case CKR_SESSION_CLOSED:
2011    /* destroy session? */
2012    break;
2013  case CKR_DEVICE_REMOVED:
2014    /* (void)nssCKFWToken_Destroy(fwToken); */
2015    break;
2016  case CKR_ATTRIBUTE_READ_ONLY:
2017  case CKR_ATTRIBUTE_TYPE_INVALID:
2018  case CKR_ATTRIBUTE_VALUE_INVALID:
2019  case CKR_CRYPTOKI_NOT_INITIALIZED:
2020  case CKR_DEVICE_ERROR:
2021  case CKR_DEVICE_MEMORY:
2022  case CKR_FUNCTION_FAILED:
2023  case CKR_GENERAL_ERROR:
2024  case CKR_HOST_MEMORY:
2025  case CKR_SESSION_HANDLE_INVALID:
2026  case CKR_SESSION_READ_ONLY:
2027  case CKR_TEMPLATE_INCOMPLETE:
2028  case CKR_TEMPLATE_INCONSISTENT:
2029  case CKR_TOKEN_WRITE_PROTECTED:
2030  case CKR_USER_NOT_LOGGED_IN:
2031    break;
2032  default:
2033  case CKR_OK:
2034    error = CKR_GENERAL_ERROR;
2035    break;
2036  }
2037
2038  return error;
2039}
2040
2041/*
2042 * NSSCKFWC_CopyObject
2043 *
2044 */
2045NSS_IMPLEMENT CK_RV
2046NSSCKFWC_CopyObject
2047(
2048  NSSCKFWInstance *fwInstance,
2049  CK_SESSION_HANDLE hSession,
2050  CK_OBJECT_HANDLE hObject,
2051  CK_ATTRIBUTE_PTR pTemplate,
2052  CK_ULONG ulCount,
2053  CK_OBJECT_HANDLE_PTR phNewObject
2054)
2055{
2056  CK_RV error = CKR_OK;
2057  NSSCKFWSession *fwSession;
2058  NSSCKFWObject *fwObject;
2059  NSSCKFWObject *fwNewObject;
2060
2061  if (!fwInstance) {
2062    error = CKR_CRYPTOKI_NOT_INITIALIZED;
2063    goto loser;
2064  }
2065  
2066  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2067  if (!fwSession) {
2068    error = CKR_SESSION_HANDLE_INVALID;
2069    goto loser;
2070  }
2071
2072  if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
2073    error = CKR_ARGUMENTS_BAD;
2074    goto loser;
2075  }
2076
2077  /*
2078   * A purify error here indicates caller error.
2079   */
2080  *phNewObject = (CK_OBJECT_HANDLE)0;
2081
2082  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2083  if (!fwObject) {
2084    error = CKR_OBJECT_HANDLE_INVALID;
2085    goto loser;
2086  }
2087
2088  fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
2089                  pTemplate, ulCount, &error);
2090  if (!fwNewObject) {
2091    goto loser;
2092  }
2093
2094  *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance, 
2095                   fwNewObject, &error);
2096  if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
2097    nssCKFWObject_Destroy(fwNewObject);
2098    goto loser;
2099  }
2100
2101  return CKR_OK;
2102
2103 loser:
2104  switch( error ) {
2105  case CKR_SESSION_CLOSED:
2106    /* destroy session? */
2107    break;
2108  case CKR_DEVICE_REMOVED:
2109    /* (void)nssCKFWToken_Destroy(fwToken); */
2110    break;
2111  case CKR_ATTRIBUTE_READ_ONLY:
2112  case CKR_ATTRIBUTE_TYPE_INVALID:
2113  case CKR_ATTRIBUTE_VALUE_INVALID:
2114  case CKR_CRYPTOKI_NOT_INITIALIZED:
2115  case CKR_DEVICE_ERROR:
2116  case CKR_DEVICE_MEMORY:
2117  case CKR_FUNCTION_FAILED:
2118  case CKR_GENERAL_ERROR:
2119  case CKR_HOST_MEMORY:
2120  case CKR_OBJECT_HANDLE_INVALID:
2121  case CKR_SESSION_HANDLE_INVALID:
2122  case CKR_SESSION_READ_ONLY:
2123  case CKR_TEMPLATE_INCONSISTENT:
2124  case CKR_TOKEN_WRITE_PROTECTED:
2125  case CKR_USER_NOT_LOGGED_IN:
2126    break;
2127  default:
2128  case CKR_OK:
2129    error = CKR_GENERAL_ERROR;
2130    break;
2131  }
2132
2133  return error;
2134}
2135
2136/*
2137 * NSSCKFWC_DestroyObject
2138 *
2139 */
2140NSS_IMPLEMENT CK_RV
2141NSSCKFWC_DestroyObject
2142(
2143  NSSCKFWInstance *fwInstance,
2144  CK_SESSION_HANDLE hSession,
2145  CK_OBJECT_HANDLE hObject
2146)
2147{
2148  CK_RV error = CKR_OK;
2149  NSSCKFWSession *fwSession;
2150  NSSCKFWObject *fwObject;
2151
2152  if (!fwInstance) {
2153    error = CKR_CRYPTOKI_NOT_INITIALIZED;
2154    goto loser;
2155  }
2156  
2157  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2158  if (!fwSession) {
2159    error = CKR_SESSION_HANDLE_INVALID;
2160    goto loser;
2161  }
2162
2163  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2164  if (!fwObject) {
2165    error = CKR_OBJECT_HANDLE_INVALID;
2166    goto loser;
2167  }
2168
2169  nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
2170  nssCKFWObject_Destroy(fwObject);
2171
2172  return CKR_OK;
2173
2174 loser:
2175  switch( error ) {
2176  case CKR_SESSION_CLOSED:
2177    /* destroy session? */
2178    break;
2179  case CKR_DEVICE_REMOVED:
2180    /* (void)nssCKFWToken_Destroy(fwToken); */
2181    break;
2182  case CKR_CRYPTOKI_NOT_INITIALIZED:
2183  case CKR_DEVICE_ERROR:
2184  case CKR_DEVICE_MEMORY:
2185  case CKR_FUNCTION_FAILED:
2186  case CKR_GENERAL_ERROR:
2187  case CKR_HOST_MEMORY:
2188  case CKR_OBJECT_HANDLE_INVALID:
2189  case CKR_SESSION_HANDLE_INVALID:
2190  case CKR_SESSION_READ_ONLY:
2191  case CKR_TOKEN_WRITE_PROTECTED:
2192    break;
2193  default:
2194  case CKR_OK:
2195    error = CKR_GENERAL_ERROR;
2196    break;
2197  }
2198
2199  return error;
2200}
2201
2202/*
2203 * NSSCKFWC_GetObjectSize
2204 *
2205 */
2206NSS_IMPLEMENT CK_RV
2207NSSCKFWC_GetObjectSize
2208(
2209  NSSCKFWInstance *fwInstance,
2210  CK_SESSION_HANDLE hSession,
2211  CK_OBJECT_HANDLE hObject,
2212  CK_ULONG_PTR pulSize
2213)
2214{
2215  CK_RV error = CKR_OK;
2216  NSSCKFWSession *fwSession;
2217  NSSCKFWObject *fwObject;
2218
2219  if (!fwInstance) {
2220    error = CKR_CRYPTOKI_NOT_INITIALIZED;
2221    goto loser;
2222  }
2223  
2224  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2225  if (!fwSession) {
2226    error = CKR_SESSION_HANDLE_INVALID;
2227    goto loser;
2228  }
2229
2230  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2231  if (!fwObject) {
2232    error = CKR_OBJECT_HANDLE_INVALID;
2233    goto loser;
2234  }
2235
2236  if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
2237    error = CKR_ARGUMENTS_BAD;
2238    goto loser;
2239  }
2240
2241  /*
2242   * A purify error here indicates caller error.
2243   */
2244  *pulSize = (CK_ULONG)0;
2245
2246  *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
2247  if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
2248    goto loser;
2249  }
2250
2251  return CKR_OK;
2252
2253 loser:
2254  switch( error ) {
2255  case CKR_SESSION_CLOSED:
2256    /* destroy session? */
2257    break;
2258  case CKR_DEVICE_REMOVED:
2259    /* (void)nssCKFWToken_Destroy(fwToken); */
2260    break;
2261  case CKR_CRYPTOKI_NOT_INITIALIZED:
2262  case CKR_DEVICE_ERROR:
2263  case CKR_DEVICE_MEMORY:
2264  case CKR_FUNCTION_FAILED:
2265  case CKR_GENERAL_ERROR:
2266  case CKR_HOST_MEMORY:
2267  case CKR_INFORMATION_SENSITIVE:
2268  case CKR_OBJECT_HANDLE_INVALID:
2269  case CKR_SESSION_HANDLE_INVALID:
2270    break;
2271  default:
2272  case CKR_OK:
2273    error = CKR_GENERAL_ERROR;
2274    break;
2275  }
2276
2277  return error;
2278}
2279
2280/*
2281 * NSSCKFWC_GetAttributeValue
2282 *
2283 */
2284NSS_IMPLEMENT CK_RV
2285NSSCKFWC_GetAttributeValue
2286(
2287  NSSCKFWInstance *fwInstance,
2288  CK_SESSION_HANDLE hSession,
2289  CK_OBJECT_HANDLE hObject,
2290  CK_ATTRIBUTE_PTR pTemplate,
2291  CK_ULONG ulCount
2292)
2293{
2294  CK_RV error = CKR_OK;
2295  NSSCKFWSession *fwSession;
2296  NSSCKFWObject *fwObject;
2297  CK_BBOOL sensitive = CK_FALSE;
2298  CK_BBOOL invalid = CK_FALSE;
2299  CK_BBOOL tooSmall = CK_FALSE;
2300  CK_ULONG i;
2301
2302  if (!fwInstance) {
2303    error = CKR_CRYPTOKI_NOT_INITIALIZED;
2304    goto loser;
2305  }
2306  
2307  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2308  if (!fwSession) {
2309    error = CKR_SESSION_HANDLE_INVALID;
2310    goto loser;
2311  }
2312
2313  fwObject = nssCKFWInstance_ResolveObjectHand

Large files files are truncated, but you can click here to view the full file