/security/nss/lib/ckfw/wrap.c
C | 5708 lines | 4510 code | 658 blank | 540 comment | 572 complexity | 09aec1885d373ac5355d1d8903bec7ae MD5 | raw file
Large files files are truncated, but you can click here to view the full file
1/* ***** BEGIN LICENSE BLOCK ***** 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 3 * 4 * The contents of this file are subject to the Mozilla Public License Version 5 * 1.1 (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * http://www.mozilla.org/MPL/ 8 * 9 * Software distributed under the License is distributed on an "AS IS" basis, 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 11 * for the specific language governing rights and limitations under the 12 * License. 13 * 14 * The Original Code is the Netscape security libraries. 15 * 16 * The Initial Developer of the Original Code is 17 * Netscape Communications Corporation. 18 * Portions created by the Initial Developer are Copyright (C) 1994-2000 19 * the Initial Developer. All Rights Reserved. 20 * 21 * Contributor(s): 22 * 23 * Alternatively, the contents of this file may be used under the terms of 24 * either the GNU General Public License Version 2 or later (the "GPL"), or 25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 26 * in which case the provisions of the GPL or the LGPL are applicable instead 27 * of those above. If you wish to allow use of your version of this file only 28 * under the terms of either the GPL or the LGPL, and not to allow others to 29 * use your version of this file under the terms of the MPL, indicate your 30 * decision by deleting the provisions above and replace them with the notice 31 * and other provisions required by the GPL or the LGPL. If you do not delete 32 * the provisions above, a recipient may use your version of this file under 33 * the terms of any one of the MPL, the GPL or the LGPL. 34 * 35 * ***** END LICENSE BLOCK ***** */ 36 37#ifdef DEBUG 38static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.20 $ $Date: 2010/04/03 18:27:29 $"; 39#endif /* DEBUG */ 40 41/* 42 * wrap.c 43 * 44 * This file contains the routines that actually implement the cryptoki 45 * API, using the internal APIs of the NSS Cryptoki Framework. There is 46 * one routine here for every cryptoki routine. For linking reasons 47 * the actual entry points passed back with C_GetFunctionList have to 48 * exist in one of the Module's source files; however, those are merely 49 * simple wrappers that call these routines. The intelligence of the 50 * implementations is here. 51 */ 52 53#ifndef CK_T 54#include "ck.h" 55#endif /* CK_T */ 56 57/* 58 * NSSCKFWC_Initialize 59 * NSSCKFWC_Finalize 60 * NSSCKFWC_GetInfo 61 * -- NSSCKFWC_GetFunctionList -- see the API insert file 62 * NSSCKFWC_GetSlotList 63 * NSSCKFWC_GetSlotInfo 64 * NSSCKFWC_GetTokenInfo 65 * NSSCKFWC_WaitForSlotEvent 66 * NSSCKFWC_GetMechanismList 67 * NSSCKFWC_GetMechanismInfo 68 * NSSCKFWC_InitToken 69 * NSSCKFWC_InitPIN 70 * NSSCKFWC_SetPIN 71 * NSSCKFWC_OpenSession 72 * NSSCKFWC_CloseSession 73 * NSSCKFWC_CloseAllSessions 74 * NSSCKFWC_GetSessionInfo 75 * NSSCKFWC_GetOperationState 76 * NSSCKFWC_SetOperationState 77 * NSSCKFWC_Login 78 * NSSCKFWC_Logout 79 * NSSCKFWC_CreateObject 80 * NSSCKFWC_CopyObject 81 * NSSCKFWC_DestroyObject 82 * NSSCKFWC_GetObjectSize 83 * NSSCKFWC_GetAttributeValue 84 * NSSCKFWC_SetAttributeValue 85 * NSSCKFWC_FindObjectsInit 86 * NSSCKFWC_FindObjects 87 * NSSCKFWC_FindObjectsFinal 88 * NSSCKFWC_EncryptInit 89 * NSSCKFWC_Encrypt 90 * NSSCKFWC_EncryptUpdate 91 * NSSCKFWC_EncryptFinal 92 * NSSCKFWC_DecryptInit 93 * NSSCKFWC_Decrypt 94 * NSSCKFWC_DecryptUpdate 95 * NSSCKFWC_DecryptFinal 96 * NSSCKFWC_DigestInit 97 * NSSCKFWC_Digest 98 * NSSCKFWC_DigestUpdate 99 * NSSCKFWC_DigestKey 100 * NSSCKFWC_DigestFinal 101 * NSSCKFWC_SignInit 102 * NSSCKFWC_Sign 103 * NSSCKFWC_SignUpdate 104 * NSSCKFWC_SignFinal 105 * NSSCKFWC_SignRecoverInit 106 * NSSCKFWC_SignRecover 107 * NSSCKFWC_VerifyInit 108 * NSSCKFWC_Verify 109 * NSSCKFWC_VerifyUpdate 110 * NSSCKFWC_VerifyFinal 111 * NSSCKFWC_VerifyRecoverInit 112 * NSSCKFWC_VerifyRecover 113 * NSSCKFWC_DigestEncryptUpdate 114 * NSSCKFWC_DecryptDigestUpdate 115 * NSSCKFWC_SignEncryptUpdate 116 * NSSCKFWC_DecryptVerifyUpdate 117 * NSSCKFWC_GenerateKey 118 * NSSCKFWC_GenerateKeyPair 119 * NSSCKFWC_WrapKey 120 * NSSCKFWC_UnwrapKey 121 * NSSCKFWC_DeriveKey 122 * NSSCKFWC_SeedRandom 123 * NSSCKFWC_GenerateRandom 124 * NSSCKFWC_GetFunctionStatus 125 * NSSCKFWC_CancelFunction 126 */ 127 128/* figure out out locking semantics */ 129static CK_RV 130nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs, 131 CryptokiLockingState *pLocking_state) { 132 int functionCount = 0; 133 134 /* parsed according to (PKCS #11 Section 11.4) */ 135 /* no args, the degenerate version of case 1 */ 136 if (!pInitArgs) { 137 *pLocking_state = SingleThreaded; 138 return CKR_OK; 139 } 140 141 /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */ 142 if (pInitArgs->flags & CKF_OS_LOCKING_OK) { 143 *pLocking_state = MultiThreaded; 144 return CKR_OK; 145 } 146 if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++; 147 if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++; 148 if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++; 149 if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++; 150 151 /* CKF_OS_LOCKING_OK is not set, and not functions supplied, 152 * explicit case 1 */ 153 if (0 == functionCount) { 154 *pLocking_state = SingleThreaded; 155 return CKR_OK; 156 } 157 158 /* OS_LOCKING_OK is not set and functions have been supplied. Since 159 * ckfw uses nssbase library which explicitly calls NSPR, and since 160 * there is no way to reliably override these explicit calls to NSPR, 161 * therefore we can't support applications which have their own threading 162 * module. Return CKR_CANT_LOCK if they supplied the correct number of 163 * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will 164 * fail the initialize */ 165 return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD; 166} 167 168static PRInt32 liveInstances; 169 170/* 171 * NSSCKFWC_Initialize 172 * 173 */ 174NSS_IMPLEMENT CK_RV 175NSSCKFWC_Initialize 176( 177 NSSCKFWInstance **pFwInstance, 178 NSSCKMDInstance *mdInstance, 179 CK_VOID_PTR pInitArgs 180) 181{ 182 CK_RV error = CKR_OK; 183 CryptokiLockingState locking_state; 184 185 if( (NSSCKFWInstance **)NULL == pFwInstance ) { 186 error = CKR_GENERAL_ERROR; 187 goto loser; 188 } 189 190 if (*pFwInstance) { 191 error = CKR_CRYPTOKI_ALREADY_INITIALIZED; 192 goto loser; 193 } 194 195 if (!mdInstance) { 196 error = CKR_GENERAL_ERROR; 197 goto loser; 198 } 199 200 error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state); 201 if( CKR_OK != error ) { 202 goto loser; 203 } 204 205 *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error); 206 if (!*pFwInstance) { 207 goto loser; 208 } 209 PR_ATOMIC_INCREMENT(&liveInstances); 210 return CKR_OK; 211 212 loser: 213 switch( error ) { 214 case CKR_ARGUMENTS_BAD: 215 case CKR_CANT_LOCK: 216 case CKR_CRYPTOKI_ALREADY_INITIALIZED: 217 case CKR_FUNCTION_FAILED: 218 case CKR_GENERAL_ERROR: 219 case CKR_HOST_MEMORY: 220 case CKR_NEED_TO_CREATE_THREADS: 221 break; 222 default: 223 case CKR_OK: 224 error = CKR_GENERAL_ERROR; 225 break; 226 } 227 228 return error; 229} 230 231/* 232 * NSSCKFWC_Finalize 233 * 234 */ 235NSS_IMPLEMENT CK_RV 236NSSCKFWC_Finalize 237( 238 NSSCKFWInstance **pFwInstance 239) 240{ 241 CK_RV error = CKR_OK; 242 243 if( (NSSCKFWInstance **)NULL == pFwInstance ) { 244 error = CKR_GENERAL_ERROR; 245 goto loser; 246 } 247 248 if (!*pFwInstance) { 249 error = CKR_CRYPTOKI_NOT_INITIALIZED; 250 goto loser; 251 } 252 253 error = nssCKFWInstance_Destroy(*pFwInstance); 254 255 /* In any case */ 256 *pFwInstance = (NSSCKFWInstance *)NULL; 257 258 loser: 259 switch( error ) { 260 PRInt32 remainingInstances; 261 case CKR_OK: 262 remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances); 263 if (!remainingInstances) { 264 nssArena_Shutdown(); 265 } 266 break; 267 case CKR_CRYPTOKI_NOT_INITIALIZED: 268 case CKR_FUNCTION_FAILED: 269 case CKR_GENERAL_ERROR: 270 case CKR_HOST_MEMORY: 271 break; 272 default: 273 error = CKR_GENERAL_ERROR; 274 break; 275 } 276 277 /* 278 * A thread's error stack is automatically destroyed when the thread 279 * terminates or, for the primordial thread, by PR_Cleanup. On 280 * Windows with MinGW, the thread private data destructor PR_Free 281 * registered by this module is actually a thunk for PR_Free defined 282 * in this module. When the thread that unloads this module terminates 283 * or calls PR_Cleanup, the thunk for PR_Free is already gone with the 284 * module. Therefore we need to destroy the error stack before the 285 * module is unloaded. 286 */ 287 nss_DestroyErrorStack(); 288 return error; 289} 290 291/* 292 * NSSCKFWC_GetInfo 293 * 294 */ 295NSS_IMPLEMENT CK_RV 296NSSCKFWC_GetInfo 297( 298 NSSCKFWInstance *fwInstance, 299 CK_INFO_PTR pInfo 300) 301{ 302 CK_RV error = CKR_OK; 303 304 if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) { 305 error = CKR_ARGUMENTS_BAD; 306 goto loser; 307 } 308 309 /* 310 * A purify error here means a caller error 311 */ 312 (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO)); 313 314 pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance); 315 316 error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID); 317 if( CKR_OK != error ) { 318 goto loser; 319 } 320 321 pInfo->flags = nssCKFWInstance_GetFlags(fwInstance); 322 323 error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription); 324 if( CKR_OK != error ) { 325 goto loser; 326 } 327 328 pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance); 329 330 return CKR_OK; 331 332 loser: 333 switch( error ) { 334 case CKR_CRYPTOKI_NOT_INITIALIZED: 335 case CKR_FUNCTION_FAILED: 336 case CKR_GENERAL_ERROR: 337 case CKR_HOST_MEMORY: 338 break; 339 default: 340 error = CKR_GENERAL_ERROR; 341 break; 342 } 343 344 return error; 345} 346 347/* 348 * C_GetFunctionList is implemented entirely in the Module's file which 349 * includes the Framework API insert file. It requires no "actual" 350 * NSSCKFW routine. 351 */ 352 353/* 354 * NSSCKFWC_GetSlotList 355 * 356 */ 357NSS_IMPLEMENT CK_RV 358NSSCKFWC_GetSlotList 359( 360 NSSCKFWInstance *fwInstance, 361 CK_BBOOL tokenPresent, 362 CK_SLOT_ID_PTR pSlotList, 363 CK_ULONG_PTR pulCount 364) 365{ 366 CK_RV error = CKR_OK; 367 CK_ULONG nSlots; 368 369 if (!fwInstance) { 370 error = CKR_CRYPTOKI_NOT_INITIALIZED; 371 goto loser; 372 } 373 374 switch( tokenPresent ) { 375 case CK_TRUE: 376 case CK_FALSE: 377 break; 378 default: 379 error = CKR_ARGUMENTS_BAD; 380 goto loser; 381 } 382 383 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) { 384 error = CKR_ARGUMENTS_BAD; 385 goto loser; 386 } 387 388 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 389 if( (CK_ULONG)0 == nSlots ) { 390 goto loser; 391 } 392 393 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) { 394 *pulCount = nSlots; 395 return CKR_OK; 396 } 397 398 /* 399 * A purify error here indicates caller error. 400 */ 401 (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID)); 402 403 if( *pulCount < nSlots ) { 404 *pulCount = nSlots; 405 error = CKR_BUFFER_TOO_SMALL; 406 goto loser; 407 } else { 408 CK_ULONG i; 409 *pulCount = nSlots; 410 411 /* 412 * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we 413 * just index one when we need it. 414 */ 415 416 for( i = 0; i < nSlots; i++ ) { 417 pSlotList[i] = i+1; 418 } 419 420 return CKR_OK; 421 } 422 423 loser: 424 switch( error ) { 425 case CKR_BUFFER_TOO_SMALL: 426 case CKR_CRYPTOKI_NOT_INITIALIZED: 427 case CKR_FUNCTION_FAILED: 428 case CKR_GENERAL_ERROR: 429 case CKR_HOST_MEMORY: 430 break; 431 default: 432 case CKR_OK: 433 error = CKR_GENERAL_ERROR; 434 break; 435 } 436 437 return error; 438} 439 440/* 441 * NSSCKFWC_GetSlotInfo 442 * 443 */ 444NSS_IMPLEMENT CK_RV 445NSSCKFWC_GetSlotInfo 446( 447 NSSCKFWInstance *fwInstance, 448 CK_SLOT_ID slotID, 449 CK_SLOT_INFO_PTR pInfo 450) 451{ 452 CK_RV error = CKR_OK; 453 CK_ULONG nSlots; 454 NSSCKFWSlot **slots; 455 NSSCKFWSlot *fwSlot; 456 457 if (!fwInstance) { 458 error = CKR_CRYPTOKI_NOT_INITIALIZED; 459 goto loser; 460 } 461 462 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 463 if( (CK_ULONG)0 == nSlots ) { 464 goto loser; 465 } 466 467 if( (slotID < 1) || (slotID > nSlots) ) { 468 error = CKR_SLOT_ID_INVALID; 469 goto loser; 470 } 471 472 if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) { 473 error = CKR_ARGUMENTS_BAD; 474 goto loser; 475 } 476 477 /* 478 * A purify error here indicates caller error. 479 */ 480 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO)); 481 482 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 483 if( (NSSCKFWSlot **)NULL == slots ) { 484 goto loser; 485 } 486 487 fwSlot = slots[ slotID-1 ]; 488 489 error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription); 490 if( CKR_OK != error ) { 491 goto loser; 492 } 493 494 error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID); 495 if( CKR_OK != error ) { 496 goto loser; 497 } 498 499 if( nssCKFWSlot_GetTokenPresent(fwSlot) ) { 500 pInfo->flags |= CKF_TOKEN_PRESENT; 501 } 502 503 if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) { 504 pInfo->flags |= CKF_REMOVABLE_DEVICE; 505 } 506 507 if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) { 508 pInfo->flags |= CKF_HW_SLOT; 509 } 510 511 pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot); 512 pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot); 513 514 return CKR_OK; 515 516 loser: 517 switch( error ) { 518 case CKR_CRYPTOKI_NOT_INITIALIZED: 519 case CKR_DEVICE_ERROR: 520 case CKR_FUNCTION_FAILED: 521 case CKR_GENERAL_ERROR: 522 case CKR_HOST_MEMORY: 523 case CKR_SLOT_ID_INVALID: 524 break; 525 default: 526 case CKR_OK: 527 error = CKR_GENERAL_ERROR; 528 } 529 530 return error; 531} 532 533/* 534 * NSSCKFWC_GetTokenInfo 535 * 536 */ 537NSS_IMPLEMENT CK_RV 538NSSCKFWC_GetTokenInfo 539( 540 NSSCKFWInstance *fwInstance, 541 CK_SLOT_ID slotID, 542 CK_TOKEN_INFO_PTR pInfo 543) 544{ 545 CK_RV error = CKR_OK; 546 CK_ULONG nSlots; 547 NSSCKFWSlot **slots; 548 NSSCKFWSlot *fwSlot; 549 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 550 551 if (!fwInstance) { 552 error = CKR_CRYPTOKI_NOT_INITIALIZED; 553 goto loser; 554 } 555 556 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 557 if( (CK_ULONG)0 == nSlots ) { 558 goto loser; 559 } 560 561 if( (slotID < 1) || (slotID > nSlots) ) { 562 error = CKR_SLOT_ID_INVALID; 563 goto loser; 564 } 565 566 if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) { 567 error = CKR_ARGUMENTS_BAD; 568 goto loser; 569 } 570 571 /* 572 * A purify error here indicates caller error. 573 */ 574 (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO)); 575 576 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 577 if( (NSSCKFWSlot **)NULL == slots ) { 578 goto loser; 579 } 580 581 fwSlot = slots[ slotID-1 ]; 582 583 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 584 error = CKR_TOKEN_NOT_PRESENT; 585 goto loser; 586 } 587 588 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 589 if (!fwToken) { 590 goto loser; 591 } 592 593 error = nssCKFWToken_GetLabel(fwToken, pInfo->label); 594 if( CKR_OK != error ) { 595 goto loser; 596 } 597 598 error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID); 599 if( CKR_OK != error ) { 600 goto loser; 601 } 602 603 error = nssCKFWToken_GetModel(fwToken, pInfo->model); 604 if( CKR_OK != error ) { 605 goto loser; 606 } 607 608 error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber); 609 if( CKR_OK != error ) { 610 goto loser; 611 } 612 613 if( nssCKFWToken_GetHasRNG(fwToken) ) { 614 pInfo->flags |= CKF_RNG; 615 } 616 617 if( nssCKFWToken_GetIsWriteProtected(fwToken) ) { 618 pInfo->flags |= CKF_WRITE_PROTECTED; 619 } 620 621 if( nssCKFWToken_GetLoginRequired(fwToken) ) { 622 pInfo->flags |= CKF_LOGIN_REQUIRED; 623 } 624 625 if( nssCKFWToken_GetUserPinInitialized(fwToken) ) { 626 pInfo->flags |= CKF_USER_PIN_INITIALIZED; 627 } 628 629 if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) { 630 pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED; 631 } 632 633 if( nssCKFWToken_GetHasClockOnToken(fwToken) ) { 634 pInfo->flags |= CKF_CLOCK_ON_TOKEN; 635 } 636 637 if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) { 638 pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH; 639 } 640 641 if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) { 642 pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS; 643 } 644 645 pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken); 646 pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken); 647 pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken); 648 pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken); 649 pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken); 650 pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken); 651 pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken); 652 pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken); 653 pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken); 654 pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken); 655 pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken); 656 pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken); 657 658 error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime); 659 if( CKR_OK != error ) { 660 goto loser; 661 } 662 663 return CKR_OK; 664 665 loser: 666 switch( error ) { 667 case CKR_DEVICE_REMOVED: 668 case CKR_TOKEN_NOT_PRESENT: 669 if (fwToken) 670 nssCKFWToken_Destroy(fwToken); 671 break; 672 case CKR_CRYPTOKI_NOT_INITIALIZED: 673 case CKR_DEVICE_ERROR: 674 case CKR_DEVICE_MEMORY: 675 case CKR_FUNCTION_FAILED: 676 case CKR_GENERAL_ERROR: 677 case CKR_HOST_MEMORY: 678 case CKR_SLOT_ID_INVALID: 679 case CKR_TOKEN_NOT_RECOGNIZED: 680 break; 681 default: 682 case CKR_OK: 683 error = CKR_GENERAL_ERROR; 684 break; 685 } 686 687 return error; 688} 689 690/* 691 * NSSCKFWC_WaitForSlotEvent 692 * 693 */ 694NSS_IMPLEMENT CK_RV 695NSSCKFWC_WaitForSlotEvent 696( 697 NSSCKFWInstance *fwInstance, 698 CK_FLAGS flags, 699 CK_SLOT_ID_PTR pSlot, 700 CK_VOID_PTR pReserved 701) 702{ 703 CK_RV error = CKR_OK; 704 CK_ULONG nSlots; 705 CK_BBOOL block; 706 NSSCKFWSlot **slots; 707 NSSCKFWSlot *fwSlot; 708 CK_ULONG i; 709 710 if (!fwInstance) { 711 error = CKR_CRYPTOKI_NOT_INITIALIZED; 712 goto loser; 713 } 714 715 if( flags & ~CKF_DONT_BLOCK ) { 716 error = CKR_ARGUMENTS_BAD; 717 goto loser; 718 } 719 720 block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE; 721 722 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 723 if( (CK_ULONG)0 == nSlots ) { 724 goto loser; 725 } 726 727 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) { 728 error = CKR_ARGUMENTS_BAD; 729 goto loser; 730 } 731 732 if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) { 733 error = CKR_ARGUMENTS_BAD; 734 goto loser; 735 } 736 737 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 738 if( (NSSCKFWSlot **)NULL == slots ) { 739 goto loser; 740 } 741 742 fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error); 743 if (!fwSlot) { 744 goto loser; 745 } 746 747 for( i = 0; i < nSlots; i++ ) { 748 if( fwSlot == slots[i] ) { 749 *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1); 750 return CKR_OK; 751 } 752 } 753 754 error = CKR_GENERAL_ERROR; /* returned something not in the slot list */ 755 756 loser: 757 switch( error ) { 758 case CKR_CRYPTOKI_NOT_INITIALIZED: 759 case CKR_FUNCTION_FAILED: 760 case CKR_GENERAL_ERROR: 761 case CKR_HOST_MEMORY: 762 case CKR_NO_EVENT: 763 break; 764 default: 765 case CKR_OK: 766 error = CKR_GENERAL_ERROR; 767 break; 768 } 769 770 return error; 771} 772 773/* 774 * NSSCKFWC_GetMechanismList 775 * 776 */ 777NSS_IMPLEMENT CK_RV 778NSSCKFWC_GetMechanismList 779( 780 NSSCKFWInstance *fwInstance, 781 CK_SLOT_ID slotID, 782 CK_MECHANISM_TYPE_PTR pMechanismList, 783 CK_ULONG_PTR pulCount 784) 785{ 786 CK_RV error = CKR_OK; 787 CK_ULONG nSlots; 788 NSSCKFWSlot **slots; 789 NSSCKFWSlot *fwSlot; 790 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 791 CK_ULONG count; 792 793 if (!fwInstance) { 794 error = CKR_CRYPTOKI_NOT_INITIALIZED; 795 goto loser; 796 } 797 798 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 799 if( (CK_ULONG)0 == nSlots ) { 800 goto loser; 801 } 802 803 if( (slotID < 1) || (slotID > nSlots) ) { 804 error = CKR_SLOT_ID_INVALID; 805 goto loser; 806 } 807 808 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) { 809 error = CKR_ARGUMENTS_BAD; 810 goto loser; 811 } 812 813 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 814 if( (NSSCKFWSlot **)NULL == slots ) { 815 goto loser; 816 } 817 818 fwSlot = slots[ slotID-1 ]; 819 820 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 821 error = CKR_TOKEN_NOT_PRESENT; 822 goto loser; 823 } 824 825 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 826 if (!fwToken) { 827 goto loser; 828 } 829 830 count = nssCKFWToken_GetMechanismCount(fwToken); 831 832 if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) { 833 *pulCount = count; 834 return CKR_OK; 835 } 836 837 if( *pulCount < count ) { 838 *pulCount = count; 839 error = CKR_BUFFER_TOO_SMALL; 840 goto loser; 841 } 842 843 /* 844 * A purify error here indicates caller error. 845 */ 846 (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE)); 847 848 *pulCount = count; 849 850 if( 0 != count ) { 851 error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList); 852 } else { 853 error = CKR_OK; 854 } 855 856 if( CKR_OK == error ) { 857 return CKR_OK; 858 } 859 860 loser: 861 switch( error ) { 862 case CKR_DEVICE_REMOVED: 863 case CKR_TOKEN_NOT_PRESENT: 864 if (fwToken) 865 nssCKFWToken_Destroy(fwToken); 866 break; 867 case CKR_ARGUMENTS_BAD: 868 case CKR_BUFFER_TOO_SMALL: 869 case CKR_CRYPTOKI_NOT_INITIALIZED: 870 case CKR_DEVICE_ERROR: 871 case CKR_DEVICE_MEMORY: 872 case CKR_FUNCTION_FAILED: 873 case CKR_GENERAL_ERROR: 874 case CKR_HOST_MEMORY: 875 case CKR_SLOT_ID_INVALID: 876 case CKR_TOKEN_NOT_RECOGNIZED: 877 break; 878 default: 879 case CKR_OK: 880 error = CKR_GENERAL_ERROR; 881 break; 882 } 883 884 return error; 885} 886 887/* 888 * NSSCKFWC_GetMechanismInfo 889 * 890 */ 891NSS_IMPLEMENT CK_RV 892NSSCKFWC_GetMechanismInfo 893( 894 NSSCKFWInstance *fwInstance, 895 CK_SLOT_ID slotID, 896 CK_MECHANISM_TYPE type, 897 CK_MECHANISM_INFO_PTR pInfo 898) 899{ 900 CK_RV error = CKR_OK; 901 CK_ULONG nSlots; 902 NSSCKFWSlot **slots; 903 NSSCKFWSlot *fwSlot; 904 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 905 NSSCKFWMechanism *fwMechanism; 906 907 if (!fwInstance) { 908 error = CKR_CRYPTOKI_NOT_INITIALIZED; 909 goto loser; 910 } 911 912 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 913 if( (CK_ULONG)0 == nSlots ) { 914 goto loser; 915 } 916 917 if( (slotID < 1) || (slotID > nSlots) ) { 918 error = CKR_SLOT_ID_INVALID; 919 goto loser; 920 } 921 922 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 923 if( (NSSCKFWSlot **)NULL == slots ) { 924 goto loser; 925 } 926 927 fwSlot = slots[ slotID-1 ]; 928 929 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 930 error = CKR_TOKEN_NOT_PRESENT; 931 goto loser; 932 } 933 934 if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) { 935 error = CKR_ARGUMENTS_BAD; 936 goto loser; 937 } 938 939 /* 940 * A purify error here indicates caller error. 941 */ 942 (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO)); 943 944 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 945 if (!fwToken) { 946 goto loser; 947 } 948 949 fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error); 950 if (!fwMechanism) { 951 goto loser; 952 } 953 954 pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error); 955 pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error); 956 957 if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) { 958 pInfo->flags |= CKF_HW; 959 } 960 if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) { 961 pInfo->flags |= CKF_ENCRYPT; 962 } 963 if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) { 964 pInfo->flags |= CKF_DECRYPT; 965 } 966 if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) { 967 pInfo->flags |= CKF_DIGEST; 968 } 969 if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) { 970 pInfo->flags |= CKF_SIGN; 971 } 972 if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) { 973 pInfo->flags |= CKF_SIGN_RECOVER; 974 } 975 if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) { 976 pInfo->flags |= CKF_VERIFY; 977 } 978 if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) { 979 pInfo->flags |= CKF_VERIFY_RECOVER; 980 } 981 if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) { 982 pInfo->flags |= CKF_GENERATE; 983 } 984 if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) { 985 pInfo->flags |= CKF_GENERATE_KEY_PAIR; 986 } 987 if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) { 988 pInfo->flags |= CKF_WRAP; 989 } 990 if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) { 991 pInfo->flags |= CKF_UNWRAP; 992 } 993 if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) { 994 pInfo->flags |= CKF_DERIVE; 995 } 996 nssCKFWMechanism_Destroy(fwMechanism); 997 998 return error; 999 1000 loser: 1001 switch( error ) { 1002 case CKR_DEVICE_REMOVED: 1003 case CKR_TOKEN_NOT_PRESENT: 1004 if (fwToken) 1005 nssCKFWToken_Destroy(fwToken); 1006 break; 1007 case CKR_ARGUMENTS_BAD: 1008 case CKR_CRYPTOKI_NOT_INITIALIZED: 1009 case CKR_DEVICE_ERROR: 1010 case CKR_DEVICE_MEMORY: 1011 case CKR_FUNCTION_FAILED: 1012 case CKR_GENERAL_ERROR: 1013 case CKR_HOST_MEMORY: 1014 case CKR_MECHANISM_INVALID: 1015 case CKR_SLOT_ID_INVALID: 1016 case CKR_TOKEN_NOT_RECOGNIZED: 1017 break; 1018 default: 1019 case CKR_OK: 1020 error = CKR_GENERAL_ERROR; 1021 break; 1022 } 1023 1024 return error; 1025} 1026 1027/* 1028 * NSSCKFWC_InitToken 1029 * 1030 */ 1031NSS_IMPLEMENT CK_RV 1032NSSCKFWC_InitToken 1033( 1034 NSSCKFWInstance *fwInstance, 1035 CK_SLOT_ID slotID, 1036 CK_CHAR_PTR pPin, 1037 CK_ULONG ulPinLen, 1038 CK_CHAR_PTR pLabel 1039) 1040{ 1041 CK_RV error = CKR_OK; 1042 CK_ULONG nSlots; 1043 NSSCKFWSlot **slots; 1044 NSSCKFWSlot *fwSlot; 1045 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 1046 NSSItem pin; 1047 NSSUTF8 *label; 1048 1049 if (!fwInstance) { 1050 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1051 goto loser; 1052 } 1053 1054 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 1055 if( (CK_ULONG)0 == nSlots ) { 1056 goto loser; 1057 } 1058 1059 if( (slotID < 1) || (slotID > nSlots) ) { 1060 error = CKR_SLOT_ID_INVALID; 1061 goto loser; 1062 } 1063 1064 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 1065 if( (NSSCKFWSlot **)NULL == slots ) { 1066 goto loser; 1067 } 1068 1069 fwSlot = slots[ slotID-1 ]; 1070 1071 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 1072 error = CKR_TOKEN_NOT_PRESENT; 1073 goto loser; 1074 } 1075 1076 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 1077 if (!fwToken) { 1078 goto loser; 1079 } 1080 1081 pin.size = (PRUint32)ulPinLen; 1082 pin.data = (void *)pPin; 1083 label = (NSSUTF8 *)pLabel; /* identity conversion */ 1084 1085 error = nssCKFWToken_InitToken(fwToken, &pin, label); 1086 if( CKR_OK != error ) { 1087 goto loser; 1088 } 1089 1090 return CKR_OK; 1091 1092 loser: 1093 switch( error ) { 1094 case CKR_DEVICE_REMOVED: 1095 case CKR_TOKEN_NOT_PRESENT: 1096 if (fwToken) 1097 nssCKFWToken_Destroy(fwToken); 1098 break; 1099 case CKR_ARGUMENTS_BAD: 1100 case CKR_CRYPTOKI_NOT_INITIALIZED: 1101 case CKR_DEVICE_ERROR: 1102 case CKR_DEVICE_MEMORY: 1103 case CKR_FUNCTION_FAILED: 1104 case CKR_GENERAL_ERROR: 1105 case CKR_HOST_MEMORY: 1106 case CKR_PIN_INCORRECT: 1107 case CKR_PIN_LOCKED: 1108 case CKR_SESSION_EXISTS: 1109 case CKR_SLOT_ID_INVALID: 1110 case CKR_TOKEN_NOT_RECOGNIZED: 1111 case CKR_TOKEN_WRITE_PROTECTED: 1112 break; 1113 default: 1114 case CKR_OK: 1115 error = CKR_GENERAL_ERROR; 1116 break; 1117 } 1118 1119 return error; 1120} 1121 1122/* 1123 * NSSCKFWC_InitPIN 1124 * 1125 */ 1126NSS_IMPLEMENT CK_RV 1127NSSCKFWC_InitPIN 1128( 1129 NSSCKFWInstance *fwInstance, 1130 CK_SESSION_HANDLE hSession, 1131 CK_CHAR_PTR pPin, 1132 CK_ULONG ulPinLen 1133) 1134{ 1135 CK_RV error = CKR_OK; 1136 NSSCKFWSession *fwSession; 1137 NSSItem pin, *arg; 1138 1139 if (!fwInstance) { 1140 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1141 goto loser; 1142 } 1143 1144 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1145 if (!fwSession) { 1146 error = CKR_SESSION_HANDLE_INVALID; 1147 goto loser; 1148 } 1149 1150 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) { 1151 arg = (NSSItem *)NULL; 1152 } else { 1153 arg = &pin; 1154 pin.size = (PRUint32)ulPinLen; 1155 pin.data = (void *)pPin; 1156 } 1157 1158 error = nssCKFWSession_InitPIN(fwSession, arg); 1159 if( CKR_OK != error ) { 1160 goto loser; 1161 } 1162 1163 return CKR_OK; 1164 1165 loser: 1166 switch( error ) { 1167 case CKR_SESSION_CLOSED: 1168 /* destroy session? */ 1169 break; 1170 case CKR_DEVICE_REMOVED: 1171 /* (void)nssCKFWToken_Destroy(fwToken); */ 1172 break; 1173 case CKR_ARGUMENTS_BAD: 1174 case CKR_CRYPTOKI_NOT_INITIALIZED: 1175 case CKR_DEVICE_ERROR: 1176 case CKR_DEVICE_MEMORY: 1177 case CKR_FUNCTION_FAILED: 1178 case CKR_GENERAL_ERROR: 1179 case CKR_HOST_MEMORY: 1180 case CKR_PIN_INVALID: 1181 case CKR_PIN_LEN_RANGE: 1182 case CKR_SESSION_READ_ONLY: 1183 case CKR_SESSION_HANDLE_INVALID: 1184 case CKR_TOKEN_WRITE_PROTECTED: 1185 case CKR_USER_NOT_LOGGED_IN: 1186 break; 1187 default: 1188 case CKR_OK: 1189 error = CKR_GENERAL_ERROR; 1190 break; 1191 } 1192 1193 return error; 1194} 1195 1196/* 1197 * NSSCKFWC_SetPIN 1198 * 1199 */ 1200NSS_IMPLEMENT CK_RV 1201NSSCKFWC_SetPIN 1202( 1203 NSSCKFWInstance *fwInstance, 1204 CK_SESSION_HANDLE hSession, 1205 CK_CHAR_PTR pOldPin, 1206 CK_ULONG ulOldLen, 1207 CK_CHAR_PTR pNewPin, 1208 CK_ULONG ulNewLen 1209) 1210{ 1211 CK_RV error = CKR_OK; 1212 NSSCKFWSession *fwSession; 1213 NSSItem oldPin, newPin, *oldArg, *newArg; 1214 1215 if (!fwInstance) { 1216 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1217 goto loser; 1218 } 1219 1220 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1221 if (!fwSession) { 1222 error = CKR_SESSION_HANDLE_INVALID; 1223 goto loser; 1224 } 1225 1226 if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) { 1227 oldArg = (NSSItem *)NULL; 1228 } else { 1229 oldArg = &oldPin; 1230 oldPin.size = (PRUint32)ulOldLen; 1231 oldPin.data = (void *)pOldPin; 1232 } 1233 1234 if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) { 1235 newArg = (NSSItem *)NULL; 1236 } else { 1237 newArg = &newPin; 1238 newPin.size = (PRUint32)ulNewLen; 1239 newPin.data = (void *)pNewPin; 1240 } 1241 1242 error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg); 1243 if( CKR_OK != error ) { 1244 goto loser; 1245 } 1246 1247 return CKR_OK; 1248 1249 loser: 1250 switch( error ) { 1251 case CKR_SESSION_CLOSED: 1252 /* destroy session? */ 1253 break; 1254 case CKR_DEVICE_REMOVED: 1255 /* (void)nssCKFWToken_Destroy(fwToken); */ 1256 break; 1257 case CKR_ARGUMENTS_BAD: 1258 case CKR_CRYPTOKI_NOT_INITIALIZED: 1259 case CKR_DEVICE_ERROR: 1260 case CKR_DEVICE_MEMORY: 1261 case CKR_FUNCTION_FAILED: 1262 case CKR_GENERAL_ERROR: 1263 case CKR_HOST_MEMORY: 1264 case CKR_PIN_INCORRECT: 1265 case CKR_PIN_INVALID: 1266 case CKR_PIN_LEN_RANGE: 1267 case CKR_PIN_LOCKED: 1268 case CKR_SESSION_HANDLE_INVALID: 1269 case CKR_SESSION_READ_ONLY: 1270 case CKR_TOKEN_WRITE_PROTECTED: 1271 break; 1272 default: 1273 case CKR_OK: 1274 error = CKR_GENERAL_ERROR; 1275 break; 1276 } 1277 1278 return error; 1279} 1280 1281/* 1282 * NSSCKFWC_OpenSession 1283 * 1284 */ 1285NSS_IMPLEMENT CK_RV 1286NSSCKFWC_OpenSession 1287( 1288 NSSCKFWInstance *fwInstance, 1289 CK_SLOT_ID slotID, 1290 CK_FLAGS flags, 1291 CK_VOID_PTR pApplication, 1292 CK_NOTIFY Notify, 1293 CK_SESSION_HANDLE_PTR phSession 1294) 1295{ 1296 CK_RV error = CKR_OK; 1297 CK_ULONG nSlots; 1298 NSSCKFWSlot **slots; 1299 NSSCKFWSlot *fwSlot; 1300 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 1301 NSSCKFWSession *fwSession; 1302 CK_BBOOL rw; 1303 1304 if (!fwInstance) { 1305 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1306 goto loser; 1307 } 1308 1309 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 1310 if( (CK_ULONG)0 == nSlots ) { 1311 goto loser; 1312 } 1313 1314 if( (slotID < 1) || (slotID > nSlots) ) { 1315 error = CKR_SLOT_ID_INVALID; 1316 goto loser; 1317 } 1318 1319 if( flags & CKF_RW_SESSION ) { 1320 rw = CK_TRUE; 1321 } else { 1322 rw = CK_FALSE; 1323 } 1324 1325 if( flags & CKF_SERIAL_SESSION ) { 1326 ; 1327 } else { 1328 error = CKR_SESSION_PARALLEL_NOT_SUPPORTED; 1329 goto loser; 1330 } 1331 1332 if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) { 1333 error = CKR_ARGUMENTS_BAD; 1334 goto loser; 1335 } 1336 1337 if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) { 1338 error = CKR_ARGUMENTS_BAD; 1339 goto loser; 1340 } 1341 1342 /* 1343 * A purify error here indicates caller error. 1344 */ 1345 *phSession = (CK_SESSION_HANDLE)0; 1346 1347 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 1348 if( (NSSCKFWSlot **)NULL == slots ) { 1349 goto loser; 1350 } 1351 1352 fwSlot = slots[ slotID-1 ]; 1353 1354 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 1355 error = CKR_TOKEN_NOT_PRESENT; 1356 goto loser; 1357 } 1358 1359 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 1360 if (!fwToken) { 1361 goto loser; 1362 } 1363 1364 fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication, 1365 Notify, &error); 1366 if (!fwSession) { 1367 goto loser; 1368 } 1369 1370 *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance, 1371 fwSession, &error); 1372 if( (CK_SESSION_HANDLE)0 == *phSession ) { 1373 goto loser; 1374 } 1375 1376 return CKR_OK; 1377 1378 loser: 1379 switch( error ) { 1380 case CKR_SESSION_CLOSED: 1381 /* destroy session? */ 1382 break; 1383 case CKR_DEVICE_REMOVED: 1384 /* (void)nssCKFWToken_Destroy(fwToken); */ 1385 break; 1386 case CKR_CRYPTOKI_NOT_INITIALIZED: 1387 case CKR_DEVICE_ERROR: 1388 case CKR_DEVICE_MEMORY: 1389 case CKR_FUNCTION_FAILED: 1390 case CKR_GENERAL_ERROR: 1391 case CKR_HOST_MEMORY: 1392 case CKR_SESSION_COUNT: 1393 case CKR_SESSION_EXISTS: 1394 case CKR_SESSION_PARALLEL_NOT_SUPPORTED: 1395 case CKR_SESSION_READ_WRITE_SO_EXISTS: 1396 case CKR_SLOT_ID_INVALID: 1397 case CKR_TOKEN_NOT_PRESENT: 1398 case CKR_TOKEN_NOT_RECOGNIZED: 1399 case CKR_TOKEN_WRITE_PROTECTED: 1400 break; 1401 default: 1402 case CKR_OK: 1403 error = CKR_GENERAL_ERROR; 1404 break; 1405 } 1406 1407 return error; 1408} 1409 1410/* 1411 * NSSCKFWC_CloseSession 1412 * 1413 */ 1414NSS_IMPLEMENT CK_RV 1415NSSCKFWC_CloseSession 1416( 1417 NSSCKFWInstance *fwInstance, 1418 CK_SESSION_HANDLE hSession 1419) 1420{ 1421 CK_RV error = CKR_OK; 1422 NSSCKFWSession *fwSession; 1423 1424 if (!fwInstance) { 1425 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1426 goto loser; 1427 } 1428 1429 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1430 if (!fwSession) { 1431 error = CKR_SESSION_HANDLE_INVALID; 1432 goto loser; 1433 } 1434 1435 nssCKFWInstance_DestroySessionHandle(fwInstance, hSession); 1436 error = nssCKFWSession_Destroy(fwSession, CK_TRUE); 1437 1438 if( CKR_OK != error ) { 1439 goto loser; 1440 } 1441 1442 return CKR_OK; 1443 1444 loser: 1445 switch( error ) { 1446 case CKR_SESSION_CLOSED: 1447 /* destroy session? */ 1448 break; 1449 case CKR_DEVICE_REMOVED: 1450 /* (void)nssCKFWToken_Destroy(fwToken); */ 1451 break; 1452 case CKR_CRYPTOKI_NOT_INITIALIZED: 1453 case CKR_DEVICE_ERROR: 1454 case CKR_DEVICE_MEMORY: 1455 case CKR_FUNCTION_FAILED: 1456 case CKR_GENERAL_ERROR: 1457 case CKR_HOST_MEMORY: 1458 case CKR_SESSION_HANDLE_INVALID: 1459 break; 1460 default: 1461 case CKR_OK: 1462 error = CKR_GENERAL_ERROR; 1463 break; 1464 } 1465 1466 return error; 1467} 1468 1469/* 1470 * NSSCKFWC_CloseAllSessions 1471 * 1472 */ 1473NSS_IMPLEMENT CK_RV 1474NSSCKFWC_CloseAllSessions 1475( 1476 NSSCKFWInstance *fwInstance, 1477 CK_SLOT_ID slotID 1478) 1479{ 1480 CK_RV error = CKR_OK; 1481 CK_ULONG nSlots; 1482 NSSCKFWSlot **slots; 1483 NSSCKFWSlot *fwSlot; 1484 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL; 1485 1486 if (!fwInstance) { 1487 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1488 goto loser; 1489 } 1490 1491 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error); 1492 if( (CK_ULONG)0 == nSlots ) { 1493 goto loser; 1494 } 1495 1496 if( (slotID < 1) || (slotID > nSlots) ) { 1497 error = CKR_SLOT_ID_INVALID; 1498 goto loser; 1499 } 1500 1501 slots = nssCKFWInstance_GetSlots(fwInstance, &error); 1502 if( (NSSCKFWSlot **)NULL == slots ) { 1503 goto loser; 1504 } 1505 1506 fwSlot = slots[ slotID-1 ]; 1507 1508 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) { 1509 error = CKR_TOKEN_NOT_PRESENT; 1510 goto loser; 1511 } 1512 1513 fwToken = nssCKFWSlot_GetToken(fwSlot, &error); 1514 if (!fwToken) { 1515 goto loser; 1516 } 1517 1518 error = nssCKFWToken_CloseAllSessions(fwToken); 1519 if( CKR_OK != error ) { 1520 goto loser; 1521 } 1522 1523 return CKR_OK; 1524 1525 loser: 1526 switch( error ) { 1527 case CKR_DEVICE_REMOVED: 1528 /* (void)nssCKFWToken_Destroy(fwToken); */ 1529 break; 1530 case CKR_CRYPTOKI_NOT_INITIALIZED: 1531 case CKR_DEVICE_ERROR: 1532 case CKR_DEVICE_MEMORY: 1533 case CKR_FUNCTION_FAILED: 1534 case CKR_GENERAL_ERROR: 1535 case CKR_HOST_MEMORY: 1536 case CKR_SLOT_ID_INVALID: 1537 case CKR_TOKEN_NOT_PRESENT: 1538 break; 1539 default: 1540 case CKR_OK: 1541 error = CKR_GENERAL_ERROR; 1542 break; 1543 } 1544 1545 return error; 1546} 1547 1548/* 1549 * NSSCKFWC_GetSessionInfo 1550 * 1551 */ 1552NSS_IMPLEMENT CK_RV 1553NSSCKFWC_GetSessionInfo 1554( 1555 NSSCKFWInstance *fwInstance, 1556 CK_SESSION_HANDLE hSession, 1557 CK_SESSION_INFO_PTR pInfo 1558) 1559{ 1560 CK_RV error = CKR_OK; 1561 NSSCKFWSession *fwSession; 1562 NSSCKFWSlot *fwSlot; 1563 1564 if (!fwInstance) { 1565 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1566 goto loser; 1567 } 1568 1569 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1570 if (!fwSession) { 1571 error = CKR_SESSION_HANDLE_INVALID; 1572 goto loser; 1573 } 1574 1575 if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) { 1576 error = CKR_ARGUMENTS_BAD; 1577 goto loser; 1578 } 1579 1580 /* 1581 * A purify error here indicates caller error. 1582 */ 1583 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO)); 1584 1585 fwSlot = nssCKFWSession_GetFWSlot(fwSession); 1586 if (!fwSlot) { 1587 error = CKR_GENERAL_ERROR; 1588 goto loser; 1589 } 1590 1591 pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot); 1592 pInfo->state = nssCKFWSession_GetSessionState(fwSession); 1593 1594 if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) { 1595 pInfo->flags |= CKF_RW_SESSION; 1596 } 1597 1598 pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */ 1599 1600 pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession); 1601 1602 return CKR_OK; 1603 1604 loser: 1605 switch( error ) { 1606 case CKR_SESSION_CLOSED: 1607 /* destroy session? */ 1608 break; 1609 case CKR_DEVICE_REMOVED: 1610 /* (void)nssCKFWToken_Destroy(fwToken); */ 1611 break; 1612 case CKR_CRYPTOKI_NOT_INITIALIZED: 1613 case CKR_DEVICE_ERROR: 1614 case CKR_DEVICE_MEMORY: 1615 case CKR_FUNCTION_FAILED: 1616 case CKR_GENERAL_ERROR: 1617 case CKR_HOST_MEMORY: 1618 case CKR_SESSION_HANDLE_INVALID: 1619 break; 1620 default: 1621 case CKR_OK: 1622 error = CKR_GENERAL_ERROR; 1623 break; 1624 } 1625 1626 return error; 1627} 1628 1629/* 1630 * NSSCKFWC_GetOperationState 1631 * 1632 */ 1633NSS_IMPLEMENT CK_RV 1634NSSCKFWC_GetOperationState 1635( 1636 NSSCKFWInstance *fwInstance, 1637 CK_SESSION_HANDLE hSession, 1638 CK_BYTE_PTR pOperationState, 1639 CK_ULONG_PTR pulOperationStateLen 1640) 1641{ 1642 CK_RV error = CKR_OK; 1643 NSSCKFWSession *fwSession; 1644 CK_ULONG len; 1645 NSSItem buf; 1646 1647 if (!fwInstance) { 1648 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1649 goto loser; 1650 } 1651 1652 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1653 if (!fwSession) { 1654 error = CKR_SESSION_HANDLE_INVALID; 1655 goto loser; 1656 } 1657 1658 if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) { 1659 error = CKR_ARGUMENTS_BAD; 1660 goto loser; 1661 } 1662 1663 len = nssCKFWSession_GetOperationStateLen(fwSession, &error); 1664 if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) { 1665 goto loser; 1666 } 1667 1668 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) { 1669 *pulOperationStateLen = len; 1670 return CKR_OK; 1671 } 1672 1673 if( *pulOperationStateLen < len ) { 1674 *pulOperationStateLen = len; 1675 error = CKR_BUFFER_TOO_SMALL; 1676 goto loser; 1677 } 1678 1679 buf.size = (PRUint32)*pulOperationStateLen; 1680 buf.data = (void *)pOperationState; 1681 *pulOperationStateLen = len; 1682 error = nssCKFWSession_GetOperationState(fwSession, &buf); 1683 1684 if( CKR_OK != error ) { 1685 goto loser; 1686 } 1687 1688 return CKR_OK; 1689 1690 loser: 1691 switch( error ) { 1692 case CKR_SESSION_CLOSED: 1693 /* destroy session? */ 1694 break; 1695 case CKR_DEVICE_REMOVED: 1696 /* (void)nssCKFWToken_Destroy(fwToken); */ 1697 break; 1698 case CKR_BUFFER_TOO_SMALL: 1699 case CKR_CRYPTOKI_NOT_INITIALIZED: 1700 case CKR_DEVICE_ERROR: 1701 case CKR_DEVICE_MEMORY: 1702 case CKR_FUNCTION_FAILED: 1703 case CKR_GENERAL_ERROR: 1704 case CKR_HOST_MEMORY: 1705 case CKR_OPERATION_NOT_INITIALIZED: 1706 case CKR_SESSION_HANDLE_INVALID: 1707 case CKR_STATE_UNSAVEABLE: 1708 break; 1709 default: 1710 case CKR_OK: 1711 error = CKR_GENERAL_ERROR; 1712 break; 1713 } 1714 1715 return error; 1716} 1717 1718/* 1719 * NSSCKFWC_SetOperationState 1720 * 1721 */ 1722NSS_IMPLEMENT CK_RV 1723NSSCKFWC_SetOperationState 1724( 1725 NSSCKFWInstance *fwInstance, 1726 CK_SESSION_HANDLE hSession, 1727 CK_BYTE_PTR pOperationState, 1728 CK_ULONG ulOperationStateLen, 1729 CK_OBJECT_HANDLE hEncryptionKey, 1730 CK_OBJECT_HANDLE hAuthenticationKey 1731) 1732{ 1733 CK_RV error = CKR_OK; 1734 NSSCKFWSession *fwSession; 1735 NSSCKFWObject *eKey; 1736 NSSCKFWObject *aKey; 1737 NSSItem state; 1738 1739 if (!fwInstance) { 1740 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1741 goto loser; 1742 } 1743 1744 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) { 1745 error = CKR_ARGUMENTS_BAD; 1746 goto loser; 1747 } 1748 1749 /* 1750 * We could loop through the buffer, to catch any purify errors 1751 * in a place with a "user error" note. 1752 */ 1753 1754 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1755 if (!fwSession) { 1756 error = CKR_SESSION_HANDLE_INVALID; 1757 goto loser; 1758 } 1759 1760 if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) { 1761 eKey = (NSSCKFWObject *)NULL; 1762 } else { 1763 eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey); 1764 if (!eKey) { 1765 error = CKR_KEY_HANDLE_INVALID; 1766 goto loser; 1767 } 1768 } 1769 1770 if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) { 1771 aKey = (NSSCKFWObject *)NULL; 1772 } else { 1773 aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey); 1774 if (!aKey) { 1775 error = CKR_KEY_HANDLE_INVALID; 1776 goto loser; 1777 } 1778 } 1779 1780 state.data = pOperationState; 1781 state.size = ulOperationStateLen; 1782 1783 error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey); 1784 if( CKR_OK != error ) { 1785 goto loser; 1786 } 1787 1788 return CKR_OK; 1789 1790 loser: 1791 switch( error ) { 1792 case CKR_SESSION_CLOSED: 1793 /* destroy session? */ 1794 break; 1795 case CKR_DEVICE_REMOVED: 1796 /* (void)nssCKFWToken_Destroy(fwToken); */ 1797 break; 1798 case CKR_CRYPTOKI_NOT_INITIALIZED: 1799 case CKR_DEVICE_ERROR: 1800 case CKR_DEVICE_MEMORY: 1801 case CKR_FUNCTION_FAILED: 1802 case CKR_GENERAL_ERROR: 1803 case CKR_HOST_MEMORY: 1804 case CKR_KEY_CHANGED: 1805 case CKR_KEY_NEEDED: 1806 case CKR_KEY_NOT_NEEDED: 1807 case CKR_SAVED_STATE_INVALID: 1808 case CKR_SESSION_HANDLE_INVALID: 1809 break; 1810 default: 1811 case CKR_OK: 1812 error = CKR_GENERAL_ERROR; 1813 break; 1814 } 1815 1816 return error; 1817} 1818 1819/* 1820 * NSSCKFWC_Login 1821 * 1822 */ 1823NSS_IMPLEMENT CK_RV 1824NSSCKFWC_Login 1825( 1826 NSSCKFWInstance *fwInstance, 1827 CK_SESSION_HANDLE hSession, 1828 CK_USER_TYPE userType, 1829 CK_CHAR_PTR pPin, 1830 CK_ULONG ulPinLen 1831) 1832{ 1833 CK_RV error = CKR_OK; 1834 NSSCKFWSession *fwSession; 1835 NSSItem pin, *arg; 1836 1837 if (!fwInstance) { 1838 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1839 goto loser; 1840 } 1841 1842 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1843 if (!fwSession) { 1844 error = CKR_SESSION_HANDLE_INVALID; 1845 goto loser; 1846 } 1847 1848 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) { 1849 arg = (NSSItem *)NULL; 1850 } else { 1851 arg = &pin; 1852 pin.size = (PRUint32)ulPinLen; 1853 pin.data = (void *)pPin; 1854 } 1855 1856 error = nssCKFWSession_Login(fwSession, userType, arg); 1857 if( CKR_OK != error ) { 1858 goto loser; 1859 } 1860 1861 return CKR_OK; 1862 1863 loser: 1864 switch( error ) { 1865 case CKR_SESSION_CLOSED: 1866 /* destroy session? */ 1867 break; 1868 case CKR_DEVICE_REMOVED: 1869 /* (void)nssCKFWToken_Destroy(fwToken); */ 1870 break; 1871 case CKR_CRYPTOKI_NOT_INITIALIZED: 1872 case CKR_DEVICE_ERROR: 1873 case CKR_DEVICE_MEMORY: 1874 case CKR_FUNCTION_FAILED: 1875 case CKR_GENERAL_ERROR: 1876 case CKR_HOST_MEMORY: 1877 case CKR_PIN_EXPIRED: 1878 case CKR_PIN_INCORRECT: 1879 case CKR_PIN_LOCKED: 1880 case CKR_SESSION_HANDLE_INVALID: 1881 case CKR_SESSION_READ_ONLY_EXISTS: 1882 case CKR_USER_ALREADY_LOGGED_IN: 1883 case CKR_USER_ANOTHER_ALREADY_LOGGED_IN: 1884 case CKR_USER_PIN_NOT_INITIALIZED: 1885 case CKR_USER_TOO_MANY_TYPES: 1886 case CKR_USER_TYPE_INVALID: 1887 break; 1888 default: 1889 case CKR_OK: 1890 error = CKR_GENERAL_ERROR; 1891 break; 1892 } 1893 1894 return error; 1895} 1896 1897/* 1898 * NSSCKFWC_Logout 1899 * 1900 */ 1901NSS_IMPLEMENT CK_RV 1902NSSCKFWC_Logout 1903( 1904 NSSCKFWInstance *fwInstance, 1905 CK_SESSION_HANDLE hSession 1906) 1907{ 1908 CK_RV error = CKR_OK; 1909 NSSCKFWSession *fwSession; 1910 1911 if (!fwInstance) { 1912 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1913 goto loser; 1914 } 1915 1916 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1917 if (!fwSession) { 1918 error = CKR_SESSION_HANDLE_INVALID; 1919 goto loser; 1920 } 1921 1922 error = nssCKFWSession_Logout(fwSession); 1923 if( CKR_OK != error ) { 1924 goto loser; 1925 } 1926 1927 return CKR_OK; 1928 1929 loser: 1930 switch( error ) { 1931 case CKR_SESSION_CLOSED: 1932 /* destroy session? */ 1933 break; 1934 case CKR_DEVICE_REMOVED: 1935 /* (void)nssCKFWToken_Destroy(fwToken); */ 1936 break; 1937 case CKR_CRYPTOKI_NOT_INITIALIZED: 1938 case CKR_DEVICE_ERROR: 1939 case CKR_DEVICE_MEMORY: 1940 case CKR_FUNCTION_FAILED: 1941 case CKR_GENERAL_ERROR: 1942 case CKR_HOST_MEMORY: 1943 case CKR_SESSION_HANDLE_INVALID: 1944 case CKR_USER_NOT_LOGGED_IN: 1945 break; 1946 default: 1947 case CKR_OK: 1948 error = CKR_GENERAL_ERROR; 1949 break; 1950 } 1951 1952 return error; 1953} 1954 1955/* 1956 * NSSCKFWC_CreateObject 1957 * 1958 */ 1959NSS_IMPLEMENT CK_RV 1960NSSCKFWC_CreateObject 1961( 1962 NSSCKFWInstance *fwInstance, 1963 CK_SESSION_HANDLE hSession, 1964 CK_ATTRIBUTE_PTR pTemplate, 1965 CK_ULONG ulCount, 1966 CK_OBJECT_HANDLE_PTR phObject 1967) 1968{ 1969 CK_RV error = CKR_OK; 1970 NSSCKFWSession *fwSession; 1971 NSSCKFWObject *fwObject; 1972 1973 if (!fwInstance) { 1974 error = CKR_CRYPTOKI_NOT_INITIALIZED; 1975 goto loser; 1976 } 1977 1978 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 1979 if (!fwSession) { 1980 error = CKR_SESSION_HANDLE_INVALID; 1981 goto loser; 1982 } 1983 1984 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) { 1985 error = CKR_ARGUMENTS_BAD; 1986 goto loser; 1987 } 1988 1989 /* 1990 * A purify error here indicates caller error. 1991 */ 1992 *phObject = (CK_OBJECT_HANDLE)0; 1993 1994 fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate, 1995 ulCount, &error); 1996 if (!fwObject) { 1997 goto loser; 1998 } 1999 2000 *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error); 2001 if( (CK_OBJECT_HANDLE)0 == *phObject ) { 2002 nssCKFWObject_Destroy(fwObject); 2003 goto loser; 2004 } 2005 2006 return CKR_OK; 2007 2008 loser: 2009 switch( error ) { 2010 case CKR_SESSION_CLOSED: 2011 /* destroy session? */ 2012 break; 2013 case CKR_DEVICE_REMOVED: 2014 /* (void)nssCKFWToken_Destroy(fwToken); */ 2015 break; 2016 case CKR_ATTRIBUTE_READ_ONLY: 2017 case CKR_ATTRIBUTE_TYPE_INVALID: 2018 case CKR_ATTRIBUTE_VALUE_INVALID: 2019 case CKR_CRYPTOKI_NOT_INITIALIZED: 2020 case CKR_DEVICE_ERROR: 2021 case CKR_DEVICE_MEMORY: 2022 case CKR_FUNCTION_FAILED: 2023 case CKR_GENERAL_ERROR: 2024 case CKR_HOST_MEMORY: 2025 case CKR_SESSION_HANDLE_INVALID: 2026 case CKR_SESSION_READ_ONLY: 2027 case CKR_TEMPLATE_INCOMPLETE: 2028 case CKR_TEMPLATE_INCONSISTENT: 2029 case CKR_TOKEN_WRITE_PROTECTED: 2030 case CKR_USER_NOT_LOGGED_IN: 2031 break; 2032 default: 2033 case CKR_OK: 2034 error = CKR_GENERAL_ERROR; 2035 break; 2036 } 2037 2038 return error; 2039} 2040 2041/* 2042 * NSSCKFWC_CopyObject 2043 * 2044 */ 2045NSS_IMPLEMENT CK_RV 2046NSSCKFWC_CopyObject 2047( 2048 NSSCKFWInstance *fwInstance, 2049 CK_SESSION_HANDLE hSession, 2050 CK_OBJECT_HANDLE hObject, 2051 CK_ATTRIBUTE_PTR pTemplate, 2052 CK_ULONG ulCount, 2053 CK_OBJECT_HANDLE_PTR phNewObject 2054) 2055{ 2056 CK_RV error = CKR_OK; 2057 NSSCKFWSession *fwSession; 2058 NSSCKFWObject *fwObject; 2059 NSSCKFWObject *fwNewObject; 2060 2061 if (!fwInstance) { 2062 error = CKR_CRYPTOKI_NOT_INITIALIZED; 2063 goto loser; 2064 } 2065 2066 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 2067 if (!fwSession) { 2068 error = CKR_SESSION_HANDLE_INVALID; 2069 goto loser; 2070 } 2071 2072 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) { 2073 error = CKR_ARGUMENTS_BAD; 2074 goto loser; 2075 } 2076 2077 /* 2078 * A purify error here indicates caller error. 2079 */ 2080 *phNewObject = (CK_OBJECT_HANDLE)0; 2081 2082 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject); 2083 if (!fwObject) { 2084 error = CKR_OBJECT_HANDLE_INVALID; 2085 goto loser; 2086 } 2087 2088 fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject, 2089 pTemplate, ulCount, &error); 2090 if (!fwNewObject) { 2091 goto loser; 2092 } 2093 2094 *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance, 2095 fwNewObject, &error); 2096 if( (CK_OBJECT_HANDLE)0 == *phNewObject ) { 2097 nssCKFWObject_Destroy(fwNewObject); 2098 goto loser; 2099 } 2100 2101 return CKR_OK; 2102 2103 loser: 2104 switch( error ) { 2105 case CKR_SESSION_CLOSED: 2106 /* destroy session? */ 2107 break; 2108 case CKR_DEVICE_REMOVED: 2109 /* (void)nssCKFWToken_Destroy(fwToken); */ 2110 break; 2111 case CKR_ATTRIBUTE_READ_ONLY: 2112 case CKR_ATTRIBUTE_TYPE_INVALID: 2113 case CKR_ATTRIBUTE_VALUE_INVALID: 2114 case CKR_CRYPTOKI_NOT_INITIALIZED: 2115 case CKR_DEVICE_ERROR: 2116 case CKR_DEVICE_MEMORY: 2117 case CKR_FUNCTION_FAILED: 2118 case CKR_GENERAL_ERROR: 2119 case CKR_HOST_MEMORY: 2120 case CKR_OBJECT_HANDLE_INVALID: 2121 case CKR_SESSION_HANDLE_INVALID: 2122 case CKR_SESSION_READ_ONLY: 2123 case CKR_TEMPLATE_INCONSISTENT: 2124 case CKR_TOKEN_WRITE_PROTECTED: 2125 case CKR_USER_NOT_LOGGED_IN: 2126 break; 2127 default: 2128 case CKR_OK: 2129 error = CKR_GENERAL_ERROR; 2130 break; 2131 } 2132 2133 return error; 2134} 2135 2136/* 2137 * NSSCKFWC_DestroyObject 2138 * 2139 */ 2140NSS_IMPLEMENT CK_RV 2141NSSCKFWC_DestroyObject 2142( 2143 NSSCKFWInstance *fwInstance, 2144 CK_SESSION_HANDLE hSession, 2145 CK_OBJECT_HANDLE hObject 2146) 2147{ 2148 CK_RV error = CKR_OK; 2149 NSSCKFWSession *fwSession; 2150 NSSCKFWObject *fwObject; 2151 2152 if (!fwInstance) { 2153 error = CKR_CRYPTOKI_NOT_INITIALIZED; 2154 goto loser; 2155 } 2156 2157 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 2158 if (!fwSession) { 2159 error = CKR_SESSION_HANDLE_INVALID; 2160 goto loser; 2161 } 2162 2163 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject); 2164 if (!fwObject) { 2165 error = CKR_OBJECT_HANDLE_INVALID; 2166 goto loser; 2167 } 2168 2169 nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject); 2170 nssCKFWObject_Destroy(fwObject); 2171 2172 return CKR_OK; 2173 2174 loser: 2175 switch( error ) { 2176 case CKR_SESSION_CLOSED: 2177 /* destroy session? */ 2178 break; 2179 case CKR_DEVICE_REMOVED: 2180 /* (void)nssCKFWToken_Destroy(fwToken); */ 2181 break; 2182 case CKR_CRYPTOKI_NOT_INITIALIZED: 2183 case CKR_DEVICE_ERROR: 2184 case CKR_DEVICE_MEMORY: 2185 case CKR_FUNCTION_FAILED: 2186 case CKR_GENERAL_ERROR: 2187 case CKR_HOST_MEMORY: 2188 case CKR_OBJECT_HANDLE_INVALID: 2189 case CKR_SESSION_HANDLE_INVALID: 2190 case CKR_SESSION_READ_ONLY: 2191 case CKR_TOKEN_WRITE_PROTECTED: 2192 break; 2193 default: 2194 case CKR_OK: 2195 error = CKR_GENERAL_ERROR; 2196 break; 2197 } 2198 2199 return error; 2200} 2201 2202/* 2203 * NSSCKFWC_GetObjectSize 2204 * 2205 */ 2206NSS_IMPLEMENT CK_RV 2207NSSCKFWC_GetObjectSize 2208( 2209 NSSCKFWInstance *fwInstance, 2210 CK_SESSION_HANDLE hSession, 2211 CK_OBJECT_HANDLE hObject, 2212 CK_ULONG_PTR pulSize 2213) 2214{ 2215 CK_RV error = CKR_OK; 2216 NSSCKFWSession *fwSession; 2217 NSSCKFWObject *fwObject; 2218 2219 if (!fwInstance) { 2220 error = CKR_CRYPTOKI_NOT_INITIALIZED; 2221 goto loser; 2222 } 2223 2224 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 2225 if (!fwSession) { 2226 error = CKR_SESSION_HANDLE_INVALID; 2227 goto loser; 2228 } 2229 2230 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject); 2231 if (!fwObject) { 2232 error = CKR_OBJECT_HANDLE_INVALID; 2233 goto loser; 2234 } 2235 2236 if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) { 2237 error = CKR_ARGUMENTS_BAD; 2238 goto loser; 2239 } 2240 2241 /* 2242 * A purify error here indicates caller error. 2243 */ 2244 *pulSize = (CK_ULONG)0; 2245 2246 *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error); 2247 if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) { 2248 goto loser; 2249 } 2250 2251 return CKR_OK; 2252 2253 loser: 2254 switch( error ) { 2255 case CKR_SESSION_CLOSED: 2256 /* destroy session? */ 2257 break; 2258 case CKR_DEVICE_REMOVED: 2259 /* (void)nssCKFWToken_Destroy(fwToken); */ 2260 break; 2261 case CKR_CRYPTOKI_NOT_INITIALIZED: 2262 case CKR_DEVICE_ERROR: 2263 case CKR_DEVICE_MEMORY: 2264 case CKR_FUNCTION_FAILED: 2265 case CKR_GENERAL_ERROR: 2266 case CKR_HOST_MEMORY: 2267 case CKR_INFORMATION_SENSITIVE: 2268 case CKR_OBJECT_HANDLE_INVALID: 2269 case CKR_SESSION_HANDLE_INVALID: 2270 break; 2271 default: 2272 case CKR_OK: 2273 error = CKR_GENERAL_ERROR; 2274 break; 2275 } 2276 2277 return error; 2278} 2279 2280/* 2281 * NSSCKFWC_GetAttributeValue 2282 * 2283 */ 2284NSS_IMPLEMENT CK_RV 2285NSSCKFWC_GetAttributeValue 2286( 2287 NSSCKFWInstance *fwInstance, 2288 CK_SESSION_HANDLE hSession, 2289 CK_OBJECT_HANDLE hObject, 2290 CK_ATTRIBUTE_PTR pTemplate, 2291 CK_ULONG ulCount 2292) 2293{ 2294 CK_RV error = CKR_OK; 2295 NSSCKFWSession *fwSession; 2296 NSSCKFWObject *fwObject; 2297 CK_BBOOL sensitive = CK_FALSE; 2298 CK_BBOOL invalid = CK_FALSE; 2299 CK_BBOOL tooSmall = CK_FALSE; 2300 CK_ULONG i; 2301 2302 if (!fwInstance) { 2303 error = CKR_CRYPTOKI_NOT_INITIALIZED; 2304 goto loser; 2305 } 2306 2307 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession); 2308 if (!fwSession) { 2309 error = CKR_SESSION_HANDLE_INVALID; 2310 goto loser; 2311 } 2312 2313 fwObject = nssCKFWInstance_ResolveObjectHand…
Large files files are truncated, but you can click here to view the full file