| Index: mozilla/security/nss/lib/pk11wrap/pk11slot.c
|
| ===================================================================
|
| --- mozilla/security/nss/lib/pk11wrap/pk11slot.c (revision 164196)
|
| +++ mozilla/security/nss/lib/pk11wrap/pk11slot.c (working copy)
|
| @@ -26,7 +26,7 @@
|
| /*
|
| * This array helps parsing between names, mechanisms, and flags.
|
| * to make the config files understand more entries, add them
|
| - * to this table. (NOTE: we need function to export this table and its size)
|
| + * to this table.
|
| */
|
| PK11DefaultArrayEntry PK11_DefaultArray[] = {
|
| { "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
|
| @@ -1957,12 +1957,17 @@
|
|
|
|
|
| /*
|
| - * find the best slot which supports the given
|
| - * Mechanism. In normal cases this should grab the first slot on the list
|
| - * with no fuss.
|
| + * Find the best slot which supports the given set of mechanisms and key sizes.
|
| + * In normal cases this should grab the first slot on the list with no fuss.
|
| + * The size array is presumed to match one for one with the mechanism type
|
| + * array, which allows you to specify the required key size for each
|
| + * mechanism in the list. Whether key size is in bits or bytes is mechanism
|
| + * dependent. Typically asymetric keys are in bits and symetric keys are in
|
| + * bytes.
|
| */
|
| PK11SlotInfo *
|
| -PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int mech_count, void *wincx)
|
| +PK11_GetBestSlotMultipleWithKeySize(CK_MECHANISM_TYPE *type,
|
| + unsigned long *size, unsigned int mech_count, void *wincx)
|
| {
|
| PK11SlotList *list = NULL;
|
| PK11SlotListElement *le ;
|
| @@ -2013,6 +2018,20 @@
|
| doExit = PR_TRUE;
|
| break;
|
| }
|
| + if (size && size[i]) {
|
| + CK_MECHANISM_INFO mechanism_info;
|
| + CK_RV crv = PK11_GETTAB(le->slot)->C_GetMechanismInfo(
|
| + slot->slotID, type[i], &mechanism_info);
|
| + if (crv != CKR_OK
|
| + || (mechanism_info.ulMinKeySize > size[i])
|
| + || (mechanism_info.ulMaxKeySize < size[i]) ) {
|
| + /* Token can do mechanism, but not at the key size we
|
| + * want */
|
| + doExit = PR_TRUE;
|
| + break;
|
| + }
|
| + }
|
| +
|
| }
|
| if (doExit) continue;
|
|
|
| @@ -2034,13 +2053,27 @@
|
| return NULL;
|
| }
|
|
|
| +PK11SlotInfo *
|
| +PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type,
|
| + unsigned int mech_count, void *wincx)
|
| +{
|
| + return PK11_GetBestSlotMultipleWithKeySize(type, NULL, mech_count, wincx);
|
| +}
|
| +
|
| /* original get best slot now calls the multiple version with only one type */
|
| PK11SlotInfo *
|
| PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx)
|
| {
|
| - return PK11_GetBestSlotMultiple(&type, 1, wincx);
|
| + return PK11_GetBestSlotMultipleWithKeySize(&type, NULL, 1, wincx);
|
| }
|
|
|
| +PK11SlotInfo *
|
| +PK11_GetBestSlotWithKeySize(CK_MECHANISM_TYPE type, unsigned long keySize,
|
| + void *wincx)
|
| +{
|
| + return PK11_GetBestSlotMultipleWithKeySize(&type, &keySize, 1, wincx);
|
| +}
|
| +
|
| int
|
| PK11_GetBestKeyLength(PK11SlotInfo *slot,CK_MECHANISM_TYPE mechanism)
|
| {
|
|
|
Chromium Code Reviews
Issue 11359091:
Update NSS to NSS 3.14 pre-release snapshot 2012-06-26 01:00:00 PDT. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/