Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(668)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/ckfw/wrap.c

Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/ckfw/token.c ('k') | mozilla/security/nss/lib/cryptohi/cryptohi.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 #ifdef DEBUG
6 static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.21 $ $Date: 2012/04/25 14:49:28 $";
7 #endif /* DEBUG */
8
9 /*
10 * wrap.c
11 *
12 * This file contains the routines that actually implement the cryptoki
13 * API, using the internal APIs of the NSS Cryptoki Framework. There is
14 * one routine here for every cryptoki routine. For linking reasons
15 * the actual entry points passed back with C_GetFunctionList have to
16 * exist in one of the Module's source files; however, those are merely
17 * simple wrappers that call these routines. The intelligence of the
18 * implementations is here.
19 */
20
21 #ifndef CK_T
22 #include "ck.h"
23 #endif /* CK_T */
24
25 /*
26 * NSSCKFWC_Initialize
27 * NSSCKFWC_Finalize
28 * NSSCKFWC_GetInfo
29 * -- NSSCKFWC_GetFunctionList -- see the API insert file
30 * NSSCKFWC_GetSlotList
31 * NSSCKFWC_GetSlotInfo
32 * NSSCKFWC_GetTokenInfo
33 * NSSCKFWC_WaitForSlotEvent
34 * NSSCKFWC_GetMechanismList
35 * NSSCKFWC_GetMechanismInfo
36 * NSSCKFWC_InitToken
37 * NSSCKFWC_InitPIN
38 * NSSCKFWC_SetPIN
39 * NSSCKFWC_OpenSession
40 * NSSCKFWC_CloseSession
41 * NSSCKFWC_CloseAllSessions
42 * NSSCKFWC_GetSessionInfo
43 * NSSCKFWC_GetOperationState
44 * NSSCKFWC_SetOperationState
45 * NSSCKFWC_Login
46 * NSSCKFWC_Logout
47 * NSSCKFWC_CreateObject
48 * NSSCKFWC_CopyObject
49 * NSSCKFWC_DestroyObject
50 * NSSCKFWC_GetObjectSize
51 * NSSCKFWC_GetAttributeValue
52 * NSSCKFWC_SetAttributeValue
53 * NSSCKFWC_FindObjectsInit
54 * NSSCKFWC_FindObjects
55 * NSSCKFWC_FindObjectsFinal
56 * NSSCKFWC_EncryptInit
57 * NSSCKFWC_Encrypt
58 * NSSCKFWC_EncryptUpdate
59 * NSSCKFWC_EncryptFinal
60 * NSSCKFWC_DecryptInit
61 * NSSCKFWC_Decrypt
62 * NSSCKFWC_DecryptUpdate
63 * NSSCKFWC_DecryptFinal
64 * NSSCKFWC_DigestInit
65 * NSSCKFWC_Digest
66 * NSSCKFWC_DigestUpdate
67 * NSSCKFWC_DigestKey
68 * NSSCKFWC_DigestFinal
69 * NSSCKFWC_SignInit
70 * NSSCKFWC_Sign
71 * NSSCKFWC_SignUpdate
72 * NSSCKFWC_SignFinal
73 * NSSCKFWC_SignRecoverInit
74 * NSSCKFWC_SignRecover
75 * NSSCKFWC_VerifyInit
76 * NSSCKFWC_Verify
77 * NSSCKFWC_VerifyUpdate
78 * NSSCKFWC_VerifyFinal
79 * NSSCKFWC_VerifyRecoverInit
80 * NSSCKFWC_VerifyRecover
81 * NSSCKFWC_DigestEncryptUpdate
82 * NSSCKFWC_DecryptDigestUpdate
83 * NSSCKFWC_SignEncryptUpdate
84 * NSSCKFWC_DecryptVerifyUpdate
85 * NSSCKFWC_GenerateKey
86 * NSSCKFWC_GenerateKeyPair
87 * NSSCKFWC_WrapKey
88 * NSSCKFWC_UnwrapKey
89 * NSSCKFWC_DeriveKey
90 * NSSCKFWC_SeedRandom
91 * NSSCKFWC_GenerateRandom
92 * NSSCKFWC_GetFunctionStatus
93 * NSSCKFWC_CancelFunction
94 */
95
96 /* figure out out locking semantics */
97 static CK_RV
98 nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
99 CryptokiLockingState *pLocking_state) {
100 int functionCount = 0;
101
102 /* parsed according to (PKCS #11 Section 11.4) */
103 /* no args, the degenerate version of case 1 */
104 if (!pInitArgs) {
105 *pLocking_state = SingleThreaded;
106 return CKR_OK;
107 }
108
109 /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
110 if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
111 *pLocking_state = MultiThreaded;
112 return CKR_OK;
113 }
114 if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
115 if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
116 if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
117 if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
118
119 /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
120 * explicit case 1 */
121 if (0 == functionCount) {
122 *pLocking_state = SingleThreaded;
123 return CKR_OK;
124 }
125
126 /* OS_LOCKING_OK is not set and functions have been supplied. Since
127 * ckfw uses nssbase library which explicitly calls NSPR, and since
128 * there is no way to reliably override these explicit calls to NSPR,
129 * therefore we can't support applications which have their own threading
130 * module. Return CKR_CANT_LOCK if they supplied the correct number of
131 * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
132 * fail the initialize */
133 return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
134 }
135
136 static PRInt32 liveInstances;
137
138 /*
139 * NSSCKFWC_Initialize
140 *
141 */
142 NSS_IMPLEMENT CK_RV
143 NSSCKFWC_Initialize
144 (
145 NSSCKFWInstance **pFwInstance,
146 NSSCKMDInstance *mdInstance,
147 CK_VOID_PTR pInitArgs
148 )
149 {
150 CK_RV error = CKR_OK;
151 CryptokiLockingState locking_state;
152
153 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
154 error = CKR_GENERAL_ERROR;
155 goto loser;
156 }
157
158 if (*pFwInstance) {
159 error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
160 goto loser;
161 }
162
163 if (!mdInstance) {
164 error = CKR_GENERAL_ERROR;
165 goto loser;
166 }
167
168 error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
169 if( CKR_OK != error ) {
170 goto loser;
171 }
172
173 *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &e rror);
174 if (!*pFwInstance) {
175 goto loser;
176 }
177 PR_ATOMIC_INCREMENT(&liveInstances);
178 return CKR_OK;
179
180 loser:
181 switch( error ) {
182 case CKR_ARGUMENTS_BAD:
183 case CKR_CANT_LOCK:
184 case CKR_CRYPTOKI_ALREADY_INITIALIZED:
185 case CKR_FUNCTION_FAILED:
186 case CKR_GENERAL_ERROR:
187 case CKR_HOST_MEMORY:
188 case CKR_NEED_TO_CREATE_THREADS:
189 break;
190 default:
191 case CKR_OK:
192 error = CKR_GENERAL_ERROR;
193 break;
194 }
195
196 return error;
197 }
198
199 /*
200 * NSSCKFWC_Finalize
201 *
202 */
203 NSS_IMPLEMENT CK_RV
204 NSSCKFWC_Finalize
205 (
206 NSSCKFWInstance **pFwInstance
207 )
208 {
209 CK_RV error = CKR_OK;
210
211 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
212 error = CKR_GENERAL_ERROR;
213 goto loser;
214 }
215
216 if (!*pFwInstance) {
217 error = CKR_CRYPTOKI_NOT_INITIALIZED;
218 goto loser;
219 }
220
221 error = nssCKFWInstance_Destroy(*pFwInstance);
222
223 /* In any case */
224 *pFwInstance = (NSSCKFWInstance *)NULL;
225
226 loser:
227 switch( error ) {
228 PRInt32 remainingInstances;
229 case CKR_OK:
230 remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
231 if (!remainingInstances) {
232 nssArena_Shutdown();
233 }
234 break;
235 case CKR_CRYPTOKI_NOT_INITIALIZED:
236 case CKR_FUNCTION_FAILED:
237 case CKR_GENERAL_ERROR:
238 case CKR_HOST_MEMORY:
239 break;
240 default:
241 error = CKR_GENERAL_ERROR;
242 break;
243 }
244
245 /*
246 * A thread's error stack is automatically destroyed when the thread
247 * terminates or, for the primordial thread, by PR_Cleanup. On
248 * Windows with MinGW, the thread private data destructor PR_Free
249 * registered by this module is actually a thunk for PR_Free defined
250 * in this module. When the thread that unloads this module terminates
251 * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
252 * module. Therefore we need to destroy the error stack before the
253 * module is unloaded.
254 */
255 nss_DestroyErrorStack();
256 return error;
257 }
258
259 /*
260 * NSSCKFWC_GetInfo
261 *
262 */
263 NSS_IMPLEMENT CK_RV
264 NSSCKFWC_GetInfo
265 (
266 NSSCKFWInstance *fwInstance,
267 CK_INFO_PTR pInfo
268 )
269 {
270 CK_RV error = CKR_OK;
271
272 if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
273 error = CKR_ARGUMENTS_BAD;
274 goto loser;
275 }
276
277 /*
278 * A purify error here means a caller error
279 */
280 (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
281
282 pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
283
284 error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
285 if( CKR_OK != error ) {
286 goto loser;
287 }
288
289 pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
290
291 error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescri ption);
292 if( CKR_OK != error ) {
293 goto loser;
294 }
295
296 pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
297
298 return CKR_OK;
299
300 loser:
301 switch( error ) {
302 case CKR_CRYPTOKI_NOT_INITIALIZED:
303 case CKR_FUNCTION_FAILED:
304 case CKR_GENERAL_ERROR:
305 case CKR_HOST_MEMORY:
306 break;
307 default:
308 error = CKR_GENERAL_ERROR;
309 break;
310 }
311
312 return error;
313 }
314
315 /*
316 * C_GetFunctionList is implemented entirely in the Module's file which
317 * includes the Framework API insert file. It requires no "actual"
318 * NSSCKFW routine.
319 */
320
321 /*
322 * NSSCKFWC_GetSlotList
323 *
324 */
325 NSS_IMPLEMENT CK_RV
326 NSSCKFWC_GetSlotList
327 (
328 NSSCKFWInstance *fwInstance,
329 CK_BBOOL tokenPresent,
330 CK_SLOT_ID_PTR pSlotList,
331 CK_ULONG_PTR pulCount
332 )
333 {
334 CK_RV error = CKR_OK;
335 CK_ULONG nSlots;
336
337 if (!fwInstance) {
338 error = CKR_CRYPTOKI_NOT_INITIALIZED;
339 goto loser;
340 }
341
342 switch( tokenPresent ) {
343 case CK_TRUE:
344 case CK_FALSE:
345 break;
346 default:
347 error = CKR_ARGUMENTS_BAD;
348 goto loser;
349 }
350
351 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
352 error = CKR_ARGUMENTS_BAD;
353 goto loser;
354 }
355
356 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
357 if( (CK_ULONG)0 == nSlots ) {
358 goto loser;
359 }
360
361 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
362 *pulCount = nSlots;
363 return CKR_OK;
364 }
365
366 /*
367 * A purify error here indicates caller error.
368 */
369 (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
370
371 if( *pulCount < nSlots ) {
372 *pulCount = nSlots;
373 error = CKR_BUFFER_TOO_SMALL;
374 goto loser;
375 } else {
376 CK_ULONG i;
377 *pulCount = nSlots;
378
379 /*
380 * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
381 * just index one when we need it.
382 */
383
384 for( i = 0; i < nSlots; i++ ) {
385 pSlotList[i] = i+1;
386 }
387
388 return CKR_OK;
389 }
390
391 loser:
392 switch( error ) {
393 case CKR_BUFFER_TOO_SMALL:
394 case CKR_CRYPTOKI_NOT_INITIALIZED:
395 case CKR_FUNCTION_FAILED:
396 case CKR_GENERAL_ERROR:
397 case CKR_HOST_MEMORY:
398 break;
399 default:
400 case CKR_OK:
401 error = CKR_GENERAL_ERROR;
402 break;
403 }
404
405 return error;
406 }
407
408 /*
409 * NSSCKFWC_GetSlotInfo
410 *
411 */
412 NSS_IMPLEMENT CK_RV
413 NSSCKFWC_GetSlotInfo
414 (
415 NSSCKFWInstance *fwInstance,
416 CK_SLOT_ID slotID,
417 CK_SLOT_INFO_PTR pInfo
418 )
419 {
420 CK_RV error = CKR_OK;
421 CK_ULONG nSlots;
422 NSSCKFWSlot **slots;
423 NSSCKFWSlot *fwSlot;
424
425 if (!fwInstance) {
426 error = CKR_CRYPTOKI_NOT_INITIALIZED;
427 goto loser;
428 }
429
430 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
431 if( (CK_ULONG)0 == nSlots ) {
432 goto loser;
433 }
434
435 if( (slotID < 1) || (slotID > nSlots) ) {
436 error = CKR_SLOT_ID_INVALID;
437 goto loser;
438 }
439
440 if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
441 error = CKR_ARGUMENTS_BAD;
442 goto loser;
443 }
444
445 /*
446 * A purify error here indicates caller error.
447 */
448 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
449
450 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
451 if( (NSSCKFWSlot **)NULL == slots ) {
452 goto loser;
453 }
454
455 fwSlot = slots[ slotID-1 ];
456
457 error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
458 if( CKR_OK != error ) {
459 goto loser;
460 }
461
462 error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
463 if( CKR_OK != error ) {
464 goto loser;
465 }
466
467 if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
468 pInfo->flags |= CKF_TOKEN_PRESENT;
469 }
470
471 if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
472 pInfo->flags |= CKF_REMOVABLE_DEVICE;
473 }
474
475 if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
476 pInfo->flags |= CKF_HW_SLOT;
477 }
478
479 pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
480 pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
481
482 return CKR_OK;
483
484 loser:
485 switch( error ) {
486 case CKR_CRYPTOKI_NOT_INITIALIZED:
487 case CKR_DEVICE_ERROR:
488 case CKR_FUNCTION_FAILED:
489 case CKR_GENERAL_ERROR:
490 case CKR_HOST_MEMORY:
491 case CKR_SLOT_ID_INVALID:
492 break;
493 default:
494 case CKR_OK:
495 error = CKR_GENERAL_ERROR;
496 }
497
498 return error;
499 }
500
501 /*
502 * NSSCKFWC_GetTokenInfo
503 *
504 */
505 NSS_IMPLEMENT CK_RV
506 NSSCKFWC_GetTokenInfo
507 (
508 NSSCKFWInstance *fwInstance,
509 CK_SLOT_ID slotID,
510 CK_TOKEN_INFO_PTR pInfo
511 )
512 {
513 CK_RV error = CKR_OK;
514 CK_ULONG nSlots;
515 NSSCKFWSlot **slots;
516 NSSCKFWSlot *fwSlot;
517 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
518
519 if (!fwInstance) {
520 error = CKR_CRYPTOKI_NOT_INITIALIZED;
521 goto loser;
522 }
523
524 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
525 if( (CK_ULONG)0 == nSlots ) {
526 goto loser;
527 }
528
529 if( (slotID < 1) || (slotID > nSlots) ) {
530 error = CKR_SLOT_ID_INVALID;
531 goto loser;
532 }
533
534 if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
535 error = CKR_ARGUMENTS_BAD;
536 goto loser;
537 }
538
539 /*
540 * A purify error here indicates caller error.
541 */
542 (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
543
544 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
545 if( (NSSCKFWSlot **)NULL == slots ) {
546 goto loser;
547 }
548
549 fwSlot = slots[ slotID-1 ];
550
551 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
552 error = CKR_TOKEN_NOT_PRESENT;
553 goto loser;
554 }
555
556 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
557 if (!fwToken) {
558 goto loser;
559 }
560
561 error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
562 if( CKR_OK != error ) {
563 goto loser;
564 }
565
566 error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
567 if( CKR_OK != error ) {
568 goto loser;
569 }
570
571 error = nssCKFWToken_GetModel(fwToken, pInfo->model);
572 if( CKR_OK != error ) {
573 goto loser;
574 }
575
576 error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
577 if( CKR_OK != error ) {
578 goto loser;
579 }
580
581 if( nssCKFWToken_GetHasRNG(fwToken) ) {
582 pInfo->flags |= CKF_RNG;
583 }
584
585 if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
586 pInfo->flags |= CKF_WRITE_PROTECTED;
587 }
588
589 if( nssCKFWToken_GetLoginRequired(fwToken) ) {
590 pInfo->flags |= CKF_LOGIN_REQUIRED;
591 }
592
593 if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
594 pInfo->flags |= CKF_USER_PIN_INITIALIZED;
595 }
596
597 if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
598 pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
599 }
600
601 if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
602 pInfo->flags |= CKF_CLOCK_ON_TOKEN;
603 }
604
605 if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
606 pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
607 }
608
609 if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
610 pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
611 }
612
613 pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
614 pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
615 pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
616 pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
617 pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
618 pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
619 pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
620 pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
621 pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
622 pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
623 pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
624 pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
625
626 error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
627 if( CKR_OK != error ) {
628 goto loser;
629 }
630
631 return CKR_OK;
632
633 loser:
634 switch( error ) {
635 case CKR_DEVICE_REMOVED:
636 case CKR_TOKEN_NOT_PRESENT:
637 if (fwToken)
638 nssCKFWToken_Destroy(fwToken);
639 break;
640 case CKR_CRYPTOKI_NOT_INITIALIZED:
641 case CKR_DEVICE_ERROR:
642 case CKR_DEVICE_MEMORY:
643 case CKR_FUNCTION_FAILED:
644 case CKR_GENERAL_ERROR:
645 case CKR_HOST_MEMORY:
646 case CKR_SLOT_ID_INVALID:
647 case CKR_TOKEN_NOT_RECOGNIZED:
648 break;
649 default:
650 case CKR_OK:
651 error = CKR_GENERAL_ERROR;
652 break;
653 }
654
655 return error;
656 }
657
658 /*
659 * NSSCKFWC_WaitForSlotEvent
660 *
661 */
662 NSS_IMPLEMENT CK_RV
663 NSSCKFWC_WaitForSlotEvent
664 (
665 NSSCKFWInstance *fwInstance,
666 CK_FLAGS flags,
667 CK_SLOT_ID_PTR pSlot,
668 CK_VOID_PTR pReserved
669 )
670 {
671 CK_RV error = CKR_OK;
672 CK_ULONG nSlots;
673 CK_BBOOL block;
674 NSSCKFWSlot **slots;
675 NSSCKFWSlot *fwSlot;
676 CK_ULONG i;
677
678 if (!fwInstance) {
679 error = CKR_CRYPTOKI_NOT_INITIALIZED;
680 goto loser;
681 }
682
683 if( flags & ~CKF_DONT_BLOCK ) {
684 error = CKR_ARGUMENTS_BAD;
685 goto loser;
686 }
687
688 block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
689
690 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
691 if( (CK_ULONG)0 == nSlots ) {
692 goto loser;
693 }
694
695 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
696 error = CKR_ARGUMENTS_BAD;
697 goto loser;
698 }
699
700 if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
701 error = CKR_ARGUMENTS_BAD;
702 goto loser;
703 }
704
705 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
706 if( (NSSCKFWSlot **)NULL == slots ) {
707 goto loser;
708 }
709
710 fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
711 if (!fwSlot) {
712 goto loser;
713 }
714
715 for( i = 0; i < nSlots; i++ ) {
716 if( fwSlot == slots[i] ) {
717 *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
718 return CKR_OK;
719 }
720 }
721
722 error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
723
724 loser:
725 switch( error ) {
726 case CKR_CRYPTOKI_NOT_INITIALIZED:
727 case CKR_FUNCTION_FAILED:
728 case CKR_GENERAL_ERROR:
729 case CKR_HOST_MEMORY:
730 case CKR_NO_EVENT:
731 break;
732 default:
733 case CKR_OK:
734 error = CKR_GENERAL_ERROR;
735 break;
736 }
737
738 return error;
739 }
740
741 /*
742 * NSSCKFWC_GetMechanismList
743 *
744 */
745 NSS_IMPLEMENT CK_RV
746 NSSCKFWC_GetMechanismList
747 (
748 NSSCKFWInstance *fwInstance,
749 CK_SLOT_ID slotID,
750 CK_MECHANISM_TYPE_PTR pMechanismList,
751 CK_ULONG_PTR pulCount
752 )
753 {
754 CK_RV error = CKR_OK;
755 CK_ULONG nSlots;
756 NSSCKFWSlot **slots;
757 NSSCKFWSlot *fwSlot;
758 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
759 CK_ULONG count;
760
761 if (!fwInstance) {
762 error = CKR_CRYPTOKI_NOT_INITIALIZED;
763 goto loser;
764 }
765
766 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
767 if( (CK_ULONG)0 == nSlots ) {
768 goto loser;
769 }
770
771 if( (slotID < 1) || (slotID > nSlots) ) {
772 error = CKR_SLOT_ID_INVALID;
773 goto loser;
774 }
775
776 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
777 error = CKR_ARGUMENTS_BAD;
778 goto loser;
779 }
780
781 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
782 if( (NSSCKFWSlot **)NULL == slots ) {
783 goto loser;
784 }
785
786 fwSlot = slots[ slotID-1 ];
787
788 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
789 error = CKR_TOKEN_NOT_PRESENT;
790 goto loser;
791 }
792
793 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
794 if (!fwToken) {
795 goto loser;
796 }
797
798 count = nssCKFWToken_GetMechanismCount(fwToken);
799
800 if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
801 *pulCount = count;
802 return CKR_OK;
803 }
804
805 if( *pulCount < count ) {
806 *pulCount = count;
807 error = CKR_BUFFER_TOO_SMALL;
808 goto loser;
809 }
810
811 /*
812 * A purify error here indicates caller error.
813 */
814 (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE)) ;
815
816 *pulCount = count;
817
818 if( 0 != count ) {
819 error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
820 } else {
821 error = CKR_OK;
822 }
823
824 if( CKR_OK == error ) {
825 return CKR_OK;
826 }
827
828 loser:
829 switch( error ) {
830 case CKR_DEVICE_REMOVED:
831 case CKR_TOKEN_NOT_PRESENT:
832 if (fwToken)
833 nssCKFWToken_Destroy(fwToken);
834 break;
835 case CKR_ARGUMENTS_BAD:
836 case CKR_BUFFER_TOO_SMALL:
837 case CKR_CRYPTOKI_NOT_INITIALIZED:
838 case CKR_DEVICE_ERROR:
839 case CKR_DEVICE_MEMORY:
840 case CKR_FUNCTION_FAILED:
841 case CKR_GENERAL_ERROR:
842 case CKR_HOST_MEMORY:
843 case CKR_SLOT_ID_INVALID:
844 case CKR_TOKEN_NOT_RECOGNIZED:
845 break;
846 default:
847 case CKR_OK:
848 error = CKR_GENERAL_ERROR;
849 break;
850 }
851
852 return error;
853 }
854
855 /*
856 * NSSCKFWC_GetMechanismInfo
857 *
858 */
859 NSS_IMPLEMENT CK_RV
860 NSSCKFWC_GetMechanismInfo
861 (
862 NSSCKFWInstance *fwInstance,
863 CK_SLOT_ID slotID,
864 CK_MECHANISM_TYPE type,
865 CK_MECHANISM_INFO_PTR pInfo
866 )
867 {
868 CK_RV error = CKR_OK;
869 CK_ULONG nSlots;
870 NSSCKFWSlot **slots;
871 NSSCKFWSlot *fwSlot;
872 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
873 NSSCKFWMechanism *fwMechanism;
874
875 if (!fwInstance) {
876 error = CKR_CRYPTOKI_NOT_INITIALIZED;
877 goto loser;
878 }
879
880 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
881 if( (CK_ULONG)0 == nSlots ) {
882 goto loser;
883 }
884
885 if( (slotID < 1) || (slotID > nSlots) ) {
886 error = CKR_SLOT_ID_INVALID;
887 goto loser;
888 }
889
890 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
891 if( (NSSCKFWSlot **)NULL == slots ) {
892 goto loser;
893 }
894
895 fwSlot = slots[ slotID-1 ];
896
897 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
898 error = CKR_TOKEN_NOT_PRESENT;
899 goto loser;
900 }
901
902 if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
903 error = CKR_ARGUMENTS_BAD;
904 goto loser;
905 }
906
907 /*
908 * A purify error here indicates caller error.
909 */
910 (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
911
912 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
913 if (!fwToken) {
914 goto loser;
915 }
916
917 fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
918 if (!fwMechanism) {
919 goto loser;
920 }
921
922 pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
923 pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
924
925 if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
926 pInfo->flags |= CKF_HW;
927 }
928 if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
929 pInfo->flags |= CKF_ENCRYPT;
930 }
931 if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
932 pInfo->flags |= CKF_DECRYPT;
933 }
934 if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
935 pInfo->flags |= CKF_DIGEST;
936 }
937 if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
938 pInfo->flags |= CKF_SIGN;
939 }
940 if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
941 pInfo->flags |= CKF_SIGN_RECOVER;
942 }
943 if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
944 pInfo->flags |= CKF_VERIFY;
945 }
946 if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
947 pInfo->flags |= CKF_VERIFY_RECOVER;
948 }
949 if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
950 pInfo->flags |= CKF_GENERATE;
951 }
952 if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
953 pInfo->flags |= CKF_GENERATE_KEY_PAIR;
954 }
955 if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
956 pInfo->flags |= CKF_WRAP;
957 }
958 if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
959 pInfo->flags |= CKF_UNWRAP;
960 }
961 if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
962 pInfo->flags |= CKF_DERIVE;
963 }
964 nssCKFWMechanism_Destroy(fwMechanism);
965
966 return error;
967
968 loser:
969 switch( error ) {
970 case CKR_DEVICE_REMOVED:
971 case CKR_TOKEN_NOT_PRESENT:
972 if (fwToken)
973 nssCKFWToken_Destroy(fwToken);
974 break;
975 case CKR_ARGUMENTS_BAD:
976 case CKR_CRYPTOKI_NOT_INITIALIZED:
977 case CKR_DEVICE_ERROR:
978 case CKR_DEVICE_MEMORY:
979 case CKR_FUNCTION_FAILED:
980 case CKR_GENERAL_ERROR:
981 case CKR_HOST_MEMORY:
982 case CKR_MECHANISM_INVALID:
983 case CKR_SLOT_ID_INVALID:
984 case CKR_TOKEN_NOT_RECOGNIZED:
985 break;
986 default:
987 case CKR_OK:
988 error = CKR_GENERAL_ERROR;
989 break;
990 }
991
992 return error;
993 }
994
995 /*
996 * NSSCKFWC_InitToken
997 *
998 */
999 NSS_IMPLEMENT CK_RV
1000 NSSCKFWC_InitToken
1001 (
1002 NSSCKFWInstance *fwInstance,
1003 CK_SLOT_ID slotID,
1004 CK_CHAR_PTR pPin,
1005 CK_ULONG ulPinLen,
1006 CK_CHAR_PTR pLabel
1007 )
1008 {
1009 CK_RV error = CKR_OK;
1010 CK_ULONG nSlots;
1011 NSSCKFWSlot **slots;
1012 NSSCKFWSlot *fwSlot;
1013 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1014 NSSItem pin;
1015 NSSUTF8 *label;
1016
1017 if (!fwInstance) {
1018 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1019 goto loser;
1020 }
1021
1022 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1023 if( (CK_ULONG)0 == nSlots ) {
1024 goto loser;
1025 }
1026
1027 if( (slotID < 1) || (slotID > nSlots) ) {
1028 error = CKR_SLOT_ID_INVALID;
1029 goto loser;
1030 }
1031
1032 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1033 if( (NSSCKFWSlot **)NULL == slots ) {
1034 goto loser;
1035 }
1036
1037 fwSlot = slots[ slotID-1 ];
1038
1039 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1040 error = CKR_TOKEN_NOT_PRESENT;
1041 goto loser;
1042 }
1043
1044 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1045 if (!fwToken) {
1046 goto loser;
1047 }
1048
1049 pin.size = (PRUint32)ulPinLen;
1050 pin.data = (void *)pPin;
1051 label = (NSSUTF8 *)pLabel; /* identity conversion */
1052
1053 error = nssCKFWToken_InitToken(fwToken, &pin, label);
1054 if( CKR_OK != error ) {
1055 goto loser;
1056 }
1057
1058 return CKR_OK;
1059
1060 loser:
1061 switch( error ) {
1062 case CKR_DEVICE_REMOVED:
1063 case CKR_TOKEN_NOT_PRESENT:
1064 if (fwToken)
1065 nssCKFWToken_Destroy(fwToken);
1066 break;
1067 case CKR_ARGUMENTS_BAD:
1068 case CKR_CRYPTOKI_NOT_INITIALIZED:
1069 case CKR_DEVICE_ERROR:
1070 case CKR_DEVICE_MEMORY:
1071 case CKR_FUNCTION_FAILED:
1072 case CKR_GENERAL_ERROR:
1073 case CKR_HOST_MEMORY:
1074 case CKR_PIN_INCORRECT:
1075 case CKR_PIN_LOCKED:
1076 case CKR_SESSION_EXISTS:
1077 case CKR_SLOT_ID_INVALID:
1078 case CKR_TOKEN_NOT_RECOGNIZED:
1079 case CKR_TOKEN_WRITE_PROTECTED:
1080 break;
1081 default:
1082 case CKR_OK:
1083 error = CKR_GENERAL_ERROR;
1084 break;
1085 }
1086
1087 return error;
1088 }
1089
1090 /*
1091 * NSSCKFWC_InitPIN
1092 *
1093 */
1094 NSS_IMPLEMENT CK_RV
1095 NSSCKFWC_InitPIN
1096 (
1097 NSSCKFWInstance *fwInstance,
1098 CK_SESSION_HANDLE hSession,
1099 CK_CHAR_PTR pPin,
1100 CK_ULONG ulPinLen
1101 )
1102 {
1103 CK_RV error = CKR_OK;
1104 NSSCKFWSession *fwSession;
1105 NSSItem pin, *arg;
1106
1107 if (!fwInstance) {
1108 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1109 goto loser;
1110 }
1111
1112 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1113 if (!fwSession) {
1114 error = CKR_SESSION_HANDLE_INVALID;
1115 goto loser;
1116 }
1117
1118 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1119 arg = (NSSItem *)NULL;
1120 } else {
1121 arg = &pin;
1122 pin.size = (PRUint32)ulPinLen;
1123 pin.data = (void *)pPin;
1124 }
1125
1126 error = nssCKFWSession_InitPIN(fwSession, arg);
1127 if( CKR_OK != error ) {
1128 goto loser;
1129 }
1130
1131 return CKR_OK;
1132
1133 loser:
1134 switch( error ) {
1135 case CKR_SESSION_CLOSED:
1136 /* destroy session? */
1137 break;
1138 case CKR_DEVICE_REMOVED:
1139 /* (void)nssCKFWToken_Destroy(fwToken); */
1140 break;
1141 case CKR_ARGUMENTS_BAD:
1142 case CKR_CRYPTOKI_NOT_INITIALIZED:
1143 case CKR_DEVICE_ERROR:
1144 case CKR_DEVICE_MEMORY:
1145 case CKR_FUNCTION_FAILED:
1146 case CKR_GENERAL_ERROR:
1147 case CKR_HOST_MEMORY:
1148 case CKR_PIN_INVALID:
1149 case CKR_PIN_LEN_RANGE:
1150 case CKR_SESSION_READ_ONLY:
1151 case CKR_SESSION_HANDLE_INVALID:
1152 case CKR_TOKEN_WRITE_PROTECTED:
1153 case CKR_USER_NOT_LOGGED_IN:
1154 break;
1155 default:
1156 case CKR_OK:
1157 error = CKR_GENERAL_ERROR;
1158 break;
1159 }
1160
1161 return error;
1162 }
1163
1164 /*
1165 * NSSCKFWC_SetPIN
1166 *
1167 */
1168 NSS_IMPLEMENT CK_RV
1169 NSSCKFWC_SetPIN
1170 (
1171 NSSCKFWInstance *fwInstance,
1172 CK_SESSION_HANDLE hSession,
1173 CK_CHAR_PTR pOldPin,
1174 CK_ULONG ulOldLen,
1175 CK_CHAR_PTR pNewPin,
1176 CK_ULONG ulNewLen
1177 )
1178 {
1179 CK_RV error = CKR_OK;
1180 NSSCKFWSession *fwSession;
1181 NSSItem oldPin, newPin, *oldArg, *newArg;
1182
1183 if (!fwInstance) {
1184 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1185 goto loser;
1186 }
1187
1188 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1189 if (!fwSession) {
1190 error = CKR_SESSION_HANDLE_INVALID;
1191 goto loser;
1192 }
1193
1194 if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1195 oldArg = (NSSItem *)NULL;
1196 } else {
1197 oldArg = &oldPin;
1198 oldPin.size = (PRUint32)ulOldLen;
1199 oldPin.data = (void *)pOldPin;
1200 }
1201
1202 if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1203 newArg = (NSSItem *)NULL;
1204 } else {
1205 newArg = &newPin;
1206 newPin.size = (PRUint32)ulNewLen;
1207 newPin.data = (void *)pNewPin;
1208 }
1209
1210 error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1211 if( CKR_OK != error ) {
1212 goto loser;
1213 }
1214
1215 return CKR_OK;
1216
1217 loser:
1218 switch( error ) {
1219 case CKR_SESSION_CLOSED:
1220 /* destroy session? */
1221 break;
1222 case CKR_DEVICE_REMOVED:
1223 /* (void)nssCKFWToken_Destroy(fwToken); */
1224 break;
1225 case CKR_ARGUMENTS_BAD:
1226 case CKR_CRYPTOKI_NOT_INITIALIZED:
1227 case CKR_DEVICE_ERROR:
1228 case CKR_DEVICE_MEMORY:
1229 case CKR_FUNCTION_FAILED:
1230 case CKR_GENERAL_ERROR:
1231 case CKR_HOST_MEMORY:
1232 case CKR_PIN_INCORRECT:
1233 case CKR_PIN_INVALID:
1234 case CKR_PIN_LEN_RANGE:
1235 case CKR_PIN_LOCKED:
1236 case CKR_SESSION_HANDLE_INVALID:
1237 case CKR_SESSION_READ_ONLY:
1238 case CKR_TOKEN_WRITE_PROTECTED:
1239 break;
1240 default:
1241 case CKR_OK:
1242 error = CKR_GENERAL_ERROR;
1243 break;
1244 }
1245
1246 return error;
1247 }
1248
1249 /*
1250 * NSSCKFWC_OpenSession
1251 *
1252 */
1253 NSS_IMPLEMENT CK_RV
1254 NSSCKFWC_OpenSession
1255 (
1256 NSSCKFWInstance *fwInstance,
1257 CK_SLOT_ID slotID,
1258 CK_FLAGS flags,
1259 CK_VOID_PTR pApplication,
1260 CK_NOTIFY Notify,
1261 CK_SESSION_HANDLE_PTR phSession
1262 )
1263 {
1264 CK_RV error = CKR_OK;
1265 CK_ULONG nSlots;
1266 NSSCKFWSlot **slots;
1267 NSSCKFWSlot *fwSlot;
1268 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1269 NSSCKFWSession *fwSession;
1270 CK_BBOOL rw;
1271
1272 if (!fwInstance) {
1273 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1274 goto loser;
1275 }
1276
1277 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1278 if( (CK_ULONG)0 == nSlots ) {
1279 goto loser;
1280 }
1281
1282 if( (slotID < 1) || (slotID > nSlots) ) {
1283 error = CKR_SLOT_ID_INVALID;
1284 goto loser;
1285 }
1286
1287 if( flags & CKF_RW_SESSION ) {
1288 rw = CK_TRUE;
1289 } else {
1290 rw = CK_FALSE;
1291 }
1292
1293 if( flags & CKF_SERIAL_SESSION ) {
1294 ;
1295 } else {
1296 error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1297 goto loser;
1298 }
1299
1300 if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1301 error = CKR_ARGUMENTS_BAD;
1302 goto loser;
1303 }
1304
1305 if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1306 error = CKR_ARGUMENTS_BAD;
1307 goto loser;
1308 }
1309
1310 /*
1311 * A purify error here indicates caller error.
1312 */
1313 *phSession = (CK_SESSION_HANDLE)0;
1314
1315 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1316 if( (NSSCKFWSlot **)NULL == slots ) {
1317 goto loser;
1318 }
1319
1320 fwSlot = slots[ slotID-1 ];
1321
1322 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1323 error = CKR_TOKEN_NOT_PRESENT;
1324 goto loser;
1325 }
1326
1327 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1328 if (!fwToken) {
1329 goto loser;
1330 }
1331
1332 fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1333 Notify, &error);
1334 if (!fwSession) {
1335 goto loser;
1336 }
1337
1338 *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1339 fwSession, &error);
1340 if( (CK_SESSION_HANDLE)0 == *phSession ) {
1341 goto loser;
1342 }
1343
1344 return CKR_OK;
1345
1346 loser:
1347 switch( error ) {
1348 case CKR_SESSION_CLOSED:
1349 /* destroy session? */
1350 break;
1351 case CKR_DEVICE_REMOVED:
1352 /* (void)nssCKFWToken_Destroy(fwToken); */
1353 break;
1354 case CKR_CRYPTOKI_NOT_INITIALIZED:
1355 case CKR_DEVICE_ERROR:
1356 case CKR_DEVICE_MEMORY:
1357 case CKR_FUNCTION_FAILED:
1358 case CKR_GENERAL_ERROR:
1359 case CKR_HOST_MEMORY:
1360 case CKR_SESSION_COUNT:
1361 case CKR_SESSION_EXISTS:
1362 case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1363 case CKR_SESSION_READ_WRITE_SO_EXISTS:
1364 case CKR_SLOT_ID_INVALID:
1365 case CKR_TOKEN_NOT_PRESENT:
1366 case CKR_TOKEN_NOT_RECOGNIZED:
1367 case CKR_TOKEN_WRITE_PROTECTED:
1368 break;
1369 default:
1370 case CKR_OK:
1371 error = CKR_GENERAL_ERROR;
1372 break;
1373 }
1374
1375 return error;
1376 }
1377
1378 /*
1379 * NSSCKFWC_CloseSession
1380 *
1381 */
1382 NSS_IMPLEMENT CK_RV
1383 NSSCKFWC_CloseSession
1384 (
1385 NSSCKFWInstance *fwInstance,
1386 CK_SESSION_HANDLE hSession
1387 )
1388 {
1389 CK_RV error = CKR_OK;
1390 NSSCKFWSession *fwSession;
1391
1392 if (!fwInstance) {
1393 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1394 goto loser;
1395 }
1396
1397 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1398 if (!fwSession) {
1399 error = CKR_SESSION_HANDLE_INVALID;
1400 goto loser;
1401 }
1402
1403 nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1404 error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1405
1406 if( CKR_OK != error ) {
1407 goto loser;
1408 }
1409
1410 return CKR_OK;
1411
1412 loser:
1413 switch( error ) {
1414 case CKR_SESSION_CLOSED:
1415 /* destroy session? */
1416 break;
1417 case CKR_DEVICE_REMOVED:
1418 /* (void)nssCKFWToken_Destroy(fwToken); */
1419 break;
1420 case CKR_CRYPTOKI_NOT_INITIALIZED:
1421 case CKR_DEVICE_ERROR:
1422 case CKR_DEVICE_MEMORY:
1423 case CKR_FUNCTION_FAILED:
1424 case CKR_GENERAL_ERROR:
1425 case CKR_HOST_MEMORY:
1426 case CKR_SESSION_HANDLE_INVALID:
1427 break;
1428 default:
1429 case CKR_OK:
1430 error = CKR_GENERAL_ERROR;
1431 break;
1432 }
1433
1434 return error;
1435 }
1436
1437 /*
1438 * NSSCKFWC_CloseAllSessions
1439 *
1440 */
1441 NSS_IMPLEMENT CK_RV
1442 NSSCKFWC_CloseAllSessions
1443 (
1444 NSSCKFWInstance *fwInstance,
1445 CK_SLOT_ID slotID
1446 )
1447 {
1448 CK_RV error = CKR_OK;
1449 CK_ULONG nSlots;
1450 NSSCKFWSlot **slots;
1451 NSSCKFWSlot *fwSlot;
1452 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1453
1454 if (!fwInstance) {
1455 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1456 goto loser;
1457 }
1458
1459 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1460 if( (CK_ULONG)0 == nSlots ) {
1461 goto loser;
1462 }
1463
1464 if( (slotID < 1) || (slotID > nSlots) ) {
1465 error = CKR_SLOT_ID_INVALID;
1466 goto loser;
1467 }
1468
1469 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1470 if( (NSSCKFWSlot **)NULL == slots ) {
1471 goto loser;
1472 }
1473
1474 fwSlot = slots[ slotID-1 ];
1475
1476 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1477 error = CKR_TOKEN_NOT_PRESENT;
1478 goto loser;
1479 }
1480
1481 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1482 if (!fwToken) {
1483 goto loser;
1484 }
1485
1486 error = nssCKFWToken_CloseAllSessions(fwToken);
1487 if( CKR_OK != error ) {
1488 goto loser;
1489 }
1490
1491 return CKR_OK;
1492
1493 loser:
1494 switch( error ) {
1495 case CKR_DEVICE_REMOVED:
1496 /* (void)nssCKFWToken_Destroy(fwToken); */
1497 break;
1498 case CKR_CRYPTOKI_NOT_INITIALIZED:
1499 case CKR_DEVICE_ERROR:
1500 case CKR_DEVICE_MEMORY:
1501 case CKR_FUNCTION_FAILED:
1502 case CKR_GENERAL_ERROR:
1503 case CKR_HOST_MEMORY:
1504 case CKR_SLOT_ID_INVALID:
1505 case CKR_TOKEN_NOT_PRESENT:
1506 break;
1507 default:
1508 case CKR_OK:
1509 error = CKR_GENERAL_ERROR;
1510 break;
1511 }
1512
1513 return error;
1514 }
1515
1516 /*
1517 * NSSCKFWC_GetSessionInfo
1518 *
1519 */
1520 NSS_IMPLEMENT CK_RV
1521 NSSCKFWC_GetSessionInfo
1522 (
1523 NSSCKFWInstance *fwInstance,
1524 CK_SESSION_HANDLE hSession,
1525 CK_SESSION_INFO_PTR pInfo
1526 )
1527 {
1528 CK_RV error = CKR_OK;
1529 NSSCKFWSession *fwSession;
1530 NSSCKFWSlot *fwSlot;
1531
1532 if (!fwInstance) {
1533 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1534 goto loser;
1535 }
1536
1537 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1538 if (!fwSession) {
1539 error = CKR_SESSION_HANDLE_INVALID;
1540 goto loser;
1541 }
1542
1543 if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1544 error = CKR_ARGUMENTS_BAD;
1545 goto loser;
1546 }
1547
1548 /*
1549 * A purify error here indicates caller error.
1550 */
1551 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1552
1553 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1554 if (!fwSlot) {
1555 error = CKR_GENERAL_ERROR;
1556 goto loser;
1557 }
1558
1559 pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1560 pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1561
1562 if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1563 pInfo->flags |= CKF_RW_SESSION;
1564 }
1565
1566 pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1567
1568 pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1569
1570 return CKR_OK;
1571
1572 loser:
1573 switch( error ) {
1574 case CKR_SESSION_CLOSED:
1575 /* destroy session? */
1576 break;
1577 case CKR_DEVICE_REMOVED:
1578 /* (void)nssCKFWToken_Destroy(fwToken); */
1579 break;
1580 case CKR_CRYPTOKI_NOT_INITIALIZED:
1581 case CKR_DEVICE_ERROR:
1582 case CKR_DEVICE_MEMORY:
1583 case CKR_FUNCTION_FAILED:
1584 case CKR_GENERAL_ERROR:
1585 case CKR_HOST_MEMORY:
1586 case CKR_SESSION_HANDLE_INVALID:
1587 break;
1588 default:
1589 case CKR_OK:
1590 error = CKR_GENERAL_ERROR;
1591 break;
1592 }
1593
1594 return error;
1595 }
1596
1597 /*
1598 * NSSCKFWC_GetOperationState
1599 *
1600 */
1601 NSS_IMPLEMENT CK_RV
1602 NSSCKFWC_GetOperationState
1603 (
1604 NSSCKFWInstance *fwInstance,
1605 CK_SESSION_HANDLE hSession,
1606 CK_BYTE_PTR pOperationState,
1607 CK_ULONG_PTR pulOperationStateLen
1608 )
1609 {
1610 CK_RV error = CKR_OK;
1611 NSSCKFWSession *fwSession;
1612 CK_ULONG len;
1613 NSSItem buf;
1614
1615 if (!fwInstance) {
1616 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1617 goto loser;
1618 }
1619
1620 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1621 if (!fwSession) {
1622 error = CKR_SESSION_HANDLE_INVALID;
1623 goto loser;
1624 }
1625
1626 if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1627 error = CKR_ARGUMENTS_BAD;
1628 goto loser;
1629 }
1630
1631 len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1632 if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1633 goto loser;
1634 }
1635
1636 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1637 *pulOperationStateLen = len;
1638 return CKR_OK;
1639 }
1640
1641 if( *pulOperationStateLen < len ) {
1642 *pulOperationStateLen = len;
1643 error = CKR_BUFFER_TOO_SMALL;
1644 goto loser;
1645 }
1646
1647 buf.size = (PRUint32)*pulOperationStateLen;
1648 buf.data = (void *)pOperationState;
1649 *pulOperationStateLen = len;
1650 error = nssCKFWSession_GetOperationState(fwSession, &buf);
1651
1652 if( CKR_OK != error ) {
1653 goto loser;
1654 }
1655
1656 return CKR_OK;
1657
1658 loser:
1659 switch( error ) {
1660 case CKR_SESSION_CLOSED:
1661 /* destroy session? */
1662 break;
1663 case CKR_DEVICE_REMOVED:
1664 /* (void)nssCKFWToken_Destroy(fwToken); */
1665 break;
1666 case CKR_BUFFER_TOO_SMALL:
1667 case CKR_CRYPTOKI_NOT_INITIALIZED:
1668 case CKR_DEVICE_ERROR:
1669 case CKR_DEVICE_MEMORY:
1670 case CKR_FUNCTION_FAILED:
1671 case CKR_GENERAL_ERROR:
1672 case CKR_HOST_MEMORY:
1673 case CKR_OPERATION_NOT_INITIALIZED:
1674 case CKR_SESSION_HANDLE_INVALID:
1675 case CKR_STATE_UNSAVEABLE:
1676 break;
1677 default:
1678 case CKR_OK:
1679 error = CKR_GENERAL_ERROR;
1680 break;
1681 }
1682
1683 return error;
1684 }
1685
1686 /*
1687 * NSSCKFWC_SetOperationState
1688 *
1689 */
1690 NSS_IMPLEMENT CK_RV
1691 NSSCKFWC_SetOperationState
1692 (
1693 NSSCKFWInstance *fwInstance,
1694 CK_SESSION_HANDLE hSession,
1695 CK_BYTE_PTR pOperationState,
1696 CK_ULONG ulOperationStateLen,
1697 CK_OBJECT_HANDLE hEncryptionKey,
1698 CK_OBJECT_HANDLE hAuthenticationKey
1699 )
1700 {
1701 CK_RV error = CKR_OK;
1702 NSSCKFWSession *fwSession;
1703 NSSCKFWObject *eKey;
1704 NSSCKFWObject *aKey;
1705 NSSItem state;
1706
1707 if (!fwInstance) {
1708 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1709 goto loser;
1710 }
1711
1712 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1713 error = CKR_ARGUMENTS_BAD;
1714 goto loser;
1715 }
1716
1717 /*
1718 * We could loop through the buffer, to catch any purify errors
1719 * in a place with a "user error" note.
1720 */
1721
1722 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1723 if (!fwSession) {
1724 error = CKR_SESSION_HANDLE_INVALID;
1725 goto loser;
1726 }
1727
1728 if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1729 eKey = (NSSCKFWObject *)NULL;
1730 } else {
1731 eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1732 if (!eKey) {
1733 error = CKR_KEY_HANDLE_INVALID;
1734 goto loser;
1735 }
1736 }
1737
1738 if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1739 aKey = (NSSCKFWObject *)NULL;
1740 } else {
1741 aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1742 if (!aKey) {
1743 error = CKR_KEY_HANDLE_INVALID;
1744 goto loser;
1745 }
1746 }
1747
1748 state.data = pOperationState;
1749 state.size = ulOperationStateLen;
1750
1751 error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1752 if( CKR_OK != error ) {
1753 goto loser;
1754 }
1755
1756 return CKR_OK;
1757
1758 loser:
1759 switch( error ) {
1760 case CKR_SESSION_CLOSED:
1761 /* destroy session? */
1762 break;
1763 case CKR_DEVICE_REMOVED:
1764 /* (void)nssCKFWToken_Destroy(fwToken); */
1765 break;
1766 case CKR_CRYPTOKI_NOT_INITIALIZED:
1767 case CKR_DEVICE_ERROR:
1768 case CKR_DEVICE_MEMORY:
1769 case CKR_FUNCTION_FAILED:
1770 case CKR_GENERAL_ERROR:
1771 case CKR_HOST_MEMORY:
1772 case CKR_KEY_CHANGED:
1773 case CKR_KEY_NEEDED:
1774 case CKR_KEY_NOT_NEEDED:
1775 case CKR_SAVED_STATE_INVALID:
1776 case CKR_SESSION_HANDLE_INVALID:
1777 break;
1778 default:
1779 case CKR_OK:
1780 error = CKR_GENERAL_ERROR;
1781 break;
1782 }
1783
1784 return error;
1785 }
1786
1787 /*
1788 * NSSCKFWC_Login
1789 *
1790 */
1791 NSS_IMPLEMENT CK_RV
1792 NSSCKFWC_Login
1793 (
1794 NSSCKFWInstance *fwInstance,
1795 CK_SESSION_HANDLE hSession,
1796 CK_USER_TYPE userType,
1797 CK_CHAR_PTR pPin,
1798 CK_ULONG ulPinLen
1799 )
1800 {
1801 CK_RV error = CKR_OK;
1802 NSSCKFWSession *fwSession;
1803 NSSItem pin, *arg;
1804
1805 if (!fwInstance) {
1806 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1807 goto loser;
1808 }
1809
1810 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1811 if (!fwSession) {
1812 error = CKR_SESSION_HANDLE_INVALID;
1813 goto loser;
1814 }
1815
1816 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1817 arg = (NSSItem *)NULL;
1818 } else {
1819 arg = &pin;
1820 pin.size = (PRUint32)ulPinLen;
1821 pin.data = (void *)pPin;
1822 }
1823
1824 error = nssCKFWSession_Login(fwSession, userType, arg);
1825 if( CKR_OK != error ) {
1826 goto loser;
1827 }
1828
1829 return CKR_OK;
1830
1831 loser:
1832 switch( error ) {
1833 case CKR_SESSION_CLOSED:
1834 /* destroy session? */
1835 break;
1836 case CKR_DEVICE_REMOVED:
1837 /* (void)nssCKFWToken_Destroy(fwToken); */
1838 break;
1839 case CKR_CRYPTOKI_NOT_INITIALIZED:
1840 case CKR_DEVICE_ERROR:
1841 case CKR_DEVICE_MEMORY:
1842 case CKR_FUNCTION_FAILED:
1843 case CKR_GENERAL_ERROR:
1844 case CKR_HOST_MEMORY:
1845 case CKR_PIN_EXPIRED:
1846 case CKR_PIN_INCORRECT:
1847 case CKR_PIN_LOCKED:
1848 case CKR_SESSION_HANDLE_INVALID:
1849 case CKR_SESSION_READ_ONLY_EXISTS:
1850 case CKR_USER_ALREADY_LOGGED_IN:
1851 case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1852 case CKR_USER_PIN_NOT_INITIALIZED:
1853 case CKR_USER_TOO_MANY_TYPES:
1854 case CKR_USER_TYPE_INVALID:
1855 break;
1856 default:
1857 case CKR_OK:
1858 error = CKR_GENERAL_ERROR;
1859 break;
1860 }
1861
1862 return error;
1863 }
1864
1865 /*
1866 * NSSCKFWC_Logout
1867 *
1868 */
1869 NSS_IMPLEMENT CK_RV
1870 NSSCKFWC_Logout
1871 (
1872 NSSCKFWInstance *fwInstance,
1873 CK_SESSION_HANDLE hSession
1874 )
1875 {
1876 CK_RV error = CKR_OK;
1877 NSSCKFWSession *fwSession;
1878
1879 if (!fwInstance) {
1880 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1881 goto loser;
1882 }
1883
1884 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1885 if (!fwSession) {
1886 error = CKR_SESSION_HANDLE_INVALID;
1887 goto loser;
1888 }
1889
1890 error = nssCKFWSession_Logout(fwSession);
1891 if( CKR_OK != error ) {
1892 goto loser;
1893 }
1894
1895 return CKR_OK;
1896
1897 loser:
1898 switch( error ) {
1899 case CKR_SESSION_CLOSED:
1900 /* destroy session? */
1901 break;
1902 case CKR_DEVICE_REMOVED:
1903 /* (void)nssCKFWToken_Destroy(fwToken); */
1904 break;
1905 case CKR_CRYPTOKI_NOT_INITIALIZED:
1906 case CKR_DEVICE_ERROR:
1907 case CKR_DEVICE_MEMORY:
1908 case CKR_FUNCTION_FAILED:
1909 case CKR_GENERAL_ERROR:
1910 case CKR_HOST_MEMORY:
1911 case CKR_SESSION_HANDLE_INVALID:
1912 case CKR_USER_NOT_LOGGED_IN:
1913 break;
1914 default:
1915 case CKR_OK:
1916 error = CKR_GENERAL_ERROR;
1917 break;
1918 }
1919
1920 return error;
1921 }
1922
1923 /*
1924 * NSSCKFWC_CreateObject
1925 *
1926 */
1927 NSS_IMPLEMENT CK_RV
1928 NSSCKFWC_CreateObject
1929 (
1930 NSSCKFWInstance *fwInstance,
1931 CK_SESSION_HANDLE hSession,
1932 CK_ATTRIBUTE_PTR pTemplate,
1933 CK_ULONG ulCount,
1934 CK_OBJECT_HANDLE_PTR phObject
1935 )
1936 {
1937 CK_RV error = CKR_OK;
1938 NSSCKFWSession *fwSession;
1939 NSSCKFWObject *fwObject;
1940
1941 if (!fwInstance) {
1942 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1943 goto loser;
1944 }
1945
1946 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1947 if (!fwSession) {
1948 error = CKR_SESSION_HANDLE_INVALID;
1949 goto loser;
1950 }
1951
1952 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1953 error = CKR_ARGUMENTS_BAD;
1954 goto loser;
1955 }
1956
1957 /*
1958 * A purify error here indicates caller error.
1959 */
1960 *phObject = (CK_OBJECT_HANDLE)0;
1961
1962 fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
1963 ulCount, &error);
1964 if (!fwObject) {
1965 goto loser;
1966 }
1967
1968 *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1969 if( (CK_OBJECT_HANDLE)0 == *phObject ) {
1970 nssCKFWObject_Destroy(fwObject);
1971 goto loser;
1972 }
1973
1974 return CKR_OK;
1975
1976 loser:
1977 switch( error ) {
1978 case CKR_SESSION_CLOSED:
1979 /* destroy session? */
1980 break;
1981 case CKR_DEVICE_REMOVED:
1982 /* (void)nssCKFWToken_Destroy(fwToken); */
1983 break;
1984 case CKR_ATTRIBUTE_READ_ONLY:
1985 case CKR_ATTRIBUTE_TYPE_INVALID:
1986 case CKR_ATTRIBUTE_VALUE_INVALID:
1987 case CKR_CRYPTOKI_NOT_INITIALIZED:
1988 case CKR_DEVICE_ERROR:
1989 case CKR_DEVICE_MEMORY:
1990 case CKR_FUNCTION_FAILED:
1991 case CKR_GENERAL_ERROR:
1992 case CKR_HOST_MEMORY:
1993 case CKR_SESSION_HANDLE_INVALID:
1994 case CKR_SESSION_READ_ONLY:
1995 case CKR_TEMPLATE_INCOMPLETE:
1996 case CKR_TEMPLATE_INCONSISTENT:
1997 case CKR_TOKEN_WRITE_PROTECTED:
1998 case CKR_USER_NOT_LOGGED_IN:
1999 break;
2000 default:
2001 case CKR_OK:
2002 error = CKR_GENERAL_ERROR;
2003 break;
2004 }
2005
2006 return error;
2007 }
2008
2009 /*
2010 * NSSCKFWC_CopyObject
2011 *
2012 */
2013 NSS_IMPLEMENT CK_RV
2014 NSSCKFWC_CopyObject
2015 (
2016 NSSCKFWInstance *fwInstance,
2017 CK_SESSION_HANDLE hSession,
2018 CK_OBJECT_HANDLE hObject,
2019 CK_ATTRIBUTE_PTR pTemplate,
2020 CK_ULONG ulCount,
2021 CK_OBJECT_HANDLE_PTR phNewObject
2022 )
2023 {
2024 CK_RV error = CKR_OK;
2025 NSSCKFWSession *fwSession;
2026 NSSCKFWObject *fwObject;
2027 NSSCKFWObject *fwNewObject;
2028
2029 if (!fwInstance) {
2030 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2031 goto loser;
2032 }
2033
2034 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2035 if (!fwSession) {
2036 error = CKR_SESSION_HANDLE_INVALID;
2037 goto loser;
2038 }
2039
2040 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
2041 error = CKR_ARGUMENTS_BAD;
2042 goto loser;
2043 }
2044
2045 /*
2046 * A purify error here indicates caller error.
2047 */
2048 *phNewObject = (CK_OBJECT_HANDLE)0;
2049
2050 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2051 if (!fwObject) {
2052 error = CKR_OBJECT_HANDLE_INVALID;
2053 goto loser;
2054 }
2055
2056 fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
2057 pTemplate, ulCount, &error);
2058 if (!fwNewObject) {
2059 goto loser;
2060 }
2061
2062 *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
2063 fwNewObject, &error);
2064 if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
2065 nssCKFWObject_Destroy(fwNewObject);
2066 goto loser;
2067 }
2068
2069 return CKR_OK;
2070
2071 loser:
2072 switch( error ) {
2073 case CKR_SESSION_CLOSED:
2074 /* destroy session? */
2075 break;
2076 case CKR_DEVICE_REMOVED:
2077 /* (void)nssCKFWToken_Destroy(fwToken); */
2078 break;
2079 case CKR_ATTRIBUTE_READ_ONLY:
2080 case CKR_ATTRIBUTE_TYPE_INVALID:
2081 case CKR_ATTRIBUTE_VALUE_INVALID:
2082 case CKR_CRYPTOKI_NOT_INITIALIZED:
2083 case CKR_DEVICE_ERROR:
2084 case CKR_DEVICE_MEMORY:
2085 case CKR_FUNCTION_FAILED:
2086 case CKR_GENERAL_ERROR:
2087 case CKR_HOST_MEMORY:
2088 case CKR_OBJECT_HANDLE_INVALID:
2089 case CKR_SESSION_HANDLE_INVALID:
2090 case CKR_SESSION_READ_ONLY:
2091 case CKR_TEMPLATE_INCONSISTENT:
2092 case CKR_TOKEN_WRITE_PROTECTED:
2093 case CKR_USER_NOT_LOGGED_IN:
2094 break;
2095 default:
2096 case CKR_OK:
2097 error = CKR_GENERAL_ERROR;
2098 break;
2099 }
2100
2101 return error;
2102 }
2103
2104 /*
2105 * NSSCKFWC_DestroyObject
2106 *
2107 */
2108 NSS_IMPLEMENT CK_RV
2109 NSSCKFWC_DestroyObject
2110 (
2111 NSSCKFWInstance *fwInstance,
2112 CK_SESSION_HANDLE hSession,
2113 CK_OBJECT_HANDLE hObject
2114 )
2115 {
2116 CK_RV error = CKR_OK;
2117 NSSCKFWSession *fwSession;
2118 NSSCKFWObject *fwObject;
2119
2120 if (!fwInstance) {
2121 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2122 goto loser;
2123 }
2124
2125 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2126 if (!fwSession) {
2127 error = CKR_SESSION_HANDLE_INVALID;
2128 goto loser;
2129 }
2130
2131 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2132 if (!fwObject) {
2133 error = CKR_OBJECT_HANDLE_INVALID;
2134 goto loser;
2135 }
2136
2137 nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
2138 nssCKFWObject_Destroy(fwObject);
2139
2140 return CKR_OK;
2141
2142 loser:
2143 switch( error ) {
2144 case CKR_SESSION_CLOSED:
2145 /* destroy session? */
2146 break;
2147 case CKR_DEVICE_REMOVED:
2148 /* (void)nssCKFWToken_Destroy(fwToken); */
2149 break;
2150 case CKR_CRYPTOKI_NOT_INITIALIZED:
2151 case CKR_DEVICE_ERROR:
2152 case CKR_DEVICE_MEMORY:
2153 case CKR_FUNCTION_FAILED:
2154 case CKR_GENERAL_ERROR:
2155 case CKR_HOST_MEMORY:
2156 case CKR_OBJECT_HANDLE_INVALID:
2157 case CKR_SESSION_HANDLE_INVALID:
2158 case CKR_SESSION_READ_ONLY:
2159 case CKR_TOKEN_WRITE_PROTECTED:
2160 break;
2161 default:
2162 case CKR_OK:
2163 error = CKR_GENERAL_ERROR;
2164 break;
2165 }
2166
2167 return error;
2168 }
2169
2170 /*
2171 * NSSCKFWC_GetObjectSize
2172 *
2173 */
2174 NSS_IMPLEMENT CK_RV
2175 NSSCKFWC_GetObjectSize
2176 (
2177 NSSCKFWInstance *fwInstance,
2178 CK_SESSION_HANDLE hSession,
2179 CK_OBJECT_HANDLE hObject,
2180 CK_ULONG_PTR pulSize
2181 )
2182 {
2183 CK_RV error = CKR_OK;
2184 NSSCKFWSession *fwSession;
2185 NSSCKFWObject *fwObject;
2186
2187 if (!fwInstance) {
2188 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2189 goto loser;
2190 }
2191
2192 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2193 if (!fwSession) {
2194 error = CKR_SESSION_HANDLE_INVALID;
2195 goto loser;
2196 }
2197
2198 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2199 if (!fwObject) {
2200 error = CKR_OBJECT_HANDLE_INVALID;
2201 goto loser;
2202 }
2203
2204 if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
2205 error = CKR_ARGUMENTS_BAD;
2206 goto loser;
2207 }
2208
2209 /*
2210 * A purify error here indicates caller error.
2211 */
2212 *pulSize = (CK_ULONG)0;
2213
2214 *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
2215 if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
2216 goto loser;
2217 }
2218
2219 return CKR_OK;
2220
2221 loser:
2222 switch( error ) {
2223 case CKR_SESSION_CLOSED:
2224 /* destroy session? */
2225 break;
2226 case CKR_DEVICE_REMOVED:
2227 /* (void)nssCKFWToken_Destroy(fwToken); */
2228 break;
2229 case CKR_CRYPTOKI_NOT_INITIALIZED:
2230 case CKR_DEVICE_ERROR:
2231 case CKR_DEVICE_MEMORY:
2232 case CKR_FUNCTION_FAILED:
2233 case CKR_GENERAL_ERROR:
2234 case CKR_HOST_MEMORY:
2235 case CKR_INFORMATION_SENSITIVE:
2236 case CKR_OBJECT_HANDLE_INVALID:
2237 case CKR_SESSION_HANDLE_INVALID:
2238 break;
2239 default:
2240 case CKR_OK:
2241 error = CKR_GENERAL_ERROR;
2242 break;
2243 }
2244
2245 return error;
2246 }
2247
2248 /*
2249 * NSSCKFWC_GetAttributeValue
2250 *
2251 */
2252 NSS_IMPLEMENT CK_RV
2253 NSSCKFWC_GetAttributeValue
2254 (
2255 NSSCKFWInstance *fwInstance,
2256 CK_SESSION_HANDLE hSession,
2257 CK_OBJECT_HANDLE hObject,
2258 CK_ATTRIBUTE_PTR pTemplate,
2259 CK_ULONG ulCount
2260 )
2261 {
2262 CK_RV error = CKR_OK;
2263 NSSCKFWSession *fwSession;
2264 NSSCKFWObject *fwObject;
2265 CK_BBOOL sensitive = CK_FALSE;
2266 CK_BBOOL invalid = CK_FALSE;
2267 CK_BBOOL tooSmall = CK_FALSE;
2268 CK_ULONG i;
2269
2270 if (!fwInstance) {
2271 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2272 goto loser;
2273 }
2274
2275 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2276 if (!fwSession) {
2277 error = CKR_SESSION_HANDLE_INVALID;
2278 goto loser;
2279 }
2280
2281 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2282 if (!fwObject) {
2283 error = CKR_OBJECT_HANDLE_INVALID;
2284 goto loser;
2285 }
2286
2287 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2288 error = CKR_ARGUMENTS_BAD;
2289 goto loser;
2290 }
2291
2292 for( i = 0; i < ulCount; i++ ) {
2293 CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
2294 pTemplate[i].type, &error);
2295 if( (CK_ULONG)0 == size ) {
2296 switch( error ) {
2297 case CKR_ATTRIBUTE_SENSITIVE:
2298 case CKR_INFORMATION_SENSITIVE:
2299 sensitive = CK_TRUE;
2300 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2301 continue;
2302 case CKR_ATTRIBUTE_TYPE_INVALID:
2303 invalid = CK_TRUE;
2304 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2305 continue;
2306 case CKR_OK:
2307 break;
2308 default:
2309 goto loser;
2310 }
2311 }
2312
2313 if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
2314 pTemplate[i].ulValueLen = size;
2315 } else {
2316 NSSItem it, *p;
2317
2318 if( pTemplate[i].ulValueLen < size ) {
2319 tooSmall = CK_TRUE;
2320 continue;
2321 }
2322
2323 it.size = (PRUint32)pTemplate[i].ulValueLen;
2324 it.data = (void *)pTemplate[i].pValue;
2325 p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
2326 (NSSArena *)NULL, &error);
2327 if (!p) {
2328 switch( error ) {
2329 case CKR_ATTRIBUTE_SENSITIVE:
2330 case CKR_INFORMATION_SENSITIVE:
2331 sensitive = CK_TRUE;
2332 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2333 continue;
2334 case CKR_ATTRIBUTE_TYPE_INVALID:
2335 invalid = CK_TRUE;
2336 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2337 continue;
2338 default:
2339 goto loser;
2340 }
2341 }
2342
2343 pTemplate[i].ulValueLen = size;
2344 }
2345 }
2346
2347 if( sensitive ) {
2348 error = CKR_ATTRIBUTE_SENSITIVE;
2349 goto loser;
2350 } else if( invalid ) {
2351 error = CKR_ATTRIBUTE_TYPE_INVALID;
2352 goto loser;
2353 } else if( tooSmall ) {
2354 error = CKR_BUFFER_TOO_SMALL;
2355 goto loser;
2356 }
2357
2358 return CKR_OK;
2359
2360 loser:
2361 switch( error ) {
2362 case CKR_SESSION_CLOSED:
2363 /* destroy session? */
2364 break;
2365 case CKR_DEVICE_REMOVED:
2366 /* (void)nssCKFWToken_Destroy(fwToken); */
2367 break;
2368 case CKR_ATTRIBUTE_SENSITIVE:
2369 case CKR_ATTRIBUTE_TYPE_INVALID:
2370 case CKR_BUFFER_TOO_SMALL:
2371 case CKR_CRYPTOKI_NOT_INITIALIZED:
2372 case CKR_DEVICE_ERROR:
2373 case CKR_DEVICE_MEMORY:
2374 case CKR_FUNCTION_FAILED:
2375 case CKR_GENERAL_ERROR:
2376 case CKR_HOST_MEMORY:
2377 case CKR_OBJECT_HANDLE_INVALID:
2378 case CKR_SESSION_HANDLE_INVALID:
2379 break;
2380 default:
2381 case CKR_OK:
2382 error = CKR_GENERAL_ERROR;
2383 break;
2384 }
2385
2386 return error;
2387 }
2388
2389 /*
2390 * NSSCKFWC_SetAttributeValue
2391 *
2392 */
2393 NSS_IMPLEMENT CK_RV
2394 NSSCKFWC_SetAttributeValue
2395 (
2396 NSSCKFWInstance *fwInstance,
2397 CK_SESSION_HANDLE hSession,
2398 CK_OBJECT_HANDLE hObject,
2399 CK_ATTRIBUTE_PTR pTemplate,
2400 CK_ULONG ulCount
2401 )
2402 {
2403 CK_RV error = CKR_OK;
2404 NSSCKFWSession *fwSession;
2405 NSSCKFWObject *fwObject;
2406 CK_ULONG i;
2407
2408 if (!fwInstance) {
2409 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2410 goto loser;
2411 }
2412
2413 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2414 if (!fwSession) {
2415 error = CKR_SESSION_HANDLE_INVALID;
2416 goto loser;
2417 }
2418
2419 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2420 if (!fwObject) {
2421 error = CKR_OBJECT_HANDLE_INVALID;
2422 goto loser;
2423 }
2424
2425 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2426 error = CKR_ARGUMENTS_BAD;
2427 goto loser;
2428 }
2429
2430 for (i=0; i < ulCount; i++) {
2431 NSSItem value;
2432
2433 value.data = pTemplate[i].pValue;
2434 value.size = pTemplate[i].ulValueLen;
2435
2436 error = nssCKFWObject_SetAttribute(fwObject, fwSession,
2437 pTemplate[i].type, &value);
2438
2439 if( CKR_OK != error ) {
2440 goto loser;
2441 }
2442 }
2443
2444 return CKR_OK;
2445
2446 loser:
2447 switch( error ) {
2448 case CKR_SESSION_CLOSED:
2449 /* destroy session? */
2450 break;
2451 case CKR_DEVICE_REMOVED:
2452 /* (void)nssCKFWToken_Destroy(fwToken); */
2453 break;
2454 case CKR_ATTRIBUTE_READ_ONLY:
2455 case CKR_ATTRIBUTE_TYPE_INVALID:
2456 case CKR_ATTRIBUTE_VALUE_INVALID:
2457 case CKR_CRYPTOKI_NOT_INITIALIZED:
2458 case CKR_DEVICE_ERROR:
2459 case CKR_DEVICE_MEMORY:
2460 case CKR_FUNCTION_FAILED:
2461 case CKR_GENERAL_ERROR:
2462 case CKR_HOST_MEMORY:
2463 case CKR_OBJECT_HANDLE_INVALID:
2464 case CKR_SESSION_HANDLE_INVALID:
2465 case CKR_SESSION_READ_ONLY:
2466 case CKR_TEMPLATE_INCONSISTENT:
2467 case CKR_TOKEN_WRITE_PROTECTED:
2468 break;
2469 default:
2470 case CKR_OK:
2471 error = CKR_GENERAL_ERROR;
2472 break;
2473 }
2474
2475 return error;
2476 }
2477
2478 /*
2479 * NSSCKFWC_FindObjectsInit
2480 *
2481 */
2482 NSS_IMPLEMENT CK_RV
2483 NSSCKFWC_FindObjectsInit
2484 (
2485 NSSCKFWInstance *fwInstance,
2486 CK_SESSION_HANDLE hSession,
2487 CK_ATTRIBUTE_PTR pTemplate,
2488 CK_ULONG ulCount
2489 )
2490 {
2491 CK_RV error = CKR_OK;
2492 NSSCKFWSession *fwSession;
2493 NSSCKFWFindObjects *fwFindObjects;
2494
2495 if (!fwInstance) {
2496 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2497 goto loser;
2498 }
2499
2500 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2501 if (!fwSession) {
2502 error = CKR_SESSION_HANDLE_INVALID;
2503 goto loser;
2504 }
2505
2506 if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
2507 error = CKR_ARGUMENTS_BAD;
2508 goto loser;
2509 }
2510
2511 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2512 if (fwFindObjects) {
2513 error = CKR_OPERATION_ACTIVE;
2514 goto loser;
2515 }
2516
2517 if( CKR_OPERATION_NOT_INITIALIZED != error ) {
2518 goto loser;
2519 }
2520
2521 fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
2522 pTemplate, ulCount, &error);
2523 if (!fwFindObjects) {
2524 goto loser;
2525 }
2526
2527 error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
2528
2529 if( CKR_OK != error ) {
2530 nssCKFWFindObjects_Destroy(fwFindObjects);
2531 goto loser;
2532 }
2533
2534 return CKR_OK;
2535
2536 loser:
2537 switch( error ) {
2538 case CKR_SESSION_CLOSED:
2539 /* destroy session? */
2540 break;
2541 case CKR_DEVICE_REMOVED:
2542 /* (void)nssCKFWToken_Destroy(fwToken); */
2543 break;
2544 case CKR_ATTRIBUTE_TYPE_INVALID:
2545 case CKR_ATTRIBUTE_VALUE_INVALID:
2546 case CKR_CRYPTOKI_NOT_INITIALIZED:
2547 case CKR_DEVICE_ERROR:
2548 case CKR_DEVICE_MEMORY:
2549 case CKR_FUNCTION_FAILED:
2550 case CKR_GENERAL_ERROR:
2551 case CKR_HOST_MEMORY:
2552 case CKR_OPERATION_ACTIVE:
2553 case CKR_SESSION_HANDLE_INVALID:
2554 break;
2555 default:
2556 case CKR_OK:
2557 error = CKR_GENERAL_ERROR;
2558 break;
2559 }
2560
2561 return error;
2562 }
2563
2564 /*
2565 * NSSCKFWC_FindObjects
2566 *
2567 */
2568 NSS_IMPLEMENT CK_RV
2569 NSSCKFWC_FindObjects
2570 (
2571 NSSCKFWInstance *fwInstance,
2572 CK_SESSION_HANDLE hSession,
2573 CK_OBJECT_HANDLE_PTR phObject,
2574 CK_ULONG ulMaxObjectCount,
2575 CK_ULONG_PTR pulObjectCount
2576 )
2577 {
2578 CK_RV error = CKR_OK;
2579 NSSCKFWSession *fwSession;
2580 NSSCKFWFindObjects *fwFindObjects;
2581 CK_ULONG i;
2582
2583 if (!fwInstance) {
2584 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2585 goto loser;
2586 }
2587
2588 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2589 if (!fwSession) {
2590 error = CKR_SESSION_HANDLE_INVALID;
2591 goto loser;
2592 }
2593
2594 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
2595 error = CKR_ARGUMENTS_BAD;
2596 goto loser;
2597 }
2598
2599 /*
2600 * A purify error here indicates caller error.
2601 */
2602 (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount) ;
2603 *pulObjectCount = (CK_ULONG)0;
2604
2605 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2606 if (!fwFindObjects) {
2607 goto loser;
2608 }
2609
2610 for( i = 0; i < ulMaxObjectCount; i++ ) {
2611 NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
2612 NULL, &error);
2613 if (!fwObject) {
2614 break;
2615 }
2616
2617 phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
2618 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2619 phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &er ror);
2620 }
2621 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2622 /* This isn't right either, is it? */
2623 nssCKFWObject_Destroy(fwObject);
2624 goto loser;
2625 }
2626 }
2627
2628 *pulObjectCount = i;
2629
2630 return CKR_OK;
2631
2632 loser:
2633 switch( error ) {
2634 case CKR_SESSION_CLOSED:
2635 /* destroy session? */
2636 break;
2637 case CKR_DEVICE_REMOVED:
2638 /* (void)nssCKFWToken_Destroy(fwToken); */
2639 break;
2640 case CKR_CRYPTOKI_NOT_INITIALIZED:
2641 case CKR_DEVICE_ERROR:
2642 case CKR_DEVICE_MEMORY:
2643 case CKR_FUNCTION_FAILED:
2644 case CKR_GENERAL_ERROR:
2645 case CKR_HOST_MEMORY:
2646 case CKR_OPERATION_NOT_INITIALIZED:
2647 case CKR_SESSION_HANDLE_INVALID:
2648 break;
2649 default:
2650 case CKR_OK:
2651 error = CKR_GENERAL_ERROR;
2652 break;
2653 }
2654
2655 return error;
2656 }
2657
2658 /*
2659 * NSSCKFWC_FindObjectsFinal
2660 *
2661 */
2662 NSS_IMPLEMENT CK_RV
2663 NSSCKFWC_FindObjectsFinal
2664 (
2665 NSSCKFWInstance *fwInstance,
2666 CK_SESSION_HANDLE hSession
2667 )
2668 {
2669 CK_RV error = CKR_OK;
2670 NSSCKFWSession *fwSession;
2671 NSSCKFWFindObjects *fwFindObjects;
2672
2673 if (!fwInstance) {
2674 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2675 goto loser;
2676 }
2677
2678 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2679 if (!fwSession) {
2680 error = CKR_SESSION_HANDLE_INVALID;
2681 goto loser;
2682 }
2683
2684 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2685 if (!fwFindObjects) {
2686 error = CKR_OPERATION_NOT_INITIALIZED;
2687 goto loser;
2688 }
2689
2690 nssCKFWFindObjects_Destroy(fwFindObjects);
2691 error = nssCKFWSession_SetFWFindObjects(fwSession,
2692 (NSSCKFWFindObjects *)NULL);
2693
2694 if( CKR_OK != error ) {
2695 goto loser;
2696 }
2697
2698 return CKR_OK;
2699
2700 loser:
2701 switch( error ) {
2702 case CKR_SESSION_CLOSED:
2703 /* destroy session? */
2704 break;
2705 case CKR_DEVICE_REMOVED:
2706 /* (void)nssCKFWToken_Destroy(fwToken); */
2707 break;
2708 case CKR_CRYPTOKI_NOT_INITIALIZED:
2709 case CKR_DEVICE_ERROR:
2710 case CKR_DEVICE_MEMORY:
2711 case CKR_FUNCTION_FAILED:
2712 case CKR_GENERAL_ERROR:
2713 case CKR_HOST_MEMORY:
2714 case CKR_OPERATION_NOT_INITIALIZED:
2715 case CKR_SESSION_HANDLE_INVALID:
2716 break;
2717 default:
2718 case CKR_OK:
2719 error = CKR_GENERAL_ERROR;
2720 break;
2721 }
2722
2723 return error;
2724 }
2725
2726 /*
2727 * NSSCKFWC_EncryptInit
2728 *
2729 */
2730 NSS_IMPLEMENT CK_RV
2731 NSSCKFWC_EncryptInit
2732 (
2733 NSSCKFWInstance *fwInstance,
2734 CK_SESSION_HANDLE hSession,
2735 CK_MECHANISM_PTR pMechanism,
2736 CK_OBJECT_HANDLE hKey
2737 )
2738 {
2739 CK_RV error = CKR_OK;
2740 NSSCKFWSession *fwSession;
2741 NSSCKFWObject *fwObject;
2742 NSSCKFWSlot *fwSlot;
2743 NSSCKFWToken *fwToken;
2744 NSSCKFWMechanism *fwMechanism;
2745
2746 if (!fwInstance) {
2747 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2748 goto loser;
2749 }
2750
2751 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2752 if (!fwSession) {
2753 error = CKR_SESSION_HANDLE_INVALID;
2754 goto loser;
2755 }
2756
2757 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
2758 if (!fwObject) {
2759 error = CKR_KEY_HANDLE_INVALID;
2760 goto loser;
2761 }
2762
2763 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
2764 if (!fwSlot) {
2765 error = CKR_GENERAL_ERROR; /* should never happen! */
2766 goto loser;
2767 }
2768
2769 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
2770 error = CKR_TOKEN_NOT_PRESENT;
2771 goto loser;
2772 }
2773
2774 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
2775 if (!fwToken) {
2776 goto loser;
2777 }
2778
2779 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
2780 if (!fwMechanism) {
2781 goto loser;
2782 }
2783
2784 error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
2785 fwSession, fwObject);
2786
2787 nssCKFWMechanism_Destroy(fwMechanism);
2788
2789 if (CKR_OK == error) {
2790 return CKR_OK;
2791 }
2792
2793 loser:
2794 /* verify error */
2795 switch( error ) {
2796 case CKR_CRYPTOKI_NOT_INITIALIZED:
2797 case CKR_DEVICE_ERROR:
2798 case CKR_DEVICE_MEMORY:
2799 case CKR_DEVICE_REMOVED:
2800 case CKR_FUNCTION_CANCELED:
2801 case CKR_FUNCTION_FAILED:
2802 case CKR_GENERAL_ERROR:
2803 case CKR_HOST_MEMORY:
2804 case CKR_KEY_FUNCTION_NOT_PERMITTED:
2805 case CKR_KEY_HANDLE_INVALID:
2806 case CKR_KEY_SIZE_RANGE:
2807 case CKR_KEY_TYPE_INCONSISTENT:
2808 case CKR_MECHANISM_INVALID:
2809 case CKR_MECHANISM_PARAM_INVALID:
2810 case CKR_OPERATION_ACTIVE:
2811 case CKR_PIN_EXPIRED:
2812 case CKR_SESSION_CLOSED:
2813 case CKR_SESSION_HANDLE_INVALID:
2814 case CKR_USER_NOT_LOGGED_IN:
2815 break;
2816 default:
2817 case CKR_OK:
2818 error = CKR_GENERAL_ERROR;
2819 break;
2820 }
2821 return error;
2822 }
2823
2824 /*
2825 * NSSCKFWC_Encrypt
2826 *
2827 */
2828 NSS_IMPLEMENT CK_RV
2829 NSSCKFWC_Encrypt
2830 (
2831 NSSCKFWInstance *fwInstance,
2832 CK_SESSION_HANDLE hSession,
2833 CK_BYTE_PTR pData,
2834 CK_ULONG ulDataLen,
2835 CK_BYTE_PTR pEncryptedData,
2836 CK_ULONG_PTR pulEncryptedDataLen
2837 )
2838 {
2839 CK_RV error = CKR_OK;
2840 NSSCKFWSession *fwSession;
2841
2842 if (!fwInstance) {
2843 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2844 goto loser;
2845 }
2846
2847 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2848 if (!fwSession) {
2849 error = CKR_SESSION_HANDLE_INVALID;
2850 goto loser;
2851 }
2852
2853 error = nssCKFWSession_UpdateFinal(fwSession,
2854 NSSCKFWCryptoOperationType_Encrypt,
2855 NSSCKFWCryptoOperationState_EncryptDecrypt,
2856 pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
2857
2858 if (CKR_OK == error) {
2859 return CKR_OK;
2860 }
2861
2862 loser:
2863 /* verify error */
2864 switch( error ) {
2865 case CKR_ARGUMENTS_BAD:
2866 case CKR_BUFFER_TOO_SMALL:
2867 case CKR_CRYPTOKI_NOT_INITIALIZED:
2868 case CKR_DATA_INVALID:
2869 case CKR_DATA_LEN_RANGE:
2870 case CKR_DEVICE_ERROR:
2871 case CKR_DEVICE_MEMORY:
2872 case CKR_DEVICE_REMOVED:
2873 case CKR_FUNCTION_CANCELED:
2874 case CKR_FUNCTION_FAILED:
2875 case CKR_GENERAL_ERROR:
2876 case CKR_HOST_MEMORY:
2877 case CKR_OPERATION_NOT_INITIALIZED:
2878 case CKR_SESSION_HANDLE_INVALID:
2879 case CKR_SESSION_CLOSED:
2880 break;
2881 default:
2882 case CKR_OK:
2883 error = CKR_GENERAL_ERROR;
2884 break;
2885 }
2886 return error;
2887 }
2888
2889 /*
2890 * NSSCKFWC_EncryptUpdate
2891 *
2892 */
2893 NSS_IMPLEMENT CK_RV
2894 NSSCKFWC_EncryptUpdate
2895 (
2896 NSSCKFWInstance *fwInstance,
2897 CK_SESSION_HANDLE hSession,
2898 CK_BYTE_PTR pPart,
2899 CK_ULONG ulPartLen,
2900 CK_BYTE_PTR pEncryptedPart,
2901 CK_ULONG_PTR pulEncryptedPartLen
2902 )
2903 {
2904 CK_RV error = CKR_OK;
2905 NSSCKFWSession *fwSession;
2906
2907 if (!fwInstance) {
2908 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2909 goto loser;
2910 }
2911
2912 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2913 if (!fwSession) {
2914 error = CKR_SESSION_HANDLE_INVALID;
2915 goto loser;
2916 }
2917
2918 error = nssCKFWSession_Update(fwSession,
2919 NSSCKFWCryptoOperationType_Encrypt,
2920 NSSCKFWCryptoOperationState_EncryptDecrypt,
2921 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
2922
2923 if (CKR_OK == error) {
2924 return CKR_OK;
2925 }
2926
2927 loser:
2928 /* verify error */
2929 switch( error ) {
2930 case CKR_ARGUMENTS_BAD:
2931 case CKR_BUFFER_TOO_SMALL:
2932 case CKR_CRYPTOKI_NOT_INITIALIZED:
2933 case CKR_DATA_LEN_RANGE:
2934 case CKR_DEVICE_ERROR:
2935 case CKR_DEVICE_MEMORY:
2936 case CKR_DEVICE_REMOVED:
2937 case CKR_FUNCTION_CANCELED:
2938 case CKR_FUNCTION_FAILED:
2939 case CKR_GENERAL_ERROR:
2940 case CKR_HOST_MEMORY:
2941 case CKR_OPERATION_NOT_INITIALIZED:
2942 case CKR_SESSION_CLOSED:
2943 case CKR_SESSION_HANDLE_INVALID:
2944 break;
2945 default:
2946 case CKR_OK:
2947 error = CKR_GENERAL_ERROR;
2948 break;
2949 }
2950 return error;
2951 }
2952
2953 /*
2954 * NSSCKFWC_EncryptFinal
2955 *
2956 */
2957 NSS_IMPLEMENT CK_RV
2958 NSSCKFWC_EncryptFinal
2959 (
2960 NSSCKFWInstance *fwInstance,
2961 CK_SESSION_HANDLE hSession,
2962 CK_BYTE_PTR pLastEncryptedPart,
2963 CK_ULONG_PTR pulLastEncryptedPartLen
2964 )
2965 {
2966 CK_RV error = CKR_OK;
2967 NSSCKFWSession *fwSession;
2968
2969 if (!fwInstance) {
2970 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2971 goto loser;
2972 }
2973
2974 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2975 if (!fwSession) {
2976 error = CKR_SESSION_HANDLE_INVALID;
2977 goto loser;
2978 }
2979
2980 error = nssCKFWSession_Final(fwSession,
2981 NSSCKFWCryptoOperationType_Encrypt,
2982 NSSCKFWCryptoOperationState_EncryptDecrypt,
2983 pLastEncryptedPart, pulLastEncryptedPartLen);
2984
2985 if (CKR_OK == error) {
2986 return CKR_OK;
2987 }
2988
2989 loser:
2990 /* verify error */
2991 switch( error ) {
2992 case CKR_ARGUMENTS_BAD:
2993 case CKR_BUFFER_TOO_SMALL:
2994 case CKR_CRYPTOKI_NOT_INITIALIZED:
2995 case CKR_DATA_LEN_RANGE:
2996 case CKR_DEVICE_ERROR:
2997 case CKR_DEVICE_MEMORY:
2998 case CKR_DEVICE_REMOVED:
2999 case CKR_FUNCTION_CANCELED:
3000 case CKR_FUNCTION_FAILED:
3001 case CKR_GENERAL_ERROR:
3002 case CKR_HOST_MEMORY:
3003 case CKR_OPERATION_NOT_INITIALIZED:
3004 case CKR_SESSION_CLOSED:
3005 case CKR_SESSION_HANDLE_INVALID:
3006 break;
3007 default:
3008 case CKR_OK:
3009 error = CKR_GENERAL_ERROR;
3010 break;
3011 }
3012 return error;
3013 }
3014
3015 /*
3016 * NSSCKFWC_DecryptInit
3017 *
3018 */
3019 NSS_IMPLEMENT CK_RV
3020 NSSCKFWC_DecryptInit
3021 (
3022 NSSCKFWInstance *fwInstance,
3023 CK_SESSION_HANDLE hSession,
3024 CK_MECHANISM_PTR pMechanism,
3025 CK_OBJECT_HANDLE hKey
3026 )
3027 {
3028 CK_RV error = CKR_OK;
3029 NSSCKFWSession *fwSession;
3030 NSSCKFWObject *fwObject;
3031 NSSCKFWSlot *fwSlot;
3032 NSSCKFWToken *fwToken;
3033 NSSCKFWMechanism *fwMechanism;
3034
3035 if (!fwInstance) {
3036 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3037 goto loser;
3038 }
3039
3040 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3041 if (!fwSession) {
3042 error = CKR_SESSION_HANDLE_INVALID;
3043 goto loser;
3044 }
3045
3046 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3047 if (!fwObject) {
3048 error = CKR_KEY_HANDLE_INVALID;
3049 goto loser;
3050 }
3051
3052 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3053 if (!fwSlot) {
3054 error = CKR_GENERAL_ERROR; /* should never happen! */
3055 goto loser;
3056 }
3057
3058 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3059 error = CKR_TOKEN_NOT_PRESENT;
3060 goto loser;
3061 }
3062
3063 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3064 if (!fwToken) {
3065 goto loser;
3066 }
3067
3068 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
3069 if (!fwMechanism) {
3070 goto loser;
3071 }
3072
3073 error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
3074 fwSession, fwObject);
3075 nssCKFWMechanism_Destroy(fwMechanism);
3076
3077 if (CKR_OK == error) {
3078 return CKR_OK;
3079 }
3080
3081 loser:
3082 /* verify error */
3083 switch( error ) {
3084 case CKR_ARGUMENTS_BAD:
3085 case CKR_CRYPTOKI_NOT_INITIALIZED:
3086 case CKR_DEVICE_ERROR:
3087 case CKR_DEVICE_MEMORY:
3088 case CKR_DEVICE_REMOVED:
3089 case CKR_FUNCTION_CANCELED:
3090 case CKR_FUNCTION_FAILED:
3091 case CKR_GENERAL_ERROR:
3092 case CKR_HOST_MEMORY:
3093 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3094 case CKR_KEY_HANDLE_INVALID:
3095 case CKR_KEY_SIZE_RANGE:
3096 case CKR_KEY_TYPE_INCONSISTENT:
3097 case CKR_MECHANISM_INVALID:
3098 case CKR_MECHANISM_PARAM_INVALID:
3099 case CKR_OPERATION_ACTIVE:
3100 case CKR_PIN_EXPIRED:
3101 case CKR_SESSION_CLOSED:
3102 case CKR_SESSION_HANDLE_INVALID:
3103 case CKR_USER_NOT_LOGGED_IN:
3104 break;
3105 default:
3106 case CKR_OK:
3107 error = CKR_GENERAL_ERROR;
3108 break;
3109 }
3110 return error;
3111 }
3112
3113 /*
3114 * NSSCKFWC_Decrypt
3115 *
3116 */
3117 NSS_IMPLEMENT CK_RV
3118 NSSCKFWC_Decrypt
3119 (
3120 NSSCKFWInstance *fwInstance,
3121 CK_SESSION_HANDLE hSession,
3122 CK_BYTE_PTR pEncryptedData,
3123 CK_ULONG ulEncryptedDataLen,
3124 CK_BYTE_PTR pData,
3125 CK_ULONG_PTR pulDataLen
3126 )
3127 {
3128 CK_RV error = CKR_OK;
3129 NSSCKFWSession *fwSession;
3130
3131 if (!fwInstance) {
3132 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3133 goto loser;
3134 }
3135
3136 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3137 if (!fwSession) {
3138 error = CKR_SESSION_HANDLE_INVALID;
3139 goto loser;
3140 }
3141
3142 error = nssCKFWSession_UpdateFinal(fwSession,
3143 NSSCKFWCryptoOperationType_Decrypt,
3144 NSSCKFWCryptoOperationState_EncryptDecrypt,
3145 pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
3146
3147 if (CKR_OK == error) {
3148 return CKR_OK;
3149 }
3150
3151 loser:
3152 /* verify error */
3153 switch( error ) {
3154 case CKR_ARGUMENTS_BAD:
3155 case CKR_BUFFER_TOO_SMALL:
3156 case CKR_CRYPTOKI_NOT_INITIALIZED:
3157 case CKR_DEVICE_ERROR:
3158 case CKR_DEVICE_MEMORY:
3159 case CKR_DEVICE_REMOVED:
3160 case CKR_ENCRYPTED_DATA_INVALID:
3161 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3162 case CKR_FUNCTION_CANCELED:
3163 case CKR_FUNCTION_FAILED:
3164 case CKR_GENERAL_ERROR:
3165 case CKR_HOST_MEMORY:
3166 case CKR_OPERATION_NOT_INITIALIZED:
3167 case CKR_SESSION_CLOSED:
3168 case CKR_SESSION_HANDLE_INVALID:
3169 case CKR_USER_NOT_LOGGED_IN:
3170 break;
3171 case CKR_DATA_LEN_RANGE:
3172 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3173 break;
3174 case CKR_DATA_INVALID:
3175 error = CKR_ENCRYPTED_DATA_INVALID;
3176 break;
3177 default:
3178 case CKR_OK:
3179 error = CKR_GENERAL_ERROR;
3180 break;
3181 }
3182 return error;
3183 }
3184
3185 /*
3186 * NSSCKFWC_DecryptUpdate
3187 *
3188 */
3189 NSS_IMPLEMENT CK_RV
3190 NSSCKFWC_DecryptUpdate
3191 (
3192 NSSCKFWInstance *fwInstance,
3193 CK_SESSION_HANDLE hSession,
3194 CK_BYTE_PTR pEncryptedPart,
3195 CK_ULONG ulEncryptedPartLen,
3196 CK_BYTE_PTR pPart,
3197 CK_ULONG_PTR pulPartLen
3198 )
3199 {
3200 CK_RV error = CKR_OK;
3201 NSSCKFWSession *fwSession;
3202
3203 if (!fwInstance) {
3204 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3205 goto loser;
3206 }
3207
3208 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3209 if (!fwSession) {
3210 error = CKR_SESSION_HANDLE_INVALID;
3211 goto loser;
3212 }
3213
3214 error = nssCKFWSession_Update(fwSession,
3215 NSSCKFWCryptoOperationType_Decrypt,
3216 NSSCKFWCryptoOperationState_EncryptDecrypt,
3217 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
3218
3219 if (CKR_OK == error) {
3220 return CKR_OK;
3221 }
3222
3223 loser:
3224 /* verify error */
3225 switch( error ) {
3226 case CKR_ARGUMENTS_BAD:
3227 case CKR_BUFFER_TOO_SMALL:
3228 case CKR_CRYPTOKI_NOT_INITIALIZED:
3229 case CKR_DEVICE_ERROR:
3230 case CKR_DEVICE_MEMORY:
3231 case CKR_DEVICE_REMOVED:
3232 case CKR_ENCRYPTED_DATA_INVALID:
3233 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3234 case CKR_FUNCTION_CANCELED:
3235 case CKR_FUNCTION_FAILED:
3236 case CKR_GENERAL_ERROR:
3237 case CKR_HOST_MEMORY:
3238 case CKR_OPERATION_NOT_INITIALIZED:
3239 case CKR_SESSION_CLOSED:
3240 case CKR_SESSION_HANDLE_INVALID:
3241 case CKR_USER_NOT_LOGGED_IN:
3242 break;
3243 case CKR_DATA_LEN_RANGE:
3244 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3245 break;
3246 case CKR_DATA_INVALID:
3247 error = CKR_ENCRYPTED_DATA_INVALID;
3248 break;
3249 default:
3250 case CKR_OK:
3251 error = CKR_GENERAL_ERROR;
3252 break;
3253 }
3254 return error;
3255 }
3256
3257 /*
3258 * NSSCKFWC_DecryptFinal
3259 *
3260 */
3261 NSS_IMPLEMENT CK_RV
3262 NSSCKFWC_DecryptFinal
3263 (
3264 NSSCKFWInstance *fwInstance,
3265 CK_SESSION_HANDLE hSession,
3266 CK_BYTE_PTR pLastPart,
3267 CK_ULONG_PTR pulLastPartLen
3268 )
3269 {
3270 CK_RV error = CKR_OK;
3271 NSSCKFWSession *fwSession;
3272
3273 if (!fwInstance) {
3274 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3275 goto loser;
3276 }
3277
3278 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3279 if (!fwSession) {
3280 error = CKR_SESSION_HANDLE_INVALID;
3281 goto loser;
3282 }
3283
3284 error = nssCKFWSession_Final(fwSession,
3285 NSSCKFWCryptoOperationType_Decrypt,
3286 NSSCKFWCryptoOperationState_EncryptDecrypt,
3287 pLastPart, pulLastPartLen);
3288
3289 if (CKR_OK == error) {
3290 return CKR_OK;
3291 }
3292
3293 loser:
3294 /* verify error */
3295 switch( error ) {
3296 case CKR_ARGUMENTS_BAD:
3297 case CKR_BUFFER_TOO_SMALL:
3298 case CKR_CRYPTOKI_NOT_INITIALIZED:
3299 case CKR_DEVICE_ERROR:
3300 case CKR_DEVICE_MEMORY:
3301 case CKR_DEVICE_REMOVED:
3302 case CKR_FUNCTION_FAILED:
3303 case CKR_FUNCTION_CANCELED:
3304 case CKR_ENCRYPTED_DATA_INVALID:
3305 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3306 case CKR_GENERAL_ERROR:
3307 case CKR_HOST_MEMORY:
3308 case CKR_OPERATION_NOT_INITIALIZED:
3309 case CKR_SESSION_CLOSED:
3310 case CKR_SESSION_HANDLE_INVALID:
3311 case CKR_USER_NOT_LOGGED_IN:
3312 break;
3313 case CKR_DATA_LEN_RANGE:
3314 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3315 break;
3316 case CKR_DATA_INVALID:
3317 error = CKR_ENCRYPTED_DATA_INVALID;
3318 break;
3319 default:
3320 case CKR_OK:
3321 error = CKR_GENERAL_ERROR;
3322 break;
3323 }
3324 return error;
3325 }
3326
3327 /*
3328 * NSSCKFWC_DigestInit
3329 *
3330 */
3331 NSS_IMPLEMENT CK_RV
3332 NSSCKFWC_DigestInit
3333 (
3334 NSSCKFWInstance *fwInstance,
3335 CK_SESSION_HANDLE hSession,
3336 CK_MECHANISM_PTR pMechanism
3337 )
3338 {
3339 CK_RV error = CKR_OK;
3340 NSSCKFWSession *fwSession;
3341 NSSCKFWSlot *fwSlot;
3342 NSSCKFWToken *fwToken;
3343 NSSCKFWMechanism *fwMechanism;
3344
3345 if (!fwInstance) {
3346 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3347 goto loser;
3348 }
3349
3350 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3351 if (!fwSession) {
3352 error = CKR_SESSION_HANDLE_INVALID;
3353 goto loser;
3354 }
3355
3356 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3357 if (!fwSlot) {
3358 error = CKR_GENERAL_ERROR; /* should never happen! */
3359 goto loser;
3360 }
3361
3362 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3363 error = CKR_TOKEN_NOT_PRESENT;
3364 goto loser;
3365 }
3366
3367 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3368 if (!fwToken) {
3369 goto loser;
3370 }
3371
3372 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
3373 if (!fwMechanism) {
3374 goto loser;
3375 }
3376
3377 error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
3378
3379 nssCKFWMechanism_Destroy(fwMechanism);
3380
3381 if (CKR_OK == error) {
3382 return CKR_OK;
3383 }
3384
3385 loser:
3386 /* verify error */
3387 switch( error ) {
3388 case CKR_ARGUMENTS_BAD:
3389 case CKR_CRYPTOKI_NOT_INITIALIZED:
3390 case CKR_DEVICE_ERROR:
3391 case CKR_DEVICE_MEMORY:
3392 case CKR_DEVICE_REMOVED:
3393 case CKR_FUNCTION_CANCELED:
3394 case CKR_FUNCTION_FAILED:
3395 case CKR_GENERAL_ERROR:
3396 case CKR_HOST_MEMORY:
3397 case CKR_MECHANISM_INVALID:
3398 case CKR_MECHANISM_PARAM_INVALID:
3399 case CKR_OPERATION_ACTIVE:
3400 case CKR_PIN_EXPIRED:
3401 case CKR_SESSION_CLOSED:
3402 case CKR_SESSION_HANDLE_INVALID:
3403 case CKR_USER_NOT_LOGGED_IN:
3404 break;
3405 default:
3406 case CKR_OK:
3407 error = CKR_GENERAL_ERROR;
3408 break;
3409 }
3410 return error;
3411 }
3412
3413 /*
3414 * NSSCKFWC_Digest
3415 *
3416 */
3417 NSS_IMPLEMENT CK_RV
3418 NSSCKFWC_Digest
3419 (
3420 NSSCKFWInstance *fwInstance,
3421 CK_SESSION_HANDLE hSession,
3422 CK_BYTE_PTR pData,
3423 CK_ULONG ulDataLen,
3424 CK_BYTE_PTR pDigest,
3425 CK_ULONG_PTR pulDigestLen
3426 )
3427 {
3428 CK_RV error = CKR_OK;
3429 NSSCKFWSession *fwSession;
3430
3431 if (!fwInstance) {
3432 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3433 goto loser;
3434 }
3435
3436 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3437 if (!fwSession) {
3438 error = CKR_SESSION_HANDLE_INVALID;
3439 goto loser;
3440 }
3441
3442 error = nssCKFWSession_UpdateFinal(fwSession,
3443 NSSCKFWCryptoOperationType_Digest,
3444 NSSCKFWCryptoOperationState_Digest,
3445 pData, ulDataLen, pDigest, pulDigestLen);
3446
3447 if (CKR_OK == error) {
3448 return CKR_OK;
3449 }
3450
3451 loser:
3452 /* verify error */
3453 switch( error ) {
3454 case CKR_ARGUMENTS_BAD:
3455 case CKR_BUFFER_TOO_SMALL:
3456 case CKR_CRYPTOKI_NOT_INITIALIZED:
3457 case CKR_DEVICE_ERROR:
3458 case CKR_DEVICE_MEMORY:
3459 case CKR_DEVICE_REMOVED:
3460 case CKR_FUNCTION_CANCELED:
3461 case CKR_FUNCTION_FAILED:
3462 case CKR_GENERAL_ERROR:
3463 case CKR_HOST_MEMORY:
3464 case CKR_OPERATION_NOT_INITIALIZED:
3465 case CKR_SESSION_CLOSED:
3466 case CKR_SESSION_HANDLE_INVALID:
3467 break;
3468 default:
3469 case CKR_OK:
3470 error = CKR_GENERAL_ERROR;
3471 break;
3472 }
3473 return error;
3474 }
3475
3476 /*
3477 * NSSCKFWC_DigestUpdate
3478 *
3479 */
3480 NSS_IMPLEMENT CK_RV
3481 NSSCKFWC_DigestUpdate
3482 (
3483 NSSCKFWInstance *fwInstance,
3484 CK_SESSION_HANDLE hSession,
3485 CK_BYTE_PTR pData,
3486 CK_ULONG ulDataLen
3487 )
3488 {
3489 CK_RV error = CKR_OK;
3490 NSSCKFWSession *fwSession;
3491
3492 if (!fwInstance) {
3493 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3494 goto loser;
3495 }
3496
3497 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3498 if (!fwSession) {
3499 error = CKR_SESSION_HANDLE_INVALID;
3500 goto loser;
3501 }
3502
3503 error = nssCKFWSession_DigestUpdate(fwSession,
3504 NSSCKFWCryptoOperationType_Digest,
3505 NSSCKFWCryptoOperationState_Digest,
3506 pData, ulDataLen);
3507
3508 if (CKR_OK == error) {
3509 return CKR_OK;
3510 }
3511
3512 loser:
3513 /* verify error */
3514 switch( error ) {
3515 case CKR_ARGUMENTS_BAD:
3516 case CKR_CRYPTOKI_NOT_INITIALIZED:
3517 case CKR_DEVICE_ERROR:
3518 case CKR_DEVICE_MEMORY:
3519 case CKR_DEVICE_REMOVED:
3520 case CKR_FUNCTION_CANCELED:
3521 case CKR_FUNCTION_FAILED:
3522 case CKR_GENERAL_ERROR:
3523 case CKR_HOST_MEMORY:
3524 case CKR_OPERATION_NOT_INITIALIZED:
3525 case CKR_SESSION_CLOSED:
3526 case CKR_SESSION_HANDLE_INVALID:
3527 break;
3528 default:
3529 case CKR_OK:
3530 error = CKR_GENERAL_ERROR;
3531 break;
3532 }
3533 return error;
3534 }
3535
3536 /*
3537 * NSSCKFWC_DigestKey
3538 *
3539 */
3540 NSS_IMPLEMENT CK_RV
3541 NSSCKFWC_DigestKey
3542 (
3543 NSSCKFWInstance *fwInstance,
3544 CK_SESSION_HANDLE hSession,
3545 CK_OBJECT_HANDLE hKey
3546 )
3547 {
3548 CK_RV error = CKR_OK;
3549 NSSCKFWSession *fwSession;
3550 NSSCKFWObject *fwObject;
3551
3552 if (!fwInstance) {
3553 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3554 goto loser;
3555 }
3556
3557 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3558 if (!fwSession) {
3559 error = CKR_SESSION_HANDLE_INVALID;
3560 goto loser;
3561 }
3562
3563 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3564 if (!fwObject) {
3565 error = CKR_KEY_HANDLE_INVALID;
3566 goto loser;
3567 }
3568
3569 error = nssCKFWSession_DigestKey(fwSession, fwObject);
3570
3571 if (CKR_OK == error) {
3572 return CKR_OK;
3573 }
3574
3575 loser:
3576 /* verify error */
3577 switch( error ) {
3578 case CKR_CRYPTOKI_NOT_INITIALIZED:
3579 case CKR_DEVICE_ERROR:
3580 case CKR_DEVICE_MEMORY:
3581 case CKR_DEVICE_REMOVED:
3582 case CKR_FUNCTION_CANCELED:
3583 case CKR_FUNCTION_FAILED:
3584 case CKR_GENERAL_ERROR:
3585 case CKR_HOST_MEMORY:
3586 case CKR_KEY_HANDLE_INVALID:
3587 case CKR_KEY_INDIGESTIBLE:
3588 case CKR_KEY_SIZE_RANGE:
3589 case CKR_OPERATION_NOT_INITIALIZED:
3590 case CKR_SESSION_CLOSED:
3591 case CKR_SESSION_HANDLE_INVALID:
3592 break;
3593 default:
3594 case CKR_OK:
3595 error = CKR_GENERAL_ERROR;
3596 break;
3597 }
3598 return error;
3599 }
3600
3601 /*
3602 * NSSCKFWC_DigestFinal
3603 *
3604 */
3605 NSS_IMPLEMENT CK_RV
3606 NSSCKFWC_DigestFinal
3607 (
3608 NSSCKFWInstance *fwInstance,
3609 CK_SESSION_HANDLE hSession,
3610 CK_BYTE_PTR pDigest,
3611 CK_ULONG_PTR pulDigestLen
3612 )
3613 {
3614 CK_RV error = CKR_OK;
3615 NSSCKFWSession *fwSession;
3616
3617 if (!fwInstance) {
3618 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3619 goto loser;
3620 }
3621
3622 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3623 if (!fwSession) {
3624 error = CKR_SESSION_HANDLE_INVALID;
3625 goto loser;
3626 }
3627
3628 error = nssCKFWSession_Final(fwSession,
3629 NSSCKFWCryptoOperationType_Digest,
3630 NSSCKFWCryptoOperationState_Digest,
3631 pDigest, pulDigestLen);
3632
3633 if (CKR_OK == error) {
3634 return CKR_OK;
3635 }
3636
3637 loser:
3638 /* verify error */
3639 switch( error ) {
3640 case CKR_ARGUMENTS_BAD:
3641 case CKR_BUFFER_TOO_SMALL:
3642 case CKR_CRYPTOKI_NOT_INITIALIZED:
3643 case CKR_DEVICE_ERROR:
3644 case CKR_DEVICE_MEMORY:
3645 case CKR_DEVICE_REMOVED:
3646 case CKR_FUNCTION_CANCELED:
3647 case CKR_FUNCTION_FAILED:
3648 case CKR_GENERAL_ERROR:
3649 case CKR_HOST_MEMORY:
3650 case CKR_OPERATION_NOT_INITIALIZED:
3651 case CKR_SESSION_CLOSED:
3652 case CKR_SESSION_HANDLE_INVALID:
3653 break;
3654 default:
3655 case CKR_OK:
3656 error = CKR_GENERAL_ERROR;
3657 break;
3658 }
3659 return error;
3660 }
3661
3662 /*
3663 * NSSCKFWC_SignInit
3664 *
3665 */
3666 NSS_IMPLEMENT CK_RV
3667 NSSCKFWC_SignInit
3668 (
3669 NSSCKFWInstance *fwInstance,
3670 CK_SESSION_HANDLE hSession,
3671 CK_MECHANISM_PTR pMechanism,
3672 CK_OBJECT_HANDLE hKey
3673 )
3674 {
3675 CK_RV error = CKR_OK;
3676 NSSCKFWSession *fwSession;
3677 NSSCKFWObject *fwObject;
3678 NSSCKFWSlot *fwSlot;
3679 NSSCKFWToken *fwToken;
3680 NSSCKFWMechanism *fwMechanism;
3681
3682 if (!fwInstance) {
3683 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3684 goto loser;
3685 }
3686
3687 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3688 if (!fwSession) {
3689 error = CKR_SESSION_HANDLE_INVALID;
3690 goto loser;
3691 }
3692
3693 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3694 if (!fwObject) {
3695 error = CKR_KEY_HANDLE_INVALID;
3696 goto loser;
3697 }
3698
3699 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3700 if (!fwSlot) {
3701 error = CKR_GENERAL_ERROR; /* should never happen! */
3702 goto loser;
3703 }
3704
3705 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3706 error = CKR_TOKEN_NOT_PRESENT;
3707 goto loser;
3708 }
3709
3710 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3711 if (!fwToken) {
3712 goto loser;
3713 }
3714
3715 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
3716 if (!fwMechanism) {
3717 goto loser;
3718 }
3719
3720 error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
3721 fwObject);
3722
3723 nssCKFWMechanism_Destroy(fwMechanism);
3724
3725 if (CKR_OK == error) {
3726 return CKR_OK;
3727 }
3728
3729 loser:
3730 /* verify error */
3731 switch( error ) {
3732 case CKR_ARGUMENTS_BAD:
3733 case CKR_CRYPTOKI_NOT_INITIALIZED:
3734 case CKR_DEVICE_ERROR:
3735 case CKR_DEVICE_MEMORY:
3736 case CKR_DEVICE_REMOVED:
3737 case CKR_FUNCTION_CANCELED:
3738 case CKR_FUNCTION_FAILED:
3739 case CKR_GENERAL_ERROR:
3740 case CKR_HOST_MEMORY:
3741 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3742 case CKR_KEY_HANDLE_INVALID:
3743 case CKR_KEY_SIZE_RANGE:
3744 case CKR_KEY_TYPE_INCONSISTENT:
3745 case CKR_MECHANISM_INVALID:
3746 case CKR_MECHANISM_PARAM_INVALID:
3747 case CKR_OPERATION_ACTIVE:
3748 case CKR_PIN_EXPIRED:
3749 case CKR_SESSION_CLOSED:
3750 case CKR_SESSION_HANDLE_INVALID:
3751 case CKR_USER_NOT_LOGGED_IN:
3752 break;
3753 default:
3754 case CKR_OK:
3755 error = CKR_GENERAL_ERROR;
3756 break;
3757 }
3758 return error;
3759 }
3760
3761 /*
3762 * NSSCKFWC_Sign
3763 *
3764 */
3765 NSS_IMPLEMENT CK_RV
3766 NSSCKFWC_Sign
3767 (
3768 NSSCKFWInstance *fwInstance,
3769 CK_SESSION_HANDLE hSession,
3770 CK_BYTE_PTR pData,
3771 CK_ULONG ulDataLen,
3772 CK_BYTE_PTR pSignature,
3773 CK_ULONG_PTR pulSignatureLen
3774 )
3775 {
3776 CK_RV error = CKR_OK;
3777 NSSCKFWSession *fwSession;
3778
3779 if (!fwInstance) {
3780 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3781 goto loser;
3782 }
3783
3784 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3785 if (!fwSession) {
3786 error = CKR_SESSION_HANDLE_INVALID;
3787 goto loser;
3788 }
3789
3790 error = nssCKFWSession_UpdateFinal(fwSession,
3791 NSSCKFWCryptoOperationType_Sign,
3792 NSSCKFWCryptoOperationState_SignVerify,
3793 pData, ulDataLen, pSignature, pulSignatureLen);
3794
3795 if (CKR_OK == error) {
3796 return CKR_OK;
3797 }
3798
3799 loser:
3800 /* verify error */
3801 switch( error ) {
3802 case CKR_ARGUMENTS_BAD:
3803 case CKR_BUFFER_TOO_SMALL:
3804 case CKR_CRYPTOKI_NOT_INITIALIZED:
3805 case CKR_DATA_INVALID:
3806 case CKR_DATA_LEN_RANGE:
3807 case CKR_DEVICE_ERROR:
3808 case CKR_DEVICE_MEMORY:
3809 case CKR_DEVICE_REMOVED:
3810 case CKR_FUNCTION_CANCELED:
3811 case CKR_FUNCTION_FAILED:
3812 case CKR_GENERAL_ERROR:
3813 case CKR_HOST_MEMORY:
3814 case CKR_OPERATION_NOT_INITIALIZED:
3815 case CKR_SESSION_CLOSED:
3816 case CKR_SESSION_HANDLE_INVALID:
3817 case CKR_USER_NOT_LOGGED_IN:
3818 case CKR_FUNCTION_REJECTED:
3819 break;
3820 default:
3821 case CKR_OK:
3822 error = CKR_GENERAL_ERROR;
3823 break;
3824 }
3825 return error;
3826 }
3827
3828 /*
3829 * NSSCKFWC_SignUpdate
3830 *
3831 */
3832 NSS_IMPLEMENT CK_RV
3833 NSSCKFWC_SignUpdate
3834 (
3835 NSSCKFWInstance *fwInstance,
3836 CK_SESSION_HANDLE hSession,
3837 CK_BYTE_PTR pPart,
3838 CK_ULONG ulPartLen
3839 )
3840 {
3841 CK_RV error = CKR_OK;
3842 NSSCKFWSession *fwSession;
3843
3844 if (!fwInstance) {
3845 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3846 goto loser;
3847 }
3848
3849 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3850 if (!fwSession) {
3851 error = CKR_SESSION_HANDLE_INVALID;
3852 goto loser;
3853 }
3854
3855 error = nssCKFWSession_DigestUpdate(fwSession,
3856 NSSCKFWCryptoOperationType_Sign,
3857 NSSCKFWCryptoOperationState_SignVerify,
3858 pPart, ulPartLen);
3859
3860 if (CKR_OK == error) {
3861 return CKR_OK;
3862 }
3863
3864 loser:
3865 /* verify error */
3866 switch( error ) {
3867 case CKR_ARGUMENTS_BAD:
3868 case CKR_CRYPTOKI_NOT_INITIALIZED:
3869 case CKR_DATA_LEN_RANGE:
3870 case CKR_DEVICE_ERROR:
3871 case CKR_DEVICE_MEMORY:
3872 case CKR_DEVICE_REMOVED:
3873 case CKR_FUNCTION_CANCELED:
3874 case CKR_FUNCTION_FAILED:
3875 case CKR_GENERAL_ERROR:
3876 case CKR_HOST_MEMORY:
3877 case CKR_OPERATION_NOT_INITIALIZED:
3878 case CKR_SESSION_CLOSED:
3879 case CKR_SESSION_HANDLE_INVALID:
3880 case CKR_USER_NOT_LOGGED_IN:
3881 break;
3882 default:
3883 case CKR_OK:
3884 error = CKR_GENERAL_ERROR;
3885 break;
3886 }
3887 return error;
3888 }
3889
3890 /*
3891 * NSSCKFWC_SignFinal
3892 *
3893 */
3894 NSS_IMPLEMENT CK_RV
3895 NSSCKFWC_SignFinal
3896 (
3897 NSSCKFWInstance *fwInstance,
3898 CK_SESSION_HANDLE hSession,
3899 CK_BYTE_PTR pSignature,
3900 CK_ULONG_PTR pulSignatureLen
3901 )
3902 {
3903 CK_RV error = CKR_OK;
3904 NSSCKFWSession *fwSession;
3905
3906 if (!fwInstance) {
3907 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3908 goto loser;
3909 }
3910
3911 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3912 if (!fwSession) {
3913 error = CKR_SESSION_HANDLE_INVALID;
3914 goto loser;
3915 }
3916
3917 error = nssCKFWSession_Final(fwSession,
3918 NSSCKFWCryptoOperationType_Sign,
3919 NSSCKFWCryptoOperationState_SignVerify,
3920 pSignature, pulSignatureLen);
3921
3922 if (CKR_OK == error) {
3923 return CKR_OK;
3924 }
3925
3926 loser:
3927 /* verify error */
3928 switch( error ) {
3929 case CKR_ARGUMENTS_BAD:
3930 case CKR_BUFFER_TOO_SMALL:
3931 case CKR_CRYPTOKI_NOT_INITIALIZED:
3932 case CKR_DATA_LEN_RANGE:
3933 case CKR_DEVICE_ERROR:
3934 case CKR_DEVICE_MEMORY:
3935 case CKR_DEVICE_REMOVED:
3936 case CKR_FUNCTION_CANCELED:
3937 case CKR_FUNCTION_FAILED:
3938 case CKR_GENERAL_ERROR:
3939 case CKR_HOST_MEMORY:
3940 case CKR_OPERATION_NOT_INITIALIZED:
3941 case CKR_SESSION_CLOSED:
3942 case CKR_SESSION_HANDLE_INVALID:
3943 case CKR_USER_NOT_LOGGED_IN:
3944 case CKR_FUNCTION_REJECTED:
3945 break;
3946 default:
3947 case CKR_OK:
3948 error = CKR_GENERAL_ERROR;
3949 break;
3950 }
3951 return error;
3952 }
3953
3954 /*
3955 * NSSCKFWC_SignRecoverInit
3956 *
3957 */
3958 NSS_IMPLEMENT CK_RV
3959 NSSCKFWC_SignRecoverInit
3960 (
3961 NSSCKFWInstance *fwInstance,
3962 CK_SESSION_HANDLE hSession,
3963 CK_MECHANISM_PTR pMechanism,
3964 CK_OBJECT_HANDLE hKey
3965 )
3966 {
3967 CK_RV error = CKR_OK;
3968 NSSCKFWSession *fwSession;
3969 NSSCKFWObject *fwObject;
3970 NSSCKFWSlot *fwSlot;
3971 NSSCKFWToken *fwToken;
3972 NSSCKFWMechanism *fwMechanism;
3973
3974 if (!fwInstance) {
3975 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3976 goto loser;
3977 }
3978
3979 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3980 if (!fwSession) {
3981 error = CKR_SESSION_HANDLE_INVALID;
3982 goto loser;
3983 }
3984
3985 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3986 if (!fwObject) {
3987 error = CKR_KEY_HANDLE_INVALID;
3988 goto loser;
3989 }
3990
3991 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3992 if (!fwSlot) {
3993 error = CKR_GENERAL_ERROR; /* should never happen! */
3994 goto loser;
3995 }
3996
3997 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3998 error = CKR_TOKEN_NOT_PRESENT;
3999 goto loser;
4000 }
4001
4002 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4003 if (!fwToken) {
4004 goto loser;
4005 }
4006
4007 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
4008 if (!fwMechanism) {
4009 goto loser;
4010 }
4011
4012 error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
4013 fwObject);
4014
4015 nssCKFWMechanism_Destroy(fwMechanism);
4016
4017 if (CKR_OK == error) {
4018 return CKR_OK;
4019 }
4020
4021 loser:
4022 /* verify error */
4023 switch( error ) {
4024 case CKR_ARGUMENTS_BAD:
4025 case CKR_CRYPTOKI_NOT_INITIALIZED:
4026 case CKR_DEVICE_ERROR:
4027 case CKR_DEVICE_MEMORY:
4028 case CKR_DEVICE_REMOVED:
4029 case CKR_FUNCTION_CANCELED:
4030 case CKR_FUNCTION_FAILED:
4031 case CKR_GENERAL_ERROR:
4032 case CKR_HOST_MEMORY:
4033 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4034 case CKR_KEY_HANDLE_INVALID:
4035 case CKR_KEY_SIZE_RANGE:
4036 case CKR_KEY_TYPE_INCONSISTENT:
4037 case CKR_MECHANISM_INVALID:
4038 case CKR_MECHANISM_PARAM_INVALID:
4039 case CKR_OPERATION_ACTIVE:
4040 case CKR_PIN_EXPIRED:
4041 case CKR_SESSION_CLOSED:
4042 case CKR_SESSION_HANDLE_INVALID:
4043 case CKR_USER_NOT_LOGGED_IN:
4044 break;
4045 default:
4046 case CKR_OK:
4047 error = CKR_GENERAL_ERROR;
4048 break;
4049 }
4050 return error;
4051 }
4052
4053 /*
4054 * NSSCKFWC_SignRecover
4055 *
4056 */
4057 NSS_IMPLEMENT CK_RV
4058 NSSCKFWC_SignRecover
4059 (
4060 NSSCKFWInstance *fwInstance,
4061 CK_SESSION_HANDLE hSession,
4062 CK_BYTE_PTR pData,
4063 CK_ULONG ulDataLen,
4064 CK_BYTE_PTR pSignature,
4065 CK_ULONG_PTR pulSignatureLen
4066 )
4067 {
4068 CK_RV error = CKR_OK;
4069 NSSCKFWSession *fwSession;
4070
4071 if (!fwInstance) {
4072 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4073 goto loser;
4074 }
4075
4076 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4077 if (!fwSession) {
4078 error = CKR_SESSION_HANDLE_INVALID;
4079 goto loser;
4080 }
4081
4082 error = nssCKFWSession_UpdateFinal(fwSession,
4083 NSSCKFWCryptoOperationType_SignRecover,
4084 NSSCKFWCryptoOperationState_SignVerify,
4085 pData, ulDataLen, pSignature, pulSignatureLen);
4086
4087 if (CKR_OK == error) {
4088 return CKR_OK;
4089 }
4090
4091 loser:
4092 /* verify error */
4093 switch( error ) {
4094 case CKR_ARGUMENTS_BAD:
4095 case CKR_BUFFER_TOO_SMALL:
4096 case CKR_CRYPTOKI_NOT_INITIALIZED:
4097 case CKR_DATA_INVALID:
4098 case CKR_DATA_LEN_RANGE:
4099 case CKR_DEVICE_ERROR:
4100 case CKR_DEVICE_MEMORY:
4101 case CKR_DEVICE_REMOVED:
4102 case CKR_FUNCTION_CANCELED:
4103 case CKR_FUNCTION_FAILED:
4104 case CKR_GENERAL_ERROR:
4105 case CKR_HOST_MEMORY:
4106 case CKR_OPERATION_NOT_INITIALIZED:
4107 case CKR_SESSION_CLOSED:
4108 case CKR_SESSION_HANDLE_INVALID:
4109 case CKR_USER_NOT_LOGGED_IN:
4110 break;
4111 default:
4112 case CKR_OK:
4113 error = CKR_GENERAL_ERROR;
4114 break;
4115 }
4116 return error;
4117 }
4118
4119 /*
4120 * NSSCKFWC_VerifyInit
4121 *
4122 */
4123 NSS_IMPLEMENT CK_RV
4124 NSSCKFWC_VerifyInit
4125 (
4126 NSSCKFWInstance *fwInstance,
4127 CK_SESSION_HANDLE hSession,
4128 CK_MECHANISM_PTR pMechanism,
4129 CK_OBJECT_HANDLE hKey
4130 )
4131 {
4132 CK_RV error = CKR_OK;
4133 NSSCKFWSession *fwSession;
4134 NSSCKFWObject *fwObject;
4135 NSSCKFWSlot *fwSlot;
4136 NSSCKFWToken *fwToken;
4137 NSSCKFWMechanism *fwMechanism;
4138
4139 if (!fwInstance) {
4140 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4141 goto loser;
4142 }
4143
4144 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4145 if (!fwSession) {
4146 error = CKR_SESSION_HANDLE_INVALID;
4147 goto loser;
4148 }
4149
4150 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4151 if (!fwObject) {
4152 error = CKR_KEY_HANDLE_INVALID;
4153 goto loser;
4154 }
4155
4156 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4157 if (!fwSlot) {
4158 error = CKR_GENERAL_ERROR; /* should never happen! */
4159 goto loser;
4160 }
4161
4162 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4163 error = CKR_TOKEN_NOT_PRESENT;
4164 goto loser;
4165 }
4166
4167 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4168 if (!fwToken) {
4169 goto loser;
4170 }
4171
4172 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
4173 if (!fwMechanism) {
4174 goto loser;
4175 }
4176
4177 error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
4178 fwObject);
4179
4180 nssCKFWMechanism_Destroy(fwMechanism);
4181
4182 if (CKR_OK == error) {
4183 return CKR_OK;
4184 }
4185
4186 loser:
4187 /* verify error */
4188 switch( error ) {
4189 case CKR_ARGUMENTS_BAD:
4190 case CKR_CRYPTOKI_NOT_INITIALIZED:
4191 case CKR_DEVICE_ERROR:
4192 case CKR_DEVICE_MEMORY:
4193 case CKR_DEVICE_REMOVED:
4194 case CKR_FUNCTION_CANCELED:
4195 case CKR_FUNCTION_FAILED:
4196 case CKR_GENERAL_ERROR:
4197 case CKR_HOST_MEMORY:
4198 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4199 case CKR_KEY_HANDLE_INVALID:
4200 case CKR_KEY_SIZE_RANGE:
4201 case CKR_KEY_TYPE_INCONSISTENT:
4202 case CKR_MECHANISM_INVALID:
4203 case CKR_MECHANISM_PARAM_INVALID:
4204 case CKR_OPERATION_ACTIVE:
4205 case CKR_PIN_EXPIRED:
4206 case CKR_SESSION_CLOSED:
4207 case CKR_SESSION_HANDLE_INVALID:
4208 case CKR_USER_NOT_LOGGED_IN:
4209 break;
4210 default:
4211 case CKR_OK:
4212 error = CKR_GENERAL_ERROR;
4213 break;
4214 }
4215 return error;
4216 }
4217
4218 /*
4219 * NSSCKFWC_Verify
4220 *
4221 */
4222 NSS_IMPLEMENT CK_RV
4223 NSSCKFWC_Verify
4224 (
4225 NSSCKFWInstance *fwInstance,
4226 CK_SESSION_HANDLE hSession,
4227 CK_BYTE_PTR pData,
4228 CK_ULONG ulDataLen,
4229 CK_BYTE_PTR pSignature,
4230 CK_ULONG ulSignatureLen
4231 )
4232 {
4233 CK_RV error = CKR_OK;
4234 NSSCKFWSession *fwSession;
4235
4236 if (!fwInstance) {
4237 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4238 goto loser;
4239 }
4240
4241 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4242 if (!fwSession) {
4243 error = CKR_SESSION_HANDLE_INVALID;
4244 goto loser;
4245 }
4246
4247 error = nssCKFWSession_UpdateFinal(fwSession,
4248 NSSCKFWCryptoOperationType_Verify,
4249 NSSCKFWCryptoOperationState_SignVerify,
4250 pData, ulDataLen, pSignature, &ulSignatureLen);
4251
4252 if (CKR_OK == error) {
4253 return CKR_OK;
4254 }
4255
4256 loser:
4257 /* verify error */
4258 switch( error ) {
4259 case CKR_ARGUMENTS_BAD:
4260 case CKR_CRYPTOKI_NOT_INITIALIZED:
4261 case CKR_DATA_INVALID:
4262 case CKR_DATA_LEN_RANGE:
4263 case CKR_DEVICE_ERROR:
4264 case CKR_DEVICE_MEMORY:
4265 case CKR_DEVICE_REMOVED:
4266 case CKR_FUNCTION_CANCELED:
4267 case CKR_FUNCTION_FAILED:
4268 case CKR_GENERAL_ERROR:
4269 case CKR_HOST_MEMORY:
4270 case CKR_OPERATION_NOT_INITIALIZED:
4271 case CKR_SESSION_CLOSED:
4272 case CKR_SESSION_HANDLE_INVALID:
4273 case CKR_SIGNATURE_INVALID:
4274 case CKR_SIGNATURE_LEN_RANGE:
4275 break;
4276 default:
4277 case CKR_OK:
4278 error = CKR_GENERAL_ERROR;
4279 break;
4280 }
4281 return error;
4282 }
4283
4284 /*
4285 * NSSCKFWC_VerifyUpdate
4286 *
4287 */
4288 NSS_IMPLEMENT CK_RV
4289 NSSCKFWC_VerifyUpdate
4290 (
4291 NSSCKFWInstance *fwInstance,
4292 CK_SESSION_HANDLE hSession,
4293 CK_BYTE_PTR pPart,
4294 CK_ULONG ulPartLen
4295 )
4296 {
4297 CK_RV error = CKR_OK;
4298 NSSCKFWSession *fwSession;
4299
4300 if (!fwInstance) {
4301 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4302 goto loser;
4303 }
4304
4305 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4306 if (!fwSession) {
4307 error = CKR_SESSION_HANDLE_INVALID;
4308 goto loser;
4309 }
4310
4311 error = nssCKFWSession_DigestUpdate(fwSession,
4312 NSSCKFWCryptoOperationType_Verify,
4313 NSSCKFWCryptoOperationState_SignVerify,
4314 pPart, ulPartLen);
4315
4316 if (CKR_OK == error) {
4317 return CKR_OK;
4318 }
4319
4320 loser:
4321 /* verify error */
4322 switch( error ) {
4323 case CKR_ARGUMENTS_BAD:
4324 case CKR_CRYPTOKI_NOT_INITIALIZED:
4325 case CKR_DATA_LEN_RANGE:
4326 case CKR_DEVICE_ERROR:
4327 case CKR_DEVICE_MEMORY:
4328 case CKR_DEVICE_REMOVED:
4329 case CKR_FUNCTION_CANCELED:
4330 case CKR_FUNCTION_FAILED:
4331 case CKR_GENERAL_ERROR:
4332 case CKR_HOST_MEMORY:
4333 case CKR_OPERATION_NOT_INITIALIZED:
4334 case CKR_SESSION_CLOSED:
4335 case CKR_SESSION_HANDLE_INVALID:
4336 break;
4337 default:
4338 case CKR_OK:
4339 error = CKR_GENERAL_ERROR;
4340 break;
4341 }
4342 return error;
4343 }
4344
4345 /*
4346 * NSSCKFWC_VerifyFinal
4347 *
4348 */
4349 NSS_IMPLEMENT CK_RV
4350 NSSCKFWC_VerifyFinal
4351 (
4352 NSSCKFWInstance *fwInstance,
4353 CK_SESSION_HANDLE hSession,
4354 CK_BYTE_PTR pSignature,
4355 CK_ULONG ulSignatureLen
4356 )
4357 {
4358 CK_RV error = CKR_OK;
4359 NSSCKFWSession *fwSession;
4360
4361 if (!fwInstance) {
4362 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4363 goto loser;
4364 }
4365
4366 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4367 if (!fwSession) {
4368 error = CKR_SESSION_HANDLE_INVALID;
4369 goto loser;
4370 }
4371
4372 error = nssCKFWSession_Final(fwSession,
4373 NSSCKFWCryptoOperationType_Verify,
4374 NSSCKFWCryptoOperationState_SignVerify,
4375 pSignature, &ulSignatureLen);
4376
4377 if (CKR_OK == error) {
4378 return CKR_OK;
4379 }
4380
4381 loser:
4382 /* verify error */
4383 switch( error ) {
4384 case CKR_ARGUMENTS_BAD:
4385 case CKR_CRYPTOKI_NOT_INITIALIZED:
4386 case CKR_DATA_LEN_RANGE:
4387 case CKR_DEVICE_ERROR:
4388 case CKR_DEVICE_MEMORY:
4389 case CKR_DEVICE_REMOVED:
4390 case CKR_FUNCTION_CANCELED:
4391 case CKR_FUNCTION_FAILED:
4392 case CKR_GENERAL_ERROR:
4393 case CKR_HOST_MEMORY:
4394 case CKR_OPERATION_NOT_INITIALIZED:
4395 case CKR_SESSION_CLOSED:
4396 case CKR_SESSION_HANDLE_INVALID:
4397 case CKR_SIGNATURE_INVALID:
4398 case CKR_SIGNATURE_LEN_RANGE:
4399 break;
4400 default:
4401 case CKR_OK:
4402 error = CKR_GENERAL_ERROR;
4403 break;
4404 }
4405 return error;
4406 }
4407
4408 /*
4409 * NSSCKFWC_VerifyRecoverInit
4410 *
4411 */
4412 NSS_IMPLEMENT CK_RV
4413 NSSCKFWC_VerifyRecoverInit
4414 (
4415 NSSCKFWInstance *fwInstance,
4416 CK_SESSION_HANDLE hSession,
4417 CK_MECHANISM_PTR pMechanism,
4418 CK_OBJECT_HANDLE hKey
4419 )
4420 {
4421 CK_RV error = CKR_OK;
4422 NSSCKFWSession *fwSession;
4423 NSSCKFWObject *fwObject;
4424 NSSCKFWSlot *fwSlot;
4425 NSSCKFWToken *fwToken;
4426 NSSCKFWMechanism *fwMechanism;
4427
4428 if (!fwInstance) {
4429 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4430 goto loser;
4431 }
4432
4433 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4434 if (!fwSession) {
4435 error = CKR_SESSION_HANDLE_INVALID;
4436 goto loser;
4437 }
4438
4439 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4440 if (!fwObject) {
4441 error = CKR_KEY_HANDLE_INVALID;
4442 goto loser;
4443 }
4444
4445 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4446 if (!fwSlot) {
4447 error = CKR_GENERAL_ERROR; /* should never happen! */
4448 goto loser;
4449 }
4450
4451 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4452 error = CKR_TOKEN_NOT_PRESENT;
4453 goto loser;
4454 }
4455
4456 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4457 if (!fwToken) {
4458 goto loser;
4459 }
4460
4461 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
4462 if (!fwMechanism) {
4463 goto loser;
4464 }
4465
4466 error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
4467 fwSession, fwObject);
4468
4469 nssCKFWMechanism_Destroy(fwMechanism);
4470
4471 if (CKR_OK == error) {
4472 return CKR_OK;
4473 }
4474
4475 loser:
4476 /* verify error */
4477 switch( error ) {
4478 case CKR_ARGUMENTS_BAD:
4479 case CKR_CRYPTOKI_NOT_INITIALIZED:
4480 case CKR_DEVICE_ERROR:
4481 case CKR_DEVICE_MEMORY:
4482 case CKR_DEVICE_REMOVED:
4483 case CKR_FUNCTION_CANCELED:
4484 case CKR_FUNCTION_FAILED:
4485 case CKR_GENERAL_ERROR:
4486 case CKR_HOST_MEMORY:
4487 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4488 case CKR_KEY_HANDLE_INVALID:
4489 case CKR_KEY_SIZE_RANGE:
4490 case CKR_KEY_TYPE_INCONSISTENT:
4491 case CKR_MECHANISM_INVALID:
4492 case CKR_MECHANISM_PARAM_INVALID:
4493 case CKR_OPERATION_ACTIVE:
4494 case CKR_PIN_EXPIRED:
4495 case CKR_SESSION_HANDLE_INVALID:
4496 case CKR_SESSION_CLOSED:
4497 case CKR_USER_NOT_LOGGED_IN:
4498 break;
4499 default:
4500 case CKR_OK:
4501 error = CKR_GENERAL_ERROR;
4502 break;
4503 }
4504 return error;
4505 }
4506
4507 /*
4508 * NSSCKFWC_VerifyRecover
4509 *
4510 */
4511 NSS_IMPLEMENT CK_RV
4512 NSSCKFWC_VerifyRecover
4513 (
4514 NSSCKFWInstance *fwInstance,
4515 CK_SESSION_HANDLE hSession,
4516 CK_BYTE_PTR pSignature,
4517 CK_ULONG ulSignatureLen,
4518 CK_BYTE_PTR pData,
4519 CK_ULONG_PTR pulDataLen
4520 )
4521 {
4522 CK_RV error = CKR_OK;
4523 NSSCKFWSession *fwSession;
4524
4525 if (!fwInstance) {
4526 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4527 goto loser;
4528 }
4529
4530 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4531 if (!fwSession) {
4532 error = CKR_SESSION_HANDLE_INVALID;
4533 goto loser;
4534 }
4535
4536 error = nssCKFWSession_UpdateFinal(fwSession,
4537 NSSCKFWCryptoOperationType_VerifyRecover,
4538 NSSCKFWCryptoOperationState_SignVerify,
4539 pSignature, ulSignatureLen, pData, pulDataLen);
4540 if (CKR_OK == error) {
4541 return CKR_OK;
4542 }
4543 loser:
4544 /* verify error */
4545 switch( error ) {
4546 case CKR_ARGUMENTS_BAD:
4547 case CKR_BUFFER_TOO_SMALL:
4548 case CKR_CRYPTOKI_NOT_INITIALIZED:
4549 case CKR_DATA_INVALID:
4550 case CKR_DATA_LEN_RANGE:
4551 case CKR_DEVICE_ERROR:
4552 case CKR_DEVICE_MEMORY:
4553 case CKR_DEVICE_REMOVED:
4554 case CKR_FUNCTION_CANCELED:
4555 case CKR_FUNCTION_FAILED:
4556 case CKR_GENERAL_ERROR:
4557 case CKR_HOST_MEMORY:
4558 case CKR_OPERATION_NOT_INITIALIZED:
4559 case CKR_SESSION_CLOSED:
4560 case CKR_SESSION_HANDLE_INVALID:
4561 case CKR_SIGNATURE_INVALID:
4562 case CKR_SIGNATURE_LEN_RANGE:
4563 break;
4564 default:
4565 case CKR_OK:
4566 error = CKR_GENERAL_ERROR;
4567 break;
4568 }
4569 return error;
4570 }
4571
4572 /*
4573 * NSSCKFWC_DigestEncryptUpdate
4574 *
4575 */
4576 NSS_IMPLEMENT CK_RV
4577 NSSCKFWC_DigestEncryptUpdate
4578 (
4579 NSSCKFWInstance *fwInstance,
4580 CK_SESSION_HANDLE hSession,
4581 CK_BYTE_PTR pPart,
4582 CK_ULONG ulPartLen,
4583 CK_BYTE_PTR pEncryptedPart,
4584 CK_ULONG_PTR pulEncryptedPartLen
4585 )
4586 {
4587 CK_RV error = CKR_OK;
4588 NSSCKFWSession *fwSession;
4589
4590 if (!fwInstance) {
4591 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4592 goto loser;
4593 }
4594
4595 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4596 if (!fwSession) {
4597 error = CKR_SESSION_HANDLE_INVALID;
4598 goto loser;
4599 }
4600
4601 error = nssCKFWSession_UpdateCombo(fwSession,
4602 NSSCKFWCryptoOperationType_Encrypt,
4603 NSSCKFWCryptoOperationType_Digest,
4604 NSSCKFWCryptoOperationState_Digest,
4605 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4606
4607 if (CKR_OK == error) {
4608 return CKR_OK;
4609 }
4610
4611 loser:
4612 /* verify error */
4613 switch( error ) {
4614 case CKR_ARGUMENTS_BAD:
4615 case CKR_BUFFER_TOO_SMALL:
4616 case CKR_CRYPTOKI_NOT_INITIALIZED:
4617 case CKR_DATA_LEN_RANGE:
4618 case CKR_DEVICE_ERROR:
4619 case CKR_DEVICE_MEMORY:
4620 case CKR_DEVICE_REMOVED:
4621 case CKR_FUNCTION_CANCELED:
4622 case CKR_FUNCTION_FAILED:
4623 case CKR_GENERAL_ERROR:
4624 case CKR_HOST_MEMORY:
4625 case CKR_OPERATION_NOT_INITIALIZED:
4626 case CKR_SESSION_CLOSED:
4627 case CKR_SESSION_HANDLE_INVALID:
4628 break;
4629 default:
4630 case CKR_OK:
4631 error = CKR_GENERAL_ERROR;
4632 break;
4633 }
4634 return error;
4635 }
4636
4637 /*
4638 * NSSCKFWC_DecryptDigestUpdate
4639 *
4640 */
4641 NSS_IMPLEMENT CK_RV
4642 NSSCKFWC_DecryptDigestUpdate
4643 (
4644 NSSCKFWInstance *fwInstance,
4645 CK_SESSION_HANDLE hSession,
4646 CK_BYTE_PTR pEncryptedPart,
4647 CK_ULONG ulEncryptedPartLen,
4648 CK_BYTE_PTR pPart,
4649 CK_ULONG_PTR pulPartLen
4650 )
4651 {
4652 CK_RV error = CKR_OK;
4653 NSSCKFWSession *fwSession;
4654
4655 if (!fwInstance) {
4656 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4657 goto loser;
4658 }
4659
4660 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4661 if (!fwSession) {
4662 error = CKR_SESSION_HANDLE_INVALID;
4663 goto loser;
4664 }
4665
4666 error = nssCKFWSession_UpdateCombo(fwSession,
4667 NSSCKFWCryptoOperationType_Decrypt,
4668 NSSCKFWCryptoOperationType_Digest,
4669 NSSCKFWCryptoOperationState_Digest,
4670 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4671
4672 if (CKR_OK == error) {
4673 return CKR_OK;
4674 }
4675
4676 loser:
4677 /* verify error */
4678 switch( error ) {
4679 case CKR_ARGUMENTS_BAD:
4680 case CKR_BUFFER_TOO_SMALL:
4681 case CKR_CRYPTOKI_NOT_INITIALIZED:
4682 case CKR_DEVICE_ERROR:
4683 case CKR_DEVICE_MEMORY:
4684 case CKR_DEVICE_REMOVED:
4685 case CKR_ENCRYPTED_DATA_INVALID:
4686 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4687 case CKR_FUNCTION_CANCELED:
4688 case CKR_FUNCTION_FAILED:
4689 case CKR_GENERAL_ERROR:
4690 case CKR_HOST_MEMORY:
4691 case CKR_OPERATION_NOT_INITIALIZED:
4692 case CKR_SESSION_CLOSED:
4693 case CKR_SESSION_HANDLE_INVALID:
4694 break;
4695 case CKR_DATA_INVALID:
4696 error = CKR_ENCRYPTED_DATA_INVALID;
4697 break;
4698 case CKR_DATA_LEN_RANGE:
4699 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
4700 break;
4701 default:
4702 case CKR_OK:
4703 error = CKR_GENERAL_ERROR;
4704 break;
4705 }
4706 return error;
4707 }
4708
4709 /*
4710 * NSSCKFWC_SignEncryptUpdate
4711 *
4712 */
4713 NSS_IMPLEMENT CK_RV
4714 NSSCKFWC_SignEncryptUpdate
4715 (
4716 NSSCKFWInstance *fwInstance,
4717 CK_SESSION_HANDLE hSession,
4718 CK_BYTE_PTR pPart,
4719 CK_ULONG ulPartLen,
4720 CK_BYTE_PTR pEncryptedPart,
4721 CK_ULONG_PTR pulEncryptedPartLen
4722 )
4723 {
4724 CK_RV error = CKR_OK;
4725 NSSCKFWSession *fwSession;
4726
4727 if (!fwInstance) {
4728 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4729 goto loser;
4730 }
4731
4732 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4733 if (!fwSession) {
4734 error = CKR_SESSION_HANDLE_INVALID;
4735 goto loser;
4736 }
4737
4738 error = nssCKFWSession_UpdateCombo(fwSession,
4739 NSSCKFWCryptoOperationType_Encrypt,
4740 NSSCKFWCryptoOperationType_Sign,
4741 NSSCKFWCryptoOperationState_SignVerify,
4742 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4743
4744 if (CKR_OK == error) {
4745 return CKR_OK;
4746 }
4747
4748 loser:
4749 /* verify error */
4750 switch( error ) {
4751 case CKR_ARGUMENTS_BAD:
4752 case CKR_BUFFER_TOO_SMALL:
4753 case CKR_CRYPTOKI_NOT_INITIALIZED:
4754 case CKR_DATA_LEN_RANGE:
4755 case CKR_DEVICE_ERROR:
4756 case CKR_DEVICE_MEMORY:
4757 case CKR_DEVICE_REMOVED:
4758 case CKR_FUNCTION_CANCELED:
4759 case CKR_FUNCTION_FAILED:
4760 case CKR_GENERAL_ERROR:
4761 case CKR_HOST_MEMORY:
4762 case CKR_OPERATION_NOT_INITIALIZED:
4763 case CKR_SESSION_CLOSED:
4764 case CKR_SESSION_HANDLE_INVALID:
4765 case CKR_USER_NOT_LOGGED_IN:
4766 break;
4767 default:
4768 case CKR_OK:
4769 error = CKR_GENERAL_ERROR;
4770 break;
4771 }
4772 return error;
4773 }
4774
4775 /*
4776 * NSSCKFWC_DecryptVerifyUpdate
4777 *
4778 */
4779 NSS_IMPLEMENT CK_RV
4780 NSSCKFWC_DecryptVerifyUpdate
4781 (
4782 NSSCKFWInstance *fwInstance,
4783 CK_SESSION_HANDLE hSession,
4784 CK_BYTE_PTR pEncryptedPart,
4785 CK_ULONG ulEncryptedPartLen,
4786 CK_BYTE_PTR pPart,
4787 CK_ULONG_PTR pulPartLen
4788 )
4789 {
4790 CK_RV error = CKR_OK;
4791 NSSCKFWSession *fwSession;
4792
4793 if (!fwInstance) {
4794 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4795 goto loser;
4796 }
4797
4798 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4799 if (!fwSession) {
4800 error = CKR_SESSION_HANDLE_INVALID;
4801 goto loser;
4802 }
4803
4804 error = nssCKFWSession_UpdateCombo(fwSession,
4805 NSSCKFWCryptoOperationType_Decrypt,
4806 NSSCKFWCryptoOperationType_Verify,
4807 NSSCKFWCryptoOperationState_SignVerify,
4808 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4809
4810 if (CKR_OK == error) {
4811 return CKR_OK;
4812 }
4813
4814 loser:
4815 /* verify error */
4816 switch( error ) {
4817 case CKR_ARGUMENTS_BAD:
4818 case CKR_BUFFER_TOO_SMALL:
4819 case CKR_CRYPTOKI_NOT_INITIALIZED:
4820 case CKR_DATA_LEN_RANGE:
4821 case CKR_DEVICE_ERROR:
4822 case CKR_DEVICE_MEMORY:
4823 case CKR_DEVICE_REMOVED:
4824 case CKR_ENCRYPTED_DATA_INVALID:
4825 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4826 case CKR_FUNCTION_CANCELED:
4827 case CKR_FUNCTION_FAILED:
4828 case CKR_GENERAL_ERROR:
4829 case CKR_HOST_MEMORY:
4830 case CKR_OPERATION_NOT_INITIALIZED:
4831 case CKR_SESSION_CLOSED:
4832 case CKR_SESSION_HANDLE_INVALID:
4833 break;
4834 case CKR_DATA_INVALID:
4835 error = CKR_ENCRYPTED_DATA_INVALID;
4836 break;
4837 default:
4838 case CKR_OK:
4839 error = CKR_GENERAL_ERROR;
4840 break;
4841 }
4842 return error;
4843 }
4844
4845 /*
4846 * NSSCKFWC_GenerateKey
4847 *
4848 */
4849 NSS_IMPLEMENT CK_RV
4850 NSSCKFWC_GenerateKey
4851 (
4852 NSSCKFWInstance *fwInstance,
4853 CK_SESSION_HANDLE hSession,
4854 CK_MECHANISM_PTR pMechanism,
4855 CK_ATTRIBUTE_PTR pTemplate,
4856 CK_ULONG ulCount,
4857 CK_OBJECT_HANDLE_PTR phKey
4858 )
4859 {
4860 CK_RV error = CKR_OK;
4861 NSSCKFWSession *fwSession;
4862 NSSCKFWObject *fwObject;
4863 NSSCKFWSlot *fwSlot;
4864 NSSCKFWToken *fwToken;
4865 NSSCKFWMechanism *fwMechanism;
4866
4867 if (!fwInstance) {
4868 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4869 goto loser;
4870 }
4871
4872 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4873 if (!fwSession) {
4874 error = CKR_SESSION_HANDLE_INVALID;
4875 goto loser;
4876 }
4877
4878 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4879 if (!fwSlot) {
4880 error = CKR_GENERAL_ERROR; /* should never happen! */
4881 goto loser;
4882 }
4883
4884 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4885 error = CKR_TOKEN_NOT_PRESENT;
4886 goto loser;
4887 }
4888
4889 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4890 if (!fwToken) {
4891 goto loser;
4892 }
4893
4894 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
4895 if (!fwMechanism) {
4896 goto loser;
4897 }
4898
4899 fwObject = nssCKFWMechanism_GenerateKey(
4900 fwMechanism,
4901 pMechanism,
4902 fwSession,
4903 pTemplate,
4904 ulCount,
4905 &error);
4906
4907 nssCKFWMechanism_Destroy(fwMechanism);
4908 if (!fwObject) {
4909 goto loser;
4910 }
4911 *phKey= nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
4912
4913 if (CKR_OK == error) {
4914 return CKR_OK;
4915 }
4916
4917 loser:
4918 /* verify error */
4919 switch( error ) {
4920 case CKR_ARGUMENTS_BAD:
4921 case CKR_ATTRIBUTE_READ_ONLY:
4922 case CKR_ATTRIBUTE_TYPE_INVALID:
4923 case CKR_ATTRIBUTE_VALUE_INVALID:
4924 case CKR_CRYPTOKI_NOT_INITIALIZED:
4925 case CKR_DEVICE_ERROR:
4926 case CKR_DEVICE_MEMORY:
4927 case CKR_DEVICE_REMOVED:
4928 case CKR_FUNCTION_CANCELED:
4929 case CKR_FUNCTION_FAILED:
4930 case CKR_GENERAL_ERROR:
4931 case CKR_HOST_MEMORY:
4932 case CKR_MECHANISM_INVALID:
4933 case CKR_MECHANISM_PARAM_INVALID:
4934 case CKR_OPERATION_ACTIVE:
4935 case CKR_PIN_EXPIRED:
4936 case CKR_SESSION_CLOSED:
4937 case CKR_SESSION_HANDLE_INVALID:
4938 case CKR_SESSION_READ_ONLY:
4939 case CKR_TEMPLATE_INCOMPLETE:
4940 case CKR_TEMPLATE_INCONSISTENT:
4941 case CKR_TOKEN_WRITE_PROTECTED:
4942 case CKR_USER_NOT_LOGGED_IN:
4943 break;
4944 default:
4945 case CKR_OK:
4946 error = CKR_GENERAL_ERROR;
4947 break;
4948 }
4949 return error;
4950 }
4951
4952 /*
4953 * NSSCKFWC_GenerateKeyPair
4954 *
4955 */
4956 NSS_IMPLEMENT CK_RV
4957 NSSCKFWC_GenerateKeyPair
4958 (
4959 NSSCKFWInstance *fwInstance,
4960 CK_SESSION_HANDLE hSession,
4961 CK_MECHANISM_PTR pMechanism,
4962 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
4963 CK_ULONG ulPublicKeyAttributeCount,
4964 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
4965 CK_ULONG ulPrivateKeyAttributeCount,
4966 CK_OBJECT_HANDLE_PTR phPublicKey,
4967 CK_OBJECT_HANDLE_PTR phPrivateKey
4968 )
4969 {
4970 CK_RV error = CKR_OK;
4971 NSSCKFWSession *fwSession;
4972 NSSCKFWObject *fwPrivateKeyObject;
4973 NSSCKFWObject *fwPublicKeyObject;
4974 NSSCKFWSlot *fwSlot;
4975 NSSCKFWToken *fwToken;
4976 NSSCKFWMechanism *fwMechanism;
4977
4978 if (!fwInstance) {
4979 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4980 goto loser;
4981 }
4982
4983 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4984 if (!fwSession) {
4985 error = CKR_SESSION_HANDLE_INVALID;
4986 goto loser;
4987 }
4988
4989 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4990 if (!fwSlot) {
4991 error = CKR_GENERAL_ERROR; /* should never happen! */
4992 goto loser;
4993 }
4994
4995 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4996 error = CKR_TOKEN_NOT_PRESENT;
4997 goto loser;
4998 }
4999
5000 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5001 if (!fwToken) {
5002 goto loser;
5003 }
5004
5005 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
5006 if (!fwMechanism) {
5007 goto loser;
5008 }
5009
5010 error= nssCKFWMechanism_GenerateKeyPair(
5011 fwMechanism,
5012 pMechanism,
5013 fwSession,
5014 pPublicKeyTemplate,
5015 ulPublicKeyAttributeCount,
5016 pPublicKeyTemplate,
5017 ulPublicKeyAttributeCount,
5018 &fwPublicKeyObject,
5019 &fwPrivateKeyObject);
5020
5021 nssCKFWMechanism_Destroy(fwMechanism);
5022 if (CKR_OK != error) {
5023 goto loser;
5024 }
5025 *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5026 fwPublicKeyObject,
5027 &error);
5028 if (CKR_OK != error) {
5029 goto loser;
5030 }
5031 *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5032 fwPrivateKeyObject,
5033 &error);
5034 if (CKR_OK == error) {
5035 return CKR_OK;
5036 }
5037
5038 loser:
5039 /* verify error */
5040 switch( error ) {
5041 case CKR_ARGUMENTS_BAD:
5042 case CKR_ATTRIBUTE_READ_ONLY:
5043 case CKR_ATTRIBUTE_TYPE_INVALID:
5044 case CKR_ATTRIBUTE_VALUE_INVALID:
5045 case CKR_CRYPTOKI_NOT_INITIALIZED:
5046 case CKR_DEVICE_ERROR:
5047 case CKR_DEVICE_MEMORY:
5048 case CKR_DEVICE_REMOVED:
5049 case CKR_DOMAIN_PARAMS_INVALID:
5050 case CKR_FUNCTION_CANCELED:
5051 case CKR_FUNCTION_FAILED:
5052 case CKR_GENERAL_ERROR:
5053 case CKR_HOST_MEMORY:
5054 case CKR_MECHANISM_INVALID:
5055 case CKR_MECHANISM_PARAM_INVALID:
5056 case CKR_OPERATION_ACTIVE:
5057 case CKR_PIN_EXPIRED:
5058 case CKR_SESSION_CLOSED:
5059 case CKR_SESSION_HANDLE_INVALID:
5060 case CKR_SESSION_READ_ONLY:
5061 case CKR_TEMPLATE_INCOMPLETE:
5062 case CKR_TEMPLATE_INCONSISTENT:
5063 case CKR_TOKEN_WRITE_PROTECTED:
5064 case CKR_USER_NOT_LOGGED_IN:
5065 break;
5066 default:
5067 case CKR_OK:
5068 error = CKR_GENERAL_ERROR;
5069 break;
5070 }
5071 return error;
5072 }
5073
5074 /*
5075 * NSSCKFWC_WrapKey
5076 *
5077 */
5078 NSS_IMPLEMENT CK_RV
5079 NSSCKFWC_WrapKey
5080 (
5081 NSSCKFWInstance *fwInstance,
5082 CK_SESSION_HANDLE hSession,
5083 CK_MECHANISM_PTR pMechanism,
5084 CK_OBJECT_HANDLE hWrappingKey,
5085 CK_OBJECT_HANDLE hKey,
5086 CK_BYTE_PTR pWrappedKey,
5087 CK_ULONG_PTR pulWrappedKeyLen
5088 )
5089 {
5090 CK_RV error = CKR_OK;
5091 NSSCKFWSession *fwSession;
5092 NSSCKFWObject *fwKeyObject;
5093 NSSCKFWObject *fwWrappingKeyObject;
5094 NSSCKFWSlot *fwSlot;
5095 NSSCKFWToken *fwToken;
5096 NSSCKFWMechanism *fwMechanism;
5097 NSSItem wrappedKey;
5098 CK_ULONG wrappedKeyLength = 0;
5099
5100 if (!fwInstance) {
5101 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5102 goto loser;
5103 }
5104
5105 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5106 if (!fwSession) {
5107 error = CKR_SESSION_HANDLE_INVALID;
5108 goto loser;
5109 }
5110
5111 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5112 hWrappingKey);
5113 if (!fwWrappingKeyObject) {
5114 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5115 goto loser;
5116 }
5117
5118 fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
5119 if (!fwKeyObject) {
5120 error = CKR_KEY_HANDLE_INVALID;
5121 goto loser;
5122 }
5123
5124 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5125 if (!fwSlot) {
5126 error = CKR_GENERAL_ERROR; /* should never happen! */
5127 goto loser;
5128 }
5129
5130 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5131 error = CKR_TOKEN_NOT_PRESENT;
5132 goto loser;
5133 }
5134
5135 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5136 if (!fwToken) {
5137 goto loser;
5138 }
5139
5140 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
5141 if (!fwMechanism) {
5142 goto loser;
5143 }
5144
5145 /*
5146 * first get the length...
5147 */
5148 wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
5149 fwMechanism,
5150 pMechanism,
5151 fwSession,
5152 fwWrappingKeyObject,
5153 fwKeyObject,
5154 &error);
5155 if ((CK_ULONG) 0 == wrappedKeyLength) {
5156 nssCKFWMechanism_Destroy(fwMechanism);
5157 goto loser;
5158 }
5159 if ((CK_BYTE_PTR)NULL == pWrappedKey) {
5160 *pulWrappedKeyLen = wrappedKeyLength;
5161 nssCKFWMechanism_Destroy(fwMechanism);
5162 return CKR_OK;
5163 }
5164 if (wrappedKeyLength > *pulWrappedKeyLen) {
5165 *pulWrappedKeyLen = wrappedKeyLength;
5166 nssCKFWMechanism_Destroy(fwMechanism);
5167 error = CKR_BUFFER_TOO_SMALL;
5168 goto loser;
5169 }
5170
5171
5172 wrappedKey.data = pWrappedKey;
5173 wrappedKey.size = wrappedKeyLength;
5174
5175 error = nssCKFWMechanism_WrapKey(
5176 fwMechanism,
5177 pMechanism,
5178 fwSession,
5179 fwWrappingKeyObject,
5180 fwKeyObject,
5181 &wrappedKey);
5182
5183 nssCKFWMechanism_Destroy(fwMechanism);
5184 *pulWrappedKeyLen = wrappedKey.size;
5185
5186 if (CKR_OK == error) {
5187 return CKR_OK;
5188 }
5189
5190 loser:
5191 /* verify error */
5192 switch( error ) {
5193 case CKR_ARGUMENTS_BAD:
5194 case CKR_BUFFER_TOO_SMALL:
5195 case CKR_CRYPTOKI_NOT_INITIALIZED:
5196 case CKR_DEVICE_ERROR:
5197 case CKR_DEVICE_MEMORY:
5198 case CKR_DEVICE_REMOVED:
5199 case CKR_FUNCTION_CANCELED:
5200 case CKR_FUNCTION_FAILED:
5201 case CKR_GENERAL_ERROR:
5202 case CKR_HOST_MEMORY:
5203 case CKR_KEY_HANDLE_INVALID:
5204 case CKR_KEY_NOT_WRAPPABLE:
5205 case CKR_KEY_SIZE_RANGE:
5206 case CKR_KEY_UNEXTRACTABLE:
5207 case CKR_MECHANISM_INVALID:
5208 case CKR_MECHANISM_PARAM_INVALID:
5209 case CKR_OPERATION_ACTIVE:
5210 case CKR_PIN_EXPIRED:
5211 case CKR_SESSION_CLOSED:
5212 case CKR_SESSION_HANDLE_INVALID:
5213 case CKR_WRAPPING_KEY_HANDLE_INVALID:
5214 case CKR_WRAPPING_KEY_SIZE_RANGE:
5215 case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
5216 break;
5217 case CKR_KEY_TYPE_INCONSISTENT:
5218 error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
5219 break;
5220 default:
5221 case CKR_OK:
5222 error = CKR_GENERAL_ERROR;
5223 break;
5224 }
5225 return error;
5226 }
5227
5228 /*
5229 * NSSCKFWC_UnwrapKey
5230 *
5231 */
5232 NSS_IMPLEMENT CK_RV
5233 NSSCKFWC_UnwrapKey
5234 (
5235 NSSCKFWInstance *fwInstance,
5236 CK_SESSION_HANDLE hSession,
5237 CK_MECHANISM_PTR pMechanism,
5238 CK_OBJECT_HANDLE hUnwrappingKey,
5239 CK_BYTE_PTR pWrappedKey,
5240 CK_ULONG ulWrappedKeyLen,
5241 CK_ATTRIBUTE_PTR pTemplate,
5242 CK_ULONG ulAttributeCount,
5243 CK_OBJECT_HANDLE_PTR phKey
5244 )
5245 {
5246 CK_RV error = CKR_OK;
5247 NSSCKFWSession *fwSession;
5248 NSSCKFWObject *fwObject;
5249 NSSCKFWObject *fwWrappingKeyObject;
5250 NSSCKFWSlot *fwSlot;
5251 NSSCKFWToken *fwToken;
5252 NSSCKFWMechanism *fwMechanism;
5253 NSSItem wrappedKey;
5254
5255 if (!fwInstance) {
5256 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5257 goto loser;
5258 }
5259
5260 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5261 if (!fwSession) {
5262 error = CKR_SESSION_HANDLE_INVALID;
5263 goto loser;
5264 }
5265
5266 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5267 hUnwrappingKey);
5268 if (!fwWrappingKeyObject) {
5269 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5270 goto loser;
5271 }
5272
5273 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5274 if (!fwSlot) {
5275 error = CKR_GENERAL_ERROR; /* should never happen! */
5276 goto loser;
5277 }
5278
5279 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5280 error = CKR_TOKEN_NOT_PRESENT;
5281 goto loser;
5282 }
5283
5284 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5285 if (!fwToken) {
5286 goto loser;
5287 }
5288
5289 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
5290 if (!fwMechanism) {
5291 goto loser;
5292 }
5293
5294 wrappedKey.data = pWrappedKey;
5295 wrappedKey.size = ulWrappedKeyLen;
5296
5297 fwObject = nssCKFWMechanism_UnwrapKey(
5298 fwMechanism,
5299 pMechanism,
5300 fwSession,
5301 fwWrappingKeyObject,
5302 &wrappedKey,
5303 pTemplate,
5304 ulAttributeCount,
5305 &error);
5306
5307 nssCKFWMechanism_Destroy(fwMechanism);
5308 if (!fwObject) {
5309 goto loser;
5310 }
5311 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5312
5313 if (CKR_OK == error) {
5314 return CKR_OK;
5315 }
5316
5317 loser:
5318 /* verify error */
5319 switch( error ) {
5320 case CKR_ARGUMENTS_BAD:
5321 case CKR_ATTRIBUTE_READ_ONLY:
5322 case CKR_ATTRIBUTE_TYPE_INVALID:
5323 case CKR_ATTRIBUTE_VALUE_INVALID:
5324 case CKR_BUFFER_TOO_SMALL:
5325 case CKR_CRYPTOKI_NOT_INITIALIZED:
5326 case CKR_DEVICE_ERROR:
5327 case CKR_DEVICE_MEMORY:
5328 case CKR_DEVICE_REMOVED:
5329 case CKR_DOMAIN_PARAMS_INVALID:
5330 case CKR_FUNCTION_CANCELED:
5331 case CKR_FUNCTION_FAILED:
5332 case CKR_GENERAL_ERROR:
5333 case CKR_HOST_MEMORY:
5334 case CKR_MECHANISM_INVALID:
5335 case CKR_MECHANISM_PARAM_INVALID:
5336 case CKR_OPERATION_ACTIVE:
5337 case CKR_PIN_EXPIRED:
5338 case CKR_SESSION_CLOSED:
5339 case CKR_SESSION_HANDLE_INVALID:
5340 case CKR_SESSION_READ_ONLY:
5341 case CKR_TEMPLATE_INCOMPLETE:
5342 case CKR_TEMPLATE_INCONSISTENT:
5343 case CKR_TOKEN_WRITE_PROTECTED:
5344 case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
5345 case CKR_UNWRAPPING_KEY_SIZE_RANGE:
5346 case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
5347 case CKR_USER_NOT_LOGGED_IN:
5348 case CKR_WRAPPED_KEY_INVALID:
5349 case CKR_WRAPPED_KEY_LEN_RANGE:
5350 break;
5351 case CKR_KEY_HANDLE_INVALID:
5352 error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
5353 break;
5354 case CKR_KEY_SIZE_RANGE:
5355 error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
5356 break;
5357 case CKR_KEY_TYPE_INCONSISTENT:
5358 error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
5359 break;
5360 case CKR_ENCRYPTED_DATA_INVALID:
5361 error = CKR_WRAPPED_KEY_INVALID;
5362 break;
5363 case CKR_ENCRYPTED_DATA_LEN_RANGE:
5364 error = CKR_WRAPPED_KEY_LEN_RANGE;
5365 break;
5366 default:
5367 case CKR_OK:
5368 error = CKR_GENERAL_ERROR;
5369 break;
5370 }
5371 return error;
5372 }
5373
5374 /*
5375 * NSSCKFWC_DeriveKey
5376 *
5377 */
5378 NSS_IMPLEMENT CK_RV
5379 NSSCKFWC_DeriveKey
5380 (
5381 NSSCKFWInstance *fwInstance,
5382 CK_SESSION_HANDLE hSession,
5383 CK_MECHANISM_PTR pMechanism,
5384 CK_OBJECT_HANDLE hBaseKey,
5385 CK_ATTRIBUTE_PTR pTemplate,
5386 CK_ULONG ulAttributeCount,
5387 CK_OBJECT_HANDLE_PTR phKey
5388 )
5389 {
5390 CK_RV error = CKR_OK;
5391 NSSCKFWSession *fwSession;
5392 NSSCKFWObject *fwObject;
5393 NSSCKFWObject *fwBaseKeyObject;
5394 NSSCKFWSlot *fwSlot;
5395 NSSCKFWToken *fwToken;
5396 NSSCKFWMechanism *fwMechanism;
5397
5398 if (!fwInstance) {
5399 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5400 goto loser;
5401 }
5402
5403 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5404 if (!fwSession) {
5405 error = CKR_SESSION_HANDLE_INVALID;
5406 goto loser;
5407 }
5408
5409 fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
5410 if (!fwBaseKeyObject) {
5411 error = CKR_KEY_HANDLE_INVALID;
5412 goto loser;
5413 }
5414
5415 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5416 if (!fwSlot) {
5417 error = CKR_GENERAL_ERROR; /* should never happen! */
5418 goto loser;
5419 }
5420
5421 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5422 error = CKR_TOKEN_NOT_PRESENT;
5423 goto loser;
5424 }
5425
5426 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5427 if (!fwToken) {
5428 goto loser;
5429 }
5430
5431 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error );
5432 if (!fwMechanism) {
5433 goto loser;
5434 }
5435
5436 fwObject = nssCKFWMechanism_DeriveKey(
5437 fwMechanism,
5438 pMechanism,
5439 fwSession,
5440 fwBaseKeyObject,
5441 pTemplate,
5442 ulAttributeCount,
5443 &error);
5444
5445 nssCKFWMechanism_Destroy(fwMechanism);
5446 if (!fwObject) {
5447 goto loser;
5448 }
5449 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5450
5451 if (CKR_OK == error) {
5452 return CKR_OK;
5453 }
5454
5455 loser:
5456 /* verify error */
5457 switch( error ) {
5458 case CKR_ARGUMENTS_BAD:
5459 case CKR_ATTRIBUTE_READ_ONLY:
5460 case CKR_ATTRIBUTE_TYPE_INVALID:
5461 case CKR_ATTRIBUTE_VALUE_INVALID:
5462 case CKR_CRYPTOKI_NOT_INITIALIZED:
5463 case CKR_DEVICE_ERROR:
5464 case CKR_DEVICE_MEMORY:
5465 case CKR_DEVICE_REMOVED:
5466 case CKR_DOMAIN_PARAMS_INVALID:
5467 case CKR_FUNCTION_CANCELED:
5468 case CKR_FUNCTION_FAILED:
5469 case CKR_GENERAL_ERROR:
5470 case CKR_HOST_MEMORY:
5471 case CKR_KEY_HANDLE_INVALID:
5472 case CKR_KEY_SIZE_RANGE:
5473 case CKR_KEY_TYPE_INCONSISTENT:
5474 case CKR_MECHANISM_INVALID:
5475 case CKR_MECHANISM_PARAM_INVALID:
5476 case CKR_OPERATION_ACTIVE:
5477 case CKR_PIN_EXPIRED:
5478 case CKR_SESSION_CLOSED:
5479 case CKR_SESSION_HANDLE_INVALID:
5480 case CKR_SESSION_READ_ONLY:
5481 case CKR_TEMPLATE_INCOMPLETE:
5482 case CKR_TEMPLATE_INCONSISTENT:
5483 case CKR_TOKEN_WRITE_PROTECTED:
5484 case CKR_USER_NOT_LOGGED_IN:
5485 break;
5486 default:
5487 case CKR_OK:
5488 error = CKR_GENERAL_ERROR;
5489 break;
5490 }
5491 return error;
5492 }
5493
5494 /*
5495 * NSSCKFWC_SeedRandom
5496 *
5497 */
5498 NSS_IMPLEMENT CK_RV
5499 NSSCKFWC_SeedRandom
5500 (
5501 NSSCKFWInstance *fwInstance,
5502 CK_SESSION_HANDLE hSession,
5503 CK_BYTE_PTR pSeed,
5504 CK_ULONG ulSeedLen
5505 )
5506 {
5507 CK_RV error = CKR_OK;
5508 NSSCKFWSession *fwSession;
5509 NSSItem seed;
5510
5511 if (!fwInstance) {
5512 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5513 goto loser;
5514 }
5515
5516 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5517 if (!fwSession) {
5518 error = CKR_SESSION_HANDLE_INVALID;
5519 goto loser;
5520 }
5521
5522 if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
5523 error = CKR_ARGUMENTS_BAD;
5524 goto loser;
5525 }
5526
5527 /* We could read through the buffer in a Purify trap */
5528
5529 seed.size = (PRUint32)ulSeedLen;
5530 seed.data = (void *)pSeed;
5531
5532 error = nssCKFWSession_SeedRandom(fwSession, &seed);
5533
5534 if( CKR_OK != error ) {
5535 goto loser;
5536 }
5537
5538 return CKR_OK;
5539
5540 loser:
5541 switch( error ) {
5542 case CKR_SESSION_CLOSED:
5543 /* destroy session? */
5544 break;
5545 case CKR_DEVICE_REMOVED:
5546 /* (void)nssCKFWToken_Destroy(fwToken); */
5547 break;
5548 case CKR_ARGUMENTS_BAD:
5549 case CKR_CRYPTOKI_NOT_INITIALIZED:
5550 case CKR_DEVICE_ERROR:
5551 case CKR_DEVICE_MEMORY:
5552 case CKR_FUNCTION_CANCELED:
5553 case CKR_FUNCTION_FAILED:
5554 case CKR_GENERAL_ERROR:
5555 case CKR_HOST_MEMORY:
5556 case CKR_OPERATION_ACTIVE:
5557 case CKR_RANDOM_SEED_NOT_SUPPORTED:
5558 case CKR_RANDOM_NO_RNG:
5559 case CKR_SESSION_HANDLE_INVALID:
5560 case CKR_USER_NOT_LOGGED_IN:
5561 break;
5562 default:
5563 case CKR_OK:
5564 error = CKR_GENERAL_ERROR;
5565 break;
5566 }
5567
5568 return error;
5569 }
5570
5571 /*
5572 * NSSCKFWC_GenerateRandom
5573 *
5574 */
5575 NSS_IMPLEMENT CK_RV
5576 NSSCKFWC_GenerateRandom
5577 (
5578 NSSCKFWInstance *fwInstance,
5579 CK_SESSION_HANDLE hSession,
5580 CK_BYTE_PTR pRandomData,
5581 CK_ULONG ulRandomLen
5582 )
5583 {
5584 CK_RV error = CKR_OK;
5585 NSSCKFWSession *fwSession;
5586 NSSItem buffer;
5587
5588 if (!fwInstance) {
5589 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5590 goto loser;
5591 }
5592
5593 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5594 if (!fwSession) {
5595 error = CKR_SESSION_HANDLE_INVALID;
5596 goto loser;
5597 }
5598
5599 if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
5600 error = CKR_ARGUMENTS_BAD;
5601 goto loser;
5602 }
5603
5604 /*
5605 * A purify error here indicates caller error.
5606 */
5607 (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
5608
5609 buffer.size = (PRUint32)ulRandomLen;
5610 buffer.data = (void *)pRandomData;
5611
5612 error = nssCKFWSession_GetRandom(fwSession, &buffer);
5613
5614 if( CKR_OK != error ) {
5615 goto loser;
5616 }
5617
5618 return CKR_OK;
5619
5620 loser:
5621 switch( error ) {
5622 case CKR_SESSION_CLOSED:
5623 /* destroy session? */
5624 break;
5625 case CKR_DEVICE_REMOVED:
5626 /* (void)nssCKFWToken_Destroy(fwToken); */
5627 break;
5628 case CKR_ARGUMENTS_BAD:
5629 case CKR_CRYPTOKI_NOT_INITIALIZED:
5630 case CKR_DEVICE_ERROR:
5631 case CKR_DEVICE_MEMORY:
5632 case CKR_FUNCTION_CANCELED:
5633 case CKR_FUNCTION_FAILED:
5634 case CKR_GENERAL_ERROR:
5635 case CKR_HOST_MEMORY:
5636 case CKR_OPERATION_ACTIVE:
5637 case CKR_RANDOM_NO_RNG:
5638 case CKR_SESSION_HANDLE_INVALID:
5639 case CKR_USER_NOT_LOGGED_IN:
5640 break;
5641 default:
5642 case CKR_OK:
5643 error = CKR_GENERAL_ERROR;
5644 break;
5645 }
5646
5647 return error;
5648 }
5649
5650 /*
5651 * NSSCKFWC_GetFunctionStatus
5652 *
5653 */
5654 NSS_IMPLEMENT CK_RV
5655 NSSCKFWC_GetFunctionStatus
5656 (
5657 NSSCKFWInstance *fwInstance,
5658 CK_SESSION_HANDLE hSession
5659 )
5660 {
5661 return CKR_FUNCTION_NOT_PARALLEL;
5662 }
5663
5664 /*
5665 * NSSCKFWC_CancelFunction
5666 *
5667 */
5668 NSS_IMPLEMENT CK_RV
5669 NSSCKFWC_CancelFunction
5670 (
5671 NSSCKFWInstance *fwInstance,
5672 CK_SESSION_HANDLE hSession
5673 )
5674 {
5675 return CKR_FUNCTION_NOT_PARALLEL;
5676 }
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/ckfw/token.c ('k') | mozilla/security/nss/lib/cryptohi/cryptohi.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698