OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * This file implements PKCS 11 on top of our existing security modules | 5 * This file implements PKCS 11 on top of our existing security modules |
6 * | 6 * |
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. | 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. |
8 * This implementation has two slots: | 8 * This implementation has two slots: |
9 * slot 1 is our generic crypto support. It does not require login. | 9 * slot 1 is our generic crypto support. It does not require login. |
10 * It supports Public Key ops, and all they bulk ciphers and hashes. | 10 * It supports Public Key ops, and all they bulk ciphers and hashes. |
(...skipping 378 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
389 {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, | 389 {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, |
390 {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 390 {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
391 {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 391 {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
392 {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE}, | 392 {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE}, |
393 {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 393 {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
394 {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 394 {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
395 {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE}, | 395 {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE}, |
396 {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 396 {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
397 {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 397 {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
398 {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE}, | 398 {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE}, |
| 399 {CKM_TLS_MAC, {0, 512, CKF_SN_VR}, PR_FALSE}, |
399 {CKM_NSS_TLS_PRF_GENERAL_SHA256, | 400 {CKM_NSS_TLS_PRF_GENERAL_SHA256, |
400 {0, 512, CKF_SN_VR}, PR_FALSE}, | 401 {0, 512, CKF_SN_VR}, PR_FALSE}, |
401 /* ------------------------- HKDF Operations -------------------------- */ | 402 /* ------------------------- HKDF Operations -------------------------- */ |
402 {CKM_NSS_HKDF_SHA1, {1, 128, CKF_DERIVE}, PR_TRUE}, | 403 {CKM_NSS_HKDF_SHA1, {1, 128, CKF_DERIVE}, PR_TRUE}, |
403 {CKM_NSS_HKDF_SHA256, {1, 128, CKF_DERIVE}, PR_TRUE}, | 404 {CKM_NSS_HKDF_SHA256, {1, 128, CKF_DERIVE}, PR_TRUE}, |
404 {CKM_NSS_HKDF_SHA384, {1, 128, CKF_DERIVE}, PR_TRUE}, | 405 {CKM_NSS_HKDF_SHA384, {1, 128, CKF_DERIVE}, PR_TRUE}, |
405 {CKM_NSS_HKDF_SHA512, {1, 128, CKF_DERIVE}, PR_TRUE}, | 406 {CKM_NSS_HKDF_SHA512, {1, 128, CKF_DERIVE}, PR_TRUE}, |
406 /* ------------------------- CAST Operations --------------------------- */ | 407 /* ------------------------- CAST Operations --------------------------- */ |
407 #ifdef NSS_SOFTOKEN_DOES_CAST | 408 #ifdef NSS_SOFTOKEN_DOES_CAST |
408 /* Cast operations are not supported ( yet? ) */ | 409 /* Cast operations are not supported ( yet? ) */ |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
458 {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 459 {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
459 {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE}, | 460 {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE}, |
460 {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 461 {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
461 {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 462 {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
462 {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE}, | 463 {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE}, |
463 {CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE}, PR_FALSE}, | 464 {CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE}, PR_FALSE}, |
464 {CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE}, PR_FALSE}, | 465 {CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE}, PR_FALSE}, |
465 {CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE}, PR_FALSE}, | 466 {CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE}, PR_FALSE}, |
466 {CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE}, PR_FALSE}, | 467 {CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE}, PR_FALSE}, |
467 {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, | 468 {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 469 {CKM_TLS12_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
468 {CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, | 470 {CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, |
469 {48, 48, CKF_DERIVE}, PR_FALSE}, | 471 {48, 48, CKF_DERIVE}, PR_FALSE}, |
470 {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, | 472 {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, |
| 473 {CKM_TLS12_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, |
471 {CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256, | 474 {CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256, |
472 {8, 128, CKF_DERIVE}, PR_FALSE}, | 475 {8, 128, CKF_DERIVE}, PR_FALSE}, |
473 {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, | 476 {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 477 {CKM_TLS12_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
474 {CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, | 478 {CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, |
475 {48, 48, CKF_DERIVE}, PR_FALSE}, | 479 {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 480 {CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE, |
| 481 {48,128, CKF_DERIVE}, PR_FALSE}, |
| 482 {CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH, |
| 483 {48,128, CKF_DERIVE}, PR_FALSE}, |
476 /* ---------------------- PBE Key Derivations ------------------------ */ | 484 /* ---------------------- PBE Key Derivations ------------------------ */ |
477 {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, | 485 {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, |
478 {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, | 486 {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, |
479 /* ------------------ NETSCAPE PBE Key Derivations ------------------- */ | 487 /* ------------------ NETSCAPE PBE Key Derivations ------------------- */ |
480 {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE}, | 488 {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE}, |
481 {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 489 {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
482 {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 490 {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
483 {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 491 {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
484 {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE}, | 492 {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE}, |
485 {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE}, | 493 {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE}, |
(...skipping 1252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1738 */ | 1746 */ |
1739 if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding, | 1747 if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding, |
1740 &pubKey->u.ec.ecParams) != SECSuccess) { | 1748 &pubKey->u.ec.ecParams) != SECSuccess) { |
1741 crv = CKR_DOMAIN_PARAMS_INVALID; | 1749 crv = CKR_DOMAIN_PARAMS_INVALID; |
1742 break; | 1750 break; |
1743 } | 1751 } |
1744 | 1752 |
1745 crv = sftk_Attribute2SSecItem(arena,&pubKey->u.ec.publicValue, | 1753 crv = sftk_Attribute2SSecItem(arena,&pubKey->u.ec.publicValue, |
1746 object,CKA_EC_POINT); | 1754 object,CKA_EC_POINT); |
1747 if (crv == CKR_OK) { | 1755 if (crv == CKR_OK) { |
1748 » int keyLen,curveLen; | 1756 » unsigned int keyLen,curveLen; |
1749 | 1757 |
1750 curveLen = (pubKey->u.ec.ecParams.fieldID.size +7)/8; | 1758 curveLen = (pubKey->u.ec.ecParams.fieldID.size +7)/8; |
1751 keyLen = (2*curveLen)+1; | 1759 keyLen = (2*curveLen)+1; |
1752 | 1760 |
1753 /* special note: We can't just use the first byte to determine | 1761 /* special note: We can't just use the first byte to determine |
1754 * between these 2 cases because both EC_POINT_FORM_UNCOMPRESSED | 1762 * between these 2 cases because both EC_POINT_FORM_UNCOMPRESSED |
1755 * and SEC_ASN1_OCTET_STRING are 0x04 */ | 1763 * and SEC_ASN1_OCTET_STRING are 0x04 */ |
1756 | 1764 |
1757 /* handle the non-DER encoded case (UNCOMPRESSED only) */ | 1765 /* handle the non-DER encoded case (UNCOMPRESSED only) */ |
1758 if (pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED | 1766 if (pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED |
(...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2213 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) | 2221 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) |
2214 { | 2222 { |
2215 CHECK_FORK(); | 2223 CHECK_FORK(); |
2216 | 2224 |
2217 return NSC_GetFunctionList(pFunctionList); | 2225 return NSC_GetFunctionList(pFunctionList); |
2218 } | 2226 } |
2219 | 2227 |
2220 static PLHashNumber | 2228 static PLHashNumber |
2221 sftk_HashNumber(const void *key) | 2229 sftk_HashNumber(const void *key) |
2222 { | 2230 { |
2223 return (PLHashNumber) key; | 2231 return (PLHashNumber)((char *)key - (char *)NULL); |
2224 } | 2232 } |
2225 | 2233 |
2226 /* | 2234 /* |
2227 * eventually I'd like to expunge all occurances of XXX_SLOT_ID and | 2235 * eventually I'd like to expunge all occurances of XXX_SLOT_ID and |
2228 * just go with the info in the slot. This is one place, however, | 2236 * just go with the info in the slot. This is one place, however, |
2229 * where it might be a little difficult. | 2237 * where it might be a little difficult. |
2230 */ | 2238 */ |
2231 const char * | 2239 const char * |
2232 sftk_getDefTokName(CK_SLOT_ID slotID) | 2240 sftk_getDefTokName(CK_SLOT_ID slotID) |
2233 { | 2241 { |
(...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2594 * do more efficient processing */ | 2602 * do more efficient processing */ |
2595 if (session) { | 2603 if (session) { |
2596 slot->head[i] = session->next; | 2604 slot->head[i] = session->next; |
2597 if (session->next) session->next->prev = NULL; | 2605 if (session->next) session->next->prev = NULL; |
2598 session->next = session->prev = NULL; | 2606 session->next = session->prev = NULL; |
2599 SKIP_AFTER_FORK(PZ_Unlock(lock)); | 2607 SKIP_AFTER_FORK(PZ_Unlock(lock)); |
2600 SKIP_AFTER_FORK(PZ_Lock(slot->slotLock)); | 2608 SKIP_AFTER_FORK(PZ_Lock(slot->slotLock)); |
2601 --slot->sessionCount; | 2609 --slot->sessionCount; |
2602 SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock)); | 2610 SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock)); |
2603 if (session->info.flags & CKF_RW_SESSION) { | 2611 if (session->info.flags & CKF_RW_SESSION) { |
2604 » » PR_ATOMIC_DECREMENT(&slot->rwSessionCount); | 2612 » » (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount); |
2605 } | 2613 } |
2606 } else { | 2614 } else { |
2607 SKIP_AFTER_FORK(PZ_Unlock(lock)); | 2615 SKIP_AFTER_FORK(PZ_Unlock(lock)); |
2608 } | 2616 } |
2609 if (session) sftk_FreeSession(session); | 2617 if (session) sftk_FreeSession(session); |
2610 } while (session != NULL); | 2618 } while (session != NULL); |
2611 } | 2619 } |
2612 return CKR_OK; | 2620 return CKR_OK; |
2613 } | 2621 } |
2614 | 2622 |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2749 /* The legacy database uses the old dbm, which is only linked with the | 2757 /* The legacy database uses the old dbm, which is only linked with the |
2750 * legacy DB handler, which is only callable from softoken */ | 2758 * legacy DB handler, which is only callable from softoken */ |
2751 | 2759 |
2752 secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName, | 2760 secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName, |
2753 &filename, &rw); | 2761 &filename, &rw); |
2754 | 2762 |
2755 switch (function) { | 2763 switch (function) { |
2756 case SECMOD_MODULE_DB_FUNCTION_FIND: | 2764 case SECMOD_MODULE_DB_FUNCTION_FIND: |
2757 if (secmod == NULL) { | 2765 if (secmod == NULL) { |
2758 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2766 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
2759 » return NULL; | 2767 » goto loser; |
2760 } | 2768 } |
2761 if (rw && (dbType != NSS_DB_TYPE_LEGACY) && | 2769 if (rw && (dbType != NSS_DB_TYPE_LEGACY) && |
2762 (dbType != NSS_DB_TYPE_MULTIACCESS)) { | 2770 (dbType != NSS_DB_TYPE_MULTIACCESS)) { |
2763 /* if we get here, we are trying to update the local database */ | 2771 /* if we get here, we are trying to update the local database */ |
2764 /* force data from the legacy DB */ | 2772 /* force data from the legacy DB */ |
2765 char *oldSecmod = NULL; | 2773 char *oldSecmod = NULL; |
2766 char *oldAppName = NULL; | 2774 char *oldAppName = NULL; |
2767 char *oldFilename = NULL; | 2775 char *oldFilename = NULL; |
2768 PRBool oldrw; | 2776 PRBool oldrw; |
2769 char **strings = NULL; | 2777 char **strings = NULL; |
(...skipping 22 matching lines...) Expand all Loading... |
2792 if (oldFilename) { PORT_Free(oldFilename); } | 2800 if (oldFilename) { PORT_Free(oldFilename); } |
2793 rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args); | 2801 rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args); |
2794 break; | 2802 break; |
2795 } | 2803 } |
2796 rvstr = sftkdbCall_ReadSecmodDB(appName,filename,secmod, | 2804 rvstr = sftkdbCall_ReadSecmodDB(appName,filename,secmod, |
2797 (char *)parameters,rw); | 2805 (char *)parameters,rw); |
2798 break; | 2806 break; |
2799 case SECMOD_MODULE_DB_FUNCTION_ADD: | 2807 case SECMOD_MODULE_DB_FUNCTION_ADD: |
2800 if (secmod == NULL) { | 2808 if (secmod == NULL) { |
2801 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2809 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
2802 » return NULL; | 2810 » goto loser; |
2803 } | 2811 } |
2804 rvstr = (sftkdbCall_AddSecmodDB(appName,filename,secmod, | 2812 rvstr = (sftkdbCall_AddSecmodDB(appName,filename,secmod, |
2805 (char *)args,rw) == SECSuccess) ? &success: NULL; | 2813 (char *)args,rw) == SECSuccess) ? &success: NULL; |
2806 break; | 2814 break; |
2807 case SECMOD_MODULE_DB_FUNCTION_DEL: | 2815 case SECMOD_MODULE_DB_FUNCTION_DEL: |
2808 if (secmod == NULL) { | 2816 if (secmod == NULL) { |
2809 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2817 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
2810 » return NULL; | 2818 » goto loser; |
2811 } | 2819 } |
2812 rvstr = (sftkdbCall_DeleteSecmodDB(appName,filename,secmod, | 2820 rvstr = (sftkdbCall_DeleteSecmodDB(appName,filename,secmod, |
2813 (char *)args,rw) == SECSuccess) ? &success: NULL; | 2821 (char *)args,rw) == SECSuccess) ? &success: NULL; |
2814 break; | 2822 break; |
2815 case SECMOD_MODULE_DB_FUNCTION_RELEASE: | 2823 case SECMOD_MODULE_DB_FUNCTION_RELEASE: |
2816 rvstr = (sftkdbCall_ReleaseSecmodDBData(appName,filename,secmod, | 2824 rvstr = (sftkdbCall_ReleaseSecmodDBData(appName,filename,secmod, |
2817 (char **)args,rw) == SECSuccess) ? &success: NULL; | 2825 (char **)args,rw) == SECSuccess) ? &success: NULL; |
2818 break; | 2826 break; |
2819 } | 2827 } |
| 2828 |
| 2829 loser: |
2820 if (secmod) PR_smprintf_free(secmod); | 2830 if (secmod) PR_smprintf_free(secmod); |
2821 if (appName) PORT_Free(appName); | 2831 if (appName) PORT_Free(appName); |
2822 if (filename) PORT_Free(filename); | 2832 if (filename) PORT_Free(filename); |
2823 return rvstr; | 2833 return rvstr; |
2824 } | 2834 } |
2825 | 2835 |
2826 static void nscFreeAllSlots(int moduleIndex) | 2836 static void nscFreeAllSlots(int moduleIndex) |
2827 { | 2837 { |
2828 /* free all the slots */ | 2838 /* free all the slots */ |
2829 SFTKSlot *slot = NULL; | 2839 SFTKSlot *slot = NULL; |
(...skipping 301 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3131 return CKR_OK; | 3141 return CKR_OK; |
3132 } | 3142 } |
3133 | 3143 |
3134 crv = nsc_CommonFinalize (pReserved, PR_FALSE); | 3144 crv = nsc_CommonFinalize (pReserved, PR_FALSE); |
3135 | 3145 |
3136 nsc_init = (PRBool) !(crv == CKR_OK); | 3146 nsc_init = (PRBool) !(crv == CKR_OK); |
3137 | 3147 |
3138 return crv; | 3148 return crv; |
3139 } | 3149 } |
3140 | 3150 |
3141 extern const char __nss_softokn_rcsid[]; | 3151 extern const char __nss_softokn_version[]; |
3142 extern const char __nss_softokn_sccsid[]; | |
3143 | 3152 |
3144 /* NSC_GetInfo returns general information about Cryptoki. */ | 3153 /* NSC_GetInfo returns general information about Cryptoki. */ |
3145 CK_RV NSC_GetInfo(CK_INFO_PTR pInfo) | 3154 CK_RV NSC_GetInfo(CK_INFO_PTR pInfo) |
3146 { | 3155 { |
3147 volatile char c; /* force a reference that won't get optimized away */ | 3156 #define NSS_VERSION_VARIABLE __nss_softokn_version |
| 3157 #include "verref.h" |
3148 | 3158 |
3149 CHECK_FORK(); | 3159 CHECK_FORK(); |
3150 | 3160 |
3151 c = __nss_softokn_rcsid[0] + __nss_softokn_sccsid[0]; | |
3152 pInfo->cryptokiVersion.major = 2; | 3161 pInfo->cryptokiVersion.major = 2; |
3153 pInfo->cryptokiVersion.minor = 20; | 3162 pInfo->cryptokiVersion.minor = 20; |
3154 PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32); | 3163 PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32); |
3155 pInfo->libraryVersion.major = SOFTOKEN_VMAJOR; | 3164 pInfo->libraryVersion.major = SOFTOKEN_VMAJOR; |
3156 pInfo->libraryVersion.minor = SOFTOKEN_VMINOR; | 3165 pInfo->libraryVersion.minor = SOFTOKEN_VMINOR; |
3157 PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32); | 3166 PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32); |
3158 pInfo->flags = 0; | 3167 pInfo->flags = 0; |
3159 return CKR_OK; | 3168 return CKR_OK; |
3160 } | 3169 } |
3161 | 3170 |
(...skipping 550 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3712 if (session == NULL) return CKR_HOST_MEMORY; | 3721 if (session == NULL) return CKR_HOST_MEMORY; |
3713 | 3722 |
3714 if (slot->readOnly && (flags & CKF_RW_SESSION)) { | 3723 if (slot->readOnly && (flags & CKF_RW_SESSION)) { |
3715 /* NETSCAPE_SLOT_ID is Read ONLY */ | 3724 /* NETSCAPE_SLOT_ID is Read ONLY */ |
3716 session->info.flags &= ~CKF_RW_SESSION; | 3725 session->info.flags &= ~CKF_RW_SESSION; |
3717 } | 3726 } |
3718 PZ_Lock(slot->slotLock); | 3727 PZ_Lock(slot->slotLock); |
3719 ++slot->sessionCount; | 3728 ++slot->sessionCount; |
3720 PZ_Unlock(slot->slotLock); | 3729 PZ_Unlock(slot->slotLock); |
3721 if (session->info.flags & CKF_RW_SESSION) { | 3730 if (session->info.flags & CKF_RW_SESSION) { |
3722 » PR_ATOMIC_INCREMENT(&slot->rwSessionCount); | 3731 » (void)PR_ATOMIC_INCREMENT(&slot->rwSessionCount); |
3723 } | 3732 } |
3724 | 3733 |
3725 do { | 3734 do { |
3726 PZLock *lock; | 3735 PZLock *lock; |
3727 do { | 3736 do { |
3728 sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) | 3737 sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) |
3729 | (slot->index << 24); | 3738 | (slot->index << 24); |
3730 } while (sessionID == CK_INVALID_HANDLE); | 3739 } while (sessionID == CK_INVALID_HANDLE); |
3731 lock = SFTK_SESSION_LOCK(slot,sessionID); | 3740 lock = SFTK_SESSION_LOCK(slot,sessionID); |
3732 PZ_Lock(lock); | 3741 PZ_Lock(lock); |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3780 slot->isLoggedIn = PR_FALSE; | 3789 slot->isLoggedIn = PR_FALSE; |
3781 if (slot->needLogin && handle) { | 3790 if (slot->needLogin && handle) { |
3782 sftkdb_ClearPassword(handle); | 3791 sftkdb_ClearPassword(handle); |
3783 } | 3792 } |
3784 } | 3793 } |
3785 PZ_Unlock(slot->slotLock); | 3794 PZ_Unlock(slot->slotLock); |
3786 if (handle) { | 3795 if (handle) { |
3787 sftk_freeDB(handle); | 3796 sftk_freeDB(handle); |
3788 } | 3797 } |
3789 if (session->info.flags & CKF_RW_SESSION) { | 3798 if (session->info.flags & CKF_RW_SESSION) { |
3790 » PR_ATOMIC_DECREMENT(&slot->rwSessionCount); | 3799 » (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount); |
3791 } | 3800 } |
3792 } | 3801 } |
3793 | 3802 |
3794 sftk_FreeSession(session); | 3803 sftk_FreeSession(session); |
3795 return CKR_OK; | 3804 return CKR_OK; |
3796 } | 3805 } |
3797 | 3806 |
3798 | 3807 |
3799 /* NSC_CloseAllSessions closes all sessions with a token. */ | 3808 /* NSC_CloseAllSessions closes all sessions with a token. */ |
3800 CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID) | 3809 CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID) |
(...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3998 * "object" is the creation object that specifies the module spec for the slot | 4007 * "object" is the creation object that specifies the module spec for the slot |
3999 * to add or remove. | 4008 * to add or remove. |
4000 */ | 4009 */ |
4001 static CK_RV sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class, | 4010 static CK_RV sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class, |
4002 SFTKObject *object) | 4011 SFTKObject *object) |
4003 { | 4012 { |
4004 PRBool isValidUserSlot = PR_FALSE; | 4013 PRBool isValidUserSlot = PR_FALSE; |
4005 PRBool isValidFIPSUserSlot = PR_FALSE; | 4014 PRBool isValidFIPSUserSlot = PR_FALSE; |
4006 PRBool isValidSlot = PR_FALSE; | 4015 PRBool isValidSlot = PR_FALSE; |
4007 PRBool isFIPS = PR_FALSE; | 4016 PRBool isFIPS = PR_FALSE; |
4008 unsigned long moduleIndex; | 4017 unsigned long moduleIndex = NSC_NON_FIPS_MODULE; |
4009 SFTKAttribute *attribute; | 4018 SFTKAttribute *attribute; |
4010 sftk_parameters paramStrings; | 4019 sftk_parameters paramStrings; |
4011 char *paramString; | 4020 char *paramString; |
4012 CK_SLOT_ID slotID = 0; | 4021 CK_SLOT_ID slotID = 0; |
4013 SFTKSlot *newSlot = NULL; | 4022 SFTKSlot *newSlot = NULL; |
4014 CK_RV crv = CKR_OK; | 4023 CK_RV crv = CKR_OK; |
4015 | 4024 |
4016 if (class != CKO_NETSCAPE_DELSLOT && class != CKO_NETSCAPE_NEWSLOT) { | 4025 if (class != CKO_NETSCAPE_DELSLOT && class != CKO_NETSCAPE_NEWSLOT) { |
4017 return CKR_ATTRIBUTE_VALUE_INVALID; | 4026 return CKR_ATTRIBUTE_VALUE_INVALID; |
4018 } | 4027 } |
(...skipping 488 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4507 /* softoken used to search the SMimeEntries automatically instead of | 4516 /* softoken used to search the SMimeEntries automatically instead of |
4508 * doing this in pk11wrap. This code should really be up in | 4517 * doing this in pk11wrap. This code should really be up in |
4509 * pk11wrap so that it will work with other tokens other than softoken. | 4518 * pk11wrap so that it will work with other tokens other than softoken. |
4510 */ | 4519 */ |
4511 CK_RV | 4520 CK_RV |
4512 sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle, | 4521 sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle, |
4513 SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount) | 4522 SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount) |
4514 { | 4523 { |
4515 PRBool isCert = PR_FALSE; | 4524 PRBool isCert = PR_FALSE; |
4516 int emailIndex = -1; | 4525 int emailIndex = -1; |
4517 int i; | 4526 unsigned int i; |
4518 SFTKSearchResults smime_search; | 4527 SFTKSearchResults smime_search; |
4519 CK_ATTRIBUTE smime_template[2]; | 4528 CK_ATTRIBUTE smime_template[2]; |
4520 CK_OBJECT_CLASS smime_class = CKO_NETSCAPE_SMIME; | 4529 CK_OBJECT_CLASS smime_class = CKO_NETSCAPE_SMIME; |
4521 SFTKAttribute *attribute = NULL; | 4530 SFTKAttribute *attribute = NULL; |
4522 SFTKObject *object = NULL; | 4531 SFTKObject *object = NULL; |
4523 CK_RV crv = CKR_OK; | 4532 CK_RV crv = CKR_OK; |
4524 | 4533 |
4525 | 4534 |
4526 smime_search.handles = NULL; /* paranoia, some one is bound to add a goto | 4535 smime_search.handles = NULL; /* paranoia, some one is bound to add a goto |
4527 * loser before this gets initialized */ | 4536 * loser before this gets initialized */ |
(...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4783 | 4792 |
4784 | 4793 |
4785 CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, | 4794 CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, |
4786 CK_VOID_PTR pReserved) | 4795 CK_VOID_PTR pReserved) |
4787 { | 4796 { |
4788 CHECK_FORK(); | 4797 CHECK_FORK(); |
4789 | 4798 |
4790 return CKR_FUNCTION_NOT_SUPPORTED; | 4799 return CKR_FUNCTION_NOT_SUPPORTED; |
4791 } | 4800 } |
4792 | 4801 |
OLD | NEW |