| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 /* | 4 /* |
| 5 * This file implements PKCS 11 on top of our existing security modules | 5 * This file implements PKCS 11 on top of our existing security modules |
| 6 * | 6 * |
| 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. | 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. |
| 8 * This implementation has two slots: | 8 * This implementation has two slots: |
| 9 * slot 1 is our generic crypto support. It does not require login. | 9 * slot 1 is our generic crypto support. It does not require login. |
| 10 * It supports Public Key ops, and all they bulk ciphers and hashes. | 10 * It supports Public Key ops, and all they bulk ciphers and hashes. |
| (...skipping 378 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 389 {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, | 389 {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, |
| 390 {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 390 {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 391 {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 391 {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 392 {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE}, | 392 {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE}, |
| 393 {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 393 {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 394 {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 394 {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 395 {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE}, | 395 {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE}, |
| 396 {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | 396 {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 397 {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | 397 {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, |
| 398 {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE}, | 398 {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE}, |
| 399 {CKM_TLS_MAC, {0, 512, CKF_SN_VR}, PR_FALSE}, |
| 399 {CKM_NSS_TLS_PRF_GENERAL_SHA256, | 400 {CKM_NSS_TLS_PRF_GENERAL_SHA256, |
| 400 {0, 512, CKF_SN_VR}, PR_FALSE}, | 401 {0, 512, CKF_SN_VR}, PR_FALSE}, |
| 401 /* ------------------------- HKDF Operations -------------------------- */ | 402 /* ------------------------- HKDF Operations -------------------------- */ |
| 402 {CKM_NSS_HKDF_SHA1, {1, 128, CKF_DERIVE}, PR_TRUE}, | 403 {CKM_NSS_HKDF_SHA1, {1, 128, CKF_DERIVE}, PR_TRUE}, |
| 403 {CKM_NSS_HKDF_SHA256, {1, 128, CKF_DERIVE}, PR_TRUE}, | 404 {CKM_NSS_HKDF_SHA256, {1, 128, CKF_DERIVE}, PR_TRUE}, |
| 404 {CKM_NSS_HKDF_SHA384, {1, 128, CKF_DERIVE}, PR_TRUE}, | 405 {CKM_NSS_HKDF_SHA384, {1, 128, CKF_DERIVE}, PR_TRUE}, |
| 405 {CKM_NSS_HKDF_SHA512, {1, 128, CKF_DERIVE}, PR_TRUE}, | 406 {CKM_NSS_HKDF_SHA512, {1, 128, CKF_DERIVE}, PR_TRUE}, |
| 406 /* ------------------------- CAST Operations --------------------------- */ | 407 /* ------------------------- CAST Operations --------------------------- */ |
| 407 #ifdef NSS_SOFTOKEN_DOES_CAST | 408 #ifdef NSS_SOFTOKEN_DOES_CAST |
| 408 /* Cast operations are not supported ( yet? ) */ | 409 /* Cast operations are not supported ( yet? ) */ |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 458 {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 459 {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
| 459 {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE}, | 460 {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE}, |
| 460 {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 461 {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
| 461 {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, | 462 {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE}, |
| 462 {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE}, | 463 {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE}, |
| 463 {CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE}, PR_FALSE}, | 464 {CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE}, PR_FALSE}, |
| 464 {CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE}, PR_FALSE}, | 465 {CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE}, PR_FALSE}, |
| 465 {CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE}, PR_FALSE}, | 466 {CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE}, PR_FALSE}, |
| 466 {CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE}, PR_FALSE}, | 467 {CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE}, PR_FALSE}, |
| 467 {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, | 468 {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 469 {CKM_TLS12_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 468 {CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, | 470 {CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, |
| 469 {48, 48, CKF_DERIVE}, PR_FALSE}, | 471 {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 470 {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, | 472 {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, |
| 473 {CKM_TLS12_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE}, |
| 471 {CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256, | 474 {CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256, |
| 472 {8, 128, CKF_DERIVE}, PR_FALSE}, | 475 {8, 128, CKF_DERIVE}, PR_FALSE}, |
| 473 {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, | 476 {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 477 {CKM_TLS12_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 474 {CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, | 478 {CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, |
| 475 {48, 48, CKF_DERIVE}, PR_FALSE}, | 479 {48, 48, CKF_DERIVE}, PR_FALSE}, |
| 480 {CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE, |
| 481 {48,128, CKF_DERIVE}, PR_FALSE}, |
| 482 {CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH, |
| 483 {48,128, CKF_DERIVE}, PR_FALSE}, |
| 476 /* ---------------------- PBE Key Derivations ------------------------ */ | 484 /* ---------------------- PBE Key Derivations ------------------------ */ |
| 477 {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, | 485 {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, |
| 478 {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, | 486 {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE}, |
| 479 /* ------------------ NETSCAPE PBE Key Derivations ------------------- */ | 487 /* ------------------ NETSCAPE PBE Key Derivations ------------------- */ |
| 480 {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE}, | 488 {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE}, |
| 481 {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 489 {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
| 482 {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 490 {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
| 483 {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, | 491 {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE}, |
| 484 {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE}, | 492 {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE}, |
| 485 {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE}, | 493 {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE}, |
| (...skipping 1252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1738 */ | 1746 */ |
| 1739 if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding, | 1747 if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding, |
| 1740 &pubKey->u.ec.ecParams) != SECSuccess) { | 1748 &pubKey->u.ec.ecParams) != SECSuccess) { |
| 1741 crv = CKR_DOMAIN_PARAMS_INVALID; | 1749 crv = CKR_DOMAIN_PARAMS_INVALID; |
| 1742 break; | 1750 break; |
| 1743 } | 1751 } |
| 1744 | 1752 |
| 1745 crv = sftk_Attribute2SSecItem(arena,&pubKey->u.ec.publicValue, | 1753 crv = sftk_Attribute2SSecItem(arena,&pubKey->u.ec.publicValue, |
| 1746 object,CKA_EC_POINT); | 1754 object,CKA_EC_POINT); |
| 1747 if (crv == CKR_OK) { | 1755 if (crv == CKR_OK) { |
| 1748 » int keyLen,curveLen; | 1756 » unsigned int keyLen,curveLen; |
| 1749 | 1757 |
| 1750 curveLen = (pubKey->u.ec.ecParams.fieldID.size +7)/8; | 1758 curveLen = (pubKey->u.ec.ecParams.fieldID.size +7)/8; |
| 1751 keyLen = (2*curveLen)+1; | 1759 keyLen = (2*curveLen)+1; |
| 1752 | 1760 |
| 1753 /* special note: We can't just use the first byte to determine | 1761 /* special note: We can't just use the first byte to determine |
| 1754 * between these 2 cases because both EC_POINT_FORM_UNCOMPRESSED | 1762 * between these 2 cases because both EC_POINT_FORM_UNCOMPRESSED |
| 1755 * and SEC_ASN1_OCTET_STRING are 0x04 */ | 1763 * and SEC_ASN1_OCTET_STRING are 0x04 */ |
| 1756 | 1764 |
| 1757 /* handle the non-DER encoded case (UNCOMPRESSED only) */ | 1765 /* handle the non-DER encoded case (UNCOMPRESSED only) */ |
| 1758 if (pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED | 1766 if (pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED |
| (...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2213 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) | 2221 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) |
| 2214 { | 2222 { |
| 2215 CHECK_FORK(); | 2223 CHECK_FORK(); |
| 2216 | 2224 |
| 2217 return NSC_GetFunctionList(pFunctionList); | 2225 return NSC_GetFunctionList(pFunctionList); |
| 2218 } | 2226 } |
| 2219 | 2227 |
| 2220 static PLHashNumber | 2228 static PLHashNumber |
| 2221 sftk_HashNumber(const void *key) | 2229 sftk_HashNumber(const void *key) |
| 2222 { | 2230 { |
| 2223 return (PLHashNumber) key; | 2231 return (PLHashNumber)((char *)key - (char *)NULL); |
| 2224 } | 2232 } |
| 2225 | 2233 |
| 2226 /* | 2234 /* |
| 2227 * eventually I'd like to expunge all occurances of XXX_SLOT_ID and | 2235 * eventually I'd like to expunge all occurances of XXX_SLOT_ID and |
| 2228 * just go with the info in the slot. This is one place, however, | 2236 * just go with the info in the slot. This is one place, however, |
| 2229 * where it might be a little difficult. | 2237 * where it might be a little difficult. |
| 2230 */ | 2238 */ |
| 2231 const char * | 2239 const char * |
| 2232 sftk_getDefTokName(CK_SLOT_ID slotID) | 2240 sftk_getDefTokName(CK_SLOT_ID slotID) |
| 2233 { | 2241 { |
| (...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2594 * do more efficient processing */ | 2602 * do more efficient processing */ |
| 2595 if (session) { | 2603 if (session) { |
| 2596 slot->head[i] = session->next; | 2604 slot->head[i] = session->next; |
| 2597 if (session->next) session->next->prev = NULL; | 2605 if (session->next) session->next->prev = NULL; |
| 2598 session->next = session->prev = NULL; | 2606 session->next = session->prev = NULL; |
| 2599 SKIP_AFTER_FORK(PZ_Unlock(lock)); | 2607 SKIP_AFTER_FORK(PZ_Unlock(lock)); |
| 2600 SKIP_AFTER_FORK(PZ_Lock(slot->slotLock)); | 2608 SKIP_AFTER_FORK(PZ_Lock(slot->slotLock)); |
| 2601 --slot->sessionCount; | 2609 --slot->sessionCount; |
| 2602 SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock)); | 2610 SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock)); |
| 2603 if (session->info.flags & CKF_RW_SESSION) { | 2611 if (session->info.flags & CKF_RW_SESSION) { |
| 2604 » » PR_ATOMIC_DECREMENT(&slot->rwSessionCount); | 2612 » » (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount); |
| 2605 } | 2613 } |
| 2606 } else { | 2614 } else { |
| 2607 SKIP_AFTER_FORK(PZ_Unlock(lock)); | 2615 SKIP_AFTER_FORK(PZ_Unlock(lock)); |
| 2608 } | 2616 } |
| 2609 if (session) sftk_FreeSession(session); | 2617 if (session) sftk_FreeSession(session); |
| 2610 } while (session != NULL); | 2618 } while (session != NULL); |
| 2611 } | 2619 } |
| 2612 return CKR_OK; | 2620 return CKR_OK; |
| 2613 } | 2621 } |
| 2614 | 2622 |
| (...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2749 /* The legacy database uses the old dbm, which is only linked with the | 2757 /* The legacy database uses the old dbm, which is only linked with the |
| 2750 * legacy DB handler, which is only callable from softoken */ | 2758 * legacy DB handler, which is only callable from softoken */ |
| 2751 | 2759 |
| 2752 secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName, | 2760 secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName, |
| 2753 &filename, &rw); | 2761 &filename, &rw); |
| 2754 | 2762 |
| 2755 switch (function) { | 2763 switch (function) { |
| 2756 case SECMOD_MODULE_DB_FUNCTION_FIND: | 2764 case SECMOD_MODULE_DB_FUNCTION_FIND: |
| 2757 if (secmod == NULL) { | 2765 if (secmod == NULL) { |
| 2758 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2766 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 2759 » return NULL; | 2767 » goto loser; |
| 2760 } | 2768 } |
| 2761 if (rw && (dbType != NSS_DB_TYPE_LEGACY) && | 2769 if (rw && (dbType != NSS_DB_TYPE_LEGACY) && |
| 2762 (dbType != NSS_DB_TYPE_MULTIACCESS)) { | 2770 (dbType != NSS_DB_TYPE_MULTIACCESS)) { |
| 2763 /* if we get here, we are trying to update the local database */ | 2771 /* if we get here, we are trying to update the local database */ |
| 2764 /* force data from the legacy DB */ | 2772 /* force data from the legacy DB */ |
| 2765 char *oldSecmod = NULL; | 2773 char *oldSecmod = NULL; |
| 2766 char *oldAppName = NULL; | 2774 char *oldAppName = NULL; |
| 2767 char *oldFilename = NULL; | 2775 char *oldFilename = NULL; |
| 2768 PRBool oldrw; | 2776 PRBool oldrw; |
| 2769 char **strings = NULL; | 2777 char **strings = NULL; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 2792 if (oldFilename) { PORT_Free(oldFilename); } | 2800 if (oldFilename) { PORT_Free(oldFilename); } |
| 2793 rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args); | 2801 rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args); |
| 2794 break; | 2802 break; |
| 2795 } | 2803 } |
| 2796 rvstr = sftkdbCall_ReadSecmodDB(appName,filename,secmod, | 2804 rvstr = sftkdbCall_ReadSecmodDB(appName,filename,secmod, |
| 2797 (char *)parameters,rw); | 2805 (char *)parameters,rw); |
| 2798 break; | 2806 break; |
| 2799 case SECMOD_MODULE_DB_FUNCTION_ADD: | 2807 case SECMOD_MODULE_DB_FUNCTION_ADD: |
| 2800 if (secmod == NULL) { | 2808 if (secmod == NULL) { |
| 2801 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2809 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 2802 » return NULL; | 2810 » goto loser; |
| 2803 } | 2811 } |
| 2804 rvstr = (sftkdbCall_AddSecmodDB(appName,filename,secmod, | 2812 rvstr = (sftkdbCall_AddSecmodDB(appName,filename,secmod, |
| 2805 (char *)args,rw) == SECSuccess) ? &success: NULL; | 2813 (char *)args,rw) == SECSuccess) ? &success: NULL; |
| 2806 break; | 2814 break; |
| 2807 case SECMOD_MODULE_DB_FUNCTION_DEL: | 2815 case SECMOD_MODULE_DB_FUNCTION_DEL: |
| 2808 if (secmod == NULL) { | 2816 if (secmod == NULL) { |
| 2809 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 2817 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 2810 » return NULL; | 2818 » goto loser; |
| 2811 } | 2819 } |
| 2812 rvstr = (sftkdbCall_DeleteSecmodDB(appName,filename,secmod, | 2820 rvstr = (sftkdbCall_DeleteSecmodDB(appName,filename,secmod, |
| 2813 (char *)args,rw) == SECSuccess) ? &success: NULL; | 2821 (char *)args,rw) == SECSuccess) ? &success: NULL; |
| 2814 break; | 2822 break; |
| 2815 case SECMOD_MODULE_DB_FUNCTION_RELEASE: | 2823 case SECMOD_MODULE_DB_FUNCTION_RELEASE: |
| 2816 rvstr = (sftkdbCall_ReleaseSecmodDBData(appName,filename,secmod, | 2824 rvstr = (sftkdbCall_ReleaseSecmodDBData(appName,filename,secmod, |
| 2817 (char **)args,rw) == SECSuccess) ? &success: NULL; | 2825 (char **)args,rw) == SECSuccess) ? &success: NULL; |
| 2818 break; | 2826 break; |
| 2819 } | 2827 } |
| 2828 |
| 2829 loser: |
| 2820 if (secmod) PR_smprintf_free(secmod); | 2830 if (secmod) PR_smprintf_free(secmod); |
| 2821 if (appName) PORT_Free(appName); | 2831 if (appName) PORT_Free(appName); |
| 2822 if (filename) PORT_Free(filename); | 2832 if (filename) PORT_Free(filename); |
| 2823 return rvstr; | 2833 return rvstr; |
| 2824 } | 2834 } |
| 2825 | 2835 |
| 2826 static void nscFreeAllSlots(int moduleIndex) | 2836 static void nscFreeAllSlots(int moduleIndex) |
| 2827 { | 2837 { |
| 2828 /* free all the slots */ | 2838 /* free all the slots */ |
| 2829 SFTKSlot *slot = NULL; | 2839 SFTKSlot *slot = NULL; |
| (...skipping 301 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3131 return CKR_OK; | 3141 return CKR_OK; |
| 3132 } | 3142 } |
| 3133 | 3143 |
| 3134 crv = nsc_CommonFinalize (pReserved, PR_FALSE); | 3144 crv = nsc_CommonFinalize (pReserved, PR_FALSE); |
| 3135 | 3145 |
| 3136 nsc_init = (PRBool) !(crv == CKR_OK); | 3146 nsc_init = (PRBool) !(crv == CKR_OK); |
| 3137 | 3147 |
| 3138 return crv; | 3148 return crv; |
| 3139 } | 3149 } |
| 3140 | 3150 |
| 3141 extern const char __nss_softokn_rcsid[]; | 3151 extern const char __nss_softokn_version[]; |
| 3142 extern const char __nss_softokn_sccsid[]; | |
| 3143 | 3152 |
| 3144 /* NSC_GetInfo returns general information about Cryptoki. */ | 3153 /* NSC_GetInfo returns general information about Cryptoki. */ |
| 3145 CK_RV NSC_GetInfo(CK_INFO_PTR pInfo) | 3154 CK_RV NSC_GetInfo(CK_INFO_PTR pInfo) |
| 3146 { | 3155 { |
| 3147 volatile char c; /* force a reference that won't get optimized away */ | 3156 #define NSS_VERSION_VARIABLE __nss_softokn_version |
| 3157 #include "verref.h" |
| 3148 | 3158 |
| 3149 CHECK_FORK(); | 3159 CHECK_FORK(); |
| 3150 | 3160 |
| 3151 c = __nss_softokn_rcsid[0] + __nss_softokn_sccsid[0]; | |
| 3152 pInfo->cryptokiVersion.major = 2; | 3161 pInfo->cryptokiVersion.major = 2; |
| 3153 pInfo->cryptokiVersion.minor = 20; | 3162 pInfo->cryptokiVersion.minor = 20; |
| 3154 PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32); | 3163 PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32); |
| 3155 pInfo->libraryVersion.major = SOFTOKEN_VMAJOR; | 3164 pInfo->libraryVersion.major = SOFTOKEN_VMAJOR; |
| 3156 pInfo->libraryVersion.minor = SOFTOKEN_VMINOR; | 3165 pInfo->libraryVersion.minor = SOFTOKEN_VMINOR; |
| 3157 PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32); | 3166 PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32); |
| 3158 pInfo->flags = 0; | 3167 pInfo->flags = 0; |
| 3159 return CKR_OK; | 3168 return CKR_OK; |
| 3160 } | 3169 } |
| 3161 | 3170 |
| (...skipping 550 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3712 if (session == NULL) return CKR_HOST_MEMORY; | 3721 if (session == NULL) return CKR_HOST_MEMORY; |
| 3713 | 3722 |
| 3714 if (slot->readOnly && (flags & CKF_RW_SESSION)) { | 3723 if (slot->readOnly && (flags & CKF_RW_SESSION)) { |
| 3715 /* NETSCAPE_SLOT_ID is Read ONLY */ | 3724 /* NETSCAPE_SLOT_ID is Read ONLY */ |
| 3716 session->info.flags &= ~CKF_RW_SESSION; | 3725 session->info.flags &= ~CKF_RW_SESSION; |
| 3717 } | 3726 } |
| 3718 PZ_Lock(slot->slotLock); | 3727 PZ_Lock(slot->slotLock); |
| 3719 ++slot->sessionCount; | 3728 ++slot->sessionCount; |
| 3720 PZ_Unlock(slot->slotLock); | 3729 PZ_Unlock(slot->slotLock); |
| 3721 if (session->info.flags & CKF_RW_SESSION) { | 3730 if (session->info.flags & CKF_RW_SESSION) { |
| 3722 » PR_ATOMIC_INCREMENT(&slot->rwSessionCount); | 3731 » (void)PR_ATOMIC_INCREMENT(&slot->rwSessionCount); |
| 3723 } | 3732 } |
| 3724 | 3733 |
| 3725 do { | 3734 do { |
| 3726 PZLock *lock; | 3735 PZLock *lock; |
| 3727 do { | 3736 do { |
| 3728 sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) | 3737 sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) |
| 3729 | (slot->index << 24); | 3738 | (slot->index << 24); |
| 3730 } while (sessionID == CK_INVALID_HANDLE); | 3739 } while (sessionID == CK_INVALID_HANDLE); |
| 3731 lock = SFTK_SESSION_LOCK(slot,sessionID); | 3740 lock = SFTK_SESSION_LOCK(slot,sessionID); |
| 3732 PZ_Lock(lock); | 3741 PZ_Lock(lock); |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3780 slot->isLoggedIn = PR_FALSE; | 3789 slot->isLoggedIn = PR_FALSE; |
| 3781 if (slot->needLogin && handle) { | 3790 if (slot->needLogin && handle) { |
| 3782 sftkdb_ClearPassword(handle); | 3791 sftkdb_ClearPassword(handle); |
| 3783 } | 3792 } |
| 3784 } | 3793 } |
| 3785 PZ_Unlock(slot->slotLock); | 3794 PZ_Unlock(slot->slotLock); |
| 3786 if (handle) { | 3795 if (handle) { |
| 3787 sftk_freeDB(handle); | 3796 sftk_freeDB(handle); |
| 3788 } | 3797 } |
| 3789 if (session->info.flags & CKF_RW_SESSION) { | 3798 if (session->info.flags & CKF_RW_SESSION) { |
| 3790 » PR_ATOMIC_DECREMENT(&slot->rwSessionCount); | 3799 » (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount); |
| 3791 } | 3800 } |
| 3792 } | 3801 } |
| 3793 | 3802 |
| 3794 sftk_FreeSession(session); | 3803 sftk_FreeSession(session); |
| 3795 return CKR_OK; | 3804 return CKR_OK; |
| 3796 } | 3805 } |
| 3797 | 3806 |
| 3798 | 3807 |
| 3799 /* NSC_CloseAllSessions closes all sessions with a token. */ | 3808 /* NSC_CloseAllSessions closes all sessions with a token. */ |
| 3800 CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID) | 3809 CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID) |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3998 * "object" is the creation object that specifies the module spec for the slot | 4007 * "object" is the creation object that specifies the module spec for the slot |
| 3999 * to add or remove. | 4008 * to add or remove. |
| 4000 */ | 4009 */ |
| 4001 static CK_RV sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class, | 4010 static CK_RV sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class, |
| 4002 SFTKObject *object) | 4011 SFTKObject *object) |
| 4003 { | 4012 { |
| 4004 PRBool isValidUserSlot = PR_FALSE; | 4013 PRBool isValidUserSlot = PR_FALSE; |
| 4005 PRBool isValidFIPSUserSlot = PR_FALSE; | 4014 PRBool isValidFIPSUserSlot = PR_FALSE; |
| 4006 PRBool isValidSlot = PR_FALSE; | 4015 PRBool isValidSlot = PR_FALSE; |
| 4007 PRBool isFIPS = PR_FALSE; | 4016 PRBool isFIPS = PR_FALSE; |
| 4008 unsigned long moduleIndex; | 4017 unsigned long moduleIndex = NSC_NON_FIPS_MODULE; |
| 4009 SFTKAttribute *attribute; | 4018 SFTKAttribute *attribute; |
| 4010 sftk_parameters paramStrings; | 4019 sftk_parameters paramStrings; |
| 4011 char *paramString; | 4020 char *paramString; |
| 4012 CK_SLOT_ID slotID = 0; | 4021 CK_SLOT_ID slotID = 0; |
| 4013 SFTKSlot *newSlot = NULL; | 4022 SFTKSlot *newSlot = NULL; |
| 4014 CK_RV crv = CKR_OK; | 4023 CK_RV crv = CKR_OK; |
| 4015 | 4024 |
| 4016 if (class != CKO_NETSCAPE_DELSLOT && class != CKO_NETSCAPE_NEWSLOT) { | 4025 if (class != CKO_NETSCAPE_DELSLOT && class != CKO_NETSCAPE_NEWSLOT) { |
| 4017 return CKR_ATTRIBUTE_VALUE_INVALID; | 4026 return CKR_ATTRIBUTE_VALUE_INVALID; |
| 4018 } | 4027 } |
| (...skipping 488 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4507 /* softoken used to search the SMimeEntries automatically instead of | 4516 /* softoken used to search the SMimeEntries automatically instead of |
| 4508 * doing this in pk11wrap. This code should really be up in | 4517 * doing this in pk11wrap. This code should really be up in |
| 4509 * pk11wrap so that it will work with other tokens other than softoken. | 4518 * pk11wrap so that it will work with other tokens other than softoken. |
| 4510 */ | 4519 */ |
| 4511 CK_RV | 4520 CK_RV |
| 4512 sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle, | 4521 sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle, |
| 4513 SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount) | 4522 SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount) |
| 4514 { | 4523 { |
| 4515 PRBool isCert = PR_FALSE; | 4524 PRBool isCert = PR_FALSE; |
| 4516 int emailIndex = -1; | 4525 int emailIndex = -1; |
| 4517 int i; | 4526 unsigned int i; |
| 4518 SFTKSearchResults smime_search; | 4527 SFTKSearchResults smime_search; |
| 4519 CK_ATTRIBUTE smime_template[2]; | 4528 CK_ATTRIBUTE smime_template[2]; |
| 4520 CK_OBJECT_CLASS smime_class = CKO_NETSCAPE_SMIME; | 4529 CK_OBJECT_CLASS smime_class = CKO_NETSCAPE_SMIME; |
| 4521 SFTKAttribute *attribute = NULL; | 4530 SFTKAttribute *attribute = NULL; |
| 4522 SFTKObject *object = NULL; | 4531 SFTKObject *object = NULL; |
| 4523 CK_RV crv = CKR_OK; | 4532 CK_RV crv = CKR_OK; |
| 4524 | 4533 |
| 4525 | 4534 |
| 4526 smime_search.handles = NULL; /* paranoia, some one is bound to add a goto | 4535 smime_search.handles = NULL; /* paranoia, some one is bound to add a goto |
| 4527 * loser before this gets initialized */ | 4536 * loser before this gets initialized */ |
| (...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4783 | 4792 |
| 4784 | 4793 |
| 4785 CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, | 4794 CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, |
| 4786 CK_VOID_PTR pReserved) | 4795 CK_VOID_PTR pReserved) |
| 4787 { | 4796 { |
| 4788 CHECK_FORK(); | 4797 CHECK_FORK(); |
| 4789 | 4798 |
| 4790 return CKR_FUNCTION_NOT_SUPPORTED; | 4799 return CKR_FUNCTION_NOT_SUPPORTED; |
| 4791 } | 4800 } |
| 4792 | 4801 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1504923011:
Update NSS to 3.21 RTM and NSPR to 4.11 RTM (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/nss