Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(520)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/ckfw/session.c

Issue 1843333003: Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/ckfw/object.c ('k') | nss/lib/ckfw/sessobj.c » ('j') | nss/lib/util/secoid.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 4
5 /* 5 /*
6 * session.c 6 * session.c
7 * 7 *
8 * This file implements the NSSCKFWSession type and methods. 8 * This file implements the NSSCKFWSession type and methods.
9 */ 9 */
10 10
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 * nssCKFWSession_GetOperationState 54 * nssCKFWSession_GetOperationState
55 * nssCKFWSession_SetOperationState 55 * nssCKFWSession_SetOperationState
56 * nssCKFWSession_CreateObject 56 * nssCKFWSession_CreateObject
57 * nssCKFWSession_CopyObject 57 * nssCKFWSession_CopyObject
58 * nssCKFWSession_FindObjectsInit 58 * nssCKFWSession_FindObjectsInit
59 * nssCKFWSession_SeedRandom 59 * nssCKFWSession_SeedRandom
60 * nssCKFWSession_GetRandom 60 * nssCKFWSession_GetRandom
61 */ 61 */
62 62
63 struct NSSCKFWSessionStr { 63 struct NSSCKFWSessionStr {
64 NSSArena *arena; 64 NSSArena *arena;
65 NSSCKMDSession *mdSession; 65 NSSCKMDSession *mdSession;
66 NSSCKFWToken *fwToken; 66 NSSCKFWToken *fwToken;
67 NSSCKMDToken *mdToken; 67 NSSCKMDToken *mdToken;
68 NSSCKFWInstance *fwInstance; 68 NSSCKFWInstance *fwInstance;
69 NSSCKMDInstance *mdInstance; 69 NSSCKMDInstance *mdInstance;
70 CK_VOID_PTR pApplication; 70 CK_VOID_PTR pApplication;
71 CK_NOTIFY Notify; 71 CK_NOTIFY Notify;
72 72
73 /* 73 /*
74 * Everything above is set at creation time, and then not modified. 74 * Everything above is set at creation time, and then not modified.
75 * The items below are atomic. No locking required. If we fear 75 * The items below are atomic. No locking required. If we fear
76 * about pointer-copies being nonatomic, we'll lock fwFindObjects. 76 * about pointer-copies being nonatomic, we'll lock fwFindObjects.
77 */ 77 */
78 78
79 CK_BBOOL rw; 79 CK_BBOOL rw;
80 NSSCKFWFindObjects *fwFindObjects; 80 NSSCKFWFindObjects *fwFindObjects;
81 NSSCKFWCryptoOperation *fwOperationArray[NSSCKFWCryptoOperationState_Max]; 81 NSSCKFWCryptoOperation *fwOperationArray[NSSCKFWCryptoOperationState_Max];
82 nssCKFWHash *sessionObjectHash; 82 nssCKFWHash *sessionObjectHash;
83 CK_SESSION_HANDLE hSession; 83 CK_SESSION_HANDLE hSession;
84 }; 84 };
85 85
86 #ifdef DEBUG 86 #ifdef DEBUG
87 /* 87 /*
88 * But first, the pointer-tracking stuff. 88 * But first, the pointer-tracking stuff.
89 * 89 *
90 * NOTE: the pointer-tracking support in NSS/base currently relies 90 * NOTE: the pointer-tracking support in NSS/base currently relies
91 * upon NSPR's CallOnce support. That, however, relies upon NSPR's 91 * upon NSPR's CallOnce support. That, however, relies upon NSPR's
92 * locking, which is tied into the runtime. We need a pointer-tracker 92 * locking, which is tied into the runtime. We need a pointer-tracker
93 * implementation that uses the locks supplied through C_Initialize. 93 * implementation that uses the locks supplied through C_Initialize.
94 * That support, however, can be filled in later. So for now, I'll 94 * That support, however, can be filled in later. So for now, I'll
95 * just do this routines as no-ops. 95 * just do this routines as no-ops.
96 */ 96 */
97 97
98 static CK_RV 98 static CK_RV
99 session_add_pointer 99 session_add_pointer(
100 ( 100 const NSSCKFWSession *fwSession)
101 const NSSCKFWSession *fwSession
102 )
103 { 101 {
104 return CKR_OK; 102 return CKR_OK;
105 } 103 }
106 104
107 static CK_RV 105 static CK_RV
108 session_remove_pointer 106 session_remove_pointer(
109 ( 107 const NSSCKFWSession *fwSession)
110 const NSSCKFWSession *fwSession
111 )
112 { 108 {
113 return CKR_OK; 109 return CKR_OK;
114 } 110 }
115 111
116 NSS_IMPLEMENT CK_RV 112 NSS_IMPLEMENT CK_RV
117 nssCKFWSession_verifyPointer 113 nssCKFWSession_verifyPointer(
118 ( 114 const NSSCKFWSession *fwSession)
119 const NSSCKFWSession *fwSession
120 )
121 { 115 {
122 return CKR_OK; 116 return CKR_OK;
123 } 117 }
124 118
125 #endif /* DEBUG */ 119 #endif /* DEBUG */
126 120
127 /* 121 /*
128 * nssCKFWSession_Create 122 * nssCKFWSession_Create
129 * 123 *
130 */ 124 */
131 NSS_IMPLEMENT NSSCKFWSession * 125 NSS_IMPLEMENT NSSCKFWSession *
132 nssCKFWSession_Create 126 nssCKFWSession_Create(
133 ( 127 NSSCKFWToken *fwToken,
134 NSSCKFWToken *fwToken, 128 CK_BBOOL rw,
135 CK_BBOOL rw, 129 CK_VOID_PTR pApplication,
136 CK_VOID_PTR pApplication, 130 CK_NOTIFY Notify,
137 CK_NOTIFY Notify, 131 CK_RV *pError)
138 CK_RV *pError
139 )
140 { 132 {
141 NSSArena *arena = (NSSArena *)NULL; 133 NSSArena *arena = (NSSArena *)NULL;
142 NSSCKFWSession *fwSession; 134 NSSCKFWSession *fwSession;
143 NSSCKFWSlot *fwSlot; 135 NSSCKFWSlot *fwSlot;
144 136
145 #ifdef NSSDEBUG 137 #ifdef NSSDEBUG
146 if (!pError) { 138 if (!pError) {
147 return (NSSCKFWSession *)NULL; 139 return (NSSCKFWSession *)NULL;
148 } 140 }
149 141
150 *pError = nssCKFWToken_verifyPointer(fwToken); 142 *pError = nssCKFWToken_verifyPointer(fwToken);
151 if( CKR_OK != *pError ) { 143 if (CKR_OK != *pError) {
152 return (NSSCKFWSession *)NULL; 144 return (NSSCKFWSession *)NULL;
153 } 145 }
154 #endif /* NSSDEBUG */ 146 #endif /* NSSDEBUG */
155 147
156 arena = NSSArena_Create(); 148 arena = NSSArena_Create();
157 if (!arena) { 149 if (!arena) {
158 *pError = CKR_HOST_MEMORY; 150 *pError = CKR_HOST_MEMORY;
159 return (NSSCKFWSession *)NULL; 151 return (NSSCKFWSession *)NULL;
160 } 152 }
161 153
162 fwSession = nss_ZNEW(arena, NSSCKFWSession); 154 fwSession = nss_ZNEW(arena, NSSCKFWSession);
163 if (!fwSession) { 155 if (!fwSession) {
164 *pError = CKR_HOST_MEMORY; 156 *pError = CKR_HOST_MEMORY;
165 goto loser; 157 goto loser;
166 } 158 }
167 159
168 fwSession->arena = arena; 160 fwSession->arena = arena;
169 fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */ 161 fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
170 fwSession->fwToken = fwToken; 162 fwSession->fwToken = fwToken;
171 fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken); 163 fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
172 164
173 fwSlot = nssCKFWToken_GetFWSlot(fwToken); 165 fwSlot = nssCKFWToken_GetFWSlot(fwToken);
174 fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot); 166 fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
175 fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot); 167 fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
176 168
177 fwSession->rw = rw; 169 fwSession->rw = rw;
178 fwSession->pApplication = pApplication; 170 fwSession->pApplication = pApplication;
179 fwSession->Notify = Notify; 171 fwSession->Notify = Notify;
180 172
181 fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL; 173 fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
182 174
183 fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena , pError); 175 fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, are na, pError);
184 if (!fwSession->sessionObjectHash) { 176 if (!fwSession->sessionObjectHash) {
185 if( CKR_OK == *pError ) { 177 if (CKR_OK == *pError) {
186 *pError = CKR_GENERAL_ERROR; 178 *pError = CKR_GENERAL_ERROR;
179 }
180 goto loser;
187 } 181 }
188 goto loser;
189 }
190 182
191 #ifdef DEBUG 183 #ifdef DEBUG
192 *pError = session_add_pointer(fwSession); 184 *pError = session_add_pointer(fwSession);
193 if( CKR_OK != *pError ) { 185 if (CKR_OK != *pError) {
194 goto loser; 186 goto loser;
195 } 187 }
196 #endif /* DEBUG */ 188 #endif /* DEBUG */
197 189
198 return fwSession; 190 return fwSession;
199 191
200 loser: 192 loser:
201 if (arena) { 193 if (arena) {
202 if (fwSession && fwSession->sessionObjectHash) { 194 if (fwSession && fwSession->sessionObjectHash) {
203 (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash); 195 (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
196 }
197 NSSArena_Destroy(arena);
204 } 198 }
205 NSSArena_Destroy(arena);
206 }
207 199
208 return (NSSCKFWSession *)NULL; 200 return (NSSCKFWSession *)NULL;
209 } 201 }
210 202
211 static void 203 static void
212 nss_ckfw_session_object_destroy_iterator 204 nss_ckfw_session_object_destroy_iterator(
213 ( 205 const void *key,
214 const void *key, 206 void *value,
215 void *value, 207 void *closure)
216 void *closure
217 )
218 { 208 {
219 NSSCKFWObject *fwObject = (NSSCKFWObject *)value; 209 NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
220 nssCKFWObject_Finalize(fwObject, PR_TRUE); 210 nssCKFWObject_Finalize(fwObject, PR_TRUE);
221 } 211 }
222 212
223 /* 213 /*
224 * nssCKFWSession_Destroy 214 * nssCKFWSession_Destroy
225 * 215 *
226 */ 216 */
227 NSS_IMPLEMENT CK_RV 217 NSS_IMPLEMENT CK_RV
228 nssCKFWSession_Destroy 218 nssCKFWSession_Destroy(
229 ( 219 NSSCKFWSession *fwSession,
230 NSSCKFWSession *fwSession, 220 CK_BBOOL removeFromTokenHash)
231 CK_BBOOL removeFromTokenHash
232 )
233 { 221 {
234 CK_RV error = CKR_OK; 222 CK_RV error = CKR_OK;
235 nssCKFWHash *sessionObjectHash; 223 nssCKFWHash *sessionObjectHash;
236 NSSCKFWCryptoOperationState i; 224 NSSCKFWCryptoOperationState i;
237 225
238 #ifdef NSSDEBUG 226 #ifdef NSSDEBUG
239 error = nssCKFWSession_verifyPointer(fwSession); 227 error = nssCKFWSession_verifyPointer(fwSession);
240 if( CKR_OK != error ) { 228 if (CKR_OK != error) {
241 return error; 229 return error;
242 } 230 }
243 #endif /* NSSDEBUG */ 231 #endif /* NSSDEBUG */
244 232
245 if( removeFromTokenHash ) { 233 if (removeFromTokenHash) {
246 error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession); 234 error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
247 } 235 }
248 236
249 /* 237 /*
250 * Invalidate session objects 238 * Invalidate session objects
251 */ 239 */
252 240
253 sessionObjectHash = fwSession->sessionObjectHash; 241 sessionObjectHash = fwSession->sessionObjectHash;
254 fwSession->sessionObjectHash = (nssCKFWHash *)NULL; 242 fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
255 243
256 nssCKFWHash_Iterate(sessionObjectHash, 244 nssCKFWHash_Iterate(sessionObjectHash,
257 nss_ckfw_session_object_destroy_iterator, 245 nss_ckfw_session_object_destroy_iterator,
258 (void *)NULL); 246 (void *)NULL);
259 247
260 for (i=0; i < NSSCKFWCryptoOperationState_Max; i++) { 248 for (i = 0; i < NSSCKFWCryptoOperationState_Max; i++) {
261 if (fwSession->fwOperationArray[i]) { 249 if (fwSession->fwOperationArray[i]) {
262 nssCKFWCryptoOperation_Destroy(fwSession->fwOperationArray[i]); 250 nssCKFWCryptoOperation_Destroy(fwSession->fwOperationArray[i]);
251 }
263 } 252 }
264 }
265 253
266 #ifdef DEBUG 254 #ifdef DEBUG
267 (void)session_remove_pointer(fwSession); 255 (void)session_remove_pointer(fwSession);
268 #endif /* DEBUG */ 256 #endif /* DEBUG */
269 (void)nssCKFWHash_Destroy(sessionObjectHash); 257 (void)nssCKFWHash_Destroy(sessionObjectHash);
270 NSSArena_Destroy(fwSession->arena); 258 NSSArena_Destroy(fwSession->arena);
271 259
272 return error; 260 return error;
273 } 261 }
274 262
275 /* 263 /*
276 * nssCKFWSession_GetMDSession 264 * nssCKFWSession_GetMDSession
277 * 265 *
278 */ 266 */
279 NSS_IMPLEMENT NSSCKMDSession * 267 NSS_IMPLEMENT NSSCKMDSession *
280 nssCKFWSession_GetMDSession 268 nssCKFWSession_GetMDSession(
281 ( 269 NSSCKFWSession *fwSession)
282 NSSCKFWSession *fwSession
283 )
284 { 270 {
285 #ifdef NSSDEBUG 271 #ifdef NSSDEBUG
286 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 272 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
287 return (NSSCKMDSession *)NULL; 273 return (NSSCKMDSession *)NULL;
288 } 274 }
289 #endif /* NSSDEBUG */ 275 #endif /* NSSDEBUG */
290 276
291 return fwSession->mdSession; 277 return fwSession->mdSession;
292 } 278 }
293 279
294 /* 280 /*
295 * nssCKFWSession_GetArena 281 * nssCKFWSession_GetArena
296 * 282 *
297 */ 283 */
298 NSS_IMPLEMENT NSSArena * 284 NSS_IMPLEMENT NSSArena *
299 nssCKFWSession_GetArena 285 nssCKFWSession_GetArena(
300 ( 286 NSSCKFWSession *fwSession,
301 NSSCKFWSession *fwSession, 287 CK_RV *pError)
302 CK_RV *pError
303 )
304 { 288 {
305 #ifdef NSSDEBUG 289 #ifdef NSSDEBUG
306 if (!pError) { 290 if (!pError) {
307 return (NSSArena *)NULL; 291 return (NSSArena *)NULL;
308 } 292 }
309 293
310 *pError = nssCKFWSession_verifyPointer(fwSession); 294 *pError = nssCKFWSession_verifyPointer(fwSession);
311 if( CKR_OK != *pError ) { 295 if (CKR_OK != *pError) {
312 return (NSSArena *)NULL; 296 return (NSSArena *)NULL;
313 } 297 }
314 #endif /* NSSDEBUG */ 298 #endif /* NSSDEBUG */
315 299
316 return fwSession->arena; 300 return fwSession->arena;
317 } 301 }
318 302
319 /* 303 /*
320 * nssCKFWSession_CallNotification 304 * nssCKFWSession_CallNotification
321 * 305 *
322 */ 306 */
323 NSS_IMPLEMENT CK_RV 307 NSS_IMPLEMENT CK_RV
324 nssCKFWSession_CallNotification 308 nssCKFWSession_CallNotification(
325 ( 309 NSSCKFWSession *fwSession,
326 NSSCKFWSession *fwSession, 310 CK_NOTIFICATION event)
327 CK_NOTIFICATION event
328 )
329 { 311 {
330 CK_RV error = CKR_OK; 312 CK_RV error = CKR_OK;
331 CK_SESSION_HANDLE handle; 313 CK_SESSION_HANDLE handle;
332 314
333 #ifdef NSSDEBUG 315 #ifdef NSSDEBUG
334 error = nssCKFWSession_verifyPointer(fwSession); 316 error = nssCKFWSession_verifyPointer(fwSession);
335 if( CKR_OK != error ) { 317 if (CKR_OK != error) {
336 return error; 318 return error;
337 } 319 }
338 #endif /* NSSDEBUG */ 320 #endif /* NSSDEBUG */
339 321
340 if( (CK_NOTIFY)NULL == fwSession->Notify ) { 322 if ((CK_NOTIFY)NULL == fwSession->Notify) {
341 return CKR_OK; 323 return CKR_OK;
342 } 324 }
343 325
344 handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession); 326 handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession) ;
345 if( (CK_SESSION_HANDLE)0 == handle ) { 327 if ((CK_SESSION_HANDLE)0 == handle) {
346 return CKR_GENERAL_ERROR; 328 return CKR_GENERAL_ERROR;
347 } 329 }
348 330
349 error = fwSession->Notify(handle, event, fwSession->pApplication); 331 error = fwSession->Notify(handle, event, fwSession->pApplication);
350 332
351 return error; 333 return error;
352 } 334 }
353 335
354 /* 336 /*
355 * nssCKFWSession_IsRWSession 337 * nssCKFWSession_IsRWSession
356 * 338 *
357 */ 339 */
358 NSS_IMPLEMENT CK_BBOOL 340 NSS_IMPLEMENT CK_BBOOL
359 nssCKFWSession_IsRWSession 341 nssCKFWSession_IsRWSession(
360 ( 342 NSSCKFWSession *fwSession)
361 NSSCKFWSession *fwSession
362 )
363 { 343 {
364 #ifdef NSSDEBUG 344 #ifdef NSSDEBUG
365 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 345 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
366 return CK_FALSE; 346 return CK_FALSE;
367 } 347 }
368 #endif /* NSSDEBUG */ 348 #endif /* NSSDEBUG */
369 349
370 return fwSession->rw; 350 return fwSession->rw;
371 } 351 }
372 352
373 /* 353 /*
374 * nssCKFWSession_IsSO 354 * nssCKFWSession_IsSO
375 * 355 *
376 */ 356 */
377 NSS_IMPLEMENT CK_BBOOL 357 NSS_IMPLEMENT CK_BBOOL
378 nssCKFWSession_IsSO 358 nssCKFWSession_IsSO(
379 ( 359 NSSCKFWSession *fwSession)
380 NSSCKFWSession *fwSession
381 )
382 { 360 {
383 CK_STATE state; 361 CK_STATE state;
384 362
385 #ifdef NSSDEBUG 363 #ifdef NSSDEBUG
386 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 364 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
387 return CK_FALSE; 365 return CK_FALSE;
388 } 366 }
389 #endif /* NSSDEBUG */ 367 #endif /* NSSDEBUG */
390 368
391 state = nssCKFWToken_GetSessionState(fwSession->fwToken); 369 state = nssCKFWToken_GetSessionState(fwSession->fwToken);
392 switch( state ) { 370 switch (state) {
393 case CKS_RO_PUBLIC_SESSION: 371 case CKS_RO_PUBLIC_SESSION:
394 case CKS_RO_USER_FUNCTIONS: 372 case CKS_RO_USER_FUNCTIONS:
395 case CKS_RW_PUBLIC_SESSION: 373 case CKS_RW_PUBLIC_SESSION:
396 case CKS_RW_USER_FUNCTIONS: 374 case CKS_RW_USER_FUNCTIONS:
397 return CK_FALSE; 375 return CK_FALSE;
398 case CKS_RW_SO_FUNCTIONS: 376 case CKS_RW_SO_FUNCTIONS:
399 return CK_TRUE; 377 return CK_TRUE;
400 default: 378 default:
401 return CK_FALSE; 379 return CK_FALSE;
402 } 380 }
403 } 381 }
404 382
405 /* 383 /*
406 * nssCKFWSession_GetFWSlot 384 * nssCKFWSession_GetFWSlot
407 * 385 *
408 */ 386 */
409 NSS_IMPLEMENT NSSCKFWSlot * 387 NSS_IMPLEMENT NSSCKFWSlot *
410 nssCKFWSession_GetFWSlot 388 nssCKFWSession_GetFWSlot(
411 ( 389 NSSCKFWSession *fwSession)
412 NSSCKFWSession *fwSession
413 )
414 { 390 {
415 #ifdef NSSDEBUG 391 #ifdef NSSDEBUG
416 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 392 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
417 return (NSSCKFWSlot *)NULL; 393 return (NSSCKFWSlot *)NULL;
418 } 394 }
419 #endif /* NSSDEBUG */ 395 #endif /* NSSDEBUG */
420 396
421 return nssCKFWToken_GetFWSlot(fwSession->fwToken); 397 return nssCKFWToken_GetFWSlot(fwSession->fwToken);
422 } 398 }
423 399
424 /* 400 /*
425 * nssCFKWSession_GetSessionState 401 * nssCFKWSession_GetSessionState
426 * 402 *
427 */ 403 */
428 NSS_IMPLEMENT CK_STATE 404 NSS_IMPLEMENT CK_STATE
429 nssCKFWSession_GetSessionState 405 nssCKFWSession_GetSessionState(
430 ( 406 NSSCKFWSession *fwSession)
431 NSSCKFWSession *fwSession
432 )
433 { 407 {
434 #ifdef NSSDEBUG 408 #ifdef NSSDEBUG
435 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 409 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
436 return CKS_RO_PUBLIC_SESSION; /* whatever */ 410 return CKS_RO_PUBLIC_SESSION; /* whatever */
437 } 411 }
438 #endif /* NSSDEBUG */ 412 #endif /* NSSDEBUG */
439 413
440 return nssCKFWToken_GetSessionState(fwSession->fwToken); 414 return nssCKFWToken_GetSessionState(fwSession->fwToken);
441 } 415 }
442 416
443 /* 417 /*
444 * nssCKFWSession_SetFWFindObjects 418 * nssCKFWSession_SetFWFindObjects
445 * 419 *
446 */ 420 */
447 NSS_IMPLEMENT CK_RV 421 NSS_IMPLEMENT CK_RV
448 nssCKFWSession_SetFWFindObjects 422 nssCKFWSession_SetFWFindObjects(
449 ( 423 NSSCKFWSession *fwSession,
450 NSSCKFWSession *fwSession, 424 NSSCKFWFindObjects *fwFindObjects)
451 NSSCKFWFindObjects *fwFindObjects
452 )
453 { 425 {
454 #ifdef NSSDEBUG 426 #ifdef NSSDEBUG
455 CK_RV error = CKR_OK; 427 CK_RV error = CKR_OK;
456 #endif /* NSSDEBUG */ 428 #endif /* NSSDEBUG */
457 429
458 #ifdef NSSDEBUG 430 #ifdef NSSDEBUG
459 error = nssCKFWSession_verifyPointer(fwSession); 431 error = nssCKFWSession_verifyPointer(fwSession);
460 if( CKR_OK != error ) { 432 if (CKR_OK != error) {
461 return error; 433 return error;
462 } 434 }
463 435
464 /* fwFindObjects may be null */ 436 /* fwFindObjects may be null */
465 #endif /* NSSDEBUG */ 437 #endif /* NSSDEBUG */
466 438
467 if ((fwSession->fwFindObjects) && 439 if ((fwSession->fwFindObjects) &&
468 (fwFindObjects)) { 440 (fwFindObjects)) {
469 return CKR_OPERATION_ACTIVE; 441 return CKR_OPERATION_ACTIVE;
470 } 442 }
471 443
472 fwSession->fwFindObjects = fwFindObjects; 444 fwSession->fwFindObjects = fwFindObjects;
473 445
474 return CKR_OK; 446 return CKR_OK;
475 } 447 }
476 448
477 /* 449 /*
478 * nssCKFWSession_GetFWFindObjects 450 * nssCKFWSession_GetFWFindObjects
479 * 451 *
480 */ 452 */
481 NSS_IMPLEMENT NSSCKFWFindObjects * 453 NSS_IMPLEMENT NSSCKFWFindObjects *
482 nssCKFWSession_GetFWFindObjects 454 nssCKFWSession_GetFWFindObjects(
483 ( 455 NSSCKFWSession *fwSession,
484 NSSCKFWSession *fwSession, 456 CK_RV *pError)
485 CK_RV *pError
486 )
487 { 457 {
488 #ifdef NSSDEBUG 458 #ifdef NSSDEBUG
489 if (!pError) { 459 if (!pError) {
490 return (NSSCKFWFindObjects *)NULL; 460 return (NSSCKFWFindObjects *)NULL;
491 } 461 }
492 462
493 *pError = nssCKFWSession_verifyPointer(fwSession); 463 *pError = nssCKFWSession_verifyPointer(fwSession);
494 if( CKR_OK != *pError ) { 464 if (CKR_OK != *pError) {
495 return (NSSCKFWFindObjects *)NULL; 465 return (NSSCKFWFindObjects *)NULL;
496 } 466 }
497 #endif /* NSSDEBUG */ 467 #endif /* NSSDEBUG */
498 468
499 if (!fwSession->fwFindObjects) { 469 if (!fwSession->fwFindObjects) {
500 *pError = CKR_OPERATION_NOT_INITIALIZED; 470 *pError = CKR_OPERATION_NOT_INITIALIZED;
501 return (NSSCKFWFindObjects *)NULL; 471 return (NSSCKFWFindObjects *)NULL;
502 } 472 }
503 473
504 return fwSession->fwFindObjects; 474 return fwSession->fwFindObjects;
505 } 475 }
506 476
507 /* 477 /*
508 * nssCKFWSession_SetMDSession 478 * nssCKFWSession_SetMDSession
509 * 479 *
510 */ 480 */
511 NSS_IMPLEMENT CK_RV 481 NSS_IMPLEMENT CK_RV
512 nssCKFWSession_SetMDSession 482 nssCKFWSession_SetMDSession(
513 ( 483 NSSCKFWSession *fwSession,
514 NSSCKFWSession *fwSession, 484 NSSCKMDSession *mdSession)
515 NSSCKMDSession *mdSession
516 )
517 { 485 {
518 #ifdef NSSDEBUG 486 #ifdef NSSDEBUG
519 CK_RV error = CKR_OK; 487 CK_RV error = CKR_OK;
520 #endif /* NSSDEBUG */ 488 #endif /* NSSDEBUG */
521 489
522 #ifdef NSSDEBUG 490 #ifdef NSSDEBUG
523 error = nssCKFWSession_verifyPointer(fwSession); 491 error = nssCKFWSession_verifyPointer(fwSession);
524 if( CKR_OK != error ) { 492 if (CKR_OK != error) {
525 return error; 493 return error;
526 } 494 }
527 495
528 if (!mdSession) { 496 if (!mdSession) {
529 return CKR_ARGUMENTS_BAD; 497 return CKR_ARGUMENTS_BAD;
530 } 498 }
531 #endif /* NSSDEBUG */ 499 #endif /* NSSDEBUG */
532 500
533 if (fwSession->mdSession) { 501 if (fwSession->mdSession) {
534 return CKR_GENERAL_ERROR; 502 return CKR_GENERAL_ERROR;
535 } 503 }
536 504
537 fwSession->mdSession = mdSession; 505 fwSession->mdSession = mdSession;
538 506
539 return CKR_OK; 507 return CKR_OK;
540 } 508 }
541 509
542 /* 510 /*
543 * nssCKFWSession_SetHandle 511 * nssCKFWSession_SetHandle
544 * 512 *
545 */ 513 */
546 NSS_IMPLEMENT CK_RV 514 NSS_IMPLEMENT CK_RV
547 nssCKFWSession_SetHandle 515 nssCKFWSession_SetHandle(
548 ( 516 NSSCKFWSession *fwSession,
549 NSSCKFWSession *fwSession, 517 CK_SESSION_HANDLE hSession)
550 CK_SESSION_HANDLE hSession
551 )
552 { 518 {
553 #ifdef NSSDEBUG 519 #ifdef NSSDEBUG
554 CK_RV error = CKR_OK; 520 CK_RV error = CKR_OK;
555 #endif /* NSSDEBUG */ 521 #endif /* NSSDEBUG */
556 522
557 #ifdef NSSDEBUG 523 #ifdef NSSDEBUG
558 error = nssCKFWSession_verifyPointer(fwSession); 524 error = nssCKFWSession_verifyPointer(fwSession);
559 if( CKR_OK != error ) { 525 if (CKR_OK != error) {
560 return error; 526 return error;
561 } 527 }
562 #endif /* NSSDEBUG */ 528 #endif /* NSSDEBUG */
563 529
564 if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) { 530 if ((CK_SESSION_HANDLE)0 != fwSession->hSession) {
565 return CKR_GENERAL_ERROR; 531 return CKR_GENERAL_ERROR;
566 } 532 }
567 533
568 fwSession->hSession = hSession; 534 fwSession->hSession = hSession;
569 535
570 return CKR_OK; 536 return CKR_OK;
571 } 537 }
572 538
573 /* 539 /*
574 * nssCKFWSession_GetHandle 540 * nssCKFWSession_GetHandle
575 * 541 *
576 */ 542 */
577 NSS_IMPLEMENT CK_SESSION_HANDLE 543 NSS_IMPLEMENT CK_SESSION_HANDLE
578 nssCKFWSession_GetHandle 544 nssCKFWSession_GetHandle(
579 ( 545 NSSCKFWSession *fwSession)
580 NSSCKFWSession *fwSession
581 )
582 { 546 {
583 #ifdef NSSDEBUG 547 #ifdef NSSDEBUG
584 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 548 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
585 return NULL; 549 return NULL;
586 } 550 }
587 #endif /* NSSDEBUG */ 551 #endif /* NSSDEBUG */
588 552
589 return fwSession->hSession; 553 return fwSession->hSession;
590 } 554 }
591 555
592 /* 556 /*
593 * nssCKFWSession_RegisterSessionObject 557 * nssCKFWSession_RegisterSessionObject
594 * 558 *
595 */ 559 */
596 NSS_IMPLEMENT CK_RV 560 NSS_IMPLEMENT CK_RV
597 nssCKFWSession_RegisterSessionObject 561 nssCKFWSession_RegisterSessionObject(
598 ( 562 NSSCKFWSession *fwSession,
599 NSSCKFWSession *fwSession, 563 NSSCKFWObject *fwObject)
600 NSSCKFWObject *fwObject
601 )
602 { 564 {
603 CK_RV rv = CKR_OK; 565 CK_RV rv = CKR_OK;
604 566
605 #ifdef NSSDEBUG 567 #ifdef NSSDEBUG
606 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 568 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
607 return CKR_GENERAL_ERROR; 569 return CKR_GENERAL_ERROR;
608 } 570 }
609 #endif /* NSSDEBUG */ 571 #endif /* NSSDEBUG */
610 572
611 if (fwSession->sessionObjectHash) { 573 if (fwSession->sessionObjectHash) {
612 rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject); 574 rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
613 } 575 }
614 576
615 return rv; 577 return rv;
616 } 578 }
617 579
618 /* 580 /*
619 * nssCKFWSession_DeregisterSessionObject 581 * nssCKFWSession_DeregisterSessionObject
620 * 582 *
621 */ 583 */
622 NSS_IMPLEMENT CK_RV 584 NSS_IMPLEMENT CK_RV
623 nssCKFWSession_DeregisterSessionObject 585 nssCKFWSession_DeregisterSessionObject(
624 ( 586 NSSCKFWSession *fwSession,
625 NSSCKFWSession *fwSession, 587 NSSCKFWObject *fwObject)
626 NSSCKFWObject *fwObject
627 )
628 { 588 {
629 #ifdef NSSDEBUG 589 #ifdef NSSDEBUG
630 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 590 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
631 return CKR_GENERAL_ERROR; 591 return CKR_GENERAL_ERROR;
632 } 592 }
633 #endif /* NSSDEBUG */ 593 #endif /* NSSDEBUG */
634 594
635 if (fwSession->sessionObjectHash) { 595 if (fwSession->sessionObjectHash) {
636 nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject); 596 nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
637 } 597 }
638 598
639 return CKR_OK; 599 return CKR_OK;
640 } 600 }
641 601
642 /* 602 /*
643 * nssCKFWSession_GetDeviceError 603 * nssCKFWSession_GetDeviceError
644 * 604 *
645 */ 605 */
646 NSS_IMPLEMENT CK_ULONG 606 NSS_IMPLEMENT CK_ULONG
647 nssCKFWSession_GetDeviceError 607 nssCKFWSession_GetDeviceError(
648 ( 608 NSSCKFWSession *fwSession)
649 NSSCKFWSession *fwSession
650 )
651 { 609 {
652 #ifdef NSSDEBUG 610 #ifdef NSSDEBUG
653 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 611 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
654 return (CK_ULONG)0; 612 return (CK_ULONG)0;
655 } 613 }
656 614
657 if (!fwSession->mdSession) { 615 if (!fwSession->mdSession) {
658 return (CK_ULONG)0; 616 return (CK_ULONG)0;
659 } 617 }
660 #endif /* NSSDEBUG */ 618 #endif /* NSSDEBUG */
661 619
662 if (!fwSession->mdSession->GetDeviceError) { 620 if (!fwSession->mdSession->GetDeviceError) {
663 return (CK_ULONG)0; 621 return (CK_ULONG)0;
664 } 622 }
665 623
666 return fwSession->mdSession->GetDeviceError(fwSession->mdSession, 624 return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
667 fwSession, fwSession->mdToken, fwSession->fwToken, 625 fwSession, fwSession->mdToken, f wSession->fwToken,
668 fwSession->mdInstance, fwSession->fwInstance); 626 fwSession->mdInstance, fwSession ->fwInstance);
669 } 627 }
670 628
671 /* 629 /*
672 * nssCKFWSession_Login 630 * nssCKFWSession_Login
673 * 631 *
674 */ 632 */
675 NSS_IMPLEMENT CK_RV 633 NSS_IMPLEMENT CK_RV
676 nssCKFWSession_Login 634 nssCKFWSession_Login(
677 ( 635 NSSCKFWSession *fwSession,
678 NSSCKFWSession *fwSession, 636 CK_USER_TYPE userType,
679 CK_USER_TYPE userType, 637 NSSItem *pin)
680 NSSItem *pin
681 )
682 { 638 {
683 CK_RV error = CKR_OK; 639 CK_RV error = CKR_OK;
684 CK_STATE oldState; 640 CK_STATE oldState;
685 CK_STATE newState; 641 CK_STATE newState;
686 642
687 #ifdef NSSDEBUG 643 #ifdef NSSDEBUG
688 error = nssCKFWSession_verifyPointer(fwSession); 644 error = nssCKFWSession_verifyPointer(fwSession);
689 if( CKR_OK != error ) { 645 if (CKR_OK != error) {
690 return error; 646 return error;
691 } 647 }
692 648
693 switch( userType ) { 649 switch (userType) {
694 case CKU_SO: 650 case CKU_SO:
695 case CKU_USER: 651 case CKU_USER:
696 break; 652 break;
697 default: 653 default:
698 return CKR_USER_TYPE_INVALID; 654 return CKR_USER_TYPE_INVALID;
699 } 655 }
700 656
701 if (!pin) { 657 if (!pin) {
702 if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwT oken) ) { 658 if (CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession- >fwToken)) {
703 return CKR_ARGUMENTS_BAD; 659 return CKR_ARGUMENTS_BAD;
660 }
704 } 661 }
705 }
706 662
707 if (!fwSession->mdSession) { 663 if (!fwSession->mdSession) {
708 return CKR_GENERAL_ERROR; 664 return CKR_GENERAL_ERROR;
709 } 665 }
710 #endif /* NSSDEBUG */ 666 #endif /* NSSDEBUG */
711 667
712 oldState = nssCKFWToken_GetSessionState(fwSession->fwToken); 668 oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
713 669
714 /* 670 /*
715 * It's not clear what happens when you're already logged in. 671 * It's not clear what happens when you're already logged in.
716 * I'll just fail; but if we decide to change, the logic is 672 * I'll just fail; but if we decide to change, the logic is
717 * all right here. 673 * all right here.
718 */ 674 */
719 675
720 if( CKU_SO == userType ) { 676 if (CKU_SO == userType) {
721 switch( oldState ) { 677 switch (oldState) {
722 case CKS_RO_PUBLIC_SESSION: 678 case CKS_RO_PUBLIC_SESSION:
723 /* 679 /*
724 * There's no such thing as a read-only security officer 680 * There's no such thing as a read-only security officer
725 * session, so fail. The error should be CKR_SESSION_READ_ONLY, 681 * session, so fail. The error should be CKR_SESSION_READ_ONLY,
726 * except that C_Login isn't defined to return that. So we'll 682 * except that C_Login isn't defined to return that. So we'll
727 * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented. 683 * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
728 */ 684 */
729 return CKR_SESSION_READ_ONLY_EXISTS; 685 return CKR_SESSION_READ_ONLY_EXISTS;
730 case CKS_RO_USER_FUNCTIONS: 686 case CKS_RO_USER_FUNCTIONS:
731 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN; 687 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
732 case CKS_RW_PUBLIC_SESSION: 688 case CKS_RW_PUBLIC_SESSION:
733 newState = CKS_RW_SO_FUNCTIONS; 689 newState =
734 break; 690 CKS_RW_SO_FUNCTIONS;
735 case CKS_RW_USER_FUNCTIONS: 691 break;
736 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN; 692 case CKS_RW_USER_FUNCTIONS:
737 case CKS_RW_SO_FUNCTIONS: 693 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
738 return CKR_USER_ALREADY_LOGGED_IN; 694 case CKS_RW_SO_FUNCTIONS:
739 default: 695 return CKR_USER_ALREADY_LOGGED_IN;
740 return CKR_GENERAL_ERROR; 696 default:
697 return CKR_GENERAL_ERROR;
698 }
699 } else /* CKU_USER == userType */ {
700 switch (oldState) {
701 case CKS_RO_PUBLIC_SESSION:
702 newState =
703 CKS_RO_USER_FUNCTIONS;
704 break;
705 case CKS_RO_USER_FUNCTIONS:
706 return CKR_USER_ALREADY_LOGGED_IN;
707 case CKS_RW_PUBLIC_SESSION:
708 newState =
709 CKS_RW_USER_FUNCTIONS;
710 break;
711 case CKS_RW_USER_FUNCTIONS:
712 return CKR_USER_ALREADY_LOGGED_IN;
713 case CKS_RW_SO_FUNCTIONS:
714 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
715 default:
716 return CKR_GENERAL_ERROR;
717 }
741 } 718 }
742 } else /* CKU_USER == userType */ { 719
743 switch( oldState ) { 720 /*
744 case CKS_RO_PUBLIC_SESSION: 721 * So now we're in one of three cases:
745 newState = CKS_RO_USER_FUNCTIONS; 722 *
746 break; 723 * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
747 case CKS_RO_USER_FUNCTIONS: 724 * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
748 return CKR_USER_ALREADY_LOGGED_IN; 725 * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
749 case CKS_RW_PUBLIC_SESSION: 726 */
750 newState = CKS_RW_USER_FUNCTIONS; 727
751 break; 728 if (!fwSession->mdSession->Login) {
752 case CKS_RW_USER_FUNCTIONS: 729 /*
753 return CKR_USER_ALREADY_LOGGED_IN; 730 * The Module doesn't want to be informed (or check the pin)
754 case CKS_RW_SO_FUNCTIONS: 731 * it'll just rely on the Framework as needed.
755 return CKR_USER_ANOTHER_ALREADY_LOGGED_IN; 732 */
756 default: 733 ;
757 return CKR_GENERAL_ERROR; 734 } else {
735 error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
736 fwSession->mdToken, fwSession->fwTok en, fwSession->mdInstance,
737 fwSession->fwInstance, userType, pin , oldState, newState);
738 if (CKR_OK != error) {
739 return error;
740 }
758 } 741 }
759 }
760 742
761 /* 743 (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
762 * So now we're in one of three cases: 744 return CKR_OK;
763 *
764 * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
765 * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
766 * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
767 */
768
769 if (!fwSession->mdSession->Login) {
770 /*
771 * The Module doesn't want to be informed (or check the pin)
772 * it'll just rely on the Framework as needed.
773 */
774 ;
775 } else {
776 error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
777 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
778 fwSession->fwInstance, userType, pin, oldState, newState);
779 if( CKR_OK != error ) {
780 return error;
781 }
782 }
783
784 (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
785 return CKR_OK;
786 } 745 }
787 746
788 /* 747 /*
789 * nssCKFWSession_Logout 748 * nssCKFWSession_Logout
790 * 749 *
791 */ 750 */
792 NSS_IMPLEMENT CK_RV 751 NSS_IMPLEMENT CK_RV
793 nssCKFWSession_Logout 752 nssCKFWSession_Logout(
794 ( 753 NSSCKFWSession *fwSession)
795 NSSCKFWSession *fwSession
796 )
797 { 754 {
798 CK_RV error = CKR_OK; 755 CK_RV error = CKR_OK;
799 CK_STATE oldState; 756 CK_STATE oldState;
800 CK_STATE newState; 757 CK_STATE newState;
801 758
802 #ifdef NSSDEBUG 759 #ifdef NSSDEBUG
803 error = nssCKFWSession_verifyPointer(fwSession); 760 error = nssCKFWSession_verifyPointer(fwSession);
804 if( CKR_OK != error ) { 761 if (CKR_OK != error) {
805 return error; 762 return error;
806 } 763 }
807 764
808 if (!fwSession->mdSession) { 765 if (!fwSession->mdSession) {
809 return CKR_GENERAL_ERROR; 766 return CKR_GENERAL_ERROR;
810 } 767 }
811 #endif /* NSSDEBUG */ 768 #endif /* NSSDEBUG */
812 769
813 oldState = nssCKFWToken_GetSessionState(fwSession->fwToken); 770 oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
814 771
815 switch( oldState ) { 772 switch (oldState) {
816 case CKS_RO_PUBLIC_SESSION: 773 case CKS_RO_PUBLIC_SESSION:
817 return CKR_USER_NOT_LOGGED_IN; 774 return CKR_USER_NOT_LOGGED_IN;
818 case CKS_RO_USER_FUNCTIONS: 775 case CKS_RO_USER_FUNCTIONS:
819 newState = CKS_RO_PUBLIC_SESSION; 776 newState = CKS_RO_PUBLIC_SESSION;
820 break; 777 break;
821 case CKS_RW_PUBLIC_SESSION: 778 case CKS_RW_PUBLIC_SESSION:
822 return CKR_USER_NOT_LOGGED_IN; 779 return CKR_USER_NOT_LOGGED_IN;
823 case CKS_RW_USER_FUNCTIONS: 780 case CKS_RW_USER_FUNCTIONS:
824 newState = CKS_RW_PUBLIC_SESSION; 781 newState = CKS_RW_PUBLIC_SESSION;
825 break; 782 break;
826 case CKS_RW_SO_FUNCTIONS: 783 case CKS_RW_SO_FUNCTIONS:
827 newState = CKS_RW_PUBLIC_SESSION; 784 newState = CKS_RW_PUBLIC_SESSION;
828 break; 785 break;
829 default: 786 default:
830 return CKR_GENERAL_ERROR; 787 return CKR_GENERAL_ERROR;
831 } 788 }
832 789
833 /* 790 /*
834 * So now we're in one of three cases: 791 * So now we're in one of three cases:
835 * 792 *
836 * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION; 793 * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
837 * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION; 794 * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
838 * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION; 795 * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
839 */ 796 */
840 797
841 if (!fwSession->mdSession->Logout) { 798 if (!fwSession->mdSession->Logout) {
842 /* 799 /*
843 * The Module doesn't want to be informed. Okay. 800 * The Module doesn't want to be informed. Okay.
844 */ 801 */
845 ; 802 ;
846 } else { 803 } else {
847 error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession, 804 error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
848 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 805 fwSession->mdToken, fwSession->fwTo ken, fwSession->mdInstance,
849 fwSession->fwInstance, oldState, newState); 806 fwSession->fwInstance, oldState, ne wState);
850 if( CKR_OK != error ) { 807 if (CKR_OK != error) {
851 /* 808 /*
852 * Now what?! A failure really should end up with the Framework 809 * Now what?! A failure really should end up with the Framework
853 * considering it logged out, right? 810 * considering it logged out, right?
854 */ 811 */
855 ; 812 ;
813 }
856 } 814 }
857 }
858 815
859 (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState); 816 (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
860 return error; 817 return error;
861 } 818 }
862 819
863 /* 820 /*
864 * nssCKFWSession_InitPIN 821 * nssCKFWSession_InitPIN
865 * 822 *
866 */ 823 */
867 NSS_IMPLEMENT CK_RV 824 NSS_IMPLEMENT CK_RV
868 nssCKFWSession_InitPIN 825 nssCKFWSession_InitPIN(
869 ( 826 NSSCKFWSession *fwSession,
870 NSSCKFWSession *fwSession, 827 NSSItem *pin)
871 NSSItem *pin
872 )
873 { 828 {
874 CK_RV error = CKR_OK; 829 CK_RV error = CKR_OK;
875 CK_STATE state; 830 CK_STATE state;
876 831
877 #ifdef NSSDEBUG 832 #ifdef NSSDEBUG
878 error = nssCKFWSession_verifyPointer(fwSession); 833 error = nssCKFWSession_verifyPointer(fwSession);
879 if( CKR_OK != error ) { 834 if (CKR_OK != error) {
880 return error; 835 return error;
881 } 836 }
882 837
883 if (!fwSession->mdSession) { 838 if (!fwSession->mdSession) {
884 return CKR_GENERAL_ERROR; 839 return CKR_GENERAL_ERROR;
885 } 840 }
886 #endif /* NSSDEBUG */ 841 #endif /* NSSDEBUG */
887 842
888 state = nssCKFWToken_GetSessionState(fwSession->fwToken); 843 state = nssCKFWToken_GetSessionState(fwSession->fwToken);
889 if( CKS_RW_SO_FUNCTIONS != state ) { 844 if (CKS_RW_SO_FUNCTIONS != state) {
890 return CKR_USER_NOT_LOGGED_IN; 845 return CKR_USER_NOT_LOGGED_IN;
891 } 846 }
892 847
893 if (!pin) { 848 if (!pin) {
894 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwT oken); 849 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession- >fwToken);
895 if( CK_TRUE != has ) { 850 if (CK_TRUE != has) {
896 return CKR_ARGUMENTS_BAD; 851 return CKR_ARGUMENTS_BAD;
852 }
897 } 853 }
898 }
899 854
900 if (!fwSession->mdSession->InitPIN) { 855 if (!fwSession->mdSession->InitPIN) {
901 return CKR_TOKEN_WRITE_PROTECTED; 856 return CKR_TOKEN_WRITE_PROTECTED;
902 } 857 }
903 858
904 error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession, 859 error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
905 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 860 fwSession->mdToken, fwSession->fwToken , fwSession->mdInstance,
906 fwSession->fwInstance, pin); 861 fwSession->fwInstance, pin);
907 862
908 return error; 863 return error;
909 } 864 }
910 865
911 /* 866 /*
912 * nssCKFWSession_SetPIN 867 * nssCKFWSession_SetPIN
913 * 868 *
914 */ 869 */
915 NSS_IMPLEMENT CK_RV 870 NSS_IMPLEMENT CK_RV
916 nssCKFWSession_SetPIN 871 nssCKFWSession_SetPIN(
917 ( 872 NSSCKFWSession *fwSession,
918 NSSCKFWSession *fwSession, 873 NSSItem *oldPin,
919 NSSItem *newPin, 874 NSSItem *newPin)
920 NSSItem *oldPin
921 )
922 { 875 {
923 CK_RV error = CKR_OK; 876 CK_RV error = CKR_OK;
924 877
925 #ifdef NSSDEBUG 878 #ifdef NSSDEBUG
926 error = nssCKFWSession_verifyPointer(fwSession); 879 error = nssCKFWSession_verifyPointer(fwSession);
927 if( CKR_OK != error ) { 880 if (CKR_OK != error) {
928 return error; 881 return error;
929 } 882 }
930 883
931 if (!fwSession->mdSession) { 884 if (!fwSession->mdSession) {
932 return CKR_GENERAL_ERROR; 885 return CKR_GENERAL_ERROR;
933 } 886 }
934 #endif /* NSSDEBUG */ 887 #endif /* NSSDEBUG */
935 888
936 if (!newPin) { 889 if (!newPin) {
937 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwT oken); 890 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession- >fwToken);
938 if( CK_TRUE != has ) { 891 if (CK_TRUE != has) {
939 return CKR_ARGUMENTS_BAD; 892 return CKR_ARGUMENTS_BAD;
893 }
940 } 894 }
941 }
942 895
943 if (!oldPin) { 896 if (!oldPin) {
944 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwT oken); 897 CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession- >fwToken);
945 if( CK_TRUE != has ) { 898 if (CK_TRUE != has) {
946 return CKR_ARGUMENTS_BAD; 899 return CKR_ARGUMENTS_BAD;
900 }
947 } 901 }
948 }
949 902
950 if (!fwSession->mdSession->SetPIN) { 903 if (!fwSession->mdSession->SetPIN) {
951 return CKR_TOKEN_WRITE_PROTECTED; 904 return CKR_TOKEN_WRITE_PROTECTED;
952 } 905 }
953 906
954 error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession, 907 error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
955 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 908 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
956 fwSession->fwInstance, newPin, oldPin); 909 fwSession->fwInstance, oldPin, newPin);
957 910
958 return error; 911 return error;
959 } 912 }
960 913
961 /* 914 /*
962 * nssCKFWSession_GetOperationStateLen 915 * nssCKFWSession_GetOperationStateLen
963 * 916 *
964 */ 917 */
965 NSS_IMPLEMENT CK_ULONG 918 NSS_IMPLEMENT CK_ULONG
966 nssCKFWSession_GetOperationStateLen 919 nssCKFWSession_GetOperationStateLen(
967 ( 920 NSSCKFWSession *fwSession,
968 NSSCKFWSession *fwSession, 921 CK_RV *pError)
969 CK_RV *pError
970 )
971 { 922 {
972 CK_ULONG mdAmt; 923 CK_ULONG mdAmt;
973 CK_ULONG fwAmt; 924 CK_ULONG fwAmt;
974 925
975 #ifdef NSSDEBUG 926 #ifdef NSSDEBUG
976 if (!pError) { 927 if (!pError) {
977 return (CK_ULONG)0; 928 return (CK_ULONG)0;
978 } 929 }
979 930
980 *pError = nssCKFWSession_verifyPointer(fwSession); 931 *pError = nssCKFWSession_verifyPointer(fwSession);
981 if( CKR_OK != *pError ) { 932 if (CKR_OK != *pError) {
982 return (CK_ULONG)0; 933 return (CK_ULONG)0;
983 } 934 }
984 935
985 if (!fwSession->mdSession) { 936 if (!fwSession->mdSession) {
986 *pError = CKR_GENERAL_ERROR; 937 *pError = CKR_GENERAL_ERROR;
987 return (CK_ULONG)0; 938 return (CK_ULONG)0;
988 } 939 }
989 #endif /* NSSDEBUG */ 940 #endif /* NSSDEBUG */
990 941
991 if (!fwSession->mdSession->GetOperationStateLen) { 942 if (!fwSession->mdSession->GetOperationStateLen) {
992 *pError = CKR_STATE_UNSAVEABLE; 943 *pError = CKR_STATE_UNSAVEABLE;
993 return (CK_ULONG)0; 944 return (CK_ULONG)0;
994 } 945 }
995 946
996 /* 947 /*
997 * We could check that the session is actually in some state.. 948 * We could check that the session is actually in some state..
998 */ 949 */
999 950
1000 mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession, 951 mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
1001 fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 952 fwSession, fwSession->mdT oken, fwSession->fwToken, fwSession->mdInstance,
1002 fwSession->fwInstance, pError); 953 fwSession->fwInstance, pE rror);
1003 954
1004 if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) { 955 if (((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError)) {
1005 return (CK_ULONG)0; 956 return (CK_ULONG)0;
1006 } 957 }
1007 958
1008 /* 959 /*
1009 * Add a bit of sanity-checking 960 * Add a bit of sanity-checking
1010 */ 961 */
1011 fwAmt = mdAmt + 2*sizeof(CK_ULONG); 962 fwAmt = mdAmt + 2 * sizeof(CK_ULONG);
1012 963
1013 return fwAmt; 964 return fwAmt;
1014 } 965 }
1015 966
1016 /* 967 /*
1017 * nssCKFWSession_GetOperationState 968 * nssCKFWSession_GetOperationState
1018 * 969 *
1019 */ 970 */
1020 NSS_IMPLEMENT CK_RV 971 NSS_IMPLEMENT CK_RV
1021 nssCKFWSession_GetOperationState 972 nssCKFWSession_GetOperationState(
1022 ( 973 NSSCKFWSession *fwSession,
1023 NSSCKFWSession *fwSession, 974 NSSItem *buffer)
1024 NSSItem *buffer
1025 )
1026 { 975 {
1027 CK_RV error = CKR_OK; 976 CK_RV error = CKR_OK;
1028 CK_ULONG fwAmt; 977 CK_ULONG fwAmt;
1029 CK_ULONG *ulBuffer; 978 CK_ULONG *ulBuffer;
1030 NSSItem i2; 979 NSSItem i2;
1031 CK_ULONG n, i; 980 CK_ULONG n, i;
1032 981
1033 #ifdef NSSDEBUG 982 #ifdef NSSDEBUG
1034 error = nssCKFWSession_verifyPointer(fwSession); 983 error = nssCKFWSession_verifyPointer(fwSession);
1035 if( CKR_OK != error ) { 984 if (CKR_OK != error) {
1036 return error; 985 return error;
1037 } 986 }
1038 987
1039 if (!buffer) { 988 if (!buffer) {
1040 return CKR_ARGUMENTS_BAD; 989 return CKR_ARGUMENTS_BAD;
1041 } 990 }
1042 991
1043 if (!buffer->data) { 992 if (!buffer->data) {
1044 return CKR_ARGUMENTS_BAD; 993 return CKR_ARGUMENTS_BAD;
1045 } 994 }
1046 995
1047 if (!fwSession->mdSession) { 996 if (!fwSession->mdSession) {
1048 return CKR_GENERAL_ERROR; 997 return CKR_GENERAL_ERROR;
1049 } 998 }
1050 #endif /* NSSDEBUG */ 999 #endif /* NSSDEBUG */
1051 1000
1052 if (!fwSession->mdSession->GetOperationState) { 1001 if (!fwSession->mdSession->GetOperationState) {
1053 return CKR_STATE_UNSAVEABLE; 1002 return CKR_STATE_UNSAVEABLE;
1054 } 1003 }
1055 1004
1056 /* 1005 /*
1057 * Sanity-check the caller's buffer. 1006 * Sanity-check the caller's buffer.
1058 */ 1007 */
1059 1008
1060 error = CKR_OK; 1009 error = CKR_OK;
1061 fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error); 1010 fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1062 if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) { 1011 if (((CK_ULONG)0 == fwAmt) && (CKR_OK != error)) {
1063 return error; 1012 return error;
1064 } 1013 }
1065 1014
1066 if( buffer->size < fwAmt ) { 1015 if (buffer->size < fwAmt) {
1067 return CKR_BUFFER_TOO_SMALL; 1016 return CKR_BUFFER_TOO_SMALL;
1068 } 1017 }
1069 1018
1070 ulBuffer = (CK_ULONG *)buffer->data; 1019 ulBuffer = (CK_ULONG *)buffer->data;
1071 1020
1072 i2.size = buffer->size - 2*sizeof(CK_ULONG); 1021 i2.size = buffer->size - 2 * sizeof(CK_ULONG);
1073 i2.data = (void *)&ulBuffer[2]; 1022 i2.data = (void *)&ulBuffer[2];
1074 1023
1075 error = fwSession->mdSession->GetOperationState(fwSession->mdSession, 1024 error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
1076 fwSession, fwSession->mdToken, fwSession->fwToken, 1025 fwSession, fwSession->mdToke n, fwSession->fwToken,
1077 fwSession->mdInstance, fwSession->fwInstance, &i2); 1026 fwSession->mdInstance, fwSes sion->fwInstance, &i2);
1078 1027
1079 if( CKR_OK != error ) { 1028 if (CKR_OK != error) {
1080 return error; 1029 return error;
1081 } 1030 }
1082 1031
1083 /* 1032 /*
1084 * Add a little integrety/identity check. 1033 * Add a little integrety/identity check.
1085 * NOTE: right now, it's pretty stupid. 1034 * NOTE: right now, it's pretty stupid.
1086 * A CRC or something would be better. 1035 * A CRC or something would be better.
1087 */ 1036 */
1088 1037
1089 ulBuffer[0] = 0x434b4657; /* CKFW */ 1038 ulBuffer[0] = 0x434b4657; /* CKFW */
1090 ulBuffer[1] = 0; 1039 ulBuffer[1] = 0;
1091 n = i2.size/sizeof(CK_ULONG); 1040 n = i2.size / sizeof(CK_ULONG);
1092 for( i = 0; i < n; i++ ) { 1041 for (i = 0; i < n; i++) {
1093 ulBuffer[1] ^= ulBuffer[2+i]; 1042 ulBuffer[1] ^= ulBuffer[2 + i];
1094 } 1043 }
1095 1044
1096 return CKR_OK; 1045 return CKR_OK;
1097 } 1046 }
1098 1047
1099 /* 1048 /*
1100 * nssCKFWSession_SetOperationState 1049 * nssCKFWSession_SetOperationState
1101 * 1050 *
1102 */ 1051 */
1103 NSS_IMPLEMENT CK_RV 1052 NSS_IMPLEMENT CK_RV
1104 nssCKFWSession_SetOperationState 1053 nssCKFWSession_SetOperationState(
1105 ( 1054 NSSCKFWSession *fwSession,
1106 NSSCKFWSession *fwSession, 1055 NSSItem *state,
1107 NSSItem *state, 1056 NSSCKFWObject *encryptionKey,
1108 NSSCKFWObject *encryptionKey, 1057 NSSCKFWObject *authenticationKey)
1109 NSSCKFWObject *authenticationKey
1110 )
1111 { 1058 {
1112 CK_RV error = CKR_OK; 1059 CK_RV error = CKR_OK;
1113 CK_ULONG *ulBuffer; 1060 CK_ULONG *ulBuffer;
1114 CK_ULONG n, i; 1061 CK_ULONG n, i;
1115 CK_ULONG x; 1062 CK_ULONG x;
1116 NSSItem s; 1063 NSSItem s;
1117 NSSCKMDObject *mdek; 1064 NSSCKMDObject *mdek;
1118 NSSCKMDObject *mdak; 1065 NSSCKMDObject *mdak;
1119 1066
1120 #ifdef NSSDEBUG 1067 #ifdef NSSDEBUG
1121 error = nssCKFWSession_verifyPointer(fwSession); 1068 error = nssCKFWSession_verifyPointer(fwSession);
1122 if( CKR_OK != error ) { 1069 if (CKR_OK != error) {
1123 return error; 1070 return error;
1124 } 1071 }
1125 1072
1126 if (!state) { 1073 if (!state) {
1127 return CKR_ARGUMENTS_BAD; 1074 return CKR_ARGUMENTS_BAD;
1128 } 1075 }
1129 1076
1130 if (!state->data) { 1077 if (!state->data) {
1131 return CKR_ARGUMENTS_BAD; 1078 return CKR_ARGUMENTS_BAD;
1132 } 1079 }
1133 1080
1134 if (encryptionKey) { 1081 if (encryptionKey) {
1135 error = nssCKFWObject_verifyPointer(encryptionKey); 1082 error = nssCKFWObject_verifyPointer(encryptionKey);
1136 if( CKR_OK != error ) { 1083 if (CKR_OK != error) {
1137 return error; 1084 return error;
1085 }
1138 } 1086 }
1139 }
1140 1087
1141 if (authenticationKey) { 1088 if (authenticationKey) {
1142 error = nssCKFWObject_verifyPointer(authenticationKey); 1089 error = nssCKFWObject_verifyPointer(authenticationKey);
1143 if( CKR_OK != error ) { 1090 if (CKR_OK != error) {
1144 return error; 1091 return error;
1092 }
1145 } 1093 }
1146 }
1147 1094
1148 if (!fwSession->mdSession) { 1095 if (!fwSession->mdSession) {
1149 return CKR_GENERAL_ERROR; 1096 return CKR_GENERAL_ERROR;
1150 } 1097 }
1151 #endif /* NSSDEBUG */ 1098 #endif /* NSSDEBUG */
1152 1099
1153 ulBuffer = (CK_ULONG *)state->data; 1100 ulBuffer = (CK_ULONG *)state->data;
1154 if( 0x43b4657 != ulBuffer[0] ) { 1101 if (0x43b4657 != ulBuffer[0]) {
1155 return CKR_SAVED_STATE_INVALID; 1102 return CKR_SAVED_STATE_INVALID;
1156 } 1103 }
1157 n = (state->size / sizeof(CK_ULONG)) - 2; 1104 n = (state->size / sizeof(CK_ULONG)) - 2;
1158 x = (CK_ULONG)0; 1105 x = (CK_ULONG)0;
1159 for( i = 0; i < n; i++ ) { 1106 for (i = 0; i < n; i++) {
1160 x ^= ulBuffer[2+i]; 1107 x ^= ulBuffer[2 + i];
1161 } 1108 }
1162 1109
1163 if( x != ulBuffer[1] ) { 1110 if (x != ulBuffer[1]) {
1164 return CKR_SAVED_STATE_INVALID; 1111 return CKR_SAVED_STATE_INVALID;
1165 } 1112 }
1166 1113
1167 if (!fwSession->mdSession->SetOperationState) { 1114 if (!fwSession->mdSession->SetOperationState) {
1168 return CKR_GENERAL_ERROR; 1115 return CKR_GENERAL_ERROR;
1169 } 1116 }
1170 1117
1171 s.size = state->size - 2*sizeof(CK_ULONG); 1118 s.size = state->size - 2 * sizeof(CK_ULONG);
1172 s.data = (void *)&ulBuffer[2]; 1119 s.data = (void *)&ulBuffer[2];
1173 1120
1174 if (encryptionKey) { 1121 if (encryptionKey) {
1175 mdek = nssCKFWObject_GetMDObject(encryptionKey); 1122 mdek = nssCKFWObject_GetMDObject(encryptionKey);
1176 } else { 1123 } else {
1177 mdek = (NSSCKMDObject *)NULL; 1124 mdek = (NSSCKMDObject *)NULL;
1178 } 1125 }
1179 1126
1180 if (authenticationKey) { 1127 if (authenticationKey) {
1181 mdak = nssCKFWObject_GetMDObject(authenticationKey); 1128 mdak = nssCKFWObject_GetMDObject(authenticationKey);
1182 } else { 1129 } else {
1183 mdak = (NSSCKMDObject *)NULL; 1130 mdak = (NSSCKMDObject *)NULL;
1184 } 1131 }
1185 1132
1186 error = fwSession->mdSession->SetOperationState(fwSession->mdSession, 1133 error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
1187 fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 1134 fwSession, fwSession->mdToke n, fwSession->fwToken, fwSession->mdInstance,
1188 fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey); 1135 fwSession->fwInstance, &s, m dek, encryptionKey, mdak, authenticationKey);
1189 1136
1190 if( CKR_OK != error ) { 1137 if (CKR_OK != error) {
1191 return error; 1138 return error;
1192 } 1139 }
1193 1140
1194 /* 1141 /*
1195 * Here'd we restore any session data 1142 * Here'd we restore any session data
1196 */ 1143 */
1197 1144
1198 return CKR_OK; 1145 return CKR_OK;
1199 } 1146 }
1200 1147
1201 static CK_BBOOL 1148 static CK_BBOOL
1202 nss_attributes_form_token_object 1149 nss_attributes_form_token_object(
1203 ( 1150 CK_ATTRIBUTE_PTR pTemplate,
1204 CK_ATTRIBUTE_PTR pTemplate, 1151 CK_ULONG ulAttributeCount)
1205 CK_ULONG ulAttributeCount
1206 )
1207 { 1152 {
1208 CK_ULONG i; 1153 CK_ULONG i;
1209 CK_BBOOL rv; 1154 CK_BBOOL rv;
1210 1155
1211 for( i = 0; i < ulAttributeCount; i++ ) { 1156 for (i = 0; i < ulAttributeCount; i++) {
1212 if( CKA_TOKEN == pTemplate[i].type ) { 1157 if (CKA_TOKEN == pTemplate[i].type) {
1213 /* If we sanity-check, we can remove this sizeof check */ 1158 /* If we sanity-check, we can remove this sizeof check */
1214 if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) { 1159 if (sizeof(CK_BBOOL) == pTemplate[i].ulValueLen) {
1215 (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL)); 1160 (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL)) ;
1216 return rv; 1161 return rv;
1217 } else { 1162 } else {
1218 return CK_FALSE; 1163 return CK_FALSE;
1219 } 1164 }
1165 }
1220 } 1166 }
1221 }
1222 1167
1223 return CK_FALSE; 1168 return CK_FALSE;
1224 } 1169 }
1225 1170
1226 /* 1171 /*
1227 * nssCKFWSession_CreateObject 1172 * nssCKFWSession_CreateObject
1228 * 1173 *
1229 */ 1174 */
1230 NSS_IMPLEMENT NSSCKFWObject * 1175 NSS_IMPLEMENT NSSCKFWObject *
1231 nssCKFWSession_CreateObject 1176 nssCKFWSession_CreateObject(
1232 ( 1177 NSSCKFWSession *fwSession,
1233 NSSCKFWSession *fwSession, 1178 CK_ATTRIBUTE_PTR pTemplate,
1234 CK_ATTRIBUTE_PTR pTemplate, 1179 CK_ULONG ulAttributeCount,
1235 CK_ULONG ulAttributeCount, 1180 CK_RV *pError)
1236 CK_RV *pError
1237 )
1238 { 1181 {
1239 NSSArena *arena; 1182 NSSArena *arena;
1240 NSSCKMDObject *mdObject; 1183 NSSCKMDObject *mdObject;
1241 NSSCKFWObject *fwObject; 1184 NSSCKFWObject *fwObject;
1242 CK_BBOOL isTokenObject; 1185 CK_BBOOL isTokenObject;
1243 1186
1244 #ifdef NSSDEBUG 1187 #ifdef NSSDEBUG
1245 if (!pError) { 1188 if (!pError) {
1246 return (NSSCKFWObject *)NULL; 1189 return (NSSCKFWObject *)NULL;
1247 } 1190 }
1248 1191
1249 *pError = nssCKFWSession_verifyPointer(fwSession); 1192 *pError = nssCKFWSession_verifyPointer(fwSession);
1250 if( CKR_OK != pError ) { 1193 if (CKR_OK != pError) {
1251 return (NSSCKFWObject *)NULL; 1194 return (NSSCKFWObject *)NULL;
1252 } 1195 }
1253 1196
1254 if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) { 1197 if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
1255 *pError = CKR_ARGUMENTS_BAD; 1198 *pError = CKR_ARGUMENTS_BAD;
1256 return (NSSCKFWObject *)NULL; 1199 return (NSSCKFWObject *)NULL;
1257 } 1200 }
1258 1201
1259 if (!fwSession->mdSession) { 1202 if (!fwSession->mdSession) {
1260 *pError = CKR_GENERAL_ERROR; 1203 *pError = CKR_GENERAL_ERROR;
1261 return (NSSCKFWObject *)NULL; 1204 return (NSSCKFWObject *)NULL;
1262 } 1205 }
1263 #endif /* NSSDEBUG */ 1206 #endif /* NSSDEBUG */
1264 1207
1265 /* 1208 /*
1266 * Here would be an excellent place to sanity-check the object. 1209 * Here would be an excellent place to sanity-check the object.
1267 */ 1210 */
1268 1211
1269 isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount); 1212 isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount );
1270 if( CK_TRUE == isTokenObject ) { 1213 if (CK_TRUE == isTokenObject) {
1271 /* === TOKEN OBJECT === */ 1214 /* === TOKEN OBJECT === */
1272 1215
1273 if (!fwSession->mdSession->CreateObject) { 1216 if (!fwSession->mdSession->CreateObject) {
1274 *pError = CKR_TOKEN_WRITE_PROTECTED; 1217 *pError = CKR_TOKEN_WRITE_PROTECTED;
1275 return (NSSCKFWObject *)NULL; 1218 return (NSSCKFWObject *)NULL;
1276 } 1219 }
1277 1220
1278 arena = nssCKFWToken_GetArena(fwSession->fwToken, pError); 1221 arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
1279 if (!arena) { 1222 if (!arena) {
1280 if( CKR_OK == *pError ) { 1223 if (CKR_OK == *pError) {
1281 *pError = CKR_GENERAL_ERROR; 1224 *pError = CKR_GENERAL_ERROR;
1282 } 1225 }
1283 return (NSSCKFWObject *)NULL; 1226 return (NSSCKFWObject *)NULL;
1284 } 1227 }
1285 1228
1286 goto callmdcreateobject; 1229 goto callmdcreateobject;
1287 } else {
1288 /* === SESSION OBJECT === */
1289
1290 arena = nssCKFWSession_GetArena(fwSession, pError);
1291 if (!arena) {
1292 if( CKR_OK == *pError ) {
1293 *pError = CKR_GENERAL_ERROR;
1294 }
1295 return (NSSCKFWObject *)NULL;
1296 }
1297
1298 if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
1299 fwSession->fwInstance) ) {
1300 /* --- module handles the session object -- */
1301
1302 if (!fwSession->mdSession->CreateObject) {
1303 *pError = CKR_GENERAL_ERROR;
1304 return (NSSCKFWObject *)NULL;
1305 }
1306
1307 goto callmdcreateobject;
1308 } else { 1230 } else {
1309 /* --- framework handles the session object -- */ 1231 /* === SESSION OBJECT === */
1310 mdObject = nssCKMDSessionObject_Create(fwSession->fwToken, 1232
1311 arena, pTemplate, ulAttributeCount, pError); 1233 arena = nssCKFWSession_GetArena(fwSession, pError);
1312 goto gotmdobject; 1234 if (!arena) {
1313 } 1235 if (CKR_OK == *pError) {
1314 } 1236 *pError = CKR_GENERAL_ERROR;
1315 1237 }
1316 callmdcreateobject: 1238 return (NSSCKFWObject *)NULL;
1317 mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession, 1239 }
1318 fwSession, fwSession->mdToken, fwSession->fwToken, 1240
1319 fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate, 1241 if (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
1320 ulAttributeCount, pError); 1242 fwSession->fwInstance)) {
1321 1243 /* --- module handles the session object -- */
1322 gotmdobject: 1244
1323 if (!mdObject) { 1245 if (!fwSession->mdSession->CreateObject) {
1324 if( CKR_OK == *pError ) { 1246 *pError = CKR_GENERAL_ERROR;
1325 *pError = CKR_GENERAL_ERROR; 1247 return (NSSCKFWObject *)NULL;
1326 } 1248 }
1327 return (NSSCKFWObject *)NULL; 1249
1328 } 1250 goto callmdcreateobject;
1329 1251 } else {
1330 fwObject = nssCKFWObject_Create(arena, mdObject, 1252 /* --- framework handles the session object -- */
1331 isTokenObject ? NULL : fwSession, 1253 mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
1332 fwSession->fwToken, fwSession->fwInstance, pError); 1254 arena, pTemplate, ulAttribute Count, pError);
1333 if (!fwObject) { 1255 goto gotmdobject;
1334 if( CKR_OK == *pError ) { 1256 }
1335 *pError = CKR_GENERAL_ERROR; 1257 }
1336 } 1258
1337 1259 callmdcreateobject:
1338 if (mdObject->Destroy) { 1260 mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
1339 (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL, 1261 fwSession, fwSession->mdToken, fwSession->fwToken,
1340 fwSession->mdSession, fwSession, fwSession->mdToken, 1262 fwSession->mdInstance, fwSessi on->fwInstance, arena, pTemplate,
1341 fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance); 1263 ulAttributeCount, pError);
1342 } 1264
1343 1265 gotmdobject:
1344 return (NSSCKFWObject *)NULL; 1266 if (!mdObject) {
1345 } 1267 if (CKR_OK == *pError) {
1346 1268 *pError = CKR_GENERAL_ERROR;
1347 if( CK_FALSE == isTokenObject ) { 1269 }
1348 if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) { 1270 return (NSSCKFWObject *)NULL;
1349 *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject ); 1271 }
1350 if( CKR_OK != *pError ) { 1272
1351 nssCKFWObject_Finalize(fwObject, PR_TRUE); 1273 fwObject = nssCKFWObject_Create(arena, mdObject,
1352 return (NSSCKFWObject *)NULL; 1274 isTokenObject ? NULL
1353 } 1275 : fwSession,
1354 } 1276 fwSession->fwToken, fwSession->fwInstance, p Error);
1355 } 1277 if (!fwObject) {
1356 1278 if (CKR_OK == *pError) {
1357 return fwObject; 1279 *pError = CKR_GENERAL_ERROR;
1280 }
1281
1282 if (mdObject->Destroy) {
1283 (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
1284 fwSession->mdSession, fwSession, fwSession-> mdToken,
1285 fwSession->fwToken, fwSession->mdInstance, f wSession->fwInstance);
1286 }
1287
1288 return (NSSCKFWObject *)NULL;
1289 }
1290
1291 if (CK_FALSE == isTokenObject) {
1292 if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObjec t)) {
1293 *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fw Object);
1294 if (CKR_OK != *pError) {
1295 nssCKFWObject_Finalize(fwObject, PR_TRUE);
1296 return (NSSCKFWObject *)NULL;
1297 }
1298 }
1299 }
1300
1301 return fwObject;
1358 } 1302 }
1359 1303
1360 /* 1304 /*
1361 * nssCKFWSession_CopyObject 1305 * nssCKFWSession_CopyObject
1362 * 1306 *
1363 */ 1307 */
1364 NSS_IMPLEMENT NSSCKFWObject * 1308 NSS_IMPLEMENT NSSCKFWObject *
1365 nssCKFWSession_CopyObject 1309 nssCKFWSession_CopyObject(
1366 ( 1310 NSSCKFWSession *fwSession,
1367 NSSCKFWSession *fwSession, 1311 NSSCKFWObject *fwObject,
1368 NSSCKFWObject *fwObject, 1312 CK_ATTRIBUTE_PTR pTemplate,
1369 CK_ATTRIBUTE_PTR pTemplate, 1313 CK_ULONG ulAttributeCount,
1370 CK_ULONG ulAttributeCount, 1314 CK_RV *pError)
1371 CK_RV *pError
1372 )
1373 { 1315 {
1374 CK_BBOOL oldIsToken; 1316 CK_BBOOL oldIsToken;
1375 CK_BBOOL newIsToken; 1317 CK_BBOOL newIsToken;
1376 CK_ULONG i; 1318 CK_ULONG i;
1377 NSSCKFWObject *rv; 1319 NSSCKFWObject *rv;
1378 1320
1379 #ifdef NSSDEBUG 1321 #ifdef NSSDEBUG
1380 if (!pError) { 1322 if (!pError) {
1381 return (NSSCKFWObject *)NULL; 1323 return (NSSCKFWObject *)NULL;
1382 } 1324 }
1383 1325
1384 *pError = nssCKFWSession_verifyPointer(fwSession); 1326 *pError = nssCKFWSession_verifyPointer(fwSession);
1385 if( CKR_OK != *pError ) { 1327 if (CKR_OK != *pError) {
1386 return (NSSCKFWObject *)NULL; 1328 return (NSSCKFWObject *)NULL;
1387 } 1329 }
1388 1330
1389 *pError = nssCKFWObject_verifyPointer(fwObject); 1331 *pError = nssCKFWObject_verifyPointer(fwObject);
1390 if( CKR_OK != *pError ) { 1332 if (CKR_OK != *pError) {
1391 return (NSSCKFWObject *)NULL; 1333 return (NSSCKFWObject *)NULL;
1392 } 1334 }
1393 1335
1394 if (!fwSession->mdSession) { 1336 if (!fwSession->mdSession) {
1395 *pError = CKR_GENERAL_ERROR; 1337 *pError = CKR_GENERAL_ERROR;
1396 return (NSSCKFWObject *)NULL; 1338 return (NSSCKFWObject *)NULL;
1397 } 1339 }
1398 #endif /* NSSDEBUG */ 1340 #endif /* NSSDEBUG */
1399 1341
1400 /* 1342 /*
1401 * Sanity-check object 1343 * Sanity-check object
1402 */ 1344 */
1403 1345
1404 if (!fwObject) { 1346 if (!fwObject) {
1405 *pError = CKR_ARGUMENTS_BAD; 1347 *pError = CKR_ARGUMENTS_BAD;
1406 return (NSSCKFWObject *)NULL; 1348 return (NSSCKFWObject *)NULL;
1407 } 1349 }
1408 1350
1409 oldIsToken = nssCKFWObject_IsTokenObject(fwObject); 1351 oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
1410 1352
1411 newIsToken = oldIsToken; 1353 newIsToken = oldIsToken;
1412 for( i = 0; i < ulAttributeCount; i++ ) { 1354 for (i = 0; i < ulAttributeCount; i++) {
1413 if( CKA_TOKEN == pTemplate[i].type ) { 1355 if (CKA_TOKEN == pTemplate[i].type) {
1414 /* Since we sanity-checked the object, we know this is the right size. */ 1356 /* Since we sanity-checked the object, we know this is the right siz e. */
1415 (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL)); 1357 (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBO OL));
1416 break; 1358 break;
1417 } 1359 }
1418 } 1360 }
1419 1361
1420 /* 1362 /*
1421 * If the Module handles its session objects, or if both the new 1363 * If the Module handles its session objects, or if both the new
1422 * and old object are token objects, use CopyObject if it exists. 1364 * and old object are token objects, use CopyObject if it exists.
1423 */ 1365 */
1424 1366
1425 if ((fwSession->mdSession->CopyObject) && 1367 if ((fwSession->mdSession->CopyObject) &&
1426 (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) || 1368 (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
1427 (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects( 1369 (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
1428 fwSession->fwInstance))) ) { 1370 fwSession->fwInstance)))) {
1429 /* use copy object */ 1371 /* use copy object */
1430 NSSArena *arena; 1372 NSSArena *arena;
1431 NSSCKMDObject *mdOldObject; 1373 NSSCKMDObject *mdOldObject;
1432 NSSCKMDObject *mdObject; 1374 NSSCKMDObject *mdObject;
1433 1375
1434 mdOldObject = nssCKFWObject_GetMDObject(fwObject); 1376 mdOldObject = nssCKFWObject_GetMDObject(fwObject);
1435 1377
1436 if( CK_TRUE == newIsToken ) { 1378 if (CK_TRUE == newIsToken) {
1437 arena = nssCKFWToken_GetArena(fwSession->fwToken, pError); 1379 arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
1380 } else {
1381 arena = nssCKFWSession_GetArena(fwSession, pError);
1382 }
1383 if (!arena) {
1384 if (CKR_OK == *pError) {
1385 *pError = CKR_GENERAL_ERROR;
1386 }
1387 return (NSSCKFWObject *)NULL;
1388 }
1389
1390 mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
1391 fwSession, fwSession->mdToke n, fwSession->fwToken,
1392 fwSession->mdInstance, fwSes sion->fwInstance, mdOldObject,
1393 fwObject, arena, pTemplate, ulAttributeCount, pError);
1394 if (!mdObject) {
1395 if (CKR_OK == *pError) {
1396 *pError = CKR_GENERAL_ERROR;
1397 }
1398 return (NSSCKFWObject *)NULL;
1399 }
1400
1401 rv = nssCKFWObject_Create(arena, mdObject,
1402 newIsToken ? NULL
1403 : fwSession,
1404 fwSession->fwToken, fwSession->fwInstance, pEr ror);
1405
1406 if (CK_FALSE == newIsToken) {
1407 if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
1408 *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
1409 if (CKR_OK != *pError) {
1410 nssCKFWObject_Finalize(rv, PR_TRUE);
1411 return (NSSCKFWObject *)NULL;
1412 }
1413 }
1414 }
1415
1416 return rv;
1438 } else { 1417 } else {
1439 arena = nssCKFWSession_GetArena(fwSession, pError); 1418 /* use create object */
1440 } 1419 NSSArena *tmpArena;
1441 if (!arena) { 1420 CK_ATTRIBUTE_PTR newTemplate;
1442 if( CKR_OK == *pError ) { 1421 CK_ULONG i, j, n, newLength, k;
1443 *pError = CKR_GENERAL_ERROR; 1422 CK_ATTRIBUTE_TYPE_PTR oldTypes;
1444 } 1423 NSSCKFWObject *rv;
1445 return (NSSCKFWObject *)NULL; 1424
1446 } 1425 n = nssCKFWObject_GetAttributeCount(fwObject, pError);
1447 1426 if ((0 == n) && (CKR_OK != *pError)) {
1448 mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession, 1427 return (NSSCKFWObject *)NULL;
1449 fwSession, fwSession->mdToken, fwSession->fwToken, 1428 }
1450 fwSession->mdInstance, fwSession->fwInstance, mdOldObject, 1429
1451 fwObject, arena, pTemplate, ulAttributeCount, pError); 1430 tmpArena = NSSArena_Create();
1452 if (!mdObject) { 1431 if (!tmpArena) {
1453 if( CKR_OK == *pError ) { 1432 *pError = CKR_HOST_MEMORY;
1454 *pError = CKR_GENERAL_ERROR; 1433 return (NSSCKFWObject *)NULL;
1455 } 1434 }
1456 return (NSSCKFWObject *)NULL; 1435
1457 } 1436 oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
1458 1437 if ((CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes) {
1459 rv = nssCKFWObject_Create(arena, mdObject, 1438 NSSArena_Destroy(tmpArena);
1460 newIsToken ? NULL : fwSession, 1439 *pError = CKR_HOST_MEMORY;
1461 fwSession->fwToken, fwSession->fwInstance, pError); 1440 return (NSSCKFWObject *)NULL;
1462 1441 }
1463 if( CK_FALSE == newIsToken ) { 1442
1464 if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) { 1443 *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
1465 *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv); 1444 if (CKR_OK != *pError) {
1466 if( CKR_OK != *pError ) { 1445 NSSArena_Destroy(tmpArena);
1467 nssCKFWObject_Finalize(rv, PR_TRUE); 1446 return (NSSCKFWObject *)NULL;
1468 return (NSSCKFWObject *)NULL; 1447 }
1469 } 1448
1470 } 1449 newLength = n;
1471 } 1450 for (i = 0; i < ulAttributeCount; i++) {
1472 1451 for (j = 0; j < n; j++) {
1473 return rv; 1452 if (oldTypes[j] == pTemplate[i].type) {
1474 } else { 1453 if ((CK_VOID_PTR)NULL ==
1475 /* use create object */ 1454 pTemplate[i].pValue) {
1476 NSSArena *tmpArena; 1455 /* Removing the attribute */
1477 CK_ATTRIBUTE_PTR newTemplate; 1456 newLength--;
1478 CK_ULONG i, j, n, newLength, k; 1457 }
1479 CK_ATTRIBUTE_TYPE_PTR oldTypes; 1458 break;
1480 NSSCKFWObject *rv; 1459 }
1481 1460 }
1482 n = nssCKFWObject_GetAttributeCount(fwObject, pError); 1461 if (j == n) {
1483 if( (0 == n) && (CKR_OK != *pError) ) { 1462 /* Not found */
1484 return (NSSCKFWObject *)NULL; 1463 newLength++;
1485 } 1464 }
1486 1465 }
1487 tmpArena = NSSArena_Create(); 1466
1488 if (!tmpArena) { 1467 newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
1489 *pError = CKR_HOST_MEMORY; 1468 if ((CK_ATTRIBUTE_PTR)NULL == newTemplate) {
1490 return (NSSCKFWObject *)NULL; 1469 NSSArena_Destroy(tmpArena);
1491 } 1470 *pError = CKR_HOST_MEMORY;
1492 1471 return (NSSCKFWObject *)NULL;
1493 oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n); 1472 }
1494 if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) { 1473
1495 NSSArena_Destroy(tmpArena); 1474 k = 0;
1496 *pError = CKR_HOST_MEMORY; 1475 for (j = 0; j < n; j++) {
1497 return (NSSCKFWObject *)NULL; 1476 for (i = 0; i < ulAttributeCount; i++) {
1498 } 1477 if (oldTypes[j] == pTemplate[i].type) {
1499 1478 if ((CK_VOID_PTR)NULL ==
1500 *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n); 1479 pTemplate[i].pValue) {
1501 if( CKR_OK != *pError ) { 1480 /* This attribute is being deleted */
1502 NSSArena_Destroy(tmpArena); 1481 ;
1503 return (NSSCKFWObject *)NULL; 1482 } else {
1504 } 1483 /* This attribute is being replaced */
1505 1484 newTemplate[k].type =
1506 newLength = n; 1485 pTemplate[i].type;
1507 for( i = 0; i < ulAttributeCount; i++ ) { 1486 newTemplate[k].pValue =
1508 for( j = 0; j < n; j++ ) { 1487 pTemplate[i].pValue;
1509 if( oldTypes[j] == pTemplate[i].type ) { 1488 newTemplate[k].ulValueLen =
1510 if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) { 1489 pTemplate[i].ulValueLen;
1511 /* Removing the attribute */ 1490 k++;
1512 newLength--; 1491 }
1513 } 1492 break;
1514 break; 1493 }
1515 } 1494 }
1516 } 1495 if (i == ulAttributeCount) {
1517 if( j == n ) { 1496 /* This attribute is being copied over from the old object */
1518 /* Not found */ 1497 NSSItem item, *it;
1519 newLength++; 1498 item.size = 0;
1520 } 1499 item.data = (void *)NULL;
1521 } 1500 it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
1522 1501 &item, tmpArena, pError);
1523 newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength); 1502 if (!it) {
1524 if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) { 1503 if (CKR_OK ==
1525 NSSArena_Destroy(tmpArena); 1504 *pError) {
1526 *pError = CKR_HOST_MEMORY; 1505 *pError =
1527 return (NSSCKFWObject *)NULL; 1506 CKR_GENERAL_ERROR;
1528 } 1507 }
1529 1508 NSSArena_Destroy(tmpArena);
1530 k = 0; 1509 return (NSSCKFWObject *)NULL;
1531 for( j = 0; j < n; j++ ) { 1510 }
1532 for( i = 0; i < ulAttributeCount; i++ ) { 1511 newTemplate[k].type = oldTypes[j];
1533 if( oldTypes[j] == pTemplate[i].type ) { 1512 newTemplate[k].pValue = it->data;
1534 if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) { 1513 newTemplate[k].ulValueLen = it->size;
1535 /* This attribute is being deleted */ 1514 k++;
1536 ; 1515 }
1537 } else { 1516 }
1538 /* This attribute is being replaced */ 1517 /* assert that k == newLength */
1539 newTemplate[k].type = pTemplate[i].type; 1518
1540 newTemplate[k].pValue = pTemplate[i].pValue; 1519 rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pErr or);
1541 newTemplate[k].ulValueLen = pTemplate[i].ulValueLen; 1520 if (!rv) {
1542 k++; 1521 if (CKR_OK == *pError) {
1543 } 1522 *pError = CKR_GENERAL_ERROR;
1544 break; 1523 }
1545 } 1524 NSSArena_Destroy(tmpArena);
1546 } 1525 return (NSSCKFWObject *)NULL;
1547 if( i == ulAttributeCount ) { 1526 }
1548 /* This attribute is being copied over from the old object */ 1527
1549 NSSItem item, *it; 1528 NSSArena_Destroy(tmpArena);
1550 item.size = 0; 1529 return rv;
1551 item.data = (void *)NULL; 1530 }
1552 it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
1553 &item, tmpArena, pError);
1554 if (!it) {
1555 if( CKR_OK == *pError ) {
1556 *pError = CKR_GENERAL_ERROR;
1557 }
1558 NSSArena_Destroy(tmpArena);
1559 return (NSSCKFWObject *)NULL;
1560 }
1561 newTemplate[k].type = oldTypes[j];
1562 newTemplate[k].pValue = it->data;
1563 newTemplate[k].ulValueLen = it->size;
1564 k++;
1565 }
1566 }
1567 /* assert that k == newLength */
1568
1569 rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
1570 if (!rv) {
1571 if( CKR_OK == *pError ) {
1572 *pError = CKR_GENERAL_ERROR;
1573 }
1574 NSSArena_Destroy(tmpArena);
1575 return (NSSCKFWObject *)NULL;
1576 }
1577
1578 NSSArena_Destroy(tmpArena);
1579 return rv;
1580 }
1581 } 1531 }
1582 1532
1583 /* 1533 /*
1584 * nssCKFWSession_FindObjectsInit 1534 * nssCKFWSession_FindObjectsInit
1585 * 1535 *
1586 */ 1536 */
1587 NSS_IMPLEMENT NSSCKFWFindObjects * 1537 NSS_IMPLEMENT NSSCKFWFindObjects *
1588 nssCKFWSession_FindObjectsInit 1538 nssCKFWSession_FindObjectsInit(
1589 ( 1539 NSSCKFWSession *fwSession,
1590 NSSCKFWSession *fwSession, 1540 CK_ATTRIBUTE_PTR pTemplate,
1591 CK_ATTRIBUTE_PTR pTemplate, 1541 CK_ULONG ulAttributeCount,
1592 CK_ULONG ulAttributeCount, 1542 CK_RV *pError)
1593 CK_RV *pError
1594 )
1595 { 1543 {
1596 NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL; 1544 NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
1597 NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL; 1545 NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
1598 1546
1599 #ifdef NSSDEBUG 1547 #ifdef NSSDEBUG
1600 if (!pError) { 1548 if (!pError) {
1601 return (NSSCKFWFindObjects *)NULL; 1549 return (NSSCKFWFindObjects *)NULL;
1602 } 1550 }
1603 1551
1604 *pError = nssCKFWSession_verifyPointer(fwSession); 1552 *pError = nssCKFWSession_verifyPointer(fwSession);
1605 if( CKR_OK != *pError ) { 1553 if (CKR_OK != *pError) {
1606 return (NSSCKFWFindObjects *)NULL; 1554 return (NSSCKFWFindObjects *)NULL;
1607 } 1555 }
1608 1556
1609 if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) { 1557 if (((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0)) {
1610 *pError = CKR_ARGUMENTS_BAD; 1558 *pError = CKR_ARGUMENTS_BAD;
1611 return (NSSCKFWFindObjects *)NULL; 1559 return (NSSCKFWFindObjects *)NULL;
1612 } 1560 }
1613 1561
1614 if (!fwSession->mdSession) { 1562 if (!fwSession->mdSession) {
1615 *pError = CKR_GENERAL_ERROR; 1563 *pError = CKR_GENERAL_ERROR;
1616 return (NSSCKFWFindObjects *)NULL; 1564 return (NSSCKFWFindObjects *)NULL;
1617 } 1565 }
1618 #endif /* NSSDEBUG */ 1566 #endif /* NSSDEBUG */
1619 1567
1620 if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects( 1568 if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
1621 fwSession->fwInstance) ) { 1569 fwSession->fwInstance)) {
1622 CK_ULONG i; 1570 CK_ULONG i;
1623 1571
1624 /* 1572 /*
1625 * Does the search criteria restrict us to token or session 1573 * Does the search criteria restrict us to token or session
1626 * objects? 1574 * objects?
1627 */ 1575 */
1628 1576
1629 for( i = 0; i < ulAttributeCount; i++ ) { 1577 for (i = 0; i < ulAttributeCount; i++) {
1630 if( CKA_TOKEN == pTemplate[i].type ) { 1578 if (CKA_TOKEN == pTemplate[i].type) {
1631 /* Yes, it does. */ 1579 /* Yes, it does. */
1632 CK_BBOOL isToken; 1580 CK_BBOOL isToken;
1633 if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) { 1581 if (sizeof(CK_BBOOL) != pTemplate[i].ulValueLen) {
1634 *pError = CKR_ATTRIBUTE_VALUE_INVALID; 1582 *pError =
1635 return (NSSCKFWFindObjects *)NULL; 1583 CKR_ATTRIBUTE_VALUE_INVALID;
1636 } 1584 return (NSSCKFWFindObjects *)NULL;
1637 (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL)); 1585 }
1638 1586 (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BB OOL));
1639 if( CK_TRUE == isToken ) { 1587
1640 /* Pass it on to the module's search routine */ 1588 if (CK_TRUE == isToken) {
1641 if (!fwSession->mdSession->FindObjectsInit) { 1589 /* Pass it on to the module's search routine */
1590 if (!fwSession->mdSession->FindObjectsInit) {
1591 goto wrap;
1592 }
1593
1594 mdfo1 =
1595 fwSession->mdSession->FindObjectsInit(fwSession->mdSessi on,
1596 fwSession, fwSessi on->mdToken, fwSession->fwToken,
1597 fwSession->mdInsta nce, fwSession->fwInstance,
1598 pTemplate, ulAttri buteCount, pError);
1599 } else {
1600 /* Do the search ourselves */
1601 mdfo1 =
1602 nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1603 pTemplate, ulAttributeC ount, pError);
1604 }
1605
1606 if (!mdfo1) {
1607 if (CKR_OK ==
1608 *pError) {
1609 *pError =
1610 CKR_GENERAL_ERROR;
1611 }
1612 return (NSSCKFWFindObjects *)NULL;
1613 }
1614
1615 goto wrap;
1616 }
1617 }
1618
1619 if (i == ulAttributeCount) {
1620 /* No, it doesn't. Do a hybrid search. */
1621 mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1622 fwSession, fwSession-> mdToken, fwSession->fwToken,
1623 fwSession->mdInstance, fwSession->fwInstance,
1624 pTemplate, ulAttribute Count, pError);
1625
1626 if (!mdfo1) {
1627 if (CKR_OK == *pError) {
1628 *pError =
1629 CKR_GENERAL_ERROR;
1630 }
1631 return (NSSCKFWFindObjects *)NULL;
1632 }
1633
1634 mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1635 pTemplate, ulAttributeCount , pError);
1636 if (!mdfo2) {
1637 if (CKR_OK == *pError) {
1638 *pError =
1639 CKR_GENERAL_ERROR;
1640 }
1641 if (mdfo1->Final) {
1642 mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->m dSession,
1643 fwSession, fwSession->mdToken, fwSession->fwTok en,
1644 fwSession->mdInstance, fwSession->fwInstance);
1645 }
1646 return (NSSCKFWFindObjects *)NULL;
1647 }
1648
1642 goto wrap; 1649 goto wrap;
1643 } 1650 }
1644 1651 /*NOTREACHED*/
1645 mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession, 1652 } else {
1646 fwSession, fwSession->mdToken, fwSession->fwToken, 1653 /* Module handles all its own objects. Pass on to module's search */
1647 fwSession->mdInstance, fwSession->fwInstance, 1654 mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1648 pTemplate, ulAttributeCount, pError); 1655 fwSession, fwSession->mdTo ken, fwSession->fwToken,
1649 } else { 1656 fwSession->mdInstance, fwS ession->fwInstance,
1650 /* Do the search ourselves */ 1657 pTemplate, ulAttributeCoun t, pError);
1651 mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1652 pTemplate, ulAttributeCount, pError);
1653 }
1654 1658
1655 if (!mdfo1) { 1659 if (!mdfo1) {
1656 if( CKR_OK == *pError ) { 1660 if (CKR_OK == *pError) {
1657 *pError = CKR_GENERAL_ERROR; 1661 *pError = CKR_GENERAL_ERROR;
1658 } 1662 }
1659 return (NSSCKFWFindObjects *)NULL; 1663 return (NSSCKFWFindObjects *)NULL;
1660 } 1664 }
1661 1665
1662 goto wrap; 1666 goto wrap;
1663 } 1667 }
1664 } 1668
1665 1669 wrap:
1666 if( i == ulAttributeCount ) { 1670 return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
1667 /* No, it doesn't. Do a hybrid search. */ 1671 fwSession->fwInstance, mdfo1, mdfo2, pError );
1668 mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1669 fwSession, fwSession->mdToken, fwSession->fwToken,
1670 fwSession->mdInstance, fwSession->fwInstance,
1671 pTemplate, ulAttributeCount, pError);
1672
1673 if (!mdfo1) {
1674 if( CKR_OK == *pError ) {
1675 *pError = CKR_GENERAL_ERROR;
1676 }
1677 return (NSSCKFWFindObjects *)NULL;
1678 }
1679
1680 mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1681 pTemplate, ulAttributeCount, pError);
1682 if (!mdfo2) {
1683 if( CKR_OK == *pError ) {
1684 *pError = CKR_GENERAL_ERROR;
1685 }
1686 if (mdfo1->Final) {
1687 mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
1688 fwSession, fwSession->mdToken, fwSession->fwToken,
1689 fwSession->mdInstance, fwSession->fwInstance);
1690 }
1691 return (NSSCKFWFindObjects *)NULL;
1692 }
1693
1694 goto wrap;
1695 }
1696 /*NOTREACHED*/
1697 } else {
1698 /* Module handles all its own objects. Pass on to module's search */
1699 mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1700 fwSession, fwSession->mdToken, fwSession->fwToken,
1701 fwSession->mdInstance, fwSession->fwInstance,
1702 pTemplate, ulAttributeCount, pError);
1703
1704 if (!mdfo1) {
1705 if( CKR_OK == *pError ) {
1706 *pError = CKR_GENERAL_ERROR;
1707 }
1708 return (NSSCKFWFindObjects *)NULL;
1709 }
1710
1711 goto wrap;
1712 }
1713
1714 wrap:
1715 return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
1716 fwSession->fwInstance, mdfo1, mdfo2, pError);
1717 } 1672 }
1718 1673
1719 /* 1674 /*
1720 * nssCKFWSession_SeedRandom 1675 * nssCKFWSession_SeedRandom
1721 * 1676 *
1722 */ 1677 */
1723 NSS_IMPLEMENT CK_RV 1678 NSS_IMPLEMENT CK_RV
1724 nssCKFWSession_SeedRandom 1679 nssCKFWSession_SeedRandom(
1725 ( 1680 NSSCKFWSession *fwSession,
1726 NSSCKFWSession *fwSession, 1681 NSSItem *seed)
1727 NSSItem *seed
1728 )
1729 { 1682 {
1730 CK_RV error = CKR_OK; 1683 CK_RV error = CKR_OK;
1731 1684
1732 #ifdef NSSDEBUG 1685 #ifdef NSSDEBUG
1733 error = nssCKFWSession_verifyPointer(fwSession); 1686 error = nssCKFWSession_verifyPointer(fwSession);
1734 if( CKR_OK != error ) { 1687 if (CKR_OK != error) {
1735 return error; 1688 return error;
1736 } 1689 }
1737 1690
1738 if (!seed) { 1691 if (!seed) {
1739 return CKR_ARGUMENTS_BAD; 1692 return CKR_ARGUMENTS_BAD;
1740 } 1693 }
1741 1694
1742 if (!seed->data) { 1695 if (!seed->data) {
1743 return CKR_ARGUMENTS_BAD; 1696 return CKR_ARGUMENTS_BAD;
1744 } 1697 }
1745 1698
1746 if( 0 == seed->size ) { 1699 if (0 == seed->size) {
1747 return CKR_ARGUMENTS_BAD; 1700 return CKR_ARGUMENTS_BAD;
1748 } 1701 }
1749 1702
1750 if (!fwSession->mdSession) { 1703 if (!fwSession->mdSession) {
1751 return CKR_GENERAL_ERROR; 1704 return CKR_GENERAL_ERROR;
1752 } 1705 }
1753 #endif /* NSSDEBUG */ 1706 #endif /* NSSDEBUG */
1754 1707
1755 if (!fwSession->mdSession->SeedRandom) { 1708 if (!fwSession->mdSession->SeedRandom) {
1756 return CKR_RANDOM_SEED_NOT_SUPPORTED; 1709 return CKR_RANDOM_SEED_NOT_SUPPORTED;
1757 } 1710 }
1758 1711
1759 error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession, 1712 error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
1760 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 1713 fwSession->mdToken, fwSession->fwTo ken, fwSession->mdInstance,
1761 fwSession->fwInstance, seed); 1714 fwSession->fwInstance, seed);
1762 1715
1763 return error; 1716 return error;
1764 } 1717 }
1765 1718
1766 /* 1719 /*
1767 * nssCKFWSession_GetRandom 1720 * nssCKFWSession_GetRandom
1768 * 1721 *
1769 */ 1722 */
1770 NSS_IMPLEMENT CK_RV 1723 NSS_IMPLEMENT CK_RV
1771 nssCKFWSession_GetRandom 1724 nssCKFWSession_GetRandom(
1772 ( 1725 NSSCKFWSession *fwSession,
1773 NSSCKFWSession *fwSession, 1726 NSSItem *buffer)
1774 NSSItem *buffer 1727 {
1775 ) 1728 CK_RV error = CKR_OK;
1776 { 1729
1777 CK_RV error = CKR_OK; 1730 #ifdef NSSDEBUG
1778 1731 error = nssCKFWSession_verifyPointer(fwSession);
1779 #ifdef NSSDEBUG 1732 if (CKR_OK != error) {
1780 error = nssCKFWSession_verifyPointer(fwSession); 1733 return error;
1781 if( CKR_OK != error ) { 1734 }
1735
1736 if (!buffer) {
1737 return CKR_ARGUMENTS_BAD;
1738 }
1739
1740 if (!buffer->data) {
1741 return CKR_ARGUMENTS_BAD;
1742 }
1743
1744 if (!fwSession->mdSession) {
1745 return CKR_GENERAL_ERROR;
1746 }
1747 #endif /* NSSDEBUG */
1748
1749 if (!fwSession->mdSession->GetRandom) {
1750 if (CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken)) {
1751 return CKR_GENERAL_ERROR;
1752 } else {
1753 return CKR_RANDOM_NO_RNG;
1754 }
1755 }
1756
1757 if (0 == buffer->size) {
1758 return CKR_OK;
1759 }
1760
1761 error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
1762 fwSession->mdToken, fwSession->fwTok en, fwSession->mdInstance,
1763 fwSession->fwInstance, buffer);
1764
1782 return error; 1765 return error;
1783 } 1766 }
1784 1767
1785 if (!buffer) { 1768 /*
1786 return CKR_ARGUMENTS_BAD; 1769 * nssCKFWSession_SetCurrentCryptoOperation
1787 } 1770 */
1788 1771 NSS_IMPLEMENT void
1789 if (!buffer->data) { 1772 nssCKFWSession_SetCurrentCryptoOperation(
1790 return CKR_ARGUMENTS_BAD; 1773 NSSCKFWSession *fwSession,
1791 } 1774 NSSCKFWCryptoOperation *fwOperation,
1792 1775 NSSCKFWCryptoOperationState state)
1793 if (!fwSession->mdSession) { 1776 {
1794 return CKR_GENERAL_ERROR; 1777 #ifdef NSSDEBUG
1795 } 1778 CK_RV error = CKR_OK;
1796 #endif /* NSSDEBUG */ 1779 error = nssCKFWSession_verifyPointer(fwSession);
1797 1780 if (CKR_OK != error) {
1798 if (!fwSession->mdSession->GetRandom) { 1781 return;
1799 if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) { 1782 }
1800 return CKR_GENERAL_ERROR; 1783
1784 if (state >= NSSCKFWCryptoOperationState_Max) {
1785 return;
1786 }
1787
1788 if (!fwSession->mdSession) {
1789 return;
1790 }
1791 #endif /* NSSDEBUG */
1792 fwSession->fwOperationArray[state] = fwOperation;
1793 return;
1794 }
1795
1796 /*
1797 * nssCKFWSession_GetCurrentCryptoOperation
1798 */
1799 NSS_IMPLEMENT NSSCKFWCryptoOperation *
1800 nssCKFWSession_GetCurrentCryptoOperation(
1801 NSSCKFWSession *fwSession,
1802 NSSCKFWCryptoOperationState state)
1803 {
1804 #ifdef NSSDEBUG
1805 CK_RV error = CKR_OK;
1806 error = nssCKFWSession_verifyPointer(fwSession);
1807 if (CKR_OK != error) {
1808 return (NSSCKFWCryptoOperation *)NULL;
1809 }
1810
1811 if (state >= NSSCKFWCryptoOperationState_Max) {
1812 return (NSSCKFWCryptoOperation *)NULL;
1813 }
1814
1815 if (!fwSession->mdSession) {
1816 return (NSSCKFWCryptoOperation *)NULL;
1817 }
1818 #endif /* NSSDEBUG */
1819 return fwSession->fwOperationArray[state];
1820 }
1821
1822 /*
1823 * nssCKFWSession_Final
1824 */
1825 NSS_IMPLEMENT CK_RV
1826 nssCKFWSession_Final(
1827 NSSCKFWSession *fwSession,
1828 NSSCKFWCryptoOperationType type,
1829 NSSCKFWCryptoOperationState state,
1830 CK_BYTE_PTR outBuf,
1831 CK_ULONG_PTR outBufLen)
1832 {
1833 NSSCKFWCryptoOperation *fwOperation;
1834 NSSItem outputBuffer;
1835 CK_RV error = CKR_OK;
1836
1837 #ifdef NSSDEBUG
1838 error = nssCKFWSession_verifyPointer(fwSession);
1839 if (CKR_OK != error) {
1840 return error;
1841 }
1842
1843 if (!fwSession->mdSession) {
1844 return CKR_GENERAL_ERROR;
1845 }
1846 #endif /* NSSDEBUG */
1847
1848 /* make sure we have a valid operation initialized */
1849 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
1850 if (!fwOperation) {
1851 return CKR_OPERATION_NOT_INITIALIZED;
1852 }
1853
1854 /* make sure it's the correct type */
1855 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
1856 return CKR_OPERATION_NOT_INITIALIZED;
1857 }
1858
1859 /* handle buffer issues, note for Verify, the type is an input buffer. */
1860 if (NSSCKFWCryptoOperationType_Verify == type) {
1861 if ((CK_BYTE_PTR)NULL == outBuf) {
1862 error = CKR_ARGUMENTS_BAD;
1863 goto done;
1864 }
1801 } else { 1865 } else {
1802 return CKR_RANDOM_NO_RNG; 1866 CK_ULONG len = nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error );
1803 } 1867 CK_ULONG maxBufLen = *outBufLen;
1804 } 1868
1805 1869 if (CKR_OK != error) {
1806 if( 0 == buffer->size ) { 1870 goto done;
1807 return CKR_OK; 1871 }
1808 } 1872 *outBufLen = len;
1809 1873 if ((CK_BYTE_PTR)NULL == outBuf) {
1810 error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession, 1874 return CKR_OK;
1811 fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance, 1875 }
1812 fwSession->fwInstance, buffer); 1876
1813 1877 if (len > maxBufLen) {
1814 return error; 1878 return CKR_BUFFER_TOO_SMALL;
1815 } 1879 }
1816 1880 }
1817 1881 outputBuffer.data = outBuf;
1818 /* 1882 outputBuffer.size = *outBufLen;
1819 * nssCKFWSession_SetCurrentCryptoOperation 1883
1820 */ 1884 error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
1821 NSS_IMPLEMENT void 1885 done:
1822 nssCKFWSession_SetCurrentCryptoOperation 1886 if (CKR_BUFFER_TOO_SMALL == error) {
1823 ( 1887 return error;
1824 NSSCKFWSession *fwSession, 1888 }
1825 NSSCKFWCryptoOperation * fwOperation, 1889 /* clean up our state */
1826 NSSCKFWCryptoOperationState state 1890 nssCKFWCryptoOperation_Destroy(fwOperation);
1827 ) 1891 nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
1828 {
1829 #ifdef NSSDEBUG
1830 CK_RV error = CKR_OK;
1831 error = nssCKFWSession_verifyPointer(fwSession);
1832 if( CKR_OK != error ) {
1833 return;
1834 }
1835
1836 if ( state >= NSSCKFWCryptoOperationState_Max) {
1837 return;
1838 }
1839
1840 if (!fwSession->mdSession) {
1841 return;
1842 }
1843 #endif /* NSSDEBUG */
1844 fwSession->fwOperationArray[state] = fwOperation;
1845 return;
1846 }
1847
1848 /*
1849 * nssCKFWSession_GetCurrentCryptoOperation
1850 */
1851 NSS_IMPLEMENT NSSCKFWCryptoOperation *
1852 nssCKFWSession_GetCurrentCryptoOperation
1853 (
1854 NSSCKFWSession *fwSession,
1855 NSSCKFWCryptoOperationState state
1856 )
1857 {
1858 #ifdef NSSDEBUG
1859 CK_RV error = CKR_OK;
1860 error = nssCKFWSession_verifyPointer(fwSession);
1861 if( CKR_OK != error ) {
1862 return (NSSCKFWCryptoOperation *)NULL;
1863 }
1864
1865 if ( state >= NSSCKFWCryptoOperationState_Max) {
1866 return (NSSCKFWCryptoOperation *)NULL;
1867 }
1868
1869 if (!fwSession->mdSession) {
1870 return (NSSCKFWCryptoOperation *)NULL;
1871 }
1872 #endif /* NSSDEBUG */
1873 return fwSession->fwOperationArray[state];
1874 }
1875
1876 /*
1877 * nssCKFWSession_Final
1878 */
1879 NSS_IMPLEMENT CK_RV
1880 nssCKFWSession_Final
1881 (
1882 NSSCKFWSession *fwSession,
1883 NSSCKFWCryptoOperationType type,
1884 NSSCKFWCryptoOperationState state,
1885 CK_BYTE_PTR outBuf,
1886 CK_ULONG_PTR outBufLen
1887 )
1888 {
1889 NSSCKFWCryptoOperation *fwOperation;
1890 NSSItem outputBuffer;
1891 CK_RV error = CKR_OK;
1892
1893 #ifdef NSSDEBUG
1894 error = nssCKFWSession_verifyPointer(fwSession);
1895 if( CKR_OK != error ) {
1896 return error; 1892 return error;
1897 } 1893 }
1898 1894
1899 if (!fwSession->mdSession) { 1895 /*
1900 return CKR_GENERAL_ERROR; 1896 * nssCKFWSession_Update
1901 } 1897 */
1902 #endif /* NSSDEBUG */ 1898 NSS_IMPLEMENT CK_RV
1903 1899 nssCKFWSession_Update(
1904 /* make sure we have a valid operation initialized */ 1900 NSSCKFWSession *fwSession,
1905 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state); 1901 NSSCKFWCryptoOperationType type,
1906 if (!fwOperation) { 1902 NSSCKFWCryptoOperationState state,
1907 return CKR_OPERATION_NOT_INITIALIZED; 1903 CK_BYTE_PTR inBuf,
1908 } 1904 CK_ULONG inBufLen,
1909 1905 CK_BYTE_PTR outBuf,
1910 /* make sure it's the correct type */ 1906 CK_ULONG_PTR outBufLen)
1911 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) { 1907 {
1912 return CKR_OPERATION_NOT_INITIALIZED; 1908 NSSCKFWCryptoOperation *fwOperation;
1913 } 1909 NSSItem inputBuffer;
1914 1910 NSSItem outputBuffer;
1915 /* handle buffer issues, note for Verify, the type is an input buffer. */ 1911 CK_ULONG len;
1916 if (NSSCKFWCryptoOperationType_Verify == type) { 1912 CK_ULONG maxBufLen;
1917 if ((CK_BYTE_PTR)NULL == outBuf) { 1913 CK_RV error = CKR_OK;
1918 error = CKR_ARGUMENTS_BAD; 1914
1919 goto done; 1915 #ifdef NSSDEBUG
1920 } 1916 error = nssCKFWSession_verifyPointer(fwSession);
1921 } else { 1917 if (CKR_OK != error) {
1922 CK_ULONG len = nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error); 1918 return error;
1923 CK_ULONG maxBufLen = *outBufLen; 1919 }
1924 1920
1925 if (CKR_OK != error) { 1921 if (!fwSession->mdSession) {
1926 goto done; 1922 return CKR_GENERAL_ERROR;
1927 } 1923 }
1924 #endif /* NSSDEBUG */
1925
1926 /* make sure we have a valid operation initialized */
1927 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
1928 if (!fwOperation) {
1929 return CKR_OPERATION_NOT_INITIALIZED;
1930 }
1931
1932 /* make sure it's the correct type */
1933 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
1934 return CKR_OPERATION_NOT_INITIALIZED;
1935 }
1936
1937 inputBuffer.data = inBuf;
1938 inputBuffer.size = inBufLen;
1939
1940 /* handle buffer issues, note for Verify, the type is an input buffer. */
1941 len = nssCKFWCryptoOperation_GetOperationLength(fwOperation, &inputBuffer,
1942 &error);
1943 if (CKR_OK != error) {
1944 return error;
1945 }
1946 maxBufLen = *outBufLen;
1947
1928 *outBufLen = len; 1948 *outBufLen = len;
1929 if ((CK_BYTE_PTR)NULL == outBuf) { 1949 if ((CK_BYTE_PTR)NULL == outBuf) {
1930 return CKR_OK; 1950 return CKR_OK;
1931 } 1951 }
1932 1952
1933 if (len > maxBufLen) { 1953 if (len > maxBufLen) {
1934 return CKR_BUFFER_TOO_SMALL; 1954 return CKR_BUFFER_TOO_SMALL;
1935 } 1955 }
1936 } 1956 outputBuffer.data = outBuf;
1937 outputBuffer.data = outBuf; 1957 outputBuffer.size = *outBufLen;
1938 outputBuffer.size = *outBufLen; 1958
1939 1959 return nssCKFWCryptoOperation_Update(fwOperation,
1940 error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer); 1960 &inputBuffer, &outputBuffer);
1961 }
1962
1963 /*
1964 * nssCKFWSession_DigestUpdate
1965 */
1966 NSS_IMPLEMENT CK_RV
1967 nssCKFWSession_DigestUpdate(
1968 NSSCKFWSession *fwSession,
1969 NSSCKFWCryptoOperationType type,
1970 NSSCKFWCryptoOperationState state,
1971 CK_BYTE_PTR inBuf,
1972 CK_ULONG inBufLen)
1973 {
1974 NSSCKFWCryptoOperation *fwOperation;
1975 NSSItem inputBuffer;
1976 CK_RV error = CKR_OK;
1977
1978 #ifdef NSSDEBUG
1979 error = nssCKFWSession_verifyPointer(fwSession);
1980 if (CKR_OK != error) {
1981 return error;
1982 }
1983
1984 if (!fwSession->mdSession) {
1985 return CKR_GENERAL_ERROR;
1986 }
1987 #endif /* NSSDEBUG */
1988
1989 /* make sure we have a valid operation initialized */
1990 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
1991 if (!fwOperation) {
1992 return CKR_OPERATION_NOT_INITIALIZED;
1993 }
1994
1995 /* make sure it's the correct type */
1996 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
1997 return CKR_OPERATION_NOT_INITIALIZED;
1998 }
1999
2000 inputBuffer.data = inBuf;
2001 inputBuffer.size = inBufLen;
2002
2003 error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
2004 return error;
2005 }
2006
2007 /*
2008 * nssCKFWSession_DigestUpdate
2009 */
2010 NSS_IMPLEMENT CK_RV
2011 nssCKFWSession_DigestKey(
2012 NSSCKFWSession *fwSession,
2013 NSSCKFWObject *fwKey)
2014 {
2015 NSSCKFWCryptoOperation *fwOperation;
2016 NSSItem *inputBuffer;
2017 CK_RV error = CKR_OK;
2018
2019 #ifdef NSSDEBUG
2020 error = nssCKFWSession_verifyPointer(fwSession);
2021 if (CKR_OK != error) {
2022 return error;
2023 }
2024
2025 if (!fwSession->mdSession) {
2026 return CKR_GENERAL_ERROR;
2027 }
2028 #endif /* NSSDEBUG */
2029
2030 /* make sure we have a valid operation initialized */
2031 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2032 NSSCKFWCryptoOperatio nState_Digest);
2033 if (!fwOperation) {
2034 return CKR_OPERATION_NOT_INITIALIZED;
2035 }
2036
2037 /* make sure it's the correct type */
2038 if (NSSCKFWCryptoOperationType_Digest !=
2039 nssCKFWCryptoOperation_GetType(fwOperation)) {
2040 return CKR_OPERATION_NOT_INITIALIZED;
2041 }
2042
2043 error = nssCKFWCryptoOperation_DigestKey(fwOperation, fwKey);
2044 if (CKR_FUNCTION_FAILED != error) {
2045 return error;
2046 }
2047
2048 /* no machine depended way for this to happen, do it by hand */
2049 inputBuffer = nssCKFWObject_GetAttribute(fwKey, CKA_VALUE, NULL, NULL, &erro r);
2050 if (!inputBuffer) {
2051 /* couldn't get the value, just fail then */
2052 return error;
2053 }
2054 error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, inputBuffer);
2055 nssItem_Destroy(inputBuffer);
2056 return error;
2057 }
2058
2059 /*
2060 * nssCKFWSession_UpdateFinal
2061 */
2062 NSS_IMPLEMENT CK_RV
2063 nssCKFWSession_UpdateFinal(
2064 NSSCKFWSession *fwSession,
2065 NSSCKFWCryptoOperationType type,
2066 NSSCKFWCryptoOperationState state,
2067 CK_BYTE_PTR inBuf,
2068 CK_ULONG inBufLen,
2069 CK_BYTE_PTR outBuf,
2070 CK_ULONG_PTR outBufLen)
2071 {
2072 NSSCKFWCryptoOperation *fwOperation;
2073 NSSItem inputBuffer;
2074 NSSItem outputBuffer;
2075 PRBool isEncryptDecrypt;
2076 CK_RV error = CKR_OK;
2077
2078 #ifdef NSSDEBUG
2079 error = nssCKFWSession_verifyPointer(fwSession);
2080 if (CKR_OK != error) {
2081 return error;
2082 }
2083
2084 if (!fwSession->mdSession) {
2085 return CKR_GENERAL_ERROR;
2086 }
2087 #endif /* NSSDEBUG */
2088
2089 /* make sure we have a valid operation initialized */
2090 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
2091 if (!fwOperation) {
2092 return CKR_OPERATION_NOT_INITIALIZED;
2093 }
2094
2095 /* make sure it's the correct type */
2096 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
2097 return CKR_OPERATION_NOT_INITIALIZED;
2098 }
2099
2100 inputBuffer.data = inBuf;
2101 inputBuffer.size = inBufLen;
2102 isEncryptDecrypt = (PRBool)((NSSCKFWCryptoOperationType_Encrypt == type) ||
2103 (NSSCKFWCryptoOperationType_Decrypt == type));
2104
2105 /* handle buffer issues, note for Verify, the type is an input buffer. */
2106 if (NSSCKFWCryptoOperationType_Verify == type) {
2107 if ((CK_BYTE_PTR)NULL == outBuf) {
2108 error = CKR_ARGUMENTS_BAD;
2109 goto done;
2110 }
2111 } else {
2112 CK_ULONG maxBufLen = *outBufLen;
2113 CK_ULONG len;
2114
2115 len = (isEncryptDecrypt) ? nssCKFWCryptoOperation_GetOperationLength(fwO peration,
2116 &in putBuffer, &error)
2117 : nssCKFWCryptoOperation_GetFinalLength(fwOpera tion, &error);
2118
2119 if (CKR_OK != error) {
2120 goto done;
2121 }
2122
2123 *outBufLen = len;
2124 if ((CK_BYTE_PTR)NULL == outBuf) {
2125 return CKR_OK;
2126 }
2127
2128 if (len > maxBufLen) {
2129 return CKR_BUFFER_TOO_SMALL;
2130 }
2131 }
2132 outputBuffer.data = outBuf;
2133 outputBuffer.size = *outBufLen;
2134
2135 error = nssCKFWCryptoOperation_UpdateFinal(fwOperation,
2136 &inputBuffer, &outputBuffer);
2137
2138 /* UpdateFinal isn't support, manually use Update and Final */
2139 if (CKR_FUNCTION_FAILED == error) {
2140 error = isEncryptDecrypt ? nssCKFWCryptoOperation_Update(fwOperation, &i nputBuffer, &outputBuffer)
2141 : nssCKFWCryptoOperation_DigestUpdate(fwOperati on, &inputBuffer);
2142
2143 if (CKR_OK == error) {
2144 error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
2145 }
2146 }
2147
1941 done: 2148 done:
1942 if (CKR_BUFFER_TOO_SMALL == error) { 2149 if (CKR_BUFFER_TOO_SMALL == error) {
2150 /* if we return CKR_BUFFER_TOO_SMALL, we the caller is not expecting.
2151 * the crypto state to be freed */
2152 return error;
2153 }
2154
2155 /* clean up our state */
2156 nssCKFWCryptoOperation_Destroy(fwOperation);
2157 nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
1943 return error; 2158 return error;
1944 } 2159 }
1945 /* clean up our state */ 2160
1946 nssCKFWCryptoOperation_Destroy(fwOperation); 2161 NSS_IMPLEMENT CK_RV
1947 nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state); 2162 nssCKFWSession_UpdateCombo(
1948 return error; 2163 NSSCKFWSession *fwSession,
1949 } 2164 NSSCKFWCryptoOperationType encryptType,
1950 2165 NSSCKFWCryptoOperationType digestType,
1951 /* 2166 NSSCKFWCryptoOperationState digestState,
1952 * nssCKFWSession_Update 2167 CK_BYTE_PTR inBuf,
1953 */ 2168 CK_ULONG inBufLen,
1954 NSS_IMPLEMENT CK_RV 2169 CK_BYTE_PTR outBuf,
1955 nssCKFWSession_Update 2170 CK_ULONG_PTR outBufLen)
1956 ( 2171 {
1957 NSSCKFWSession *fwSession, 2172 NSSCKFWCryptoOperation *fwOperation;
1958 NSSCKFWCryptoOperationType type, 2173 NSSCKFWCryptoOperation *fwPeerOperation;
1959 NSSCKFWCryptoOperationState state, 2174 NSSItem inputBuffer;
1960 CK_BYTE_PTR inBuf, 2175 NSSItem outputBuffer;
1961 CK_ULONG inBufLen,
1962 CK_BYTE_PTR outBuf,
1963 CK_ULONG_PTR outBufLen
1964 )
1965 {
1966 NSSCKFWCryptoOperation *fwOperation;
1967 NSSItem inputBuffer;
1968 NSSItem outputBuffer;
1969 CK_ULONG len;
1970 CK_ULONG maxBufLen;
1971 CK_RV error = CKR_OK;
1972
1973 #ifdef NSSDEBUG
1974 error = nssCKFWSession_verifyPointer(fwSession);
1975 if( CKR_OK != error ) {
1976 return error;
1977 }
1978
1979 if (!fwSession->mdSession) {
1980 return CKR_GENERAL_ERROR;
1981 }
1982 #endif /* NSSDEBUG */
1983
1984 /* make sure we have a valid operation initialized */
1985 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
1986 if (!fwOperation) {
1987 return CKR_OPERATION_NOT_INITIALIZED;
1988 }
1989
1990 /* make sure it's the correct type */
1991 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
1992 return CKR_OPERATION_NOT_INITIALIZED;
1993 }
1994
1995 inputBuffer.data = inBuf;
1996 inputBuffer.size = inBufLen;
1997
1998 /* handle buffer issues, note for Verify, the type is an input buffer. */
1999 len = nssCKFWCryptoOperation_GetOperationLength(fwOperation, &inputBuffer,
2000 &error);
2001 if (CKR_OK != error) {
2002 return error;
2003 }
2004 maxBufLen = *outBufLen;
2005
2006 *outBufLen = len;
2007 if ((CK_BYTE_PTR)NULL == outBuf) {
2008 return CKR_OK;
2009 }
2010
2011 if (len > maxBufLen) {
2012 return CKR_BUFFER_TOO_SMALL;
2013 }
2014 outputBuffer.data = outBuf;
2015 outputBuffer.size = *outBufLen;
2016
2017 return nssCKFWCryptoOperation_Update(fwOperation,
2018 &inputBuffer, &outputBuffer);
2019 }
2020
2021 /*
2022 * nssCKFWSession_DigestUpdate
2023 */
2024 NSS_IMPLEMENT CK_RV
2025 nssCKFWSession_DigestUpdate
2026 (
2027 NSSCKFWSession *fwSession,
2028 NSSCKFWCryptoOperationType type,
2029 NSSCKFWCryptoOperationState state,
2030 CK_BYTE_PTR inBuf,
2031 CK_ULONG inBufLen
2032 )
2033 {
2034 NSSCKFWCryptoOperation *fwOperation;
2035 NSSItem inputBuffer;
2036 CK_RV error = CKR_OK;
2037
2038 #ifdef NSSDEBUG
2039 error = nssCKFWSession_verifyPointer(fwSession);
2040 if( CKR_OK != error ) {
2041 return error;
2042 }
2043
2044 if (!fwSession->mdSession) {
2045 return CKR_GENERAL_ERROR;
2046 }
2047 #endif /* NSSDEBUG */
2048
2049 /* make sure we have a valid operation initialized */
2050 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
2051 if (!fwOperation) {
2052 return CKR_OPERATION_NOT_INITIALIZED;
2053 }
2054
2055 /* make sure it's the correct type */
2056 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
2057 return CKR_OPERATION_NOT_INITIALIZED;
2058 }
2059
2060 inputBuffer.data = inBuf;
2061 inputBuffer.size = inBufLen;
2062
2063
2064 error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
2065 return error;
2066 }
2067
2068 /*
2069 * nssCKFWSession_DigestUpdate
2070 */
2071 NSS_IMPLEMENT CK_RV
2072 nssCKFWSession_DigestKey
2073 (
2074 NSSCKFWSession *fwSession,
2075 NSSCKFWObject *fwKey
2076 )
2077 {
2078 NSSCKFWCryptoOperation *fwOperation;
2079 NSSItem *inputBuffer;
2080 CK_RV error = CKR_OK;
2081
2082 #ifdef NSSDEBUG
2083 error = nssCKFWSession_verifyPointer(fwSession);
2084 if( CKR_OK != error ) {
2085 return error;
2086 }
2087
2088 if (!fwSession->mdSession) {
2089 return CKR_GENERAL_ERROR;
2090 }
2091 #endif /* NSSDEBUG */
2092
2093 /* make sure we have a valid operation initialized */
2094 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2095 NSSCKFWCryptoOperationState_Digest);
2096 if (!fwOperation) {
2097 return CKR_OPERATION_NOT_INITIALIZED;
2098 }
2099
2100 /* make sure it's the correct type */
2101 if (NSSCKFWCryptoOperationType_Digest !=
2102 nssCKFWCryptoOperation_GetType(fwOperation)) {
2103 return CKR_OPERATION_NOT_INITIALIZED;
2104 }
2105
2106 error = nssCKFWCryptoOperation_DigestKey(fwOperation, fwKey);
2107 if (CKR_FUNCTION_FAILED != error) {
2108 return error;
2109 }
2110
2111 /* no machine depended way for this to happen, do it by hand */
2112 inputBuffer=nssCKFWObject_GetAttribute(fwKey, CKA_VALUE, NULL, NULL, &error);
2113 if (!inputBuffer) {
2114 /* couldn't get the value, just fail then */
2115 return error;
2116 }
2117 error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, inputBuffer);
2118 nssItem_Destroy(inputBuffer);
2119 return error;
2120 }
2121
2122 /*
2123 * nssCKFWSession_UpdateFinal
2124 */
2125 NSS_IMPLEMENT CK_RV
2126 nssCKFWSession_UpdateFinal
2127 (
2128 NSSCKFWSession *fwSession,
2129 NSSCKFWCryptoOperationType type,
2130 NSSCKFWCryptoOperationState state,
2131 CK_BYTE_PTR inBuf,
2132 CK_ULONG inBufLen,
2133 CK_BYTE_PTR outBuf,
2134 CK_ULONG_PTR outBufLen
2135 )
2136 {
2137 NSSCKFWCryptoOperation *fwOperation;
2138 NSSItem inputBuffer;
2139 NSSItem outputBuffer;
2140 PRBool isEncryptDecrypt;
2141 CK_RV error = CKR_OK;
2142
2143 #ifdef NSSDEBUG
2144 error = nssCKFWSession_verifyPointer(fwSession);
2145 if( CKR_OK != error ) {
2146 return error;
2147 }
2148
2149 if (!fwSession->mdSession) {
2150 return CKR_GENERAL_ERROR;
2151 }
2152 #endif /* NSSDEBUG */
2153
2154 /* make sure we have a valid operation initialized */
2155 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
2156 if (!fwOperation) {
2157 return CKR_OPERATION_NOT_INITIALIZED;
2158 }
2159
2160 /* make sure it's the correct type */
2161 if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
2162 return CKR_OPERATION_NOT_INITIALIZED;
2163 }
2164
2165 inputBuffer.data = inBuf;
2166 inputBuffer.size = inBufLen;
2167 isEncryptDecrypt = (PRBool) ((NSSCKFWCryptoOperationType_Encrypt == type) ||
2168 (NSSCKFWCryptoOperationType_Decrypt == type)) ;
2169
2170 /* handle buffer issues, note for Verify, the type is an input buffer. */
2171 if (NSSCKFWCryptoOperationType_Verify == type) {
2172 if ((CK_BYTE_PTR)NULL == outBuf) {
2173 error = CKR_ARGUMENTS_BAD;
2174 goto done;
2175 }
2176 } else {
2177 CK_ULONG maxBufLen = *outBufLen; 2176 CK_ULONG maxBufLen = *outBufLen;
2178 CK_ULONG len; 2177 CK_ULONG len;
2179 2178 CK_RV error = CKR_OK;
2180 len = (isEncryptDecrypt) ? 2179
2181 nssCKFWCryptoOperation_GetOperationLength(fwOperation, 2180 #ifdef NSSDEBUG
2182 &inputBuffer, &error) : 2181 error = nssCKFWSession_verifyPointer(fwSession);
2183 nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error); 2182 if (CKR_OK != error) {
2184 2183 return error;
2185 if (CKR_OK != error) { 2184 }
2186 goto done; 2185
2186 if (!fwSession->mdSession) {
2187 return CKR_GENERAL_ERROR;
2188 }
2189 #endif /* NSSDEBUG */
2190
2191 /* make sure we have a valid operation initialized */
2192 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2193 NSSCKFWCryptoOperatio nState_EncryptDecrypt);
2194 if (!fwOperation) {
2195 return CKR_OPERATION_NOT_INITIALIZED;
2196 }
2197
2198 /* make sure it's the correct type */
2199 if (encryptType != nssCKFWCryptoOperation_GetType(fwOperation)) {
2200 return CKR_OPERATION_NOT_INITIALIZED;
2201 }
2202 /* make sure we have a valid operation initialized */
2203 fwPeerOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2204 digestState);
2205 if (!fwPeerOperation) {
2206 return CKR_OPERATION_NOT_INITIALIZED;
2207 }
2208
2209 /* make sure it's the correct type */
2210 if (digestType != nssCKFWCryptoOperation_GetType(fwOperation)) {
2211 return CKR_OPERATION_NOT_INITIALIZED;
2212 }
2213
2214 inputBuffer.data = inBuf;
2215 inputBuffer.size = inBufLen;
2216 len = nssCKFWCryptoOperation_GetOperationLength(fwOperation,
2217 &inputBuffer, &error);
2218 if (CKR_OK != error) {
2219 return error;
2187 } 2220 }
2188 2221
2189 *outBufLen = len; 2222 *outBufLen = len;
2190 if ((CK_BYTE_PTR)NULL == outBuf) { 2223 if ((CK_BYTE_PTR)NULL == outBuf) {
2191 return CKR_OK; 2224 return CKR_OK;
2192 } 2225 }
2193 2226
2194 if (len > maxBufLen) { 2227 if (len > maxBufLen) {
2195 return CKR_BUFFER_TOO_SMALL; 2228 return CKR_BUFFER_TOO_SMALL;
2196 } 2229 }
2197 } 2230
2198 outputBuffer.data = outBuf; 2231 outputBuffer.data = outBuf;
2199 outputBuffer.size = *outBufLen; 2232 outputBuffer.size = *outBufLen;
2200 2233
2201 error = nssCKFWCryptoOperation_UpdateFinal(fwOperation, 2234 error = nssCKFWCryptoOperation_UpdateCombo(fwOperation, fwPeerOperation,
2202 &inputBuffer, &outputBuffer); 2235 &inputBuffer, &outputBuffer);
2203 2236 if (CKR_FUNCTION_FAILED == error) {
2204 /* UpdateFinal isn't support, manually use Update and Final */ 2237 PRBool isEncrypt =
2205 if (CKR_FUNCTION_FAILED == error) { 2238 (PRBool)(NSSCKFWCryptoOperationType_Encrypt == encryptType);
2206 error = isEncryptDecrypt ? 2239
2207 nssCKFWCryptoOperation_Update(fwOperation, &inputBuffer, &outputBuffer) : 2240 if (isEncrypt) {
2208 nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer); 2241 error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
2209 2242 &inputBuffer);
2210 if (CKR_OK == error) { 2243 if (CKR_OK != error) {
2211 error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer); 2244 return error;
2212 } 2245 }
2213 } 2246 }
2214 2247 error = nssCKFWCryptoOperation_Update(fwOperation,
2215 2248 &inputBuffer, &outputBuffer);
2216 done: 2249 if (CKR_OK != error) {
2217 if (CKR_BUFFER_TOO_SMALL == error) { 2250 return error;
2218 /* if we return CKR_BUFFER_TOO_SMALL, we the caller is not expecting. 2251 }
2219 * the crypto state to be freed */ 2252 if (!isEncrypt) {
2253 error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
2254 &outputBuffer);
2255 }
2256 }
2220 return error; 2257 return error;
2221 } 2258 }
2222
2223 /* clean up our state */
2224 nssCKFWCryptoOperation_Destroy(fwOperation);
2225 nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
2226 return error;
2227 }
2228
2229 NSS_IMPLEMENT CK_RV
2230 nssCKFWSession_UpdateCombo
2231 (
2232 NSSCKFWSession *fwSession,
2233 NSSCKFWCryptoOperationType encryptType,
2234 NSSCKFWCryptoOperationType digestType,
2235 NSSCKFWCryptoOperationState digestState,
2236 CK_BYTE_PTR inBuf,
2237 CK_ULONG inBufLen,
2238 CK_BYTE_PTR outBuf,
2239 CK_ULONG_PTR outBufLen
2240 )
2241 {
2242 NSSCKFWCryptoOperation *fwOperation;
2243 NSSCKFWCryptoOperation *fwPeerOperation;
2244 NSSItem inputBuffer;
2245 NSSItem outputBuffer;
2246 CK_ULONG maxBufLen = *outBufLen;
2247 CK_ULONG len;
2248 CK_RV error = CKR_OK;
2249
2250 #ifdef NSSDEBUG
2251 error = nssCKFWSession_verifyPointer(fwSession);
2252 if( CKR_OK != error ) {
2253 return error;
2254 }
2255
2256 if (!fwSession->mdSession) {
2257 return CKR_GENERAL_ERROR;
2258 }
2259 #endif /* NSSDEBUG */
2260
2261 /* make sure we have a valid operation initialized */
2262 fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2263 NSSCKFWCryptoOperationState_EncryptDecrypt);
2264 if (!fwOperation) {
2265 return CKR_OPERATION_NOT_INITIALIZED;
2266 }
2267
2268 /* make sure it's the correct type */
2269 if (encryptType != nssCKFWCryptoOperation_GetType(fwOperation)) {
2270 return CKR_OPERATION_NOT_INITIALIZED;
2271 }
2272 /* make sure we have a valid operation initialized */
2273 fwPeerOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
2274 digestState);
2275 if (!fwPeerOperation) {
2276 return CKR_OPERATION_NOT_INITIALIZED;
2277 }
2278
2279 /* make sure it's the correct type */
2280 if (digestType != nssCKFWCryptoOperation_GetType(fwOperation)) {
2281 return CKR_OPERATION_NOT_INITIALIZED;
2282 }
2283
2284 inputBuffer.data = inBuf;
2285 inputBuffer.size = inBufLen;
2286 len = nssCKFWCryptoOperation_GetOperationLength(fwOperation,
2287 &inputBuffer, &error);
2288 if (CKR_OK != error) {
2289 return error;
2290 }
2291
2292 *outBufLen = len;
2293 if ((CK_BYTE_PTR)NULL == outBuf) {
2294 return CKR_OK;
2295 }
2296
2297 if (len > maxBufLen) {
2298 return CKR_BUFFER_TOO_SMALL;
2299 }
2300
2301 outputBuffer.data = outBuf;
2302 outputBuffer.size = *outBufLen;
2303
2304 error = nssCKFWCryptoOperation_UpdateCombo(fwOperation, fwPeerOperation,
2305 &inputBuffer, &outputBuffer);
2306 if (CKR_FUNCTION_FAILED == error) {
2307 PRBool isEncrypt =
2308 (PRBool) (NSSCKFWCryptoOperationType_Encrypt == encryptType);
2309
2310 if (isEncrypt) {
2311 error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
2312 &inputBuffer);
2313 if (CKR_OK != error) {
2314 return error;
2315 }
2316 }
2317 error = nssCKFWCryptoOperation_Update(fwOperation,
2318 &inputBuffer, &outputBuffer);
2319 if (CKR_OK != error) {
2320 return error;
2321 }
2322 if (!isEncrypt) {
2323 error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
2324 &outputBuffer);
2325 }
2326 }
2327 return error;
2328 }
2329
2330 2259
2331 /* 2260 /*
2332 * NSSCKFWSession_GetMDSession 2261 * NSSCKFWSession_GetMDSession
2333 * 2262 *
2334 */ 2263 */
2335 2264
2336 NSS_IMPLEMENT NSSCKMDSession * 2265 NSS_IMPLEMENT NSSCKMDSession *
2337 NSSCKFWSession_GetMDSession 2266 NSSCKFWSession_GetMDSession(
2338 ( 2267 NSSCKFWSession *fwSession)
2339 NSSCKFWSession *fwSession
2340 )
2341 { 2268 {
2342 #ifdef DEBUG 2269 #ifdef DEBUG
2343 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 2270 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
2344 return (NSSCKMDSession *)NULL; 2271 return (NSSCKMDSession *)NULL;
2345 } 2272 }
2346 #endif /* DEBUG */ 2273 #endif /* DEBUG */
2347 2274
2348 return nssCKFWSession_GetMDSession(fwSession); 2275 return nssCKFWSession_GetMDSession(fwSession);
2349 } 2276 }
2350 2277
2351 /* 2278 /*
2352 * NSSCKFWSession_GetArena 2279 * NSSCKFWSession_GetArena
2353 * 2280 *
2354 */ 2281 */
2355 2282
2356 NSS_IMPLEMENT NSSArena * 2283 NSS_IMPLEMENT NSSArena *
2357 NSSCKFWSession_GetArena 2284 NSSCKFWSession_GetArena(
2358 ( 2285 NSSCKFWSession *fwSession,
2359 NSSCKFWSession *fwSession, 2286 CK_RV *pError)
2360 CK_RV *pError
2361 )
2362 { 2287 {
2363 #ifdef DEBUG 2288 #ifdef DEBUG
2364 if (!pError) { 2289 if (!pError) {
2365 return (NSSArena *)NULL; 2290 return (NSSArena *)NULL;
2366 } 2291 }
2367 2292
2368 *pError = nssCKFWSession_verifyPointer(fwSession); 2293 *pError = nssCKFWSession_verifyPointer(fwSession);
2369 if( CKR_OK != *pError ) { 2294 if (CKR_OK != *pError) {
2370 return (NSSArena *)NULL; 2295 return (NSSArena *)NULL;
2371 } 2296 }
2372 #endif /* DEBUG */ 2297 #endif /* DEBUG */
2373 2298
2374 return nssCKFWSession_GetArena(fwSession, pError); 2299 return nssCKFWSession_GetArena(fwSession, pError);
2375 } 2300 }
2376 2301
2377 /* 2302 /*
2378 * NSSCKFWSession_CallNotification 2303 * NSSCKFWSession_CallNotification
2379 * 2304 *
2380 */ 2305 */
2381 2306
2382 NSS_IMPLEMENT CK_RV 2307 NSS_IMPLEMENT CK_RV
2383 NSSCKFWSession_CallNotification 2308 NSSCKFWSession_CallNotification(
2384 ( 2309 NSSCKFWSession *fwSession,
2385 NSSCKFWSession *fwSession, 2310 CK_NOTIFICATION event)
2386 CK_NOTIFICATION event
2387 )
2388 { 2311 {
2389 #ifdef DEBUG 2312 #ifdef DEBUG
2390 CK_RV error = CKR_OK; 2313 CK_RV error = CKR_OK;
2391 2314
2392 error = nssCKFWSession_verifyPointer(fwSession); 2315 error = nssCKFWSession_verifyPointer(fwSession);
2393 if( CKR_OK != error ) { 2316 if (CKR_OK != error) {
2394 return error; 2317 return error;
2395 } 2318 }
2396 #endif /* DEBUG */ 2319 #endif /* DEBUG */
2397 2320
2398 return nssCKFWSession_CallNotification(fwSession, event); 2321 return nssCKFWSession_CallNotification(fwSession, event);
2399 } 2322 }
2400 2323
2401 /* 2324 /*
2402 * NSSCKFWSession_IsRWSession 2325 * NSSCKFWSession_IsRWSession
2403 * 2326 *
2404 */ 2327 */
2405 2328
2406 NSS_IMPLEMENT CK_BBOOL 2329 NSS_IMPLEMENT CK_BBOOL
2407 NSSCKFWSession_IsRWSession 2330 NSSCKFWSession_IsRWSession(
2408 ( 2331 NSSCKFWSession *fwSession)
2409 NSSCKFWSession *fwSession
2410 )
2411 { 2332 {
2412 #ifdef DEBUG 2333 #ifdef DEBUG
2413 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 2334 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
2414 return CK_FALSE; 2335 return CK_FALSE;
2415 } 2336 }
2416 #endif /* DEBUG */ 2337 #endif /* DEBUG */
2417 2338
2418 return nssCKFWSession_IsRWSession(fwSession); 2339 return nssCKFWSession_IsRWSession(fwSession);
2419 } 2340 }
2420 2341
2421 /* 2342 /*
2422 * NSSCKFWSession_IsSO 2343 * NSSCKFWSession_IsSO
2423 * 2344 *
2424 */ 2345 */
2425 2346
2426 NSS_IMPLEMENT CK_BBOOL 2347 NSS_IMPLEMENT CK_BBOOL
2427 NSSCKFWSession_IsSO 2348 NSSCKFWSession_IsSO(
2428 ( 2349 NSSCKFWSession *fwSession)
2429 NSSCKFWSession *fwSession
2430 )
2431 { 2350 {
2432 #ifdef DEBUG 2351 #ifdef DEBUG
2433 if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) { 2352 if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
2434 return CK_FALSE; 2353 return CK_FALSE;
2435 } 2354 }
2436 #endif /* DEBUG */ 2355 #endif /* DEBUG */
2437 2356
2438 return nssCKFWSession_IsSO(fwSession); 2357 return nssCKFWSession_IsSO(fwSession);
2439 } 2358 }
2440 2359
2441 NSS_IMPLEMENT NSSCKFWCryptoOperation * 2360 NSS_IMPLEMENT NSSCKFWCryptoOperation *
2442 NSSCKFWSession_GetCurrentCryptoOperation 2361 NSSCKFWSession_GetCurrentCryptoOperation(
2443 ( 2362 NSSCKFWSession *fwSession,
2444 NSSCKFWSession *fwSession, 2363 NSSCKFWCryptoOperationState state)
2445 NSSCKFWCryptoOperationState state
2446 )
2447 { 2364 {
2448 #ifdef DEBUG 2365 #ifdef DEBUG
2449 CK_RV error = CKR_OK; 2366 CK_RV error = CKR_OK;
2450 error = nssCKFWSession_verifyPointer(fwSession); 2367 error = nssCKFWSession_verifyPointer(fwSession);
2451 if( CKR_OK != error ) { 2368 if (CKR_OK != error) {
2452 return (NSSCKFWCryptoOperation *)NULL; 2369 return (NSSCKFWCryptoOperation *)NULL;
2453 } 2370 }
2454 2371
2455 if ( state >= NSSCKFWCryptoOperationState_Max) { 2372 if (state >= NSSCKFWCryptoOperationState_Max) {
2456 return (NSSCKFWCryptoOperation *)NULL; 2373 return (NSSCKFWCryptoOperation *)NULL;
2457 } 2374 }
2458 #endif /* DEBUG */ 2375 #endif /* DEBUG */
2459 return nssCKFWSession_GetCurrentCryptoOperation(fwSession, state); 2376 return nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
2460 } 2377 }
OLDNEW
« no previous file with comments | « nss/lib/ckfw/object.c ('k') | nss/lib/ckfw/sessobj.c » ('j') | nss/lib/util/secoid.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698