| Index: nss/lib/ckfw/token.c
|
| diff --git a/nss/lib/ckfw/token.c b/nss/lib/ckfw/token.c
|
| deleted file mode 100644
|
| index 4483bb5c9929c628bbd721cb729bd9f2ec6422dc..0000000000000000000000000000000000000000
|
| --- a/nss/lib/ckfw/token.c
|
| +++ /dev/null
|
| @@ -1,1791 +0,0 @@
|
| -/* This Source Code Form is subject to the terms of the Mozilla Public
|
| - * License, v. 2.0. If a copy of the MPL was not distributed with this
|
| - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
| -
|
| -/*
|
| - * token.c
|
| - *
|
| - * This file implements the NSSCKFWToken type and methods.
|
| - */
|
| -
|
| -#ifndef CK_T
|
| -#include "ck.h"
|
| -#endif /* CK_T */
|
| -
|
| -/*
|
| - * NSSCKFWToken
|
| - *
|
| - * -- create/destroy --
|
| - * nssCKFWToken_Create
|
| - * nssCKFWToken_Destroy
|
| - *
|
| - * -- public accessors --
|
| - * NSSCKFWToken_GetMDToken
|
| - * NSSCKFWToken_GetFWSlot
|
| - * NSSCKFWToken_GetMDSlot
|
| - * NSSCKFWToken_GetSessionState
|
| - *
|
| - * -- implement public accessors --
|
| - * nssCKFWToken_GetMDToken
|
| - * nssCKFWToken_GetFWSlot
|
| - * nssCKFWToken_GetMDSlot
|
| - * nssCKFWToken_GetSessionState
|
| - * nssCKFWToken_SetSessionState
|
| - *
|
| - * -- private accessors --
|
| - * nssCKFWToken_SetSessionState
|
| - * nssCKFWToken_RemoveSession
|
| - * nssCKFWToken_CloseAllSessions
|
| - * nssCKFWToken_GetSessionCount
|
| - * nssCKFWToken_GetRwSessionCount
|
| - * nssCKFWToken_GetRoSessionCount
|
| - * nssCKFWToken_GetSessionObjectHash
|
| - * nssCKFWToken_GetMDObjectHash
|
| - * nssCKFWToken_GetObjectHandleHash
|
| - *
|
| - * -- module fronts --
|
| - * nssCKFWToken_InitToken
|
| - * nssCKFWToken_GetLabel
|
| - * nssCKFWToken_GetManufacturerID
|
| - * nssCKFWToken_GetModel
|
| - * nssCKFWToken_GetSerialNumber
|
| - * nssCKFWToken_GetHasRNG
|
| - * nssCKFWToken_GetIsWriteProtected
|
| - * nssCKFWToken_GetLoginRequired
|
| - * nssCKFWToken_GetUserPinInitialized
|
| - * nssCKFWToken_GetRestoreKeyNotNeeded
|
| - * nssCKFWToken_GetHasClockOnToken
|
| - * nssCKFWToken_GetHasProtectedAuthenticationPath
|
| - * nssCKFWToken_GetSupportsDualCryptoOperations
|
| - * nssCKFWToken_GetMaxSessionCount
|
| - * nssCKFWToken_GetMaxRwSessionCount
|
| - * nssCKFWToken_GetMaxPinLen
|
| - * nssCKFWToken_GetMinPinLen
|
| - * nssCKFWToken_GetTotalPublicMemory
|
| - * nssCKFWToken_GetFreePublicMemory
|
| - * nssCKFWToken_GetTotalPrivateMemory
|
| - * nssCKFWToken_GetFreePrivateMemory
|
| - * nssCKFWToken_GetHardwareVersion
|
| - * nssCKFWToken_GetFirmwareVersion
|
| - * nssCKFWToken_GetUTCTime
|
| - * nssCKFWToken_OpenSession
|
| - * nssCKFWToken_GetMechanismCount
|
| - * nssCKFWToken_GetMechanismTypes
|
| - * nssCKFWToken_GetMechanism
|
| - */
|
| -
|
| -struct NSSCKFWTokenStr {
|
| - NSSCKFWMutex *mutex;
|
| - NSSArena *arena;
|
| - NSSCKMDToken *mdToken;
|
| - NSSCKFWSlot *fwSlot;
|
| - NSSCKMDSlot *mdSlot;
|
| - NSSCKFWInstance *fwInstance;
|
| - NSSCKMDInstance *mdInstance;
|
| -
|
| - /*
|
| - * Everything above is set at creation time, and then not modified.
|
| - * The invariants the mutex protects are:
|
| - *
|
| - * 1) Each of the cached descriptions (versions, etc.) are in an
|
| - * internally consistant state.
|
| - *
|
| - * 2) The session counts and hashes are consistant.
|
| - *
|
| - * 3) The object hashes are consistant.
|
| - *
|
| - * Note that the calls accessing the cached descriptions will call
|
| - * the NSSCKMDToken methods with the mutex locked. Those methods
|
| - * may then call the public NSSCKFWToken routines. Those public
|
| - * routines only access the constant data above and the atomic
|
| - * CK_STATE session state variable below, so there's no problem.
|
| - * But be careful if you add to this object; mutexes are in
|
| - * general not reentrant, so don't create deadlock situations.
|
| - */
|
| -
|
| - NSSUTF8 *label;
|
| - NSSUTF8 *manufacturerID;
|
| - NSSUTF8 *model;
|
| - NSSUTF8 *serialNumber;
|
| - CK_VERSION hardwareVersion;
|
| - CK_VERSION firmwareVersion;
|
| -
|
| - CK_ULONG sessionCount;
|
| - CK_ULONG rwSessionCount;
|
| - nssCKFWHash *sessions;
|
| - nssCKFWHash *sessionObjectHash;
|
| - nssCKFWHash *mdObjectHash;
|
| - nssCKFWHash *mdMechanismHash;
|
| -
|
| - CK_STATE state;
|
| -};
|
| -
|
| -#ifdef DEBUG
|
| -/*
|
| - * But first, the pointer-tracking stuff.
|
| - *
|
| - * NOTE: the pointer-tracking support in NSS/base currently relies
|
| - * upon NSPR's CallOnce support. That, however, relies upon NSPR's
|
| - * locking, which is tied into the runtime. We need a pointer-tracker
|
| - * implementation that uses the locks supplied through C_Initialize.
|
| - * That support, however, can be filled in later. So for now, I'll
|
| - * just do this routines as no-ops.
|
| - */
|
| -
|
| -static CK_RV
|
| -token_add_pointer(
|
| - const NSSCKFWToken *fwToken)
|
| -{
|
| - return CKR_OK;
|
| -}
|
| -
|
| -static CK_RV
|
| -token_remove_pointer(
|
| - const NSSCKFWToken *fwToken)
|
| -{
|
| - return CKR_OK;
|
| -}
|
| -
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_verifyPointer(
|
| - const NSSCKFWToken *fwToken)
|
| -{
|
| - return CKR_OK;
|
| -}
|
| -
|
| -#endif /* DEBUG */
|
| -
|
| -/*
|
| - * nssCKFWToken_Create
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKFWToken *
|
| -nssCKFWToken_Create(
|
| - NSSCKFWSlot *fwSlot,
|
| - NSSCKMDToken *mdToken,
|
| - CK_RV *pError)
|
| -{
|
| - NSSArena *arena = (NSSArena *)NULL;
|
| - NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
|
| - CK_BBOOL called_setup = CK_FALSE;
|
| -
|
| - /*
|
| - * We have already verified the arguments in nssCKFWSlot_GetToken.
|
| - */
|
| -
|
| - arena = NSSArena_Create();
|
| - if (!arena) {
|
| - *pError = CKR_HOST_MEMORY;
|
| - goto loser;
|
| - }
|
| -
|
| - fwToken = nss_ZNEW(arena, NSSCKFWToken);
|
| - if (!fwToken) {
|
| - *pError = CKR_HOST_MEMORY;
|
| - goto loser;
|
| - }
|
| -
|
| - fwToken->arena = arena;
|
| - fwToken->mdToken = mdToken;
|
| - fwToken->fwSlot = fwSlot;
|
| - fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
|
| - fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
|
| - fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
|
| - fwToken->sessionCount = 0;
|
| - fwToken->rwSessionCount = 0;
|
| -
|
| - fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
|
| - if (!fwToken->mutex) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto loser;
|
| - }
|
| -
|
| - fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
|
| - if (!fwToken->sessions) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto loser;
|
| - }
|
| -
|
| - if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
|
| - fwToken->fwInstance)) {
|
| - fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
|
| - arena, pError);
|
| - if (!fwToken->sessionObjectHash) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto loser;
|
| - }
|
| - }
|
| -
|
| - fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
|
| - arena, pError);
|
| - if (!fwToken->mdObjectHash) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto loser;
|
| - }
|
| -
|
| - fwToken->mdMechanismHash = nssCKFWHash_Create(fwToken->fwInstance,
|
| - arena, pError);
|
| - if (!fwToken->mdMechanismHash) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto loser;
|
| - }
|
| -
|
| - /* More here */
|
| -
|
| - if (mdToken->Setup) {
|
| - *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| - if (CKR_OK != *pError) {
|
| - goto loser;
|
| - }
|
| - }
|
| -
|
| - called_setup = CK_TRUE;
|
| -
|
| -#ifdef DEBUG
|
| - *pError = token_add_pointer(fwToken);
|
| - if (CKR_OK != *pError) {
|
| - goto loser;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - *pError = CKR_OK;
|
| - return fwToken;
|
| -
|
| -loser:
|
| -
|
| - if (CK_TRUE == called_setup) {
|
| - if (mdToken->Invalidate) {
|
| - mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| - }
|
| - }
|
| -
|
| - if (arena) {
|
| - (void)NSSArena_Destroy(arena);
|
| - }
|
| -
|
| - return (NSSCKFWToken *)NULL;
|
| -}
|
| -
|
| -static void
|
| -nss_ckfwtoken_session_iterator(
|
| - const void *key,
|
| - void *value,
|
| - void *closure)
|
| -{
|
| - /*
|
| - * Remember that the fwToken->mutex is locked
|
| - */
|
| - NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
|
| - (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
|
| - return;
|
| -}
|
| -
|
| -static void
|
| -nss_ckfwtoken_object_iterator(
|
| - const void *key,
|
| - void *value,
|
| - void *closure)
|
| -{
|
| - /*
|
| - * Remember that the fwToken->mutex is locked
|
| - */
|
| - NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
|
| - (void)nssCKFWObject_Finalize(fwObject, CK_FALSE);
|
| - return;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_Destroy
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_Destroy(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - (void)nssCKFWMutex_Destroy(fwToken->mutex);
|
| -
|
| - if (fwToken->mdToken->Invalidate) {
|
| - fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| - }
|
| - /* we can destroy the list without locking now because no one else is
|
| - * referencing us (or _Destroy was invalidly called!)
|
| - */
|
| - nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
|
| - (void *)NULL);
|
| - nssCKFWHash_Destroy(fwToken->sessions);
|
| -
|
| - /* session objects go away when their sessions are removed */
|
| - if (fwToken->sessionObjectHash) {
|
| - nssCKFWHash_Destroy(fwToken->sessionObjectHash);
|
| - }
|
| -
|
| - /* free up the token objects */
|
| - if (fwToken->mdObjectHash) {
|
| - nssCKFWHash_Iterate(fwToken->mdObjectHash, nss_ckfwtoken_object_iterator,
|
| - (void *)NULL);
|
| - nssCKFWHash_Destroy(fwToken->mdObjectHash);
|
| - }
|
| - if (fwToken->mdMechanismHash) {
|
| - nssCKFWHash_Destroy(fwToken->mdMechanismHash);
|
| - }
|
| -
|
| - nssCKFWSlot_ClearToken(fwToken->fwSlot);
|
| -
|
| -#ifdef DEBUG
|
| - error = token_remove_pointer(fwToken);
|
| -#endif /* DEBUG */
|
| -
|
| - (void)NSSArena_Destroy(fwToken->arena);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMDToken
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKMDToken *
|
| -nssCKFWToken_GetMDToken(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKMDToken *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->mdToken;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetArena
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSArena *
|
| -nssCKFWToken_GetArena(
|
| - NSSCKFWToken *fwToken,
|
| - CK_RV *pError)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (!pError) {
|
| - return (NSSArena *)NULL;
|
| - }
|
| -
|
| - *pError = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != *pError) {
|
| - return (NSSArena *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->arena;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetFWSlot
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKFWSlot *
|
| -nssCKFWToken_GetFWSlot(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKFWSlot *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->fwSlot;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMDSlot
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKMDSlot *
|
| -nssCKFWToken_GetMDSlot(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKMDSlot *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->mdSlot;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetSessionState
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_STATE
|
| -nssCKFWToken_GetSessionState(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CKS_RO_PUBLIC_SESSION; /* whatever */
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - /*
|
| - * BTW, do not lock the token in this method.
|
| - */
|
| -
|
| - /*
|
| - * Theoretically, there is no state if there aren't any
|
| - * sessions open. But then we'd need to worry about
|
| - * reporting an error, etc. What the heck-- let's just
|
| - * revert to CKR_RO_PUBLIC_SESSION as the "default."
|
| - */
|
| -
|
| - return fwToken->state;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_InitToken
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_InitToken(
|
| - NSSCKFWToken *fwToken,
|
| - NSSItem *pin,
|
| - NSSUTF8 *label)
|
| -{
|
| - CK_RV error;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (fwToken->sessionCount > 0) {
|
| - error = CKR_SESSION_EXISTS;
|
| - goto done;
|
| - }
|
| -
|
| - if (!fwToken->mdToken->InitToken) {
|
| - error = CKR_DEVICE_ERROR;
|
| - goto done;
|
| - }
|
| -
|
| - if (!pin) {
|
| - if (nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken)) {
|
| - ; /* okay */
|
| - } else {
|
| - error = CKR_PIN_INCORRECT;
|
| - goto done;
|
| - }
|
| - }
|
| -
|
| - if (!label) {
|
| - label = (NSSUTF8 *)"";
|
| - }
|
| -
|
| - error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, pin, label);
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetLabel
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetLabel(
|
| - NSSCKFWToken *fwToken,
|
| - CK_CHAR label[32])
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if ((CK_CHAR_PTR)NULL == label) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (!fwToken->label) {
|
| - if (fwToken->mdToken->GetLabel) {
|
| - fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, &error);
|
| - if ((!fwToken->label) && (CKR_OK != error)) {
|
| - goto done;
|
| - }
|
| - } else {
|
| - fwToken->label = (NSSUTF8 *)"";
|
| - }
|
| - }
|
| -
|
| - (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetManufacturerID
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetManufacturerID(
|
| - NSSCKFWToken *fwToken,
|
| - CK_CHAR manufacturerID[32])
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if ((CK_CHAR_PTR)NULL == manufacturerID) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (!fwToken->manufacturerID) {
|
| - if (fwToken->mdToken->GetManufacturerID) {
|
| - fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
|
| - fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
|
| - if ((!fwToken->manufacturerID) && (CKR_OK != error)) {
|
| - goto done;
|
| - }
|
| - } else {
|
| - fwToken->manufacturerID = (NSSUTF8 *)"";
|
| - }
|
| - }
|
| -
|
| - (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetModel
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetModel(
|
| - NSSCKFWToken *fwToken,
|
| - CK_CHAR model[16])
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if ((CK_CHAR_PTR)NULL == model) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (!fwToken->model) {
|
| - if (fwToken->mdToken->GetModel) {
|
| - fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, &error);
|
| - if ((!fwToken->model) && (CKR_OK != error)) {
|
| - goto done;
|
| - }
|
| - } else {
|
| - fwToken->model = (NSSUTF8 *)"";
|
| - }
|
| - }
|
| -
|
| - (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetSerialNumber
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetSerialNumber(
|
| - NSSCKFWToken *fwToken,
|
| - CK_CHAR serialNumber[16])
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if ((CK_CHAR_PTR)NULL == serialNumber) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (!fwToken->serialNumber) {
|
| - if (fwToken->mdToken->GetSerialNumber) {
|
| - fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
|
| - fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
|
| - if ((!fwToken->serialNumber) && (CKR_OK != error)) {
|
| - goto done;
|
| - }
|
| - } else {
|
| - fwToken->serialNumber = (NSSUTF8 *)"";
|
| - }
|
| - }
|
| -
|
| - (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetHasRNG
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetHasRNG(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetHasRNG) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetIsWriteProtected
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetIsWriteProtected(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetIsWriteProtected) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetLoginRequired
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetLoginRequired(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetLoginRequired) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetUserPinInitialized
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetUserPinInitialized(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetUserPinInitialized) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetRestoreKeyNotNeeded
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetRestoreKeyNotNeeded(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetRestoreKeyNotNeeded) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetHasClockOnToken
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetHasClockOnToken(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetHasClockOnToken) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetHasProtectedAuthenticationPath
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetHasProtectedAuthenticationPath(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetHasProtectedAuthenticationPath) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
|
| - fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetSupportsDualCryptoOperations
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_BBOOL
|
| -nssCKFWToken_GetSupportsDualCryptoOperations(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_FALSE;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetSupportsDualCryptoOperations) {
|
| - return CK_FALSE;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
|
| - fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMaxSessionCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetMaxSessionCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMaxSessionCount) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMaxRwSessionCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetMaxRwSessionCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMaxRwSessionCount) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMaxPinLen
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetMaxPinLen(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMaxPinLen) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMinPinLen
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetMinPinLen(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMinPinLen) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetTotalPublicMemory
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetTotalPublicMemory(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetTotalPublicMemory) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetFreePublicMemory
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetFreePublicMemory(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetFreePublicMemory) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetTotalPrivateMemory
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetTotalPrivateMemory(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetTotalPrivateMemory) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetFreePrivateMemory
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetFreePrivateMemory(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetFreePrivateMemory) {
|
| - return CK_UNAVAILABLE_INFORMATION;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetHardwareVersion
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_VERSION
|
| -nssCKFWToken_GetHardwareVersion(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_VERSION rv;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - rv.major = rv.minor = 0;
|
| - return rv;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
|
| - rv.major = rv.minor = 0;
|
| - return rv;
|
| - }
|
| -
|
| - if ((0 != fwToken->hardwareVersion.major) ||
|
| - (0 != fwToken->hardwareVersion.minor)) {
|
| - rv = fwToken->hardwareVersion;
|
| - goto done;
|
| - }
|
| -
|
| - if (fwToken->mdToken->GetHardwareVersion) {
|
| - fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
|
| - fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| - } else {
|
| - fwToken->hardwareVersion.major = 0;
|
| - fwToken->hardwareVersion.minor = 1;
|
| - }
|
| -
|
| - rv = fwToken->hardwareVersion;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return rv;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetFirmwareVersion
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_VERSION
|
| -nssCKFWToken_GetFirmwareVersion(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_VERSION rv;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - rv.major = rv.minor = 0;
|
| - return rv;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
|
| - rv.major = rv.minor = 0;
|
| - return rv;
|
| - }
|
| -
|
| - if ((0 != fwToken->firmwareVersion.major) ||
|
| - (0 != fwToken->firmwareVersion.minor)) {
|
| - rv = fwToken->firmwareVersion;
|
| - goto done;
|
| - }
|
| -
|
| - if (fwToken->mdToken->GetFirmwareVersion) {
|
| - fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
|
| - fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
|
| - } else {
|
| - fwToken->firmwareVersion.major = 0;
|
| - fwToken->firmwareVersion.minor = 1;
|
| - }
|
| -
|
| - rv = fwToken->firmwareVersion;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return rv;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetUTCTime
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetUTCTime(
|
| - NSSCKFWToken *fwToken,
|
| - CK_CHAR utcTime[16])
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if ((CK_CHAR_PTR)NULL == utcTime) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - if (CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken)) {
|
| - /* return CKR_DEVICE_ERROR; */
|
| - (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
|
| - return CKR_OK;
|
| - }
|
| -
|
| - if (!fwToken->mdToken->GetUTCTime) {
|
| - /* It said it had one! */
|
| - return CKR_GENERAL_ERROR;
|
| - }
|
| -
|
| - error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, utcTime);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - /* Sanity-check the data */
|
| - {
|
| - /* Format is YYYYMMDDhhmmss00 */
|
| - int i;
|
| - int Y, M, D, h, m, s;
|
| - static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
|
| -
|
| - for (i = 0; i < 16; i++) {
|
| - if ((utcTime[i] < '0') || (utcTime[i] > '9')) {
|
| - goto badtime;
|
| - }
|
| - }
|
| -
|
| - Y = ((utcTime[0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
|
| - ((utcTime[2] - '0') * 10) + (utcTime[3] - '0');
|
| - M = ((utcTime[4] - '0') * 10) + (utcTime[5] - '0');
|
| - D = ((utcTime[6] - '0') * 10) + (utcTime[7] - '0');
|
| - h = ((utcTime[8] - '0') * 10) + (utcTime[9] - '0');
|
| - m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
|
| - s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
|
| -
|
| - if ((Y < 1990) || (Y > 3000))
|
| - goto badtime; /* Y3K problem. heh heh heh */
|
| - if ((M < 1) || (M > 12))
|
| - goto badtime;
|
| - if ((D < 1) || (D > 31))
|
| - goto badtime;
|
| -
|
| - if (D > dims[M - 1])
|
| - goto badtime; /* per-month check */
|
| - if ((2 == M) && (((Y % 4) || !(Y % 100)) &&
|
| - (Y % 400)) &&
|
| - (D > 28))
|
| - goto badtime; /* leap years */
|
| -
|
| - if ((h < 0) || (h > 23))
|
| - goto badtime;
|
| - if ((m < 0) || (m > 60))
|
| - goto badtime;
|
| - if ((s < 0) || (s > 61))
|
| - goto badtime;
|
| -
|
| - /* 60m and 60 or 61s is only allowed for leap seconds. */
|
| - if ((60 == m) || (s >= 60)) {
|
| - if ((23 != h) || (60 != m) || (s < 60))
|
| - goto badtime;
|
| - /* leap seconds can only happen on June 30 or Dec 31.. I think */
|
| - /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
|
| - }
|
| - }
|
| -
|
| - return CKR_OK;
|
| -
|
| -badtime:
|
| - return CKR_GENERAL_ERROR;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_OpenSession
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKFWSession *
|
| -nssCKFWToken_OpenSession(
|
| - NSSCKFWToken *fwToken,
|
| - CK_BBOOL rw,
|
| - CK_VOID_PTR pApplication,
|
| - CK_NOTIFY Notify,
|
| - CK_RV *pError)
|
| -{
|
| - NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
|
| - NSSCKMDSession *mdSession;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (!pError) {
|
| - return (NSSCKFWSession *)NULL;
|
| - }
|
| -
|
| - *pError = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != *pError) {
|
| - return (NSSCKFWSession *)NULL;
|
| - }
|
| -
|
| - switch (rw) {
|
| - case CK_TRUE:
|
| - case CK_FALSE:
|
| - break;
|
| - default:
|
| - *pError = CKR_ARGUMENTS_BAD;
|
| - return (NSSCKFWSession *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - *pError = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != *pError) {
|
| - return (NSSCKFWSession *)NULL;
|
| - }
|
| -
|
| - if (CK_TRUE == rw) {
|
| - /* Read-write session desired */
|
| - if (CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken)) {
|
| - *pError = CKR_TOKEN_WRITE_PROTECTED;
|
| - goto done;
|
| - }
|
| - } else {
|
| - /* Read-only session desired */
|
| - if (CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken)) {
|
| - *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
|
| - goto done;
|
| - }
|
| - }
|
| -
|
| - /* We could compare sesion counts to any limits we know of, I guess.. */
|
| -
|
| - if (!fwToken->mdToken->OpenSession) {
|
| - /*
|
| - * I'm not sure that the Module actually needs to implement
|
| - * mdSessions -- the Framework can keep track of everything
|
| - * needed, really. But I'll sort out that detail later..
|
| - */
|
| - *pError = CKR_GENERAL_ERROR;
|
| - goto done;
|
| - }
|
| -
|
| - fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
|
| - if (!fwSession) {
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto done;
|
| - }
|
| -
|
| - mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, fwSession,
|
| - rw, pError);
|
| - if (!mdSession) {
|
| - (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
|
| - if (CKR_OK == *pError) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - }
|
| - goto done;
|
| - }
|
| -
|
| - *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
|
| - if (CKR_OK != *pError) {
|
| - if (mdSession->Close) {
|
| - mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| - }
|
| - (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
|
| - goto done;
|
| - }
|
| -
|
| - *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
|
| - if (CKR_OK != *pError) {
|
| - (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
|
| - fwSession = (NSSCKFWSession *)NULL;
|
| - goto done;
|
| - }
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return fwSession;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMechanismCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetMechanismCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return 0;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMechanismCount) {
|
| - return 0;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMechanismTypes
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_GetMechanismTypes(
|
| - NSSCKFWToken *fwToken,
|
| - CK_MECHANISM_TYPE types[])
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -
|
| - if (!types) {
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (!fwToken->mdToken->GetMechanismTypes) {
|
| - /*
|
| - * This should only be called with a sufficiently-large
|
| - * "types" array, which can only be done if GetMechanismCount
|
| - * is implemented. If that's implemented (and returns nonzero),
|
| - * then this should be too. So return an error.
|
| - */
|
| - return CKR_GENERAL_ERROR;
|
| - }
|
| -
|
| - return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, types);
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMechanism
|
| - *
|
| - */
|
| -NSS_IMPLEMENT NSSCKFWMechanism *
|
| -nssCKFWToken_GetMechanism(
|
| - NSSCKFWToken *fwToken,
|
| - CK_MECHANISM_TYPE which,
|
| - CK_RV *pError)
|
| -{
|
| - NSSCKMDMechanism *mdMechanism;
|
| - if (!fwToken->mdMechanismHash) {
|
| - *pError = CKR_GENERAL_ERROR;
|
| - return (NSSCKFWMechanism *)NULL;
|
| - }
|
| -
|
| - if (!fwToken->mdToken->GetMechanism) {
|
| - /*
|
| - * If we don't implement any GetMechanism function, then we must
|
| - * not support any.
|
| - */
|
| - *pError = CKR_MECHANISM_INVALID;
|
| - return (NSSCKFWMechanism *)NULL;
|
| - }
|
| -
|
| - /* lookup in hash table */
|
| - mdMechanism = fwToken->mdToken->GetMechanism(fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance, which, pError);
|
| - if (!mdMechanism) {
|
| - return (NSSCKFWMechanism *)NULL;
|
| - }
|
| - /* store in hash table */
|
| - return nssCKFWMechanism_Create(mdMechanism, fwToken->mdToken, fwToken,
|
| - fwToken->mdInstance, fwToken->fwInstance);
|
| -}
|
| -
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_SetSessionState(
|
| - NSSCKFWToken *fwToken,
|
| - CK_STATE newState)
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - switch (newState) {
|
| - case CKS_RO_PUBLIC_SESSION:
|
| - case CKS_RO_USER_FUNCTIONS:
|
| - case CKS_RW_PUBLIC_SESSION:
|
| - case CKS_RW_USER_FUNCTIONS:
|
| - case CKS_RW_SO_FUNCTIONS:
|
| - break;
|
| - default:
|
| - return CKR_ARGUMENTS_BAD;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - fwToken->state = newState;
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return CKR_OK;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_RemoveSession
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_RemoveSession(
|
| - NSSCKFWToken *fwToken,
|
| - NSSCKFWSession *fwSession)
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - error = nssCKFWSession_verifyPointer(fwSession);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - if (CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession)) {
|
| - error = CKR_SESSION_HANDLE_INVALID;
|
| - goto done;
|
| - }
|
| -
|
| - nssCKFWHash_Remove(fwToken->sessions, fwSession);
|
| - fwToken->sessionCount--;
|
| -
|
| - if (nssCKFWSession_IsRWSession(fwSession)) {
|
| - fwToken->rwSessionCount--;
|
| - }
|
| -
|
| - if (0 == fwToken->sessionCount) {
|
| - fwToken->rwSessionCount = 0; /* sanity */
|
| - fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
|
| - }
|
| -
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_CloseAllSessions
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_RV
|
| -nssCKFWToken_CloseAllSessions(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_RV error = CKR_OK;
|
| -
|
| -#ifdef NSSDEBUG
|
| - error = nssCKFWToken_verifyPointer(fwToken);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - error = nssCKFWMutex_Lock(fwToken->mutex);
|
| - if (CKR_OK != error) {
|
| - return error;
|
| - }
|
| -
|
| - nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
|
| -
|
| - nssCKFWHash_Destroy(fwToken->sessions);
|
| -
|
| - fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
|
| - if (!fwToken->sessions) {
|
| - if (CKR_OK == error) {
|
| - error = CKR_GENERAL_ERROR;
|
| - }
|
| - goto done;
|
| - }
|
| -
|
| - fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
|
| - fwToken->sessionCount = 0;
|
| - fwToken->rwSessionCount = 0;
|
| -
|
| - error = CKR_OK;
|
| -
|
| -done:
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return error;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetSessionCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetSessionCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_ULONG rv;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -
|
| - rv = fwToken->sessionCount;
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return rv;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetRwSessionCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetRwSessionCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_ULONG rv;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -
|
| - rv = fwToken->rwSessionCount;
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return rv;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetRoSessionCount
|
| - *
|
| - */
|
| -NSS_IMPLEMENT CK_ULONG
|
| -nssCKFWToken_GetRoSessionCount(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| - CK_ULONG rv;
|
| -
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
|
| - return (CK_ULONG)0;
|
| - }
|
| -
|
| - rv = fwToken->sessionCount - fwToken->rwSessionCount;
|
| - (void)nssCKFWMutex_Unlock(fwToken->mutex);
|
| - return rv;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetSessionObjectHash
|
| - *
|
| - */
|
| -NSS_IMPLEMENT nssCKFWHash *
|
| -nssCKFWToken_GetSessionObjectHash(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (nssCKFWHash *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->sessionObjectHash;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetMDObjectHash
|
| - *
|
| - */
|
| -NSS_IMPLEMENT nssCKFWHash *
|
| -nssCKFWToken_GetMDObjectHash(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (nssCKFWHash *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->mdObjectHash;
|
| -}
|
| -
|
| -/*
|
| - * nssCKFWToken_GetObjectHandleHash
|
| - *
|
| - */
|
| -NSS_IMPLEMENT nssCKFWHash *
|
| -nssCKFWToken_GetObjectHandleHash(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef NSSDEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (nssCKFWHash *)NULL;
|
| - }
|
| -#endif /* NSSDEBUG */
|
| -
|
| - return fwToken->mdObjectHash;
|
| -}
|
| -
|
| -/*
|
| - * NSSCKFWToken_GetMDToken
|
| - *
|
| - */
|
| -
|
| -NSS_IMPLEMENT NSSCKMDToken *
|
| -NSSCKFWToken_GetMDToken(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef DEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKMDToken *)NULL;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - return nssCKFWToken_GetMDToken(fwToken);
|
| -}
|
| -
|
| -/*
|
| - * NSSCKFWToken_GetArena
|
| - *
|
| - */
|
| -
|
| -NSS_IMPLEMENT NSSArena *
|
| -NSSCKFWToken_GetArena(
|
| - NSSCKFWToken *fwToken,
|
| - CK_RV *pError)
|
| -{
|
| -#ifdef DEBUG
|
| - if (!pError) {
|
| - return (NSSArena *)NULL;
|
| - }
|
| -
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - *pError = CKR_ARGUMENTS_BAD;
|
| - return (NSSArena *)NULL;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - return nssCKFWToken_GetArena(fwToken, pError);
|
| -}
|
| -
|
| -/*
|
| - * NSSCKFWToken_GetFWSlot
|
| - *
|
| - */
|
| -
|
| -NSS_IMPLEMENT NSSCKFWSlot *
|
| -NSSCKFWToken_GetFWSlot(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef DEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKFWSlot *)NULL;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - return nssCKFWToken_GetFWSlot(fwToken);
|
| -}
|
| -
|
| -/*
|
| - * NSSCKFWToken_GetMDSlot
|
| - *
|
| - */
|
| -
|
| -NSS_IMPLEMENT NSSCKMDSlot *
|
| -NSSCKFWToken_GetMDSlot(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef DEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return (NSSCKMDSlot *)NULL;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - return nssCKFWToken_GetMDSlot(fwToken);
|
| -}
|
| -
|
| -/*
|
| - * NSSCKFWToken_GetSessionState
|
| - *
|
| - */
|
| -
|
| -NSS_IMPLEMENT CK_STATE
|
| -NSSCKFWSession_GetSessionState(
|
| - NSSCKFWToken *fwToken)
|
| -{
|
| -#ifdef DEBUG
|
| - if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
|
| - return CKS_RO_PUBLIC_SESSION;
|
| - }
|
| -#endif /* DEBUG */
|
| -
|
| - return nssCKFWToken_GetSessionState(fwToken);
|
| -}
|
|
|
Chromium Code Reviews
Issue 2078763002:
Delete bundled copy of NSS and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss@master