security/nss/lib/ckfw/mechanism.c@6474c204b198 (annotated)
security/nss/lib/ckfw/mechanism.c
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 4 | |
| michael@0 | 5 | /* |
| michael@0 | 6 | * mechanism.c |
| michael@0 | 7 | * |
| michael@0 | 8 | * This file implements the NSSCKFWMechanism type and methods. |
| michael@0 | 9 | */ |
| michael@0 | 10 | |
| michael@0 | 11 | #ifndef CK_T |
| michael@0 | 12 | #include "ck.h" |
| michael@0 | 13 | #endif /* CK_T */ |
| michael@0 | 14 | |
| michael@0 | 15 | /* |
| michael@0 | 16 | * NSSCKFWMechanism |
| michael@0 | 17 | * |
| michael@0 | 18 | * -- create/destroy -- |
| michael@0 | 19 | * nssCKFWMechanism_Create |
| michael@0 | 20 | * nssCKFWMechanism_Destroy |
| michael@0 | 21 | * |
| michael@0 | 22 | * -- implement public accessors -- |
| michael@0 | 23 | * nssCKFWMechanism_GetMDMechanism |
| michael@0 | 24 | * nssCKFWMechanism_GetParameter |
| michael@0 | 25 | * |
| michael@0 | 26 | * -- private accessors -- |
| michael@0 | 27 | * |
| michael@0 | 28 | * -- module fronts -- |
| michael@0 | 29 | * nssCKFWMechanism_GetMinKeySize |
| michael@0 | 30 | * nssCKFWMechanism_GetMaxKeySize |
| michael@0 | 31 | * nssCKFWMechanism_GetInHardware |
| michael@0 | 32 | * nssCKFWMechanism_GetCanEncrypt |
| michael@0 | 33 | * nssCKFWMechanism_GetCanDecrypt |
| michael@0 | 34 | * nssCKFWMechanism_GetCanDigest |
| michael@0 | 35 | * nssCKFWMechanism_GetCanSign |
| michael@0 | 36 | * nssCKFWMechanism_GetCanSignRecover |
| michael@0 | 37 | * nssCKFWMechanism_GetCanVerify |
| michael@0 | 38 | * nssCKFWMechanism_GetCanGenerate |
| michael@0 | 39 | * nssCKFWMechanism_GetCanGenerateKeyPair |
| michael@0 | 40 | * nssCKFWMechanism_GetCanUnwrap |
| michael@0 | 41 | * nssCKFWMechanism_GetCanWrap |
| michael@0 | 42 | * nssCKFWMechanism_GetCanDerive |
| michael@0 | 43 | * nssCKFWMechanism_EncryptInit |
| michael@0 | 44 | * nssCKFWMechanism_DecryptInit |
| michael@0 | 45 | * nssCKFWMechanism_DigestInit |
| michael@0 | 46 | * nssCKFWMechanism_SignInit |
| michael@0 | 47 | * nssCKFWMechanism_VerifyInit |
| michael@0 | 48 | * nssCKFWMechanism_SignRecoverInit |
| michael@0 | 49 | * nssCKFWMechanism_VerifyRecoverInit |
| michael@0 | 50 | * nssCKFWMechanism_GenerateKey |
| michael@0 | 51 | * nssCKFWMechanism_GenerateKeyPair |
| michael@0 | 52 | * nssCKFWMechanism_GetWrapKeyLength |
| michael@0 | 53 | * nssCKFWMechanism_WrapKey |
| michael@0 | 54 | * nssCKFWMechanism_UnwrapKey |
| michael@0 | 55 | * nssCKFWMechanism_DeriveKey |
| michael@0 | 56 | */ |
| michael@0 | 57 | |
| michael@0 | 58 | |
| michael@0 | 59 | struct NSSCKFWMechanismStr { |
| michael@0 | 60 | NSSCKMDMechanism *mdMechanism; |
| michael@0 | 61 | NSSCKMDToken *mdToken; |
| michael@0 | 62 | NSSCKFWToken *fwToken; |
| michael@0 | 63 | NSSCKMDInstance *mdInstance; |
| michael@0 | 64 | NSSCKFWInstance *fwInstance; |
| michael@0 | 65 | }; |
| michael@0 | 66 | |
| michael@0 | 67 | /* |
| michael@0 | 68 | * nssCKFWMechanism_Create |
| michael@0 | 69 | * |
| michael@0 | 70 | */ |
| michael@0 | 71 | NSS_IMPLEMENT NSSCKFWMechanism * |
| michael@0 | 72 | nssCKFWMechanism_Create |
| michael@0 | 73 | ( |
| michael@0 | 74 | NSSCKMDMechanism *mdMechanism, |
| michael@0 | 75 | NSSCKMDToken *mdToken, |
| michael@0 | 76 | NSSCKFWToken *fwToken, |
| michael@0 | 77 | NSSCKMDInstance *mdInstance, |
| michael@0 | 78 | NSSCKFWInstance *fwInstance |
| michael@0 | 79 | ) |
| michael@0 | 80 | { |
| michael@0 | 81 | NSSCKFWMechanism *fwMechanism; |
| michael@0 | 82 | |
| michael@0 | 83 | |
| michael@0 | 84 | fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism); |
| michael@0 | 85 | if (!fwMechanism) { |
| michael@0 | 86 | return (NSSCKFWMechanism *)NULL; |
| michael@0 | 87 | } |
| michael@0 | 88 | fwMechanism->mdMechanism = mdMechanism; |
| michael@0 | 89 | fwMechanism->mdToken = mdToken; |
| michael@0 | 90 | fwMechanism->fwToken = fwToken; |
| michael@0 | 91 | fwMechanism->mdInstance = mdInstance; |
| michael@0 | 92 | fwMechanism->fwInstance = fwInstance; |
| michael@0 | 93 | return fwMechanism; |
| michael@0 | 94 | } |
| michael@0 | 95 | |
| michael@0 | 96 | /* |
| michael@0 | 97 | * nssCKFWMechanism_Destroy |
| michael@0 | 98 | * |
| michael@0 | 99 | */ |
| michael@0 | 100 | NSS_IMPLEMENT void |
| michael@0 | 101 | nssCKFWMechanism_Destroy |
| michael@0 | 102 | ( |
| michael@0 | 103 | NSSCKFWMechanism *fwMechanism |
| michael@0 | 104 | ) |
| michael@0 | 105 | { |
| michael@0 | 106 | /* destroy any fw resources held by nssCKFWMechanism (currently none) */ |
| michael@0 | 107 | |
| michael@0 | 108 | if (!fwMechanism->mdMechanism->Destroy) { |
| michael@0 | 109 | /* destroys it's parent as well */ |
| michael@0 | 110 | fwMechanism->mdMechanism->Destroy( |
| michael@0 | 111 | fwMechanism->mdMechanism, |
| michael@0 | 112 | fwMechanism, |
| michael@0 | 113 | fwMechanism->mdInstance, |
| michael@0 | 114 | fwMechanism->fwInstance); |
| michael@0 | 115 | } |
| michael@0 | 116 | /* if the Destroy function wasn't supplied, then the mechanism is 'static', |
| michael@0 | 117 | * and there is nothing to destroy */ |
| michael@0 | 118 | return; |
| michael@0 | 119 | } |
| michael@0 | 120 | |
| michael@0 | 121 | /* |
| michael@0 | 122 | * nssCKFWMechanism_GetMDMechanism |
| michael@0 | 123 | * |
| michael@0 | 124 | */ |
| michael@0 | 125 | NSS_IMPLEMENT NSSCKMDMechanism * |
| michael@0 | 126 | nssCKFWMechanism_GetMDMechanism |
| michael@0 | 127 | ( |
| michael@0 | 128 | NSSCKFWMechanism *fwMechanism |
| michael@0 | 129 | ) |
| michael@0 | 130 | { |
| michael@0 | 131 | return fwMechanism->mdMechanism; |
| michael@0 | 132 | } |
| michael@0 | 133 | |
| michael@0 | 134 | /* |
| michael@0 | 135 | * nssCKFWMechanism_GetMinKeySize |
| michael@0 | 136 | * |
| michael@0 | 137 | */ |
| michael@0 | 138 | NSS_IMPLEMENT CK_ULONG |
| michael@0 | 139 | nssCKFWMechanism_GetMinKeySize |
| michael@0 | 140 | ( |
| michael@0 | 141 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 142 | CK_RV *pError |
| michael@0 | 143 | ) |
| michael@0 | 144 | { |
| michael@0 | 145 | if (!fwMechanism->mdMechanism->GetMinKeySize) { |
| michael@0 | 146 | return 0; |
| michael@0 | 147 | } |
| michael@0 | 148 | |
| michael@0 | 149 | return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism, |
| michael@0 | 150 | fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 151 | fwMechanism->mdInstance, fwMechanism->fwInstance, pError); |
| michael@0 | 152 | } |
| michael@0 | 153 | |
| michael@0 | 154 | /* |
| michael@0 | 155 | * nssCKFWMechanism_GetMaxKeySize |
| michael@0 | 156 | * |
| michael@0 | 157 | */ |
| michael@0 | 158 | NSS_IMPLEMENT CK_ULONG |
| michael@0 | 159 | nssCKFWMechanism_GetMaxKeySize |
| michael@0 | 160 | ( |
| michael@0 | 161 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 162 | CK_RV *pError |
| michael@0 | 163 | ) |
| michael@0 | 164 | { |
| michael@0 | 165 | if (!fwMechanism->mdMechanism->GetMaxKeySize) { |
| michael@0 | 166 | return 0; |
| michael@0 | 167 | } |
| michael@0 | 168 | |
| michael@0 | 169 | return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism, |
| michael@0 | 170 | fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 171 | fwMechanism->mdInstance, fwMechanism->fwInstance, pError); |
| michael@0 | 172 | } |
| michael@0 | 173 | |
| michael@0 | 174 | /* |
| michael@0 | 175 | * nssCKFWMechanism_GetInHardware |
| michael@0 | 176 | * |
| michael@0 | 177 | */ |
| michael@0 | 178 | NSS_IMPLEMENT CK_BBOOL |
| michael@0 | 179 | nssCKFWMechanism_GetInHardware |
| michael@0 | 180 | ( |
| michael@0 | 181 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 182 | CK_RV *pError |
| michael@0 | 183 | ) |
| michael@0 | 184 | { |
| michael@0 | 185 | if (!fwMechanism->mdMechanism->GetInHardware) { |
| michael@0 | 186 | return CK_FALSE; |
| michael@0 | 187 | } |
| michael@0 | 188 | |
| michael@0 | 189 | return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism, |
| michael@0 | 190 | fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 191 | fwMechanism->mdInstance, fwMechanism->fwInstance, pError); |
| michael@0 | 192 | } |
| michael@0 | 193 | |
| michael@0 | 194 | |
| michael@0 | 195 | /* |
| michael@0 | 196 | * the following are determined automatically by which of the cryptographic |
| michael@0 | 197 | * functions are defined for this mechanism. |
| michael@0 | 198 | */ |
| michael@0 | 199 | /* |
| michael@0 | 200 | * nssCKFWMechanism_GetCanEncrypt |
| michael@0 | 201 | * |
| michael@0 | 202 | */ |
| michael@0 | 203 | NSS_EXTERN CK_BBOOL |
| michael@0 | 204 | nssCKFWMechanism_GetCanEncrypt |
| michael@0 | 205 | ( |
| michael@0 | 206 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 207 | CK_RV *pError |
| michael@0 | 208 | ) |
| michael@0 | 209 | { |
| michael@0 | 210 | if (!fwMechanism->mdMechanism->EncryptInit) { |
| michael@0 | 211 | return CK_FALSE; |
| michael@0 | 212 | } |
| michael@0 | 213 | return CK_TRUE; |
| michael@0 | 214 | } |
| michael@0 | 215 | |
| michael@0 | 216 | /* |
| michael@0 | 217 | * nssCKFWMechanism_GetCanDecrypt |
| michael@0 | 218 | * |
| michael@0 | 219 | */ |
| michael@0 | 220 | NSS_EXTERN CK_BBOOL |
| michael@0 | 221 | nssCKFWMechanism_GetCanDecrypt |
| michael@0 | 222 | ( |
| michael@0 | 223 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 224 | CK_RV *pError |
| michael@0 | 225 | ) |
| michael@0 | 226 | { |
| michael@0 | 227 | if (!fwMechanism->mdMechanism->DecryptInit) { |
| michael@0 | 228 | return CK_FALSE; |
| michael@0 | 229 | } |
| michael@0 | 230 | return CK_TRUE; |
| michael@0 | 231 | } |
| michael@0 | 232 | |
| michael@0 | 233 | /* |
| michael@0 | 234 | * nssCKFWMechanism_GetCanDigest |
| michael@0 | 235 | * |
| michael@0 | 236 | */ |
| michael@0 | 237 | NSS_EXTERN CK_BBOOL |
| michael@0 | 238 | nssCKFWMechanism_GetCanDigest |
| michael@0 | 239 | ( |
| michael@0 | 240 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 241 | CK_RV *pError |
| michael@0 | 242 | ) |
| michael@0 | 243 | { |
| michael@0 | 244 | if (!fwMechanism->mdMechanism->DigestInit) { |
| michael@0 | 245 | return CK_FALSE; |
| michael@0 | 246 | } |
| michael@0 | 247 | return CK_TRUE; |
| michael@0 | 248 | } |
| michael@0 | 249 | |
| michael@0 | 250 | /* |
| michael@0 | 251 | * nssCKFWMechanism_GetCanSign |
| michael@0 | 252 | * |
| michael@0 | 253 | */ |
| michael@0 | 254 | NSS_EXTERN CK_BBOOL |
| michael@0 | 255 | nssCKFWMechanism_GetCanSign |
| michael@0 | 256 | ( |
| michael@0 | 257 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 258 | CK_RV *pError |
| michael@0 | 259 | ) |
| michael@0 | 260 | { |
| michael@0 | 261 | if (!fwMechanism->mdMechanism->SignInit) { |
| michael@0 | 262 | return CK_FALSE; |
| michael@0 | 263 | } |
| michael@0 | 264 | return CK_TRUE; |
| michael@0 | 265 | } |
| michael@0 | 266 | |
| michael@0 | 267 | /* |
| michael@0 | 268 | * nssCKFWMechanism_GetCanSignRecover |
| michael@0 | 269 | * |
| michael@0 | 270 | */ |
| michael@0 | 271 | NSS_EXTERN CK_BBOOL |
| michael@0 | 272 | nssCKFWMechanism_GetCanSignRecover |
| michael@0 | 273 | ( |
| michael@0 | 274 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 275 | CK_RV *pError |
| michael@0 | 276 | ) |
| michael@0 | 277 | { |
| michael@0 | 278 | if (!fwMechanism->mdMechanism->SignRecoverInit) { |
| michael@0 | 279 | return CK_FALSE; |
| michael@0 | 280 | } |
| michael@0 | 281 | return CK_TRUE; |
| michael@0 | 282 | } |
| michael@0 | 283 | |
| michael@0 | 284 | /* |
| michael@0 | 285 | * nssCKFWMechanism_GetCanVerify |
| michael@0 | 286 | * |
| michael@0 | 287 | */ |
| michael@0 | 288 | NSS_EXTERN CK_BBOOL |
| michael@0 | 289 | nssCKFWMechanism_GetCanVerify |
| michael@0 | 290 | ( |
| michael@0 | 291 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 292 | CK_RV *pError |
| michael@0 | 293 | ) |
| michael@0 | 294 | { |
| michael@0 | 295 | if (!fwMechanism->mdMechanism->VerifyInit) { |
| michael@0 | 296 | return CK_FALSE; |
| michael@0 | 297 | } |
| michael@0 | 298 | return CK_TRUE; |
| michael@0 | 299 | } |
| michael@0 | 300 | |
| michael@0 | 301 | /* |
| michael@0 | 302 | * nssCKFWMechanism_GetCanVerifyRecover |
| michael@0 | 303 | * |
| michael@0 | 304 | */ |
| michael@0 | 305 | NSS_EXTERN CK_BBOOL |
| michael@0 | 306 | nssCKFWMechanism_GetCanVerifyRecover |
| michael@0 | 307 | ( |
| michael@0 | 308 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 309 | CK_RV *pError |
| michael@0 | 310 | ) |
| michael@0 | 311 | { |
| michael@0 | 312 | if (!fwMechanism->mdMechanism->VerifyRecoverInit) { |
| michael@0 | 313 | return CK_FALSE; |
| michael@0 | 314 | } |
| michael@0 | 315 | return CK_TRUE; |
| michael@0 | 316 | } |
| michael@0 | 317 | |
| michael@0 | 318 | /* |
| michael@0 | 319 | * nssCKFWMechanism_GetCanGenerate |
| michael@0 | 320 | * |
| michael@0 | 321 | */ |
| michael@0 | 322 | NSS_EXTERN CK_BBOOL |
| michael@0 | 323 | nssCKFWMechanism_GetCanGenerate |
| michael@0 | 324 | ( |
| michael@0 | 325 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 326 | CK_RV *pError |
| michael@0 | 327 | ) |
| michael@0 | 328 | { |
| michael@0 | 329 | if (!fwMechanism->mdMechanism->GenerateKey) { |
| michael@0 | 330 | return CK_FALSE; |
| michael@0 | 331 | } |
| michael@0 | 332 | return CK_TRUE; |
| michael@0 | 333 | } |
| michael@0 | 334 | |
| michael@0 | 335 | /* |
| michael@0 | 336 | * nssCKFWMechanism_GetCanGenerateKeyPair |
| michael@0 | 337 | * |
| michael@0 | 338 | */ |
| michael@0 | 339 | NSS_EXTERN CK_BBOOL |
| michael@0 | 340 | nssCKFWMechanism_GetCanGenerateKeyPair |
| michael@0 | 341 | ( |
| michael@0 | 342 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 343 | CK_RV *pError |
| michael@0 | 344 | ) |
| michael@0 | 345 | { |
| michael@0 | 346 | if (!fwMechanism->mdMechanism->GenerateKeyPair) { |
| michael@0 | 347 | return CK_FALSE; |
| michael@0 | 348 | } |
| michael@0 | 349 | return CK_TRUE; |
| michael@0 | 350 | } |
| michael@0 | 351 | |
| michael@0 | 352 | /* |
| michael@0 | 353 | * nssCKFWMechanism_GetCanUnwrap |
| michael@0 | 354 | * |
| michael@0 | 355 | */ |
| michael@0 | 356 | NSS_EXTERN CK_BBOOL |
| michael@0 | 357 | nssCKFWMechanism_GetCanUnwrap |
| michael@0 | 358 | ( |
| michael@0 | 359 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 360 | CK_RV *pError |
| michael@0 | 361 | ) |
| michael@0 | 362 | { |
| michael@0 | 363 | if (!fwMechanism->mdMechanism->UnwrapKey) { |
| michael@0 | 364 | return CK_FALSE; |
| michael@0 | 365 | } |
| michael@0 | 366 | return CK_TRUE; |
| michael@0 | 367 | } |
| michael@0 | 368 | |
| michael@0 | 369 | /* |
| michael@0 | 370 | * nssCKFWMechanism_GetCanWrap |
| michael@0 | 371 | * |
| michael@0 | 372 | */ |
| michael@0 | 373 | NSS_EXTERN CK_BBOOL |
| michael@0 | 374 | nssCKFWMechanism_GetCanWrap |
| michael@0 | 375 | ( |
| michael@0 | 376 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 377 | CK_RV *pError |
| michael@0 | 378 | ) |
| michael@0 | 379 | { |
| michael@0 | 380 | if (!fwMechanism->mdMechanism->WrapKey) { |
| michael@0 | 381 | return CK_FALSE; |
| michael@0 | 382 | } |
| michael@0 | 383 | return CK_TRUE; |
| michael@0 | 384 | } |
| michael@0 | 385 | |
| michael@0 | 386 | /* |
| michael@0 | 387 | * nssCKFWMechanism_GetCanDerive |
| michael@0 | 388 | * |
| michael@0 | 389 | */ |
| michael@0 | 390 | NSS_EXTERN CK_BBOOL |
| michael@0 | 391 | nssCKFWMechanism_GetCanDerive |
| michael@0 | 392 | ( |
| michael@0 | 393 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 394 | CK_RV *pError |
| michael@0 | 395 | ) |
| michael@0 | 396 | { |
| michael@0 | 397 | if (!fwMechanism->mdMechanism->DeriveKey) { |
| michael@0 | 398 | return CK_FALSE; |
| michael@0 | 399 | } |
| michael@0 | 400 | return CK_TRUE; |
| michael@0 | 401 | } |
| michael@0 | 402 | |
| michael@0 | 403 | /* |
| michael@0 | 404 | * These are the actual crypto operations |
| michael@0 | 405 | */ |
| michael@0 | 406 | |
| michael@0 | 407 | /* |
| michael@0 | 408 | * nssCKFWMechanism_EncryptInit |
| michael@0 | 409 | * Start an encryption session. |
| michael@0 | 410 | */ |
| michael@0 | 411 | NSS_EXTERN CK_RV |
| michael@0 | 412 | nssCKFWMechanism_EncryptInit |
| michael@0 | 413 | ( |
| michael@0 | 414 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 415 | CK_MECHANISM *pMechanism, |
| michael@0 | 416 | NSSCKFWSession *fwSession, |
| michael@0 | 417 | NSSCKFWObject *fwObject |
| michael@0 | 418 | ) |
| michael@0 | 419 | { |
| michael@0 | 420 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 421 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 422 | NSSCKMDSession *mdSession; |
| michael@0 | 423 | NSSCKMDObject *mdObject; |
| michael@0 | 424 | CK_RV error = CKR_OK; |
| michael@0 | 425 | |
| michael@0 | 426 | |
| michael@0 | 427 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 428 | NSSCKFWCryptoOperationState_EncryptDecrypt); |
| michael@0 | 429 | if (fwOperation) { |
| michael@0 | 430 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 431 | } |
| michael@0 | 432 | |
| michael@0 | 433 | if (!fwMechanism->mdMechanism->EncryptInit) { |
| michael@0 | 434 | return CKR_FUNCTION_FAILED; |
| michael@0 | 435 | } |
| michael@0 | 436 | |
| michael@0 | 437 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 438 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 439 | mdOperation = fwMechanism->mdMechanism->EncryptInit( |
| michael@0 | 440 | fwMechanism->mdMechanism, |
| michael@0 | 441 | fwMechanism, |
| michael@0 | 442 | pMechanism, |
| michael@0 | 443 | mdSession, |
| michael@0 | 444 | fwSession, |
| michael@0 | 445 | fwMechanism->mdToken, |
| michael@0 | 446 | fwMechanism->fwToken, |
| michael@0 | 447 | fwMechanism->mdInstance, |
| michael@0 | 448 | fwMechanism->fwInstance, |
| michael@0 | 449 | mdObject, |
| michael@0 | 450 | fwObject, |
| michael@0 | 451 | &error |
| michael@0 | 452 | ); |
| michael@0 | 453 | if (!mdOperation) { |
| michael@0 | 454 | goto loser; |
| michael@0 | 455 | } |
| michael@0 | 456 | |
| michael@0 | 457 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 458 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 459 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 460 | NSSCKFWCryptoOperationType_Encrypt, &error); |
| michael@0 | 461 | if (fwOperation) { |
| michael@0 | 462 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 463 | NSSCKFWCryptoOperationState_EncryptDecrypt); |
| michael@0 | 464 | } |
| michael@0 | 465 | |
| michael@0 | 466 | loser: |
| michael@0 | 467 | return error; |
| michael@0 | 468 | } |
| michael@0 | 469 | |
| michael@0 | 470 | /* |
| michael@0 | 471 | * nssCKFWMechanism_DecryptInit |
| michael@0 | 472 | * Start an encryption session. |
| michael@0 | 473 | */ |
| michael@0 | 474 | NSS_EXTERN CK_RV |
| michael@0 | 475 | nssCKFWMechanism_DecryptInit |
| michael@0 | 476 | ( |
| michael@0 | 477 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 478 | CK_MECHANISM *pMechanism, |
| michael@0 | 479 | NSSCKFWSession *fwSession, |
| michael@0 | 480 | NSSCKFWObject *fwObject |
| michael@0 | 481 | ) |
| michael@0 | 482 | { |
| michael@0 | 483 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 484 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 485 | NSSCKMDSession *mdSession; |
| michael@0 | 486 | NSSCKMDObject *mdObject; |
| michael@0 | 487 | CK_RV error = CKR_OK; |
| michael@0 | 488 | |
| michael@0 | 489 | |
| michael@0 | 490 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 491 | NSSCKFWCryptoOperationState_EncryptDecrypt); |
| michael@0 | 492 | if (fwOperation) { |
| michael@0 | 493 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 494 | } |
| michael@0 | 495 | |
| michael@0 | 496 | if (!fwMechanism->mdMechanism->DecryptInit) { |
| michael@0 | 497 | return CKR_FUNCTION_FAILED; |
| michael@0 | 498 | } |
| michael@0 | 499 | |
| michael@0 | 500 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 501 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 502 | mdOperation = fwMechanism->mdMechanism->DecryptInit( |
| michael@0 | 503 | fwMechanism->mdMechanism, |
| michael@0 | 504 | fwMechanism, |
| michael@0 | 505 | pMechanism, |
| michael@0 | 506 | mdSession, |
| michael@0 | 507 | fwSession, |
| michael@0 | 508 | fwMechanism->mdToken, |
| michael@0 | 509 | fwMechanism->fwToken, |
| michael@0 | 510 | fwMechanism->mdInstance, |
| michael@0 | 511 | fwMechanism->fwInstance, |
| michael@0 | 512 | mdObject, |
| michael@0 | 513 | fwObject, |
| michael@0 | 514 | &error |
| michael@0 | 515 | ); |
| michael@0 | 516 | if (!mdOperation) { |
| michael@0 | 517 | goto loser; |
| michael@0 | 518 | } |
| michael@0 | 519 | |
| michael@0 | 520 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 521 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 522 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 523 | NSSCKFWCryptoOperationType_Decrypt, &error); |
| michael@0 | 524 | if (fwOperation) { |
| michael@0 | 525 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 526 | NSSCKFWCryptoOperationState_EncryptDecrypt); |
| michael@0 | 527 | } |
| michael@0 | 528 | |
| michael@0 | 529 | loser: |
| michael@0 | 530 | return error; |
| michael@0 | 531 | } |
| michael@0 | 532 | |
| michael@0 | 533 | /* |
| michael@0 | 534 | * nssCKFWMechanism_DigestInit |
| michael@0 | 535 | * Start an encryption session. |
| michael@0 | 536 | */ |
| michael@0 | 537 | NSS_EXTERN CK_RV |
| michael@0 | 538 | nssCKFWMechanism_DigestInit |
| michael@0 | 539 | ( |
| michael@0 | 540 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 541 | CK_MECHANISM *pMechanism, |
| michael@0 | 542 | NSSCKFWSession *fwSession |
| michael@0 | 543 | ) |
| michael@0 | 544 | { |
| michael@0 | 545 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 546 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 547 | NSSCKMDSession *mdSession; |
| michael@0 | 548 | CK_RV error = CKR_OK; |
| michael@0 | 549 | |
| michael@0 | 550 | |
| michael@0 | 551 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 552 | NSSCKFWCryptoOperationState_Digest); |
| michael@0 | 553 | if (fwOperation) { |
| michael@0 | 554 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 555 | } |
| michael@0 | 556 | |
| michael@0 | 557 | if (!fwMechanism->mdMechanism->DigestInit) { |
| michael@0 | 558 | return CKR_FUNCTION_FAILED; |
| michael@0 | 559 | } |
| michael@0 | 560 | |
| michael@0 | 561 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 562 | mdOperation = fwMechanism->mdMechanism->DigestInit( |
| michael@0 | 563 | fwMechanism->mdMechanism, |
| michael@0 | 564 | fwMechanism, |
| michael@0 | 565 | pMechanism, |
| michael@0 | 566 | mdSession, |
| michael@0 | 567 | fwSession, |
| michael@0 | 568 | fwMechanism->mdToken, |
| michael@0 | 569 | fwMechanism->fwToken, |
| michael@0 | 570 | fwMechanism->mdInstance, |
| michael@0 | 571 | fwMechanism->fwInstance, |
| michael@0 | 572 | &error |
| michael@0 | 573 | ); |
| michael@0 | 574 | if (!mdOperation) { |
| michael@0 | 575 | goto loser; |
| michael@0 | 576 | } |
| michael@0 | 577 | |
| michael@0 | 578 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 579 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 580 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 581 | NSSCKFWCryptoOperationType_Digest, &error); |
| michael@0 | 582 | if (fwOperation) { |
| michael@0 | 583 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 584 | NSSCKFWCryptoOperationState_Digest); |
| michael@0 | 585 | } |
| michael@0 | 586 | |
| michael@0 | 587 | loser: |
| michael@0 | 588 | return error; |
| michael@0 | 589 | } |
| michael@0 | 590 | |
| michael@0 | 591 | /* |
| michael@0 | 592 | * nssCKFWMechanism_SignInit |
| michael@0 | 593 | * Start an encryption session. |
| michael@0 | 594 | */ |
| michael@0 | 595 | NSS_EXTERN CK_RV |
| michael@0 | 596 | nssCKFWMechanism_SignInit |
| michael@0 | 597 | ( |
| michael@0 | 598 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 599 | CK_MECHANISM *pMechanism, |
| michael@0 | 600 | NSSCKFWSession *fwSession, |
| michael@0 | 601 | NSSCKFWObject *fwObject |
| michael@0 | 602 | ) |
| michael@0 | 603 | { |
| michael@0 | 604 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 605 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 606 | NSSCKMDSession *mdSession; |
| michael@0 | 607 | NSSCKMDObject *mdObject; |
| michael@0 | 608 | CK_RV error = CKR_OK; |
| michael@0 | 609 | |
| michael@0 | 610 | |
| michael@0 | 611 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 612 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 613 | if (fwOperation) { |
| michael@0 | 614 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 615 | } |
| michael@0 | 616 | |
| michael@0 | 617 | if (!fwMechanism->mdMechanism->SignInit) { |
| michael@0 | 618 | return CKR_FUNCTION_FAILED; |
| michael@0 | 619 | } |
| michael@0 | 620 | |
| michael@0 | 621 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 622 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 623 | mdOperation = fwMechanism->mdMechanism->SignInit( |
| michael@0 | 624 | fwMechanism->mdMechanism, |
| michael@0 | 625 | fwMechanism, |
| michael@0 | 626 | pMechanism, |
| michael@0 | 627 | mdSession, |
| michael@0 | 628 | fwSession, |
| michael@0 | 629 | fwMechanism->mdToken, |
| michael@0 | 630 | fwMechanism->fwToken, |
| michael@0 | 631 | fwMechanism->mdInstance, |
| michael@0 | 632 | fwMechanism->fwInstance, |
| michael@0 | 633 | mdObject, |
| michael@0 | 634 | fwObject, |
| michael@0 | 635 | &error |
| michael@0 | 636 | ); |
| michael@0 | 637 | if (!mdOperation) { |
| michael@0 | 638 | goto loser; |
| michael@0 | 639 | } |
| michael@0 | 640 | |
| michael@0 | 641 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 642 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 643 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 644 | NSSCKFWCryptoOperationType_Sign, &error); |
| michael@0 | 645 | if (fwOperation) { |
| michael@0 | 646 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 647 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 648 | } |
| michael@0 | 649 | |
| michael@0 | 650 | loser: |
| michael@0 | 651 | return error; |
| michael@0 | 652 | } |
| michael@0 | 653 | |
| michael@0 | 654 | /* |
| michael@0 | 655 | * nssCKFWMechanism_VerifyInit |
| michael@0 | 656 | * Start an encryption session. |
| michael@0 | 657 | */ |
| michael@0 | 658 | NSS_EXTERN CK_RV |
| michael@0 | 659 | nssCKFWMechanism_VerifyInit |
| michael@0 | 660 | ( |
| michael@0 | 661 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 662 | CK_MECHANISM *pMechanism, |
| michael@0 | 663 | NSSCKFWSession *fwSession, |
| michael@0 | 664 | NSSCKFWObject *fwObject |
| michael@0 | 665 | ) |
| michael@0 | 666 | { |
| michael@0 | 667 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 668 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 669 | NSSCKMDSession *mdSession; |
| michael@0 | 670 | NSSCKMDObject *mdObject; |
| michael@0 | 671 | CK_RV error = CKR_OK; |
| michael@0 | 672 | |
| michael@0 | 673 | |
| michael@0 | 674 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 675 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 676 | if (fwOperation) { |
| michael@0 | 677 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 678 | } |
| michael@0 | 679 | |
| michael@0 | 680 | if (!fwMechanism->mdMechanism->VerifyInit) { |
| michael@0 | 681 | return CKR_FUNCTION_FAILED; |
| michael@0 | 682 | } |
| michael@0 | 683 | |
| michael@0 | 684 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 685 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 686 | mdOperation = fwMechanism->mdMechanism->VerifyInit( |
| michael@0 | 687 | fwMechanism->mdMechanism, |
| michael@0 | 688 | fwMechanism, |
| michael@0 | 689 | pMechanism, |
| michael@0 | 690 | mdSession, |
| michael@0 | 691 | fwSession, |
| michael@0 | 692 | fwMechanism->mdToken, |
| michael@0 | 693 | fwMechanism->fwToken, |
| michael@0 | 694 | fwMechanism->mdInstance, |
| michael@0 | 695 | fwMechanism->fwInstance, |
| michael@0 | 696 | mdObject, |
| michael@0 | 697 | fwObject, |
| michael@0 | 698 | &error |
| michael@0 | 699 | ); |
| michael@0 | 700 | if (!mdOperation) { |
| michael@0 | 701 | goto loser; |
| michael@0 | 702 | } |
| michael@0 | 703 | |
| michael@0 | 704 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 705 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 706 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 707 | NSSCKFWCryptoOperationType_Verify, &error); |
| michael@0 | 708 | if (fwOperation) { |
| michael@0 | 709 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 710 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 711 | } |
| michael@0 | 712 | |
| michael@0 | 713 | loser: |
| michael@0 | 714 | return error; |
| michael@0 | 715 | } |
| michael@0 | 716 | |
| michael@0 | 717 | /* |
| michael@0 | 718 | * nssCKFWMechanism_SignRecoverInit |
| michael@0 | 719 | * Start an encryption session. |
| michael@0 | 720 | */ |
| michael@0 | 721 | NSS_EXTERN CK_RV |
| michael@0 | 722 | nssCKFWMechanism_SignRecoverInit |
| michael@0 | 723 | ( |
| michael@0 | 724 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 725 | CK_MECHANISM *pMechanism, |
| michael@0 | 726 | NSSCKFWSession *fwSession, |
| michael@0 | 727 | NSSCKFWObject *fwObject |
| michael@0 | 728 | ) |
| michael@0 | 729 | { |
| michael@0 | 730 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 731 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 732 | NSSCKMDSession *mdSession; |
| michael@0 | 733 | NSSCKMDObject *mdObject; |
| michael@0 | 734 | CK_RV error = CKR_OK; |
| michael@0 | 735 | |
| michael@0 | 736 | |
| michael@0 | 737 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 738 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 739 | if (fwOperation) { |
| michael@0 | 740 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 741 | } |
| michael@0 | 742 | |
| michael@0 | 743 | if (!fwMechanism->mdMechanism->SignRecoverInit) { |
| michael@0 | 744 | return CKR_FUNCTION_FAILED; |
| michael@0 | 745 | } |
| michael@0 | 746 | |
| michael@0 | 747 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 748 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 749 | mdOperation = fwMechanism->mdMechanism->SignRecoverInit( |
| michael@0 | 750 | fwMechanism->mdMechanism, |
| michael@0 | 751 | fwMechanism, |
| michael@0 | 752 | pMechanism, |
| michael@0 | 753 | mdSession, |
| michael@0 | 754 | fwSession, |
| michael@0 | 755 | fwMechanism->mdToken, |
| michael@0 | 756 | fwMechanism->fwToken, |
| michael@0 | 757 | fwMechanism->mdInstance, |
| michael@0 | 758 | fwMechanism->fwInstance, |
| michael@0 | 759 | mdObject, |
| michael@0 | 760 | fwObject, |
| michael@0 | 761 | &error |
| michael@0 | 762 | ); |
| michael@0 | 763 | if (!mdOperation) { |
| michael@0 | 764 | goto loser; |
| michael@0 | 765 | } |
| michael@0 | 766 | |
| michael@0 | 767 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 768 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 769 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 770 | NSSCKFWCryptoOperationType_SignRecover, &error); |
| michael@0 | 771 | if (fwOperation) { |
| michael@0 | 772 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 773 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 774 | } |
| michael@0 | 775 | |
| michael@0 | 776 | loser: |
| michael@0 | 777 | return error; |
| michael@0 | 778 | } |
| michael@0 | 779 | |
| michael@0 | 780 | /* |
| michael@0 | 781 | * nssCKFWMechanism_VerifyRecoverInit |
| michael@0 | 782 | * Start an encryption session. |
| michael@0 | 783 | */ |
| michael@0 | 784 | NSS_EXTERN CK_RV |
| michael@0 | 785 | nssCKFWMechanism_VerifyRecoverInit |
| michael@0 | 786 | ( |
| michael@0 | 787 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 788 | CK_MECHANISM *pMechanism, |
| michael@0 | 789 | NSSCKFWSession *fwSession, |
| michael@0 | 790 | NSSCKFWObject *fwObject |
| michael@0 | 791 | ) |
| michael@0 | 792 | { |
| michael@0 | 793 | NSSCKFWCryptoOperation *fwOperation; |
| michael@0 | 794 | NSSCKMDCryptoOperation *mdOperation; |
| michael@0 | 795 | NSSCKMDSession *mdSession; |
| michael@0 | 796 | NSSCKMDObject *mdObject; |
| michael@0 | 797 | CK_RV error = CKR_OK; |
| michael@0 | 798 | |
| michael@0 | 799 | |
| michael@0 | 800 | fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, |
| michael@0 | 801 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 802 | if (fwOperation) { |
| michael@0 | 803 | return CKR_OPERATION_ACTIVE; |
| michael@0 | 804 | } |
| michael@0 | 805 | |
| michael@0 | 806 | if (!fwMechanism->mdMechanism->VerifyRecoverInit) { |
| michael@0 | 807 | return CKR_FUNCTION_FAILED; |
| michael@0 | 808 | } |
| michael@0 | 809 | |
| michael@0 | 810 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 811 | mdObject = nssCKFWObject_GetMDObject(fwObject); |
| michael@0 | 812 | mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit( |
| michael@0 | 813 | fwMechanism->mdMechanism, |
| michael@0 | 814 | fwMechanism, |
| michael@0 | 815 | pMechanism, |
| michael@0 | 816 | mdSession, |
| michael@0 | 817 | fwSession, |
| michael@0 | 818 | fwMechanism->mdToken, |
| michael@0 | 819 | fwMechanism->fwToken, |
| michael@0 | 820 | fwMechanism->mdInstance, |
| michael@0 | 821 | fwMechanism->fwInstance, |
| michael@0 | 822 | mdObject, |
| michael@0 | 823 | fwObject, |
| michael@0 | 824 | &error |
| michael@0 | 825 | ); |
| michael@0 | 826 | if (!mdOperation) { |
| michael@0 | 827 | goto loser; |
| michael@0 | 828 | } |
| michael@0 | 829 | |
| michael@0 | 830 | fwOperation = nssCKFWCryptoOperation_Create(mdOperation, |
| michael@0 | 831 | mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken, |
| michael@0 | 832 | fwMechanism->mdInstance, fwMechanism->fwInstance, |
| michael@0 | 833 | NSSCKFWCryptoOperationType_VerifyRecover, &error); |
| michael@0 | 834 | if (fwOperation) { |
| michael@0 | 835 | nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation, |
| michael@0 | 836 | NSSCKFWCryptoOperationState_SignVerify); |
| michael@0 | 837 | } |
| michael@0 | 838 | |
| michael@0 | 839 | loser: |
| michael@0 | 840 | return error; |
| michael@0 | 841 | } |
| michael@0 | 842 | |
| michael@0 | 843 | /* |
| michael@0 | 844 | * nssCKFWMechanism_GenerateKey |
| michael@0 | 845 | */ |
| michael@0 | 846 | NSS_EXTERN NSSCKFWObject * |
| michael@0 | 847 | nssCKFWMechanism_GenerateKey |
| michael@0 | 848 | ( |
| michael@0 | 849 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 850 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 851 | NSSCKFWSession *fwSession, |
| michael@0 | 852 | CK_ATTRIBUTE_PTR pTemplate, |
| michael@0 | 853 | CK_ULONG ulAttributeCount, |
| michael@0 | 854 | CK_RV *pError |
| michael@0 | 855 | ) |
| michael@0 | 856 | { |
| michael@0 | 857 | NSSCKMDSession *mdSession; |
| michael@0 | 858 | NSSCKMDObject *mdObject; |
| michael@0 | 859 | NSSCKFWObject *fwObject = NULL; |
| michael@0 | 860 | NSSArena *arena; |
| michael@0 | 861 | |
| michael@0 | 862 | if (!fwMechanism->mdMechanism->GenerateKey) { |
| michael@0 | 863 | *pError = CKR_FUNCTION_FAILED; |
| michael@0 | 864 | return (NSSCKFWObject *)NULL; |
| michael@0 | 865 | } |
| michael@0 | 866 | |
| michael@0 | 867 | arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); |
| michael@0 | 868 | if (!arena) { |
| michael@0 | 869 | if (CKR_OK == *pError) { |
| michael@0 | 870 | *pError = CKR_GENERAL_ERROR; |
| michael@0 | 871 | } |
| michael@0 | 872 | return (NSSCKFWObject *)NULL; |
| michael@0 | 873 | } |
| michael@0 | 874 | |
| michael@0 | 875 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 876 | mdObject = fwMechanism->mdMechanism->GenerateKey( |
| michael@0 | 877 | fwMechanism->mdMechanism, |
| michael@0 | 878 | fwMechanism, |
| michael@0 | 879 | pMechanism, |
| michael@0 | 880 | mdSession, |
| michael@0 | 881 | fwSession, |
| michael@0 | 882 | fwMechanism->mdToken, |
| michael@0 | 883 | fwMechanism->fwToken, |
| michael@0 | 884 | fwMechanism->mdInstance, |
| michael@0 | 885 | fwMechanism->fwInstance, |
| michael@0 | 886 | pTemplate, |
| michael@0 | 887 | ulAttributeCount, |
| michael@0 | 888 | pError); |
| michael@0 | 889 | |
| michael@0 | 890 | if (!mdObject) { |
| michael@0 | 891 | return (NSSCKFWObject *)NULL; |
| michael@0 | 892 | } |
| michael@0 | 893 | |
| michael@0 | 894 | fwObject = nssCKFWObject_Create(arena, mdObject, |
| michael@0 | 895 | fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); |
| michael@0 | 896 | |
| michael@0 | 897 | return fwObject; |
| michael@0 | 898 | } |
| michael@0 | 899 | |
| michael@0 | 900 | /* |
| michael@0 | 901 | * nssCKFWMechanism_GenerateKeyPair |
| michael@0 | 902 | */ |
| michael@0 | 903 | NSS_EXTERN CK_RV |
| michael@0 | 904 | nssCKFWMechanism_GenerateKeyPair |
| michael@0 | 905 | ( |
| michael@0 | 906 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 907 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 908 | NSSCKFWSession *fwSession, |
| michael@0 | 909 | CK_ATTRIBUTE_PTR pPublicKeyTemplate, |
| michael@0 | 910 | CK_ULONG ulPublicKeyAttributeCount, |
| michael@0 | 911 | CK_ATTRIBUTE_PTR pPrivateKeyTemplate, |
| michael@0 | 912 | CK_ULONG ulPrivateKeyAttributeCount, |
| michael@0 | 913 | NSSCKFWObject **fwPublicKeyObject, |
| michael@0 | 914 | NSSCKFWObject **fwPrivateKeyObject |
| michael@0 | 915 | ) |
| michael@0 | 916 | { |
| michael@0 | 917 | NSSCKMDSession *mdSession; |
| michael@0 | 918 | NSSCKMDObject *mdPublicKeyObject; |
| michael@0 | 919 | NSSCKMDObject *mdPrivateKeyObject; |
| michael@0 | 920 | NSSArena *arena; |
| michael@0 | 921 | CK_RV error = CKR_OK; |
| michael@0 | 922 | |
| michael@0 | 923 | if (!fwMechanism->mdMechanism->GenerateKeyPair) { |
| michael@0 | 924 | return CKR_FUNCTION_FAILED; |
| michael@0 | 925 | } |
| michael@0 | 926 | |
| michael@0 | 927 | arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error); |
| michael@0 | 928 | if (!arena) { |
| michael@0 | 929 | if (CKR_OK == error) { |
| michael@0 | 930 | error = CKR_GENERAL_ERROR; |
| michael@0 | 931 | } |
| michael@0 | 932 | return error; |
| michael@0 | 933 | } |
| michael@0 | 934 | |
| michael@0 | 935 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 936 | error = fwMechanism->mdMechanism->GenerateKeyPair( |
| michael@0 | 937 | fwMechanism->mdMechanism, |
| michael@0 | 938 | fwMechanism, |
| michael@0 | 939 | pMechanism, |
| michael@0 | 940 | mdSession, |
| michael@0 | 941 | fwSession, |
| michael@0 | 942 | fwMechanism->mdToken, |
| michael@0 | 943 | fwMechanism->fwToken, |
| michael@0 | 944 | fwMechanism->mdInstance, |
| michael@0 | 945 | fwMechanism->fwInstance, |
| michael@0 | 946 | pPublicKeyTemplate, |
| michael@0 | 947 | ulPublicKeyAttributeCount, |
| michael@0 | 948 | pPrivateKeyTemplate, |
| michael@0 | 949 | ulPrivateKeyAttributeCount, |
| michael@0 | 950 | &mdPublicKeyObject, |
| michael@0 | 951 | &mdPrivateKeyObject); |
| michael@0 | 952 | |
| michael@0 | 953 | if (CKR_OK != error) { |
| michael@0 | 954 | return error; |
| michael@0 | 955 | } |
| michael@0 | 956 | |
| michael@0 | 957 | *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject, |
| michael@0 | 958 | fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); |
| michael@0 | 959 | if (!*fwPublicKeyObject) { |
| michael@0 | 960 | return error; |
| michael@0 | 961 | } |
| michael@0 | 962 | *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject, |
| michael@0 | 963 | fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error); |
| michael@0 | 964 | |
| michael@0 | 965 | return error; |
| michael@0 | 966 | } |
| michael@0 | 967 | |
| michael@0 | 968 | /* |
| michael@0 | 969 | * nssCKFWMechanism_GetWrapKeyLength |
| michael@0 | 970 | */ |
| michael@0 | 971 | NSS_EXTERN CK_ULONG |
| michael@0 | 972 | nssCKFWMechanism_GetWrapKeyLength |
| michael@0 | 973 | ( |
| michael@0 | 974 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 975 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 976 | NSSCKFWSession *fwSession, |
| michael@0 | 977 | NSSCKFWObject *fwWrappingKeyObject, |
| michael@0 | 978 | NSSCKFWObject *fwKeyObject, |
| michael@0 | 979 | CK_RV *pError |
| michael@0 | 980 | ) |
| michael@0 | 981 | { |
| michael@0 | 982 | NSSCKMDSession *mdSession; |
| michael@0 | 983 | NSSCKMDObject *mdWrappingKeyObject; |
| michael@0 | 984 | NSSCKMDObject *mdKeyObject; |
| michael@0 | 985 | |
| michael@0 | 986 | if (!fwMechanism->mdMechanism->WrapKey) { |
| michael@0 | 987 | *pError = CKR_FUNCTION_FAILED; |
| michael@0 | 988 | return (CK_ULONG) 0; |
| michael@0 | 989 | } |
| michael@0 | 990 | |
| michael@0 | 991 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 992 | mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); |
| michael@0 | 993 | mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); |
| michael@0 | 994 | return fwMechanism->mdMechanism->GetWrapKeyLength( |
| michael@0 | 995 | fwMechanism->mdMechanism, |
| michael@0 | 996 | fwMechanism, |
| michael@0 | 997 | pMechanism, |
| michael@0 | 998 | mdSession, |
| michael@0 | 999 | fwSession, |
| michael@0 | 1000 | fwMechanism->mdToken, |
| michael@0 | 1001 | fwMechanism->fwToken, |
| michael@0 | 1002 | fwMechanism->mdInstance, |
| michael@0 | 1003 | fwMechanism->fwInstance, |
| michael@0 | 1004 | mdWrappingKeyObject, |
| michael@0 | 1005 | fwWrappingKeyObject, |
| michael@0 | 1006 | mdKeyObject, |
| michael@0 | 1007 | fwKeyObject, |
| michael@0 | 1008 | pError); |
| michael@0 | 1009 | } |
| michael@0 | 1010 | |
| michael@0 | 1011 | /* |
| michael@0 | 1012 | * nssCKFWMechanism_WrapKey |
| michael@0 | 1013 | */ |
| michael@0 | 1014 | NSS_EXTERN CK_RV |
| michael@0 | 1015 | nssCKFWMechanism_WrapKey |
| michael@0 | 1016 | ( |
| michael@0 | 1017 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 1018 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 1019 | NSSCKFWSession *fwSession, |
| michael@0 | 1020 | NSSCKFWObject *fwWrappingKeyObject, |
| michael@0 | 1021 | NSSCKFWObject *fwKeyObject, |
| michael@0 | 1022 | NSSItem *wrappedKey |
| michael@0 | 1023 | ) |
| michael@0 | 1024 | { |
| michael@0 | 1025 | NSSCKMDSession *mdSession; |
| michael@0 | 1026 | NSSCKMDObject *mdWrappingKeyObject; |
| michael@0 | 1027 | NSSCKMDObject *mdKeyObject; |
| michael@0 | 1028 | |
| michael@0 | 1029 | if (!fwMechanism->mdMechanism->WrapKey) { |
| michael@0 | 1030 | return CKR_FUNCTION_FAILED; |
| michael@0 | 1031 | } |
| michael@0 | 1032 | |
| michael@0 | 1033 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 1034 | mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); |
| michael@0 | 1035 | mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject); |
| michael@0 | 1036 | return fwMechanism->mdMechanism->WrapKey( |
| michael@0 | 1037 | fwMechanism->mdMechanism, |
| michael@0 | 1038 | fwMechanism, |
| michael@0 | 1039 | pMechanism, |
| michael@0 | 1040 | mdSession, |
| michael@0 | 1041 | fwSession, |
| michael@0 | 1042 | fwMechanism->mdToken, |
| michael@0 | 1043 | fwMechanism->fwToken, |
| michael@0 | 1044 | fwMechanism->mdInstance, |
| michael@0 | 1045 | fwMechanism->fwInstance, |
| michael@0 | 1046 | mdWrappingKeyObject, |
| michael@0 | 1047 | fwWrappingKeyObject, |
| michael@0 | 1048 | mdKeyObject, |
| michael@0 | 1049 | fwKeyObject, |
| michael@0 | 1050 | wrappedKey); |
| michael@0 | 1051 | } |
| michael@0 | 1052 | |
| michael@0 | 1053 | /* |
| michael@0 | 1054 | * nssCKFWMechanism_UnwrapKey |
| michael@0 | 1055 | */ |
| michael@0 | 1056 | NSS_EXTERN NSSCKFWObject * |
| michael@0 | 1057 | nssCKFWMechanism_UnwrapKey |
| michael@0 | 1058 | ( |
| michael@0 | 1059 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 1060 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 1061 | NSSCKFWSession *fwSession, |
| michael@0 | 1062 | NSSCKFWObject *fwWrappingKeyObject, |
| michael@0 | 1063 | NSSItem *wrappedKey, |
| michael@0 | 1064 | CK_ATTRIBUTE_PTR pTemplate, |
| michael@0 | 1065 | CK_ULONG ulAttributeCount, |
| michael@0 | 1066 | CK_RV *pError |
| michael@0 | 1067 | ) |
| michael@0 | 1068 | { |
| michael@0 | 1069 | NSSCKMDSession *mdSession; |
| michael@0 | 1070 | NSSCKMDObject *mdObject; |
| michael@0 | 1071 | NSSCKMDObject *mdWrappingKeyObject; |
| michael@0 | 1072 | NSSCKFWObject *fwObject = NULL; |
| michael@0 | 1073 | NSSArena *arena; |
| michael@0 | 1074 | |
| michael@0 | 1075 | if (!fwMechanism->mdMechanism->UnwrapKey) { |
| michael@0 | 1076 | /* we could simulate UnwrapKey using Decrypt and Create object, but |
| michael@0 | 1077 | * 1) it's not clear that would work well, and 2) the low level token |
| michael@0 | 1078 | * may want to restrict unwrap key for a reason, so just fail it it |
| michael@0 | 1079 | * can't be done */ |
| michael@0 | 1080 | *pError = CKR_FUNCTION_FAILED; |
| michael@0 | 1081 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1082 | } |
| michael@0 | 1083 | |
| michael@0 | 1084 | arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); |
| michael@0 | 1085 | if (!arena) { |
| michael@0 | 1086 | if (CKR_OK == *pError) { |
| michael@0 | 1087 | *pError = CKR_GENERAL_ERROR; |
| michael@0 | 1088 | } |
| michael@0 | 1089 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1090 | } |
| michael@0 | 1091 | |
| michael@0 | 1092 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 1093 | mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject); |
| michael@0 | 1094 | mdObject = fwMechanism->mdMechanism->UnwrapKey( |
| michael@0 | 1095 | fwMechanism->mdMechanism, |
| michael@0 | 1096 | fwMechanism, |
| michael@0 | 1097 | pMechanism, |
| michael@0 | 1098 | mdSession, |
| michael@0 | 1099 | fwSession, |
| michael@0 | 1100 | fwMechanism->mdToken, |
| michael@0 | 1101 | fwMechanism->fwToken, |
| michael@0 | 1102 | fwMechanism->mdInstance, |
| michael@0 | 1103 | fwMechanism->fwInstance, |
| michael@0 | 1104 | mdWrappingKeyObject, |
| michael@0 | 1105 | fwWrappingKeyObject, |
| michael@0 | 1106 | wrappedKey, |
| michael@0 | 1107 | pTemplate, |
| michael@0 | 1108 | ulAttributeCount, |
| michael@0 | 1109 | pError); |
| michael@0 | 1110 | |
| michael@0 | 1111 | if (!mdObject) { |
| michael@0 | 1112 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1113 | } |
| michael@0 | 1114 | |
| michael@0 | 1115 | fwObject = nssCKFWObject_Create(arena, mdObject, |
| michael@0 | 1116 | fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); |
| michael@0 | 1117 | |
| michael@0 | 1118 | return fwObject; |
| michael@0 | 1119 | } |
| michael@0 | 1120 | |
| michael@0 | 1121 | /* |
| michael@0 | 1122 | * nssCKFWMechanism_DeriveKey |
| michael@0 | 1123 | */ |
| michael@0 | 1124 | NSS_EXTERN NSSCKFWObject * |
| michael@0 | 1125 | nssCKFWMechanism_DeriveKey |
| michael@0 | 1126 | ( |
| michael@0 | 1127 | NSSCKFWMechanism *fwMechanism, |
| michael@0 | 1128 | CK_MECHANISM_PTR pMechanism, |
| michael@0 | 1129 | NSSCKFWSession *fwSession, |
| michael@0 | 1130 | NSSCKFWObject *fwBaseKeyObject, |
| michael@0 | 1131 | CK_ATTRIBUTE_PTR pTemplate, |
| michael@0 | 1132 | CK_ULONG ulAttributeCount, |
| michael@0 | 1133 | CK_RV *pError |
| michael@0 | 1134 | ) |
| michael@0 | 1135 | { |
| michael@0 | 1136 | NSSCKMDSession *mdSession; |
| michael@0 | 1137 | NSSCKMDObject *mdObject; |
| michael@0 | 1138 | NSSCKMDObject *mdBaseKeyObject; |
| michael@0 | 1139 | NSSCKFWObject *fwObject = NULL; |
| michael@0 | 1140 | NSSArena *arena; |
| michael@0 | 1141 | |
| michael@0 | 1142 | if (!fwMechanism->mdMechanism->DeriveKey) { |
| michael@0 | 1143 | *pError = CKR_FUNCTION_FAILED; |
| michael@0 | 1144 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1145 | } |
| michael@0 | 1146 | |
| michael@0 | 1147 | arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError); |
| michael@0 | 1148 | if (!arena) { |
| michael@0 | 1149 | if (CKR_OK == *pError) { |
| michael@0 | 1150 | *pError = CKR_GENERAL_ERROR; |
| michael@0 | 1151 | } |
| michael@0 | 1152 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1153 | } |
| michael@0 | 1154 | |
| michael@0 | 1155 | mdSession = nssCKFWSession_GetMDSession(fwSession); |
| michael@0 | 1156 | mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject); |
| michael@0 | 1157 | mdObject = fwMechanism->mdMechanism->DeriveKey( |
| michael@0 | 1158 | fwMechanism->mdMechanism, |
| michael@0 | 1159 | fwMechanism, |
| michael@0 | 1160 | pMechanism, |
| michael@0 | 1161 | mdSession, |
| michael@0 | 1162 | fwSession, |
| michael@0 | 1163 | fwMechanism->mdToken, |
| michael@0 | 1164 | fwMechanism->fwToken, |
| michael@0 | 1165 | fwMechanism->mdInstance, |
| michael@0 | 1166 | fwMechanism->fwInstance, |
| michael@0 | 1167 | mdBaseKeyObject, |
| michael@0 | 1168 | fwBaseKeyObject, |
| michael@0 | 1169 | pTemplate, |
| michael@0 | 1170 | ulAttributeCount, |
| michael@0 | 1171 | pError); |
| michael@0 | 1172 | |
| michael@0 | 1173 | if (!mdObject) { |
| michael@0 | 1174 | return (NSSCKFWObject *)NULL; |
| michael@0 | 1175 | } |
| michael@0 | 1176 | |
| michael@0 | 1177 | fwObject = nssCKFWObject_Create(arena, mdObject, |
| michael@0 | 1178 | fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError); |
| michael@0 | 1179 | |
| michael@0 | 1180 | return fwObject; |
| michael@0 | 1181 | } |
| michael@0 | 1182 |
