• file
• revisions
• annotate
• diff
• comparison
• raw

security/nss/lib/ckfw/token.c@6474c204b198 (annotated)

security/nss/lib/ckfw/token.c

Wed, 31 Dec 2014 06:09:35 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 06:09:35 +0100

changeset 0

6474c204b198

permissions

-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0	1	/* This Source Code Form is subject to the terms of the Mozilla Public
michael@0	2	* License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0	3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0	4
michael@0	5	/*
michael@0	6	* token.c
michael@0	7	*
michael@0	8	* This file implements the NSSCKFWToken type and methods.
michael@0	9	*/
michael@0	10
michael@0	11	#ifndef CK_T
michael@0	12	#include "ck.h"
michael@0	13	#endif /* CK_T */
michael@0	14
michael@0	15	/*
michael@0	16	* NSSCKFWToken
michael@0	17	*
michael@0	18	* -- create/destroy --
michael@0	19	* nssCKFWToken_Create
michael@0	20	* nssCKFWToken_Destroy
michael@0	21	*
michael@0	22	* -- public accessors --
michael@0	23	* NSSCKFWToken_GetMDToken
michael@0	24	* NSSCKFWToken_GetFWSlot
michael@0	25	* NSSCKFWToken_GetMDSlot
michael@0	26	* NSSCKFWToken_GetSessionState
michael@0	27	*
michael@0	28	* -- implement public accessors --
michael@0	29	* nssCKFWToken_GetMDToken
michael@0	30	* nssCKFWToken_GetFWSlot
michael@0	31	* nssCKFWToken_GetMDSlot
michael@0	32	* nssCKFWToken_GetSessionState
michael@0	33	* nssCKFWToken_SetSessionState
michael@0	34	*
michael@0	35	* -- private accessors --
michael@0	36	* nssCKFWToken_SetSessionState
michael@0	37	* nssCKFWToken_RemoveSession
michael@0	38	* nssCKFWToken_CloseAllSessions
michael@0	39	* nssCKFWToken_GetSessionCount
michael@0	40	* nssCKFWToken_GetRwSessionCount
michael@0	41	* nssCKFWToken_GetRoSessionCount
michael@0	42	* nssCKFWToken_GetSessionObjectHash
michael@0	43	* nssCKFWToken_GetMDObjectHash
michael@0	44	* nssCKFWToken_GetObjectHandleHash
michael@0	45	*
michael@0	46	* -- module fronts --
michael@0	47	* nssCKFWToken_InitToken
michael@0	48	* nssCKFWToken_GetLabel
michael@0	49	* nssCKFWToken_GetManufacturerID
michael@0	50	* nssCKFWToken_GetModel
michael@0	51	* nssCKFWToken_GetSerialNumber
michael@0	52	* nssCKFWToken_GetHasRNG
michael@0	53	* nssCKFWToken_GetIsWriteProtected
michael@0	54	* nssCKFWToken_GetLoginRequired
michael@0	55	* nssCKFWToken_GetUserPinInitialized
michael@0	56	* nssCKFWToken_GetRestoreKeyNotNeeded
michael@0	57	* nssCKFWToken_GetHasClockOnToken
michael@0	58	* nssCKFWToken_GetHasProtectedAuthenticationPath
michael@0	59	* nssCKFWToken_GetSupportsDualCryptoOperations
michael@0	60	* nssCKFWToken_GetMaxSessionCount
michael@0	61	* nssCKFWToken_GetMaxRwSessionCount
michael@0	62	* nssCKFWToken_GetMaxPinLen
michael@0	63	* nssCKFWToken_GetMinPinLen
michael@0	64	* nssCKFWToken_GetTotalPublicMemory
michael@0	65	* nssCKFWToken_GetFreePublicMemory
michael@0	66	* nssCKFWToken_GetTotalPrivateMemory
michael@0	67	* nssCKFWToken_GetFreePrivateMemory
michael@0	68	* nssCKFWToken_GetHardwareVersion
michael@0	69	* nssCKFWToken_GetFirmwareVersion
michael@0	70	* nssCKFWToken_GetUTCTime
michael@0	71	* nssCKFWToken_OpenSession
michael@0	72	* nssCKFWToken_GetMechanismCount
michael@0	73	* nssCKFWToken_GetMechanismTypes
michael@0	74	* nssCKFWToken_GetMechanism
michael@0	75	*/
michael@0	76
michael@0	77	struct NSSCKFWTokenStr {
michael@0	78	NSSCKFWMutex *mutex;
michael@0	79	NSSArena *arena;
michael@0	80	NSSCKMDToken *mdToken;
michael@0	81	NSSCKFWSlot *fwSlot;
michael@0	82	NSSCKMDSlot *mdSlot;
michael@0	83	NSSCKFWInstance *fwInstance;
michael@0	84	NSSCKMDInstance *mdInstance;
michael@0	85
michael@0	86	/*
michael@0	87	* Everything above is set at creation time, and then not modified.
michael@0	88	* The invariants the mutex protects are:
michael@0	89	*
michael@0	90	* 1) Each of the cached descriptions (versions, etc.) are in an
michael@0	91	* internally consistant state.
michael@0	92	*
michael@0	93	* 2) The session counts and hashes are consistant.
michael@0	94	*
michael@0	95	* 3) The object hashes are consistant.
michael@0	96	*
michael@0	97	* Note that the calls accessing the cached descriptions will call
michael@0	98	* the NSSCKMDToken methods with the mutex locked. Those methods
michael@0	99	* may then call the public NSSCKFWToken routines. Those public
michael@0	100	* routines only access the constant data above and the atomic
michael@0	101	* CK_STATE session state variable below, so there's no problem.
michael@0	102	* But be careful if you add to this object; mutexes are in
michael@0	103	* general not reentrant, so don't create deadlock situations.
michael@0	104	*/
michael@0	105
michael@0	106	NSSUTF8 *label;
michael@0	107	NSSUTF8 *manufacturerID;
michael@0	108	NSSUTF8 *model;
michael@0	109	NSSUTF8 *serialNumber;
michael@0	110	CK_VERSION hardwareVersion;
michael@0	111	CK_VERSION firmwareVersion;
michael@0	112
michael@0	113	CK_ULONG sessionCount;
michael@0	114	CK_ULONG rwSessionCount;
michael@0	115	nssCKFWHash *sessions;
michael@0	116	nssCKFWHash *sessionObjectHash;
michael@0	117	nssCKFWHash *mdObjectHash;
michael@0	118	nssCKFWHash *mdMechanismHash;
michael@0	119
michael@0	120	CK_STATE state;
michael@0	121	};
michael@0	122
michael@0	123	#ifdef DEBUG
michael@0	124	/*
michael@0	125	* But first, the pointer-tracking stuff.
michael@0	126	*
michael@0	127	* NOTE: the pointer-tracking support in NSS/base currently relies
michael@0	128	* upon NSPR's CallOnce support. That, however, relies upon NSPR's
michael@0	129	* locking, which is tied into the runtime. We need a pointer-tracker
michael@0	130	* implementation that uses the locks supplied through C_Initialize.
michael@0	131	* That support, however, can be filled in later. So for now, I'll
michael@0	132	* just do this routines as no-ops.
michael@0	133	*/
michael@0	134
michael@0	135	static CK_RV
michael@0	136	token_add_pointer
michael@0	137	(
michael@0	138	const NSSCKFWToken *fwToken
michael@0	139	)
michael@0	140	{
michael@0	141	return CKR_OK;
michael@0	142	}
michael@0	143
michael@0	144	static CK_RV
michael@0	145	token_remove_pointer
michael@0	146	(
michael@0	147	const NSSCKFWToken *fwToken
michael@0	148	)
michael@0	149	{
michael@0	150	return CKR_OK;
michael@0	151	}
michael@0	152
michael@0	153	NSS_IMPLEMENT CK_RV
michael@0	154	nssCKFWToken_verifyPointer
michael@0	155	(
michael@0	156	const NSSCKFWToken *fwToken
michael@0	157	)
michael@0	158	{
michael@0	159	return CKR_OK;
michael@0	160	}
michael@0	161
michael@0	162	#endif /* DEBUG */
michael@0	163
michael@0	164	/*
michael@0	165	* nssCKFWToken_Create
michael@0	166	*
michael@0	167	*/
michael@0	168	NSS_IMPLEMENT NSSCKFWToken *
michael@0	169	nssCKFWToken_Create
michael@0	170	(
michael@0	171	NSSCKFWSlot *fwSlot,
michael@0	172	NSSCKMDToken *mdToken,
michael@0	173	CK_RV *pError
michael@0	174	)
michael@0	175	{
michael@0	176	NSSArena *arena = (NSSArena *)NULL;
michael@0	177	NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
michael@0	178	CK_BBOOL called_setup = CK_FALSE;
michael@0	179
michael@0	180	/*
michael@0	181	* We have already verified the arguments in nssCKFWSlot_GetToken.
michael@0	182	*/
michael@0	183
michael@0	184	arena = NSSArena_Create();
michael@0	185	if (!arena) {
michael@0	186	*pError = CKR_HOST_MEMORY;
michael@0	187	goto loser;
michael@0	188	}
michael@0	189
michael@0	190	fwToken = nss_ZNEW(arena, NSSCKFWToken);
michael@0	191	if (!fwToken) {
michael@0	192	*pError = CKR_HOST_MEMORY;
michael@0	193	goto loser;
michael@0	194	}
michael@0	195
michael@0	196	fwToken->arena = arena;
michael@0	197	fwToken->mdToken = mdToken;
michael@0	198	fwToken->fwSlot = fwSlot;
michael@0	199	fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
michael@0	200	fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
michael@0	201	fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
michael@0	202	fwToken->sessionCount = 0;
michael@0	203	fwToken->rwSessionCount = 0;
michael@0	204
michael@0	205	fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
michael@0	206	if (!fwToken->mutex) {
michael@0	207	if( CKR_OK == *pError ) {
michael@0	208	*pError = CKR_GENERAL_ERROR;
michael@0	209	}
michael@0	210	goto loser;
michael@0	211	}
michael@0	212
michael@0	213	fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
michael@0	214	if (!fwToken->sessions) {
michael@0	215	if( CKR_OK == *pError ) {
michael@0	216	*pError = CKR_GENERAL_ERROR;
michael@0	217	}
michael@0	218	goto loser;
michael@0	219	}
michael@0	220
michael@0	221	if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
michael@0	222	fwToken->fwInstance) ) {
michael@0	223	fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
michael@0	224	arena, pError);
michael@0	225	if (!fwToken->sessionObjectHash) {
michael@0	226	if( CKR_OK == *pError ) {
michael@0	227	*pError = CKR_GENERAL_ERROR;
michael@0	228	}
michael@0	229	goto loser;
michael@0	230	}
michael@0	231	}
michael@0	232
michael@0	233	fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
michael@0	234	arena, pError);
michael@0	235	if (!fwToken->mdObjectHash) {
michael@0	236	if( CKR_OK == *pError ) {
michael@0	237	*pError = CKR_GENERAL_ERROR;
michael@0	238	}
michael@0	239	goto loser;
michael@0	240	}
michael@0	241
michael@0	242	fwToken->mdMechanismHash = nssCKFWHash_Create(fwToken->fwInstance,
michael@0	243	arena, pError);
michael@0	244	if (!fwToken->mdMechanismHash) {
michael@0	245	if( CKR_OK == *pError ) {
michael@0	246	*pError = CKR_GENERAL_ERROR;
michael@0	247	}
michael@0	248	goto loser;
michael@0	249	}
michael@0	250
michael@0	251	/* More here */
michael@0	252
michael@0	253	if (mdToken->Setup) {
michael@0	254	*pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	255	if( CKR_OK != *pError ) {
michael@0	256	goto loser;
michael@0	257	}
michael@0	258	}
michael@0	259
michael@0	260	called_setup = CK_TRUE;
michael@0	261
michael@0	262	#ifdef DEBUG
michael@0	263	*pError = token_add_pointer(fwToken);
michael@0	264	if( CKR_OK != *pError ) {
michael@0	265	goto loser;
michael@0	266	}
michael@0	267	#endif /* DEBUG */
michael@0	268
michael@0	269	*pError = CKR_OK;
michael@0	270	return fwToken;
michael@0	271
michael@0	272	loser:
michael@0	273
michael@0	274	if( CK_TRUE == called_setup ) {
michael@0	275	if (mdToken->Invalidate) {
michael@0	276	mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	277	}
michael@0	278	}
michael@0	279
michael@0	280	if (arena) {
michael@0	281	(void)NSSArena_Destroy(arena);
michael@0	282	}
michael@0	283
michael@0	284	return (NSSCKFWToken *)NULL;
michael@0	285	}
michael@0	286
michael@0	287	static void
michael@0	288	nss_ckfwtoken_session_iterator
michael@0	289	(
michael@0	290	const void *key,
michael@0	291	void *value,
michael@0	292	void *closure
michael@0	293	)
michael@0	294	{
michael@0	295	/*
michael@0	296	* Remember that the fwToken->mutex is locked
michael@0	297	*/
michael@0	298	NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
michael@0	299	(void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
michael@0	300	return;
michael@0	301	}
michael@0	302
michael@0	303	static void
michael@0	304	nss_ckfwtoken_object_iterator
michael@0	305	(
michael@0	306	const void *key,
michael@0	307	void *value,
michael@0	308	void *closure
michael@0	309	)
michael@0	310	{
michael@0	311	/*
michael@0	312	* Remember that the fwToken->mutex is locked
michael@0	313	*/
michael@0	314	NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
michael@0	315	(void)nssCKFWObject_Finalize(fwObject, CK_FALSE);
michael@0	316	return;
michael@0	317	}
michael@0	318
michael@0	319	/*
michael@0	320	* nssCKFWToken_Destroy
michael@0	321	*
michael@0	322	*/
michael@0	323	NSS_IMPLEMENT CK_RV
michael@0	324	nssCKFWToken_Destroy
michael@0	325	(
michael@0	326	NSSCKFWToken *fwToken
michael@0	327	)
michael@0	328	{
michael@0	329	CK_RV error = CKR_OK;
michael@0	330
michael@0	331	#ifdef NSSDEBUG
michael@0	332	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	333	if( CKR_OK != error ) {
michael@0	334	return error;
michael@0	335	}
michael@0	336	#endif /* NSSDEBUG */
michael@0	337
michael@0	338	(void)nssCKFWMutex_Destroy(fwToken->mutex);
michael@0	339
michael@0	340	if (fwToken->mdToken->Invalidate) {
michael@0	341	fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
michael@0	342	fwToken->mdInstance, fwToken->fwInstance);
michael@0	343	}
michael@0	344	/* we can destroy the list without locking now because no one else is
michael@0	345	* referencing us (or _Destroy was invalidly called!)
michael@0	346	*/
michael@0	347	nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
michael@0	348	(void *)NULL);
michael@0	349	nssCKFWHash_Destroy(fwToken->sessions);
michael@0	350
michael@0	351	/* session objects go away when their sessions are removed */
michael@0	352	if (fwToken->sessionObjectHash) {
michael@0	353	nssCKFWHash_Destroy(fwToken->sessionObjectHash);
michael@0	354	}
michael@0	355
michael@0	356	/* free up the token objects */
michael@0	357	if (fwToken->mdObjectHash) {
michael@0	358	nssCKFWHash_Iterate(fwToken->mdObjectHash, nss_ckfwtoken_object_iterator,
michael@0	359	(void *)NULL);
michael@0	360	nssCKFWHash_Destroy(fwToken->mdObjectHash);
michael@0	361	}
michael@0	362	if (fwToken->mdMechanismHash) {
michael@0	363	nssCKFWHash_Destroy(fwToken->mdMechanismHash);
michael@0	364	}
michael@0	365
michael@0	366	nssCKFWSlot_ClearToken(fwToken->fwSlot);
michael@0	367
michael@0	368	#ifdef DEBUG
michael@0	369	error = token_remove_pointer(fwToken);
michael@0	370	#endif /* DEBUG */
michael@0	371
michael@0	372	(void)NSSArena_Destroy(fwToken->arena);
michael@0	373	return error;
michael@0	374	}
michael@0	375
michael@0	376	/*
michael@0	377	* nssCKFWToken_GetMDToken
michael@0	378	*
michael@0	379	*/
michael@0	380	NSS_IMPLEMENT NSSCKMDToken *
michael@0	381	nssCKFWToken_GetMDToken
michael@0	382	(
michael@0	383	NSSCKFWToken *fwToken
michael@0	384	)
michael@0	385	{
michael@0	386	#ifdef NSSDEBUG
michael@0	387	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	388	return (NSSCKMDToken *)NULL;
michael@0	389	}
michael@0	390	#endif /* NSSDEBUG */
michael@0	391
michael@0	392	return fwToken->mdToken;
michael@0	393	}
michael@0	394
michael@0	395	/*
michael@0	396	* nssCKFWToken_GetArena
michael@0	397	*
michael@0	398	*/
michael@0	399	NSS_IMPLEMENT NSSArena *
michael@0	400	nssCKFWToken_GetArena
michael@0	401	(
michael@0	402	NSSCKFWToken *fwToken,
michael@0	403	CK_RV *pError
michael@0	404	)
michael@0	405	{
michael@0	406	#ifdef NSSDEBUG
michael@0	407	if (!pError) {
michael@0	408	return (NSSArena *)NULL;
michael@0	409	}
michael@0	410
michael@0	411	*pError = nssCKFWToken_verifyPointer(fwToken);
michael@0	412	if( CKR_OK != *pError ) {
michael@0	413	return (NSSArena *)NULL;
michael@0	414	}
michael@0	415	#endif /* NSSDEBUG */
michael@0	416
michael@0	417	return fwToken->arena;
michael@0	418	}
michael@0	419
michael@0	420	/*
michael@0	421	* nssCKFWToken_GetFWSlot
michael@0	422	*
michael@0	423	*/
michael@0	424	NSS_IMPLEMENT NSSCKFWSlot *
michael@0	425	nssCKFWToken_GetFWSlot
michael@0	426	(
michael@0	427	NSSCKFWToken *fwToken
michael@0	428	)
michael@0	429	{
michael@0	430	#ifdef NSSDEBUG
michael@0	431	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	432	return (NSSCKFWSlot *)NULL;
michael@0	433	}
michael@0	434	#endif /* NSSDEBUG */
michael@0	435
michael@0	436	return fwToken->fwSlot;
michael@0	437	}
michael@0	438
michael@0	439	/*
michael@0	440	* nssCKFWToken_GetMDSlot
michael@0	441	*
michael@0	442	*/
michael@0	443	NSS_IMPLEMENT NSSCKMDSlot *
michael@0	444	nssCKFWToken_GetMDSlot
michael@0	445	(
michael@0	446	NSSCKFWToken *fwToken
michael@0	447	)
michael@0	448	{
michael@0	449	#ifdef NSSDEBUG
michael@0	450	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	451	return (NSSCKMDSlot *)NULL;
michael@0	452	}
michael@0	453	#endif /* NSSDEBUG */
michael@0	454
michael@0	455	return fwToken->mdSlot;
michael@0	456	}
michael@0	457
michael@0	458	/*
michael@0	459	* nssCKFWToken_GetSessionState
michael@0	460	*
michael@0	461	*/
michael@0	462	NSS_IMPLEMENT CK_STATE
michael@0	463	nssCKFWToken_GetSessionState
michael@0	464	(
michael@0	465	NSSCKFWToken *fwToken
michael@0	466	)
michael@0	467	{
michael@0	468	#ifdef NSSDEBUG
michael@0	469	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	470	return CKS_RO_PUBLIC_SESSION; /* whatever */
michael@0	471	}
michael@0	472	#endif /* NSSDEBUG */
michael@0	473
michael@0	474	/*
michael@0	475	* BTW, do not lock the token in this method.
michael@0	476	*/
michael@0	477
michael@0	478	/*
michael@0	479	* Theoretically, there is no state if there aren't any
michael@0	480	* sessions open. But then we'd need to worry about
michael@0	481	* reporting an error, etc. What the heck-- let's just
michael@0	482	* revert to CKR_RO_PUBLIC_SESSION as the "default."
michael@0	483	*/
michael@0	484
michael@0	485	return fwToken->state;
michael@0	486	}
michael@0	487
michael@0	488	/*
michael@0	489	* nssCKFWToken_InitToken
michael@0	490	*
michael@0	491	*/
michael@0	492	NSS_IMPLEMENT CK_RV
michael@0	493	nssCKFWToken_InitToken
michael@0	494	(
michael@0	495	NSSCKFWToken *fwToken,
michael@0	496	NSSItem *pin,
michael@0	497	NSSUTF8 *label
michael@0	498	)
michael@0	499	{
michael@0	500	CK_RV error;
michael@0	501
michael@0	502	#ifdef NSSDEBUG
michael@0	503	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	504	if( CKR_OK != error ) {
michael@0	505	return CKR_ARGUMENTS_BAD;
michael@0	506	}
michael@0	507	#endif /* NSSDEBUG */
michael@0	508
michael@0	509	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	510	if( CKR_OK != error ) {
michael@0	511	return error;
michael@0	512	}
michael@0	513
michael@0	514	if( fwToken->sessionCount > 0 ) {
michael@0	515	error = CKR_SESSION_EXISTS;
michael@0	516	goto done;
michael@0	517	}
michael@0	518
michael@0	519	if (!fwToken->mdToken->InitToken) {
michael@0	520	error = CKR_DEVICE_ERROR;
michael@0	521	goto done;
michael@0	522	}
michael@0	523
michael@0	524	if (!pin) {
michael@0	525	if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
michael@0	526	; /* okay */
michael@0	527	} else {
michael@0	528	error = CKR_PIN_INCORRECT;
michael@0	529	goto done;
michael@0	530	}
michael@0	531	}
michael@0	532
michael@0	533	if (!label) {
michael@0	534	label = (NSSUTF8 *) "";
michael@0	535	}
michael@0	536
michael@0	537	error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
michael@0	538	fwToken->mdInstance, fwToken->fwInstance, pin, label);
michael@0	539
michael@0	540	done:
michael@0	541	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	542	return error;
michael@0	543	}
michael@0	544
michael@0	545	/*
michael@0	546	* nssCKFWToken_GetLabel
michael@0	547	*
michael@0	548	*/
michael@0	549	NSS_IMPLEMENT CK_RV
michael@0	550	nssCKFWToken_GetLabel
michael@0	551	(
michael@0	552	NSSCKFWToken *fwToken,
michael@0	553	CK_CHAR label[32]
michael@0	554	)
michael@0	555	{
michael@0	556	CK_RV error = CKR_OK;
michael@0	557
michael@0	558	#ifdef NSSDEBUG
michael@0	559	if( (CK_CHAR_PTR)NULL == label ) {
michael@0	560	return CKR_ARGUMENTS_BAD;
michael@0	561	}
michael@0	562
michael@0	563	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	564	if( CKR_OK != error ) {
michael@0	565	return error;
michael@0	566	}
michael@0	567	#endif /* NSSDEBUG */
michael@0	568
michael@0	569	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	570	if( CKR_OK != error ) {
michael@0	571	return error;
michael@0	572	}
michael@0	573
michael@0	574	if (!fwToken->label) {
michael@0	575	if (fwToken->mdToken->GetLabel) {
michael@0	576	fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
michael@0	577	fwToken->mdInstance, fwToken->fwInstance, &error);
michael@0	578	if ((!fwToken->label) && (CKR_OK != error)) {
michael@0	579	goto done;
michael@0	580	}
michael@0	581	} else {
michael@0	582	fwToken->label = (NSSUTF8 *) "";
michael@0	583	}
michael@0	584	}
michael@0	585
michael@0	586	(void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
michael@0	587	error = CKR_OK;
michael@0	588
michael@0	589	done:
michael@0	590	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	591	return error;
michael@0	592	}
michael@0	593
michael@0	594	/*
michael@0	595	* nssCKFWToken_GetManufacturerID
michael@0	596	*
michael@0	597	*/
michael@0	598	NSS_IMPLEMENT CK_RV
michael@0	599	nssCKFWToken_GetManufacturerID
michael@0	600	(
michael@0	601	NSSCKFWToken *fwToken,
michael@0	602	CK_CHAR manufacturerID[32]
michael@0	603	)
michael@0	604	{
michael@0	605	CK_RV error = CKR_OK;
michael@0	606
michael@0	607	#ifdef NSSDEBUG
michael@0	608	if( (CK_CHAR_PTR)NULL == manufacturerID ) {
michael@0	609	return CKR_ARGUMENTS_BAD;
michael@0	610	}
michael@0	611
michael@0	612	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	613	if( CKR_OK != error ) {
michael@0	614	return error;
michael@0	615	}
michael@0	616	#endif /* NSSDEBUG */
michael@0	617
michael@0	618	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	619	if( CKR_OK != error ) {
michael@0	620	return error;
michael@0	621	}
michael@0	622
michael@0	623	if (!fwToken->manufacturerID) {
michael@0	624	if (fwToken->mdToken->GetManufacturerID) {
michael@0	625	fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
michael@0	626	fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
michael@0	627	if ((!fwToken->manufacturerID) && (CKR_OK != error)) {
michael@0	628	goto done;
michael@0	629	}
michael@0	630	} else {
michael@0	631	fwToken->manufacturerID = (NSSUTF8 *)"";
michael@0	632	}
michael@0	633	}
michael@0	634
michael@0	635	(void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
michael@0	636	error = CKR_OK;
michael@0	637
michael@0	638	done:
michael@0	639	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	640	return error;
michael@0	641	}
michael@0	642
michael@0	643	/*
michael@0	644	* nssCKFWToken_GetModel
michael@0	645	*
michael@0	646	*/
michael@0	647	NSS_IMPLEMENT CK_RV
michael@0	648	nssCKFWToken_GetModel
michael@0	649	(
michael@0	650	NSSCKFWToken *fwToken,
michael@0	651	CK_CHAR model[16]
michael@0	652	)
michael@0	653	{
michael@0	654	CK_RV error = CKR_OK;
michael@0	655
michael@0	656	#ifdef NSSDEBUG
michael@0	657	if( (CK_CHAR_PTR)NULL == model ) {
michael@0	658	return CKR_ARGUMENTS_BAD;
michael@0	659	}
michael@0	660
michael@0	661	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	662	if( CKR_OK != error ) {
michael@0	663	return error;
michael@0	664	}
michael@0	665	#endif /* NSSDEBUG */
michael@0	666
michael@0	667	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	668	if( CKR_OK != error ) {
michael@0	669	return error;
michael@0	670	}
michael@0	671
michael@0	672	if (!fwToken->model) {
michael@0	673	if (fwToken->mdToken->GetModel) {
michael@0	674	fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
michael@0	675	fwToken->mdInstance, fwToken->fwInstance, &error);
michael@0	676	if ((!fwToken->model) && (CKR_OK != error)) {
michael@0	677	goto done;
michael@0	678	}
michael@0	679	} else {
michael@0	680	fwToken->model = (NSSUTF8 *)"";
michael@0	681	}
michael@0	682	}
michael@0	683
michael@0	684	(void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
michael@0	685	error = CKR_OK;
michael@0	686
michael@0	687	done:
michael@0	688	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	689	return error;
michael@0	690	}
michael@0	691
michael@0	692	/*
michael@0	693	* nssCKFWToken_GetSerialNumber
michael@0	694	*
michael@0	695	*/
michael@0	696	NSS_IMPLEMENT CK_RV
michael@0	697	nssCKFWToken_GetSerialNumber
michael@0	698	(
michael@0	699	NSSCKFWToken *fwToken,
michael@0	700	CK_CHAR serialNumber[16]
michael@0	701	)
michael@0	702	{
michael@0	703	CK_RV error = CKR_OK;
michael@0	704
michael@0	705	#ifdef NSSDEBUG
michael@0	706	if( (CK_CHAR_PTR)NULL == serialNumber ) {
michael@0	707	return CKR_ARGUMENTS_BAD;
michael@0	708	}
michael@0	709
michael@0	710	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	711	if( CKR_OK != error ) {
michael@0	712	return error;
michael@0	713	}
michael@0	714	#endif /* NSSDEBUG */
michael@0	715
michael@0	716	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	717	if( CKR_OK != error ) {
michael@0	718	return error;
michael@0	719	}
michael@0	720
michael@0	721	if (!fwToken->serialNumber) {
michael@0	722	if (fwToken->mdToken->GetSerialNumber) {
michael@0	723	fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
michael@0	724	fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
michael@0	725	if ((!fwToken->serialNumber) && (CKR_OK != error)) {
michael@0	726	goto done;
michael@0	727	}
michael@0	728	} else {
michael@0	729	fwToken->serialNumber = (NSSUTF8 *)"";
michael@0	730	}
michael@0	731	}
michael@0	732
michael@0	733	(void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
michael@0	734	error = CKR_OK;
michael@0	735
michael@0	736	done:
michael@0	737	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	738	return error;
michael@0	739	}
michael@0	740
michael@0	741
michael@0	742	/*
michael@0	743	* nssCKFWToken_GetHasRNG
michael@0	744	*
michael@0	745	*/
michael@0	746	NSS_IMPLEMENT CK_BBOOL
michael@0	747	nssCKFWToken_GetHasRNG
michael@0	748	(
michael@0	749	NSSCKFWToken *fwToken
michael@0	750	)
michael@0	751	{
michael@0	752	#ifdef NSSDEBUG
michael@0	753	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	754	return CK_FALSE;
michael@0	755	}
michael@0	756	#endif /* NSSDEBUG */
michael@0	757
michael@0	758	if (!fwToken->mdToken->GetHasRNG) {
michael@0	759	return CK_FALSE;
michael@0	760	}
michael@0	761
michael@0	762	return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
michael@0	763	fwToken->mdInstance, fwToken->fwInstance);
michael@0	764	}
michael@0	765
michael@0	766	/*
michael@0	767	* nssCKFWToken_GetIsWriteProtected
michael@0	768	*
michael@0	769	*/
michael@0	770	NSS_IMPLEMENT CK_BBOOL
michael@0	771	nssCKFWToken_GetIsWriteProtected
michael@0	772	(
michael@0	773	NSSCKFWToken *fwToken
michael@0	774	)
michael@0	775	{
michael@0	776	#ifdef NSSDEBUG
michael@0	777	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	778	return CK_FALSE;
michael@0	779	}
michael@0	780	#endif /* NSSDEBUG */
michael@0	781
michael@0	782	if (!fwToken->mdToken->GetIsWriteProtected) {
michael@0	783	return CK_FALSE;
michael@0	784	}
michael@0	785
michael@0	786	return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
michael@0	787	fwToken->mdInstance, fwToken->fwInstance);
michael@0	788	}
michael@0	789
michael@0	790	/*
michael@0	791	* nssCKFWToken_GetLoginRequired
michael@0	792	*
michael@0	793	*/
michael@0	794	NSS_IMPLEMENT CK_BBOOL
michael@0	795	nssCKFWToken_GetLoginRequired
michael@0	796	(
michael@0	797	NSSCKFWToken *fwToken
michael@0	798	)
michael@0	799	{
michael@0	800	#ifdef NSSDEBUG
michael@0	801	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	802	return CK_FALSE;
michael@0	803	}
michael@0	804	#endif /* NSSDEBUG */
michael@0	805
michael@0	806	if (!fwToken->mdToken->GetLoginRequired) {
michael@0	807	return CK_FALSE;
michael@0	808	}
michael@0	809
michael@0	810	return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
michael@0	811	fwToken->mdInstance, fwToken->fwInstance);
michael@0	812	}
michael@0	813
michael@0	814	/*
michael@0	815	* nssCKFWToken_GetUserPinInitialized
michael@0	816	*
michael@0	817	*/
michael@0	818	NSS_IMPLEMENT CK_BBOOL
michael@0	819	nssCKFWToken_GetUserPinInitialized
michael@0	820	(
michael@0	821	NSSCKFWToken *fwToken
michael@0	822	)
michael@0	823	{
michael@0	824	#ifdef NSSDEBUG
michael@0	825	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	826	return CK_FALSE;
michael@0	827	}
michael@0	828	#endif /* NSSDEBUG */
michael@0	829
michael@0	830	if (!fwToken->mdToken->GetUserPinInitialized) {
michael@0	831	return CK_FALSE;
michael@0	832	}
michael@0	833
michael@0	834	return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
michael@0	835	fwToken->mdInstance, fwToken->fwInstance);
michael@0	836	}
michael@0	837
michael@0	838	/*
michael@0	839	* nssCKFWToken_GetRestoreKeyNotNeeded
michael@0	840	*
michael@0	841	*/
michael@0	842	NSS_IMPLEMENT CK_BBOOL
michael@0	843	nssCKFWToken_GetRestoreKeyNotNeeded
michael@0	844	(
michael@0	845	NSSCKFWToken *fwToken
michael@0	846	)
michael@0	847	{
michael@0	848	#ifdef NSSDEBUG
michael@0	849	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	850	return CK_FALSE;
michael@0	851	}
michael@0	852	#endif /* NSSDEBUG */
michael@0	853
michael@0	854	if (!fwToken->mdToken->GetRestoreKeyNotNeeded) {
michael@0	855	return CK_FALSE;
michael@0	856	}
michael@0	857
michael@0	858	return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
michael@0	859	fwToken->mdInstance, fwToken->fwInstance);
michael@0	860	}
michael@0	861
michael@0	862	/*
michael@0	863	* nssCKFWToken_GetHasClockOnToken
michael@0	864	*
michael@0	865	*/
michael@0	866	NSS_IMPLEMENT CK_BBOOL
michael@0	867	nssCKFWToken_GetHasClockOnToken
michael@0	868	(
michael@0	869	NSSCKFWToken *fwToken
michael@0	870	)
michael@0	871	{
michael@0	872	#ifdef NSSDEBUG
michael@0	873	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	874	return CK_FALSE;
michael@0	875	}
michael@0	876	#endif /* NSSDEBUG */
michael@0	877
michael@0	878	if (!fwToken->mdToken->GetHasClockOnToken) {
michael@0	879	return CK_FALSE;
michael@0	880	}
michael@0	881
michael@0	882	return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
michael@0	883	fwToken->mdInstance, fwToken->fwInstance);
michael@0	884	}
michael@0	885
michael@0	886	/*
michael@0	887	* nssCKFWToken_GetHasProtectedAuthenticationPath
michael@0	888	*
michael@0	889	*/
michael@0	890	NSS_IMPLEMENT CK_BBOOL
michael@0	891	nssCKFWToken_GetHasProtectedAuthenticationPath
michael@0	892	(
michael@0	893	NSSCKFWToken *fwToken
michael@0	894	)
michael@0	895	{
michael@0	896	#ifdef NSSDEBUG
michael@0	897	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	898	return CK_FALSE;
michael@0	899	}
michael@0	900	#endif /* NSSDEBUG */
michael@0	901
michael@0	902	if (!fwToken->mdToken->GetHasProtectedAuthenticationPath) {
michael@0	903	return CK_FALSE;
michael@0	904	}
michael@0	905
michael@0	906	return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
michael@0	907	fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	908	}
michael@0	909
michael@0	910	/*
michael@0	911	* nssCKFWToken_GetSupportsDualCryptoOperations
michael@0	912	*
michael@0	913	*/
michael@0	914	NSS_IMPLEMENT CK_BBOOL
michael@0	915	nssCKFWToken_GetSupportsDualCryptoOperations
michael@0	916	(
michael@0	917	NSSCKFWToken *fwToken
michael@0	918	)
michael@0	919	{
michael@0	920	#ifdef NSSDEBUG
michael@0	921	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	922	return CK_FALSE;
michael@0	923	}
michael@0	924	#endif /* NSSDEBUG */
michael@0	925
michael@0	926	if (!fwToken->mdToken->GetSupportsDualCryptoOperations) {
michael@0	927	return CK_FALSE;
michael@0	928	}
michael@0	929
michael@0	930	return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
michael@0	931	fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	932	}
michael@0	933
michael@0	934	/*
michael@0	935	* nssCKFWToken_GetMaxSessionCount
michael@0	936	*
michael@0	937	*/
michael@0	938	NSS_IMPLEMENT CK_ULONG
michael@0	939	nssCKFWToken_GetMaxSessionCount
michael@0	940	(
michael@0	941	NSSCKFWToken *fwToken
michael@0	942	)
michael@0	943	{
michael@0	944	#ifdef NSSDEBUG
michael@0	945	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	946	return CK_UNAVAILABLE_INFORMATION;
michael@0	947	}
michael@0	948	#endif /* NSSDEBUG */
michael@0	949
michael@0	950	if (!fwToken->mdToken->GetMaxSessionCount) {
michael@0	951	return CK_UNAVAILABLE_INFORMATION;
michael@0	952	}
michael@0	953
michael@0	954	return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
michael@0	955	fwToken->mdInstance, fwToken->fwInstance);
michael@0	956	}
michael@0	957
michael@0	958	/*
michael@0	959	* nssCKFWToken_GetMaxRwSessionCount
michael@0	960	*
michael@0	961	*/
michael@0	962	NSS_IMPLEMENT CK_ULONG
michael@0	963	nssCKFWToken_GetMaxRwSessionCount
michael@0	964	(
michael@0	965	NSSCKFWToken *fwToken
michael@0	966	)
michael@0	967	{
michael@0	968	#ifdef NSSDEBUG
michael@0	969	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	970	return CK_UNAVAILABLE_INFORMATION;
michael@0	971	}
michael@0	972	#endif /* NSSDEBUG */
michael@0	973
michael@0	974	if (!fwToken->mdToken->GetMaxRwSessionCount) {
michael@0	975	return CK_UNAVAILABLE_INFORMATION;
michael@0	976	}
michael@0	977
michael@0	978	return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
michael@0	979	fwToken->mdInstance, fwToken->fwInstance);
michael@0	980	}
michael@0	981
michael@0	982	/*
michael@0	983	* nssCKFWToken_GetMaxPinLen
michael@0	984	*
michael@0	985	*/
michael@0	986	NSS_IMPLEMENT CK_ULONG
michael@0	987	nssCKFWToken_GetMaxPinLen
michael@0	988	(
michael@0	989	NSSCKFWToken *fwToken
michael@0	990	)
michael@0	991	{
michael@0	992	#ifdef NSSDEBUG
michael@0	993	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	994	return CK_UNAVAILABLE_INFORMATION;
michael@0	995	}
michael@0	996	#endif /* NSSDEBUG */
michael@0	997
michael@0	998	if (!fwToken->mdToken->GetMaxPinLen) {
michael@0	999	return CK_UNAVAILABLE_INFORMATION;
michael@0	1000	}
michael@0	1001
michael@0	1002	return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
michael@0	1003	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1004	}
michael@0	1005
michael@0	1006	/*
michael@0	1007	* nssCKFWToken_GetMinPinLen
michael@0	1008	*
michael@0	1009	*/
michael@0	1010	NSS_IMPLEMENT CK_ULONG
michael@0	1011	nssCKFWToken_GetMinPinLen
michael@0	1012	(
michael@0	1013	NSSCKFWToken *fwToken
michael@0	1014	)
michael@0	1015	{
michael@0	1016	#ifdef NSSDEBUG
michael@0	1017	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1018	return CK_UNAVAILABLE_INFORMATION;
michael@0	1019	}
michael@0	1020	#endif /* NSSDEBUG */
michael@0	1021
michael@0	1022	if (!fwToken->mdToken->GetMinPinLen) {
michael@0	1023	return CK_UNAVAILABLE_INFORMATION;
michael@0	1024	}
michael@0	1025
michael@0	1026	return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
michael@0	1027	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1028	}
michael@0	1029
michael@0	1030	/*
michael@0	1031	* nssCKFWToken_GetTotalPublicMemory
michael@0	1032	*
michael@0	1033	*/
michael@0	1034	NSS_IMPLEMENT CK_ULONG
michael@0	1035	nssCKFWToken_GetTotalPublicMemory
michael@0	1036	(
michael@0	1037	NSSCKFWToken *fwToken
michael@0	1038	)
michael@0	1039	{
michael@0	1040	#ifdef NSSDEBUG
michael@0	1041	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1042	return CK_UNAVAILABLE_INFORMATION;
michael@0	1043	}
michael@0	1044	#endif /* NSSDEBUG */
michael@0	1045
michael@0	1046	if (!fwToken->mdToken->GetTotalPublicMemory) {
michael@0	1047	return CK_UNAVAILABLE_INFORMATION;
michael@0	1048	}
michael@0	1049
michael@0	1050	return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
michael@0	1051	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1052	}
michael@0	1053
michael@0	1054	/*
michael@0	1055	* nssCKFWToken_GetFreePublicMemory
michael@0	1056	*
michael@0	1057	*/
michael@0	1058	NSS_IMPLEMENT CK_ULONG
michael@0	1059	nssCKFWToken_GetFreePublicMemory
michael@0	1060	(
michael@0	1061	NSSCKFWToken *fwToken
michael@0	1062	)
michael@0	1063	{
michael@0	1064	#ifdef NSSDEBUG
michael@0	1065	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1066	return CK_UNAVAILABLE_INFORMATION;
michael@0	1067	}
michael@0	1068	#endif /* NSSDEBUG */
michael@0	1069
michael@0	1070	if (!fwToken->mdToken->GetFreePublicMemory) {
michael@0	1071	return CK_UNAVAILABLE_INFORMATION;
michael@0	1072	}
michael@0	1073
michael@0	1074	return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
michael@0	1075	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1076	}
michael@0	1077
michael@0	1078	/*
michael@0	1079	* nssCKFWToken_GetTotalPrivateMemory
michael@0	1080	*
michael@0	1081	*/
michael@0	1082	NSS_IMPLEMENT CK_ULONG
michael@0	1083	nssCKFWToken_GetTotalPrivateMemory
michael@0	1084	(
michael@0	1085	NSSCKFWToken *fwToken
michael@0	1086	)
michael@0	1087	{
michael@0	1088	#ifdef NSSDEBUG
michael@0	1089	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1090	return CK_UNAVAILABLE_INFORMATION;
michael@0	1091	}
michael@0	1092	#endif /* NSSDEBUG */
michael@0	1093
michael@0	1094	if (!fwToken->mdToken->GetTotalPrivateMemory) {
michael@0	1095	return CK_UNAVAILABLE_INFORMATION;
michael@0	1096	}
michael@0	1097
michael@0	1098	return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
michael@0	1099	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1100	}
michael@0	1101
michael@0	1102	/*
michael@0	1103	* nssCKFWToken_GetFreePrivateMemory
michael@0	1104	*
michael@0	1105	*/
michael@0	1106	NSS_IMPLEMENT CK_ULONG
michael@0	1107	nssCKFWToken_GetFreePrivateMemory
michael@0	1108	(
michael@0	1109	NSSCKFWToken *fwToken
michael@0	1110	)
michael@0	1111	{
michael@0	1112	#ifdef NSSDEBUG
michael@0	1113	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1114	return CK_UNAVAILABLE_INFORMATION;
michael@0	1115	}
michael@0	1116	#endif /* NSSDEBUG */
michael@0	1117
michael@0	1118	if (!fwToken->mdToken->GetFreePrivateMemory) {
michael@0	1119	return CK_UNAVAILABLE_INFORMATION;
michael@0	1120	}
michael@0	1121
michael@0	1122	return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
michael@0	1123	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1124	}
michael@0	1125
michael@0	1126	/*
michael@0	1127	* nssCKFWToken_GetHardwareVersion
michael@0	1128	*
michael@0	1129	*/
michael@0	1130	NSS_IMPLEMENT CK_VERSION
michael@0	1131	nssCKFWToken_GetHardwareVersion
michael@0	1132	(
michael@0	1133	NSSCKFWToken *fwToken
michael@0	1134	)
michael@0	1135	{
michael@0	1136	CK_VERSION rv;
michael@0	1137
michael@0	1138	#ifdef NSSDEBUG
michael@0	1139	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1140	rv.major = rv.minor = 0;
michael@0	1141	return rv;
michael@0	1142	}
michael@0	1143	#endif /* NSSDEBUG */
michael@0	1144
michael@0	1145	if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
michael@0	1146	rv.major = rv.minor = 0;
michael@0	1147	return rv;
michael@0	1148	}
michael@0	1149
michael@0	1150	if( (0 != fwToken->hardwareVersion.major) ||
michael@0	1151	(0 != fwToken->hardwareVersion.minor) ) {
michael@0	1152	rv = fwToken->hardwareVersion;
michael@0	1153	goto done;
michael@0	1154	}
michael@0	1155
michael@0	1156	if (fwToken->mdToken->GetHardwareVersion) {
michael@0	1157	fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
michael@0	1158	fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	1159	} else {
michael@0	1160	fwToken->hardwareVersion.major = 0;
michael@0	1161	fwToken->hardwareVersion.minor = 1;
michael@0	1162	}
michael@0	1163
michael@0	1164	rv = fwToken->hardwareVersion;
michael@0	1165
michael@0	1166	done:
michael@0	1167	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1168	return rv;
michael@0	1169	}
michael@0	1170
michael@0	1171	/*
michael@0	1172	* nssCKFWToken_GetFirmwareVersion
michael@0	1173	*
michael@0	1174	*/
michael@0	1175	NSS_IMPLEMENT CK_VERSION
michael@0	1176	nssCKFWToken_GetFirmwareVersion
michael@0	1177	(
michael@0	1178	NSSCKFWToken *fwToken
michael@0	1179	)
michael@0	1180	{
michael@0	1181	CK_VERSION rv;
michael@0	1182
michael@0	1183	#ifdef NSSDEBUG
michael@0	1184	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1185	rv.major = rv.minor = 0;
michael@0	1186	return rv;
michael@0	1187	}
michael@0	1188	#endif /* NSSDEBUG */
michael@0	1189
michael@0	1190	if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
michael@0	1191	rv.major = rv.minor = 0;
michael@0	1192	return rv;
michael@0	1193	}
michael@0	1194
michael@0	1195	if( (0 != fwToken->firmwareVersion.major) ||
michael@0	1196	(0 != fwToken->firmwareVersion.minor) ) {
michael@0	1197	rv = fwToken->firmwareVersion;
michael@0	1198	goto done;
michael@0	1199	}
michael@0	1200
michael@0	1201	if (fwToken->mdToken->GetFirmwareVersion) {
michael@0	1202	fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
michael@0	1203	fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
michael@0	1204	} else {
michael@0	1205	fwToken->firmwareVersion.major = 0;
michael@0	1206	fwToken->firmwareVersion.minor = 1;
michael@0	1207	}
michael@0	1208
michael@0	1209	rv = fwToken->firmwareVersion;
michael@0	1210
michael@0	1211	done:
michael@0	1212	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1213	return rv;
michael@0	1214	}
michael@0	1215
michael@0	1216	/*
michael@0	1217	* nssCKFWToken_GetUTCTime
michael@0	1218	*
michael@0	1219	*/
michael@0	1220	NSS_IMPLEMENT CK_RV
michael@0	1221	nssCKFWToken_GetUTCTime
michael@0	1222	(
michael@0	1223	NSSCKFWToken *fwToken,
michael@0	1224	CK_CHAR utcTime[16]
michael@0	1225	)
michael@0	1226	{
michael@0	1227	CK_RV error = CKR_OK;
michael@0	1228
michael@0	1229	#ifdef NSSDEBUG
michael@0	1230	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	1231	if( CKR_OK != error ) {
michael@0	1232	return error;
michael@0	1233	}
michael@0	1234
michael@0	1235	if( (CK_CHAR_PTR)NULL == utcTime ) {
michael@0	1236	return CKR_ARGUMENTS_BAD;
michael@0	1237	}
michael@0	1238	#endif /* DEBUG */
michael@0	1239
michael@0	1240	if( CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken) ) {
michael@0	1241	/* return CKR_DEVICE_ERROR; */
michael@0	1242	(void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
michael@0	1243	return CKR_OK;
michael@0	1244	}
michael@0	1245
michael@0	1246	if (!fwToken->mdToken->GetUTCTime) {
michael@0	1247	/* It said it had one! */
michael@0	1248	return CKR_GENERAL_ERROR;
michael@0	1249	}
michael@0	1250
michael@0	1251	error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
michael@0	1252	fwToken->mdInstance, fwToken->fwInstance, utcTime);
michael@0	1253	if( CKR_OK != error ) {
michael@0	1254	return error;
michael@0	1255	}
michael@0	1256
michael@0	1257	/* Sanity-check the data */
michael@0	1258	{
michael@0	1259	/* Format is YYYYMMDDhhmmss00 */
michael@0	1260	int i;
michael@0	1261	int Y, M, D, h, m, s, z;
michael@0	1262	static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
michael@0	1263
michael@0	1264	for( i = 0; i < 16; i++ ) {
michael@0	1265	if( (utcTime[i] < '0') || (utcTime[i] > '9') ) {
michael@0	1266	goto badtime;
michael@0	1267	}
michael@0	1268	}
michael@0	1269
michael@0	1270	Y = ((utcTime[ 0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
michael@0	1271	((utcTime[ 2] - '0') * 10) + (utcTime[ 3] - '0');
michael@0	1272	M = ((utcTime[ 4] - '0') * 10) + (utcTime[ 5] - '0');
michael@0	1273	D = ((utcTime[ 6] - '0') * 10) + (utcTime[ 7] - '0');
michael@0	1274	h = ((utcTime[ 8] - '0') * 10) + (utcTime[ 9] - '0');
michael@0	1275	m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
michael@0	1276	s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
michael@0	1277	z = ((utcTime[14] - '0') * 10) + (utcTime[15] - '0');
michael@0	1278
michael@0	1279	if( (Y < 1990) || (Y > 3000) ) goto badtime; /* Y3K problem. heh heh heh */
michael@0	1280	if( (M < 1) || (M > 12) ) goto badtime;
michael@0	1281	if( (D < 1) || (D > 31) ) goto badtime;
michael@0	1282
michael@0	1283	if( D > dims[M-1] ) goto badtime; /* per-month check */
michael@0	1284	if( (2 == M) && (((Y%4)||!(Y%100))&&(Y%400)) && (D > 28) ) goto badtime; /* leap years */
michael@0	1285
michael@0	1286	if( (h < 0) || (h > 23) ) goto badtime;
michael@0	1287	if( (m < 0) || (m > 60) ) goto badtime;
michael@0	1288	if( (s < 0) || (s > 61) ) goto badtime;
michael@0	1289
michael@0	1290	/* 60m and 60 or 61s is only allowed for leap seconds. */
michael@0	1291	if( (60 == m) || (s >= 60) ) {
michael@0	1292	if( (23 != h) || (60 != m) || (s < 60) ) goto badtime;
michael@0	1293	/* leap seconds can only happen on June 30 or Dec 31.. I think */
michael@0	1294	/* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
michael@0	1295	}
michael@0	1296	}
michael@0	1297
michael@0	1298	return CKR_OK;
michael@0	1299
michael@0	1300	badtime:
michael@0	1301	return CKR_GENERAL_ERROR;
michael@0	1302	}
michael@0	1303
michael@0	1304	/*
michael@0	1305	* nssCKFWToken_OpenSession
michael@0	1306	*
michael@0	1307	*/
michael@0	1308	NSS_IMPLEMENT NSSCKFWSession *
michael@0	1309	nssCKFWToken_OpenSession
michael@0	1310	(
michael@0	1311	NSSCKFWToken *fwToken,
michael@0	1312	CK_BBOOL rw,
michael@0	1313	CK_VOID_PTR pApplication,
michael@0	1314	CK_NOTIFY Notify,
michael@0	1315	CK_RV *pError
michael@0	1316	)
michael@0	1317	{
michael@0	1318	NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
michael@0	1319	NSSCKMDSession *mdSession;
michael@0	1320
michael@0	1321	#ifdef NSSDEBUG
michael@0	1322	if (!pError) {
michael@0	1323	return (NSSCKFWSession *)NULL;
michael@0	1324	}
michael@0	1325
michael@0	1326	*pError = nssCKFWToken_verifyPointer(fwToken);
michael@0	1327	if( CKR_OK != *pError ) {
michael@0	1328	return (NSSCKFWSession *)NULL;
michael@0	1329	}
michael@0	1330
michael@0	1331	switch( rw ) {
michael@0	1332	case CK_TRUE:
michael@0	1333	case CK_FALSE:
michael@0	1334	break;
michael@0	1335	default:
michael@0	1336	*pError = CKR_ARGUMENTS_BAD;
michael@0	1337	return (NSSCKFWSession *)NULL;
michael@0	1338	}
michael@0	1339	#endif /* NSSDEBUG */
michael@0	1340
michael@0	1341	*pError = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	1342	if( CKR_OK != *pError ) {
michael@0	1343	return (NSSCKFWSession *)NULL;
michael@0	1344	}
michael@0	1345
michael@0	1346	if( CK_TRUE == rw ) {
michael@0	1347	/* Read-write session desired */
michael@0	1348	if( CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken) ) {
michael@0	1349	*pError = CKR_TOKEN_WRITE_PROTECTED;
michael@0	1350	goto done;
michael@0	1351	}
michael@0	1352	} else {
michael@0	1353	/* Read-only session desired */
michael@0	1354	if( CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken) ) {
michael@0	1355	*pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
michael@0	1356	goto done;
michael@0	1357	}
michael@0	1358	}
michael@0	1359
michael@0	1360	/* We could compare sesion counts to any limits we know of, I guess.. */
michael@0	1361
michael@0	1362	if (!fwToken->mdToken->OpenSession) {
michael@0	1363	/*
michael@0	1364	* I'm not sure that the Module actually needs to implement
michael@0	1365	* mdSessions -- the Framework can keep track of everything
michael@0	1366	* needed, really. But I'll sort out that detail later..
michael@0	1367	*/
michael@0	1368	*pError = CKR_GENERAL_ERROR;
michael@0	1369	goto done;
michael@0	1370	}
michael@0	1371
michael@0	1372	fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
michael@0	1373	if (!fwSession) {
michael@0	1374	if( CKR_OK == *pError ) {
michael@0	1375	*pError = CKR_GENERAL_ERROR;
michael@0	1376	}
michael@0	1377	goto done;
michael@0	1378	}
michael@0	1379
michael@0	1380	mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
michael@0	1381	fwToken->mdInstance, fwToken->fwInstance, fwSession,
michael@0	1382	rw, pError);
michael@0	1383	if (!mdSession) {
michael@0	1384	(void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
michael@0	1385	if( CKR_OK == *pError ) {
michael@0	1386	*pError = CKR_GENERAL_ERROR;
michael@0	1387	}
michael@0	1388	goto done;
michael@0	1389	}
michael@0	1390
michael@0	1391	*pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
michael@0	1392	if( CKR_OK != *pError ) {
michael@0	1393	if (mdSession->Close) {
michael@0	1394	mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
michael@0	1395	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1396	}
michael@0	1397	(void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
michael@0	1398	goto done;
michael@0	1399	}
michael@0	1400
michael@0	1401	*pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
michael@0	1402	if( CKR_OK != *pError ) {
michael@0	1403	(void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
michael@0	1404	fwSession = (NSSCKFWSession *)NULL;
michael@0	1405	goto done;
michael@0	1406	}
michael@0	1407
michael@0	1408	done:
michael@0	1409	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1410	return fwSession;
michael@0	1411	}
michael@0	1412
michael@0	1413	/*
michael@0	1414	* nssCKFWToken_GetMechanismCount
michael@0	1415	*
michael@0	1416	*/
michael@0	1417	NSS_IMPLEMENT CK_ULONG
michael@0	1418	nssCKFWToken_GetMechanismCount
michael@0	1419	(
michael@0	1420	NSSCKFWToken *fwToken
michael@0	1421	)
michael@0	1422	{
michael@0	1423	#ifdef NSSDEBUG
michael@0	1424	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1425	return 0;
michael@0	1426	}
michael@0	1427	#endif /* NSSDEBUG */
michael@0	1428
michael@0	1429	if (!fwToken->mdToken->GetMechanismCount) {
michael@0	1430	return 0;
michael@0	1431	}
michael@0	1432
michael@0	1433	return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
michael@0	1434	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1435	}
michael@0	1436
michael@0	1437	/*
michael@0	1438	* nssCKFWToken_GetMechanismTypes
michael@0	1439	*
michael@0	1440	*/
michael@0	1441	NSS_IMPLEMENT CK_RV
michael@0	1442	nssCKFWToken_GetMechanismTypes
michael@0	1443	(
michael@0	1444	NSSCKFWToken *fwToken,
michael@0	1445	CK_MECHANISM_TYPE types[]
michael@0	1446	)
michael@0	1447	{
michael@0	1448	#ifdef NSSDEBUG
michael@0	1449	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1450	return CKR_ARGUMENTS_BAD;
michael@0	1451	}
michael@0	1452
michael@0	1453	if (!types) {
michael@0	1454	return CKR_ARGUMENTS_BAD;
michael@0	1455	}
michael@0	1456	#endif /* NSSDEBUG */
michael@0	1457
michael@0	1458	if (!fwToken->mdToken->GetMechanismTypes) {
michael@0	1459	/*
michael@0	1460	* This should only be called with a sufficiently-large
michael@0	1461	* "types" array, which can only be done if GetMechanismCount
michael@0	1462	* is implemented. If that's implemented (and returns nonzero),
michael@0	1463	* then this should be too. So return an error.
michael@0	1464	*/
michael@0	1465	return CKR_GENERAL_ERROR;
michael@0	1466	}
michael@0	1467
michael@0	1468	return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
michael@0	1469	fwToken->mdInstance, fwToken->fwInstance, types);
michael@0	1470	}
michael@0	1471
michael@0	1472
michael@0	1473	/*
michael@0	1474	* nssCKFWToken_GetMechanism
michael@0	1475	*
michael@0	1476	*/
michael@0	1477	NSS_IMPLEMENT NSSCKFWMechanism *
michael@0	1478	nssCKFWToken_GetMechanism
michael@0	1479	(
michael@0	1480	NSSCKFWToken *fwToken,
michael@0	1481	CK_MECHANISM_TYPE which,
michael@0	1482	CK_RV *pError
michael@0	1483	)
michael@0	1484	{
michael@0	1485	NSSCKMDMechanism *mdMechanism;
michael@0	1486	if (!fwToken->mdMechanismHash) {
michael@0	1487	*pError = CKR_GENERAL_ERROR;
michael@0	1488	return (NSSCKFWMechanism *)NULL;
michael@0	1489	}
michael@0	1490
michael@0	1491	if (!fwToken->mdToken->GetMechanism) {
michael@0	1492	/*
michael@0	1493	* If we don't implement any GetMechanism function, then we must
michael@0	1494	* not support any.
michael@0	1495	*/
michael@0	1496	*pError = CKR_MECHANISM_INVALID;
michael@0	1497	return (NSSCKFWMechanism *)NULL;
michael@0	1498	}
michael@0	1499
michael@0	1500	/* lookup in hash table */
michael@0	1501	mdMechanism = fwToken->mdToken->GetMechanism(fwToken->mdToken, fwToken,
michael@0	1502	fwToken->mdInstance, fwToken->fwInstance, which, pError);
michael@0	1503	if (!mdMechanism) {
michael@0	1504	return (NSSCKFWMechanism *) NULL;
michael@0	1505	}
michael@0	1506	/* store in hash table */
michael@0	1507	return nssCKFWMechanism_Create(mdMechanism, fwToken->mdToken, fwToken,
michael@0	1508	fwToken->mdInstance, fwToken->fwInstance);
michael@0	1509	}
michael@0	1510
michael@0	1511	NSS_IMPLEMENT CK_RV
michael@0	1512	nssCKFWToken_SetSessionState
michael@0	1513	(
michael@0	1514	NSSCKFWToken *fwToken,
michael@0	1515	CK_STATE newState
michael@0	1516	)
michael@0	1517	{
michael@0	1518	CK_RV error = CKR_OK;
michael@0	1519
michael@0	1520	#ifdef NSSDEBUG
michael@0	1521	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	1522	if( CKR_OK != error ) {
michael@0	1523	return error;
michael@0	1524	}
michael@0	1525
michael@0	1526	switch( newState ) {
michael@0	1527	case CKS_RO_PUBLIC_SESSION:
michael@0	1528	case CKS_RO_USER_FUNCTIONS:
michael@0	1529	case CKS_RW_PUBLIC_SESSION:
michael@0	1530	case CKS_RW_USER_FUNCTIONS:
michael@0	1531	case CKS_RW_SO_FUNCTIONS:
michael@0	1532	break;
michael@0	1533	default:
michael@0	1534	return CKR_ARGUMENTS_BAD;
michael@0	1535	}
michael@0	1536	#endif /* NSSDEBUG */
michael@0	1537
michael@0	1538	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	1539	if( CKR_OK != error ) {
michael@0	1540	return error;
michael@0	1541	}
michael@0	1542
michael@0	1543	fwToken->state = newState;
michael@0	1544	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1545	return CKR_OK;
michael@0	1546	}
michael@0	1547
michael@0	1548	/*
michael@0	1549	* nssCKFWToken_RemoveSession
michael@0	1550	*
michael@0	1551	*/
michael@0	1552	NSS_IMPLEMENT CK_RV
michael@0	1553	nssCKFWToken_RemoveSession
michael@0	1554	(
michael@0	1555	NSSCKFWToken *fwToken,
michael@0	1556	NSSCKFWSession *fwSession
michael@0	1557	)
michael@0	1558	{
michael@0	1559	CK_RV error = CKR_OK;
michael@0	1560
michael@0	1561	#ifdef NSSDEBUG
michael@0	1562	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	1563	if( CKR_OK != error ) {
michael@0	1564	return error;
michael@0	1565	}
michael@0	1566
michael@0	1567	error = nssCKFWSession_verifyPointer(fwSession);
michael@0	1568	if( CKR_OK != error ) {
michael@0	1569	return error;
michael@0	1570	}
michael@0	1571	#endif /* NSSDEBUG */
michael@0	1572
michael@0	1573	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	1574	if( CKR_OK != error ) {
michael@0	1575	return error;
michael@0	1576	}
michael@0	1577
michael@0	1578	if( CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession) ) {
michael@0	1579	error = CKR_SESSION_HANDLE_INVALID;
michael@0	1580	goto done;
michael@0	1581	}
michael@0	1582
michael@0	1583	nssCKFWHash_Remove(fwToken->sessions, fwSession);
michael@0	1584	fwToken->sessionCount--;
michael@0	1585
michael@0	1586	if( nssCKFWSession_IsRWSession(fwSession) ) {
michael@0	1587	fwToken->rwSessionCount--;
michael@0	1588	}
michael@0	1589
michael@0	1590	if( 0 == fwToken->sessionCount ) {
michael@0	1591	fwToken->rwSessionCount = 0; /* sanity */
michael@0	1592	fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
michael@0	1593	}
michael@0	1594
michael@0	1595	error = CKR_OK;
michael@0	1596
michael@0	1597	done:
michael@0	1598	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1599	return error;
michael@0	1600	}
michael@0	1601
michael@0	1602
michael@0	1603	/*
michael@0	1604	* nssCKFWToken_CloseAllSessions
michael@0	1605	*
michael@0	1606	*/
michael@0	1607	NSS_IMPLEMENT CK_RV
michael@0	1608	nssCKFWToken_CloseAllSessions
michael@0	1609	(
michael@0	1610	NSSCKFWToken *fwToken
michael@0	1611	)
michael@0	1612	{
michael@0	1613	CK_RV error = CKR_OK;
michael@0	1614
michael@0	1615	#ifdef NSSDEBUG
michael@0	1616	error = nssCKFWToken_verifyPointer(fwToken);
michael@0	1617	if( CKR_OK != error ) {
michael@0	1618	return error;
michael@0	1619	}
michael@0	1620	#endif /* NSSDEBUG */
michael@0	1621
michael@0	1622	error = nssCKFWMutex_Lock(fwToken->mutex);
michael@0	1623	if( CKR_OK != error ) {
michael@0	1624	return error;
michael@0	1625	}
michael@0	1626
michael@0	1627	nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
michael@0	1628
michael@0	1629	nssCKFWHash_Destroy(fwToken->sessions);
michael@0	1630
michael@0	1631	fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
michael@0	1632	if (!fwToken->sessions) {
michael@0	1633	if( CKR_OK == error ) {
michael@0	1634	error = CKR_GENERAL_ERROR;
michael@0	1635	}
michael@0	1636	goto done;
michael@0	1637	}
michael@0	1638
michael@0	1639	fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
michael@0	1640	fwToken->sessionCount = 0;
michael@0	1641	fwToken->rwSessionCount = 0;
michael@0	1642
michael@0	1643	error = CKR_OK;
michael@0	1644
michael@0	1645	done:
michael@0	1646	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1647	return error;
michael@0	1648	}
michael@0	1649
michael@0	1650	/*
michael@0	1651	* nssCKFWToken_GetSessionCount
michael@0	1652	*
michael@0	1653	*/
michael@0	1654	NSS_IMPLEMENT CK_ULONG
michael@0	1655	nssCKFWToken_GetSessionCount
michael@0	1656	(
michael@0	1657	NSSCKFWToken *fwToken
michael@0	1658	)
michael@0	1659	{
michael@0	1660	CK_ULONG rv;
michael@0	1661
michael@0	1662	#ifdef NSSDEBUG
michael@0	1663	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1664	return (CK_ULONG)0;
michael@0	1665	}
michael@0	1666	#endif /* NSSDEBUG */
michael@0	1667
michael@0	1668	if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
michael@0	1669	return (CK_ULONG)0;
michael@0	1670	}
michael@0	1671
michael@0	1672	rv = fwToken->sessionCount;
michael@0	1673	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1674	return rv;
michael@0	1675	}
michael@0	1676
michael@0	1677	/*
michael@0	1678	* nssCKFWToken_GetRwSessionCount
michael@0	1679	*
michael@0	1680	*/
michael@0	1681	NSS_IMPLEMENT CK_ULONG
michael@0	1682	nssCKFWToken_GetRwSessionCount
michael@0	1683	(
michael@0	1684	NSSCKFWToken *fwToken
michael@0	1685	)
michael@0	1686	{
michael@0	1687	CK_ULONG rv;
michael@0	1688
michael@0	1689	#ifdef NSSDEBUG
michael@0	1690	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1691	return (CK_ULONG)0;
michael@0	1692	}
michael@0	1693	#endif /* NSSDEBUG */
michael@0	1694
michael@0	1695	if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
michael@0	1696	return (CK_ULONG)0;
michael@0	1697	}
michael@0	1698
michael@0	1699	rv = fwToken->rwSessionCount;
michael@0	1700	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1701	return rv;
michael@0	1702	}
michael@0	1703
michael@0	1704	/*
michael@0	1705	* nssCKFWToken_GetRoSessionCount
michael@0	1706	*
michael@0	1707	*/
michael@0	1708	NSS_IMPLEMENT CK_ULONG
michael@0	1709	nssCKFWToken_GetRoSessionCount
michael@0	1710	(
michael@0	1711	NSSCKFWToken *fwToken
michael@0	1712	)
michael@0	1713	{
michael@0	1714	CK_ULONG rv;
michael@0	1715
michael@0	1716	#ifdef NSSDEBUG
michael@0	1717	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1718	return (CK_ULONG)0;
michael@0	1719	}
michael@0	1720	#endif /* NSSDEBUG */
michael@0	1721
michael@0	1722	if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
michael@0	1723	return (CK_ULONG)0;
michael@0	1724	}
michael@0	1725
michael@0	1726	rv = fwToken->sessionCount - fwToken->rwSessionCount;
michael@0	1727	(void)nssCKFWMutex_Unlock(fwToken->mutex);
michael@0	1728	return rv;
michael@0	1729	}
michael@0	1730
michael@0	1731	/*
michael@0	1732	* nssCKFWToken_GetSessionObjectHash
michael@0	1733	*
michael@0	1734	*/
michael@0	1735	NSS_IMPLEMENT nssCKFWHash *
michael@0	1736	nssCKFWToken_GetSessionObjectHash
michael@0	1737	(
michael@0	1738	NSSCKFWToken *fwToken
michael@0	1739	)
michael@0	1740	{
michael@0	1741	#ifdef NSSDEBUG
michael@0	1742	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1743	return (nssCKFWHash *)NULL;
michael@0	1744	}
michael@0	1745	#endif /* NSSDEBUG */
michael@0	1746
michael@0	1747	return fwToken->sessionObjectHash;
michael@0	1748	}
michael@0	1749
michael@0	1750	/*
michael@0	1751	* nssCKFWToken_GetMDObjectHash
michael@0	1752	*
michael@0	1753	*/
michael@0	1754	NSS_IMPLEMENT nssCKFWHash *
michael@0	1755	nssCKFWToken_GetMDObjectHash
michael@0	1756	(
michael@0	1757	NSSCKFWToken *fwToken
michael@0	1758	)
michael@0	1759	{
michael@0	1760	#ifdef NSSDEBUG
michael@0	1761	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1762	return (nssCKFWHash *)NULL;
michael@0	1763	}
michael@0	1764	#endif /* NSSDEBUG */
michael@0	1765
michael@0	1766	return fwToken->mdObjectHash;
michael@0	1767	}
michael@0	1768
michael@0	1769	/*
michael@0	1770	* nssCKFWToken_GetObjectHandleHash
michael@0	1771	*
michael@0	1772	*/
michael@0	1773	NSS_IMPLEMENT nssCKFWHash *
michael@0	1774	nssCKFWToken_GetObjectHandleHash
michael@0	1775	(
michael@0	1776	NSSCKFWToken *fwToken
michael@0	1777	)
michael@0	1778	{
michael@0	1779	#ifdef NSSDEBUG
michael@0	1780	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1781	return (nssCKFWHash *)NULL;
michael@0	1782	}
michael@0	1783	#endif /* NSSDEBUG */
michael@0	1784
michael@0	1785	return fwToken->mdObjectHash;
michael@0	1786	}
michael@0	1787
michael@0	1788	/*
michael@0	1789	* NSSCKFWToken_GetMDToken
michael@0	1790	*
michael@0	1791	*/
michael@0	1792
michael@0	1793	NSS_IMPLEMENT NSSCKMDToken *
michael@0	1794	NSSCKFWToken_GetMDToken
michael@0	1795	(
michael@0	1796	NSSCKFWToken *fwToken
michael@0	1797	)
michael@0	1798	{
michael@0	1799	#ifdef DEBUG
michael@0	1800	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1801	return (NSSCKMDToken *)NULL;
michael@0	1802	}
michael@0	1803	#endif /* DEBUG */
michael@0	1804
michael@0	1805	return nssCKFWToken_GetMDToken(fwToken);
michael@0	1806	}
michael@0	1807
michael@0	1808	/*
michael@0	1809	* NSSCKFWToken_GetArena
michael@0	1810	*
michael@0	1811	*/
michael@0	1812
michael@0	1813	NSS_IMPLEMENT NSSArena *
michael@0	1814	NSSCKFWToken_GetArena
michael@0	1815	(
michael@0	1816	NSSCKFWToken *fwToken,
michael@0	1817	CK_RV *pError
michael@0	1818	)
michael@0	1819	{
michael@0	1820	#ifdef DEBUG
michael@0	1821	if (!pError) {
michael@0	1822	return (NSSArena *)NULL;
michael@0	1823	}
michael@0	1824
michael@0	1825	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1826	*pError = CKR_ARGUMENTS_BAD;
michael@0	1827	return (NSSArena *)NULL;
michael@0	1828	}
michael@0	1829	#endif /* DEBUG */
michael@0	1830
michael@0	1831	return nssCKFWToken_GetArena(fwToken, pError);
michael@0	1832	}
michael@0	1833
michael@0	1834	/*
michael@0	1835	* NSSCKFWToken_GetFWSlot
michael@0	1836	*
michael@0	1837	*/
michael@0	1838
michael@0	1839	NSS_IMPLEMENT NSSCKFWSlot *
michael@0	1840	NSSCKFWToken_GetFWSlot
michael@0	1841	(
michael@0	1842	NSSCKFWToken *fwToken
michael@0	1843	)
michael@0	1844	{
michael@0	1845	#ifdef DEBUG
michael@0	1846	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1847	return (NSSCKFWSlot *)NULL;
michael@0	1848	}
michael@0	1849	#endif /* DEBUG */
michael@0	1850
michael@0	1851	return nssCKFWToken_GetFWSlot(fwToken);
michael@0	1852	}
michael@0	1853
michael@0	1854	/*
michael@0	1855	* NSSCKFWToken_GetMDSlot
michael@0	1856	*
michael@0	1857	*/
michael@0	1858
michael@0	1859	NSS_IMPLEMENT NSSCKMDSlot *
michael@0	1860	NSSCKFWToken_GetMDSlot
michael@0	1861	(
michael@0	1862	NSSCKFWToken *fwToken
michael@0	1863	)
michael@0	1864	{
michael@0	1865	#ifdef DEBUG
michael@0	1866	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1867	return (NSSCKMDSlot *)NULL;
michael@0	1868	}
michael@0	1869	#endif /* DEBUG */
michael@0	1870
michael@0	1871	return nssCKFWToken_GetMDSlot(fwToken);
michael@0	1872	}
michael@0	1873
michael@0	1874	/*
michael@0	1875	* NSSCKFWToken_GetSessionState
michael@0	1876	*
michael@0	1877	*/
michael@0	1878
michael@0	1879	NSS_IMPLEMENT CK_STATE
michael@0	1880	NSSCKFWSession_GetSessionState
michael@0	1881	(
michael@0	1882	NSSCKFWToken *fwToken
michael@0	1883	)
michael@0	1884	{
michael@0	1885	#ifdef DEBUG
michael@0	1886	if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
michael@0	1887	return CKS_RO_PUBLIC_SESSION;
michael@0	1888	}
michael@0	1889	#endif /* DEBUG */
michael@0	1890
michael@0	1891	return nssCKFWToken_GetSessionState(fwToken);
michael@0	1892	}