1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/ckfw/wrap.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,5672 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +/*
1.9 + * wrap.c
1.10 + *
1.11 + * This file contains the routines that actually implement the cryptoki
1.12 + * API, using the internal APIs of the NSS Cryptoki Framework. There is
1.13 + * one routine here for every cryptoki routine. For linking reasons
1.14 + * the actual entry points passed back with C_GetFunctionList have to
1.15 + * exist in one of the Module's source files; however, those are merely
1.16 + * simple wrappers that call these routines. The intelligence of the
1.17 + * implementations is here.
1.18 + */
1.19 +
1.20 +#ifndef CK_T
1.21 +#include "ck.h"
1.22 +#endif /* CK_T */
1.23 +
1.24 +/*
1.25 + * NSSCKFWC_Initialize
1.26 + * NSSCKFWC_Finalize
1.27 + * NSSCKFWC_GetInfo
1.28 + * -- NSSCKFWC_GetFunctionList -- see the API insert file
1.29 + * NSSCKFWC_GetSlotList
1.30 + * NSSCKFWC_GetSlotInfo
1.31 + * NSSCKFWC_GetTokenInfo
1.32 + * NSSCKFWC_WaitForSlotEvent
1.33 + * NSSCKFWC_GetMechanismList
1.34 + * NSSCKFWC_GetMechanismInfo
1.35 + * NSSCKFWC_InitToken
1.36 + * NSSCKFWC_InitPIN
1.37 + * NSSCKFWC_SetPIN
1.38 + * NSSCKFWC_OpenSession
1.39 + * NSSCKFWC_CloseSession
1.40 + * NSSCKFWC_CloseAllSessions
1.41 + * NSSCKFWC_GetSessionInfo
1.42 + * NSSCKFWC_GetOperationState
1.43 + * NSSCKFWC_SetOperationState
1.44 + * NSSCKFWC_Login
1.45 + * NSSCKFWC_Logout
1.46 + * NSSCKFWC_CreateObject
1.47 + * NSSCKFWC_CopyObject
1.48 + * NSSCKFWC_DestroyObject
1.49 + * NSSCKFWC_GetObjectSize
1.50 + * NSSCKFWC_GetAttributeValue
1.51 + * NSSCKFWC_SetAttributeValue
1.52 + * NSSCKFWC_FindObjectsInit
1.53 + * NSSCKFWC_FindObjects
1.54 + * NSSCKFWC_FindObjectsFinal
1.55 + * NSSCKFWC_EncryptInit
1.56 + * NSSCKFWC_Encrypt
1.57 + * NSSCKFWC_EncryptUpdate
1.58 + * NSSCKFWC_EncryptFinal
1.59 + * NSSCKFWC_DecryptInit
1.60 + * NSSCKFWC_Decrypt
1.61 + * NSSCKFWC_DecryptUpdate
1.62 + * NSSCKFWC_DecryptFinal
1.63 + * NSSCKFWC_DigestInit
1.64 + * NSSCKFWC_Digest
1.65 + * NSSCKFWC_DigestUpdate
1.66 + * NSSCKFWC_DigestKey
1.67 + * NSSCKFWC_DigestFinal
1.68 + * NSSCKFWC_SignInit
1.69 + * NSSCKFWC_Sign
1.70 + * NSSCKFWC_SignUpdate
1.71 + * NSSCKFWC_SignFinal
1.72 + * NSSCKFWC_SignRecoverInit
1.73 + * NSSCKFWC_SignRecover
1.74 + * NSSCKFWC_VerifyInit
1.75 + * NSSCKFWC_Verify
1.76 + * NSSCKFWC_VerifyUpdate
1.77 + * NSSCKFWC_VerifyFinal
1.78 + * NSSCKFWC_VerifyRecoverInit
1.79 + * NSSCKFWC_VerifyRecover
1.80 + * NSSCKFWC_DigestEncryptUpdate
1.81 + * NSSCKFWC_DecryptDigestUpdate
1.82 + * NSSCKFWC_SignEncryptUpdate
1.83 + * NSSCKFWC_DecryptVerifyUpdate
1.84 + * NSSCKFWC_GenerateKey
1.85 + * NSSCKFWC_GenerateKeyPair
1.86 + * NSSCKFWC_WrapKey
1.87 + * NSSCKFWC_UnwrapKey
1.88 + * NSSCKFWC_DeriveKey
1.89 + * NSSCKFWC_SeedRandom
1.90 + * NSSCKFWC_GenerateRandom
1.91 + * NSSCKFWC_GetFunctionStatus
1.92 + * NSSCKFWC_CancelFunction
1.93 + */
1.94 +
1.95 +/* figure out out locking semantics */
1.96 +static CK_RV
1.97 +nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
1.98 + CryptokiLockingState *pLocking_state) {
1.99 + int functionCount = 0;
1.100 +
1.101 + /* parsed according to (PKCS #11 Section 11.4) */
1.102 + /* no args, the degenerate version of case 1 */
1.103 + if (!pInitArgs) {
1.104 + *pLocking_state = SingleThreaded;
1.105 + return CKR_OK;
1.106 + }
1.107 +
1.108 + /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
1.109 + if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
1.110 + *pLocking_state = MultiThreaded;
1.111 + return CKR_OK;
1.112 + }
1.113 + if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
1.114 + if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
1.115 + if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
1.116 + if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
1.117 +
1.118 + /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
1.119 + * explicit case 1 */
1.120 + if (0 == functionCount) {
1.121 + *pLocking_state = SingleThreaded;
1.122 + return CKR_OK;
1.123 + }
1.124 +
1.125 + /* OS_LOCKING_OK is not set and functions have been supplied. Since
1.126 + * ckfw uses nssbase library which explicitly calls NSPR, and since
1.127 + * there is no way to reliably override these explicit calls to NSPR,
1.128 + * therefore we can't support applications which have their own threading
1.129 + * module. Return CKR_CANT_LOCK if they supplied the correct number of
1.130 + * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
1.131 + * fail the initialize */
1.132 + return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
1.133 +}
1.134 +
1.135 +static PRInt32 liveInstances;
1.136 +
1.137 +/*
1.138 + * NSSCKFWC_Initialize
1.139 + *
1.140 + */
1.141 +NSS_IMPLEMENT CK_RV
1.142 +NSSCKFWC_Initialize
1.143 +(
1.144 + NSSCKFWInstance **pFwInstance,
1.145 + NSSCKMDInstance *mdInstance,
1.146 + CK_VOID_PTR pInitArgs
1.147 +)
1.148 +{
1.149 + CK_RV error = CKR_OK;
1.150 + CryptokiLockingState locking_state;
1.151 +
1.152 + if( (NSSCKFWInstance **)NULL == pFwInstance ) {
1.153 + error = CKR_GENERAL_ERROR;
1.154 + goto loser;
1.155 + }
1.156 +
1.157 + if (*pFwInstance) {
1.158 + error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
1.159 + goto loser;
1.160 + }
1.161 +
1.162 + if (!mdInstance) {
1.163 + error = CKR_GENERAL_ERROR;
1.164 + goto loser;
1.165 + }
1.166 +
1.167 + error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
1.168 + if( CKR_OK != error ) {
1.169 + goto loser;
1.170 + }
1.171 +
1.172 + *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
1.173 + if (!*pFwInstance) {
1.174 + goto loser;
1.175 + }
1.176 + PR_ATOMIC_INCREMENT(&liveInstances);
1.177 + return CKR_OK;
1.178 +
1.179 + loser:
1.180 + switch( error ) {
1.181 + case CKR_ARGUMENTS_BAD:
1.182 + case CKR_CANT_LOCK:
1.183 + case CKR_CRYPTOKI_ALREADY_INITIALIZED:
1.184 + case CKR_FUNCTION_FAILED:
1.185 + case CKR_GENERAL_ERROR:
1.186 + case CKR_HOST_MEMORY:
1.187 + case CKR_NEED_TO_CREATE_THREADS:
1.188 + break;
1.189 + default:
1.190 + case CKR_OK:
1.191 + error = CKR_GENERAL_ERROR;
1.192 + break;
1.193 + }
1.194 +
1.195 + return error;
1.196 +}
1.197 +
1.198 +/*
1.199 + * NSSCKFWC_Finalize
1.200 + *
1.201 + */
1.202 +NSS_IMPLEMENT CK_RV
1.203 +NSSCKFWC_Finalize
1.204 +(
1.205 + NSSCKFWInstance **pFwInstance
1.206 +)
1.207 +{
1.208 + CK_RV error = CKR_OK;
1.209 +
1.210 + if( (NSSCKFWInstance **)NULL == pFwInstance ) {
1.211 + error = CKR_GENERAL_ERROR;
1.212 + goto loser;
1.213 + }
1.214 +
1.215 + if (!*pFwInstance) {
1.216 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.217 + goto loser;
1.218 + }
1.219 +
1.220 + error = nssCKFWInstance_Destroy(*pFwInstance);
1.221 +
1.222 + /* In any case */
1.223 + *pFwInstance = (NSSCKFWInstance *)NULL;
1.224 +
1.225 + loser:
1.226 + switch( error ) {
1.227 + PRInt32 remainingInstances;
1.228 + case CKR_OK:
1.229 + remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
1.230 + if (!remainingInstances) {
1.231 + nssArena_Shutdown();
1.232 + }
1.233 + break;
1.234 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.235 + case CKR_FUNCTION_FAILED:
1.236 + case CKR_GENERAL_ERROR:
1.237 + case CKR_HOST_MEMORY:
1.238 + break;
1.239 + default:
1.240 + error = CKR_GENERAL_ERROR;
1.241 + break;
1.242 + }
1.243 +
1.244 + /*
1.245 + * A thread's error stack is automatically destroyed when the thread
1.246 + * terminates or, for the primordial thread, by PR_Cleanup. On
1.247 + * Windows with MinGW, the thread private data destructor PR_Free
1.248 + * registered by this module is actually a thunk for PR_Free defined
1.249 + * in this module. When the thread that unloads this module terminates
1.250 + * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
1.251 + * module. Therefore we need to destroy the error stack before the
1.252 + * module is unloaded.
1.253 + */
1.254 + nss_DestroyErrorStack();
1.255 + return error;
1.256 +}
1.257 +
1.258 +/*
1.259 + * NSSCKFWC_GetInfo
1.260 + *
1.261 + */
1.262 +NSS_IMPLEMENT CK_RV
1.263 +NSSCKFWC_GetInfo
1.264 +(
1.265 + NSSCKFWInstance *fwInstance,
1.266 + CK_INFO_PTR pInfo
1.267 +)
1.268 +{
1.269 + CK_RV error = CKR_OK;
1.270 +
1.271 + if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
1.272 + error = CKR_ARGUMENTS_BAD;
1.273 + goto loser;
1.274 + }
1.275 +
1.276 + /*
1.277 + * A purify error here means a caller error
1.278 + */
1.279 + (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
1.280 +
1.281 + pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
1.282 +
1.283 + error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
1.284 + if( CKR_OK != error ) {
1.285 + goto loser;
1.286 + }
1.287 +
1.288 + pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
1.289 +
1.290 + error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
1.291 + if( CKR_OK != error ) {
1.292 + goto loser;
1.293 + }
1.294 +
1.295 + pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
1.296 +
1.297 + return CKR_OK;
1.298 +
1.299 + loser:
1.300 + switch( error ) {
1.301 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.302 + case CKR_FUNCTION_FAILED:
1.303 + case CKR_GENERAL_ERROR:
1.304 + case CKR_HOST_MEMORY:
1.305 + break;
1.306 + default:
1.307 + error = CKR_GENERAL_ERROR;
1.308 + break;
1.309 + }
1.310 +
1.311 + return error;
1.312 +}
1.313 +
1.314 +/*
1.315 + * C_GetFunctionList is implemented entirely in the Module's file which
1.316 + * includes the Framework API insert file. It requires no "actual"
1.317 + * NSSCKFW routine.
1.318 + */
1.319 +
1.320 +/*
1.321 + * NSSCKFWC_GetSlotList
1.322 + *
1.323 + */
1.324 +NSS_IMPLEMENT CK_RV
1.325 +NSSCKFWC_GetSlotList
1.326 +(
1.327 + NSSCKFWInstance *fwInstance,
1.328 + CK_BBOOL tokenPresent,
1.329 + CK_SLOT_ID_PTR pSlotList,
1.330 + CK_ULONG_PTR pulCount
1.331 +)
1.332 +{
1.333 + CK_RV error = CKR_OK;
1.334 + CK_ULONG nSlots;
1.335 +
1.336 + if (!fwInstance) {
1.337 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.338 + goto loser;
1.339 + }
1.340 +
1.341 + switch( tokenPresent ) {
1.342 + case CK_TRUE:
1.343 + case CK_FALSE:
1.344 + break;
1.345 + default:
1.346 + error = CKR_ARGUMENTS_BAD;
1.347 + goto loser;
1.348 + }
1.349 +
1.350 + if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
1.351 + error = CKR_ARGUMENTS_BAD;
1.352 + goto loser;
1.353 + }
1.354 +
1.355 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.356 + if( (CK_ULONG)0 == nSlots ) {
1.357 + goto loser;
1.358 + }
1.359 +
1.360 + if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
1.361 + *pulCount = nSlots;
1.362 + return CKR_OK;
1.363 + }
1.364 +
1.365 + /*
1.366 + * A purify error here indicates caller error.
1.367 + */
1.368 + (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
1.369 +
1.370 + if( *pulCount < nSlots ) {
1.371 + *pulCount = nSlots;
1.372 + error = CKR_BUFFER_TOO_SMALL;
1.373 + goto loser;
1.374 + } else {
1.375 + CK_ULONG i;
1.376 + *pulCount = nSlots;
1.377 +
1.378 + /*
1.379 + * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
1.380 + * just index one when we need it.
1.381 + */
1.382 +
1.383 + for( i = 0; i < nSlots; i++ ) {
1.384 + pSlotList[i] = i+1;
1.385 + }
1.386 +
1.387 + return CKR_OK;
1.388 + }
1.389 +
1.390 + loser:
1.391 + switch( error ) {
1.392 + case CKR_BUFFER_TOO_SMALL:
1.393 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.394 + case CKR_FUNCTION_FAILED:
1.395 + case CKR_GENERAL_ERROR:
1.396 + case CKR_HOST_MEMORY:
1.397 + break;
1.398 + default:
1.399 + case CKR_OK:
1.400 + error = CKR_GENERAL_ERROR;
1.401 + break;
1.402 + }
1.403 +
1.404 + return error;
1.405 +}
1.406 +
1.407 +/*
1.408 + * NSSCKFWC_GetSlotInfo
1.409 + *
1.410 + */
1.411 +NSS_IMPLEMENT CK_RV
1.412 +NSSCKFWC_GetSlotInfo
1.413 +(
1.414 + NSSCKFWInstance *fwInstance,
1.415 + CK_SLOT_ID slotID,
1.416 + CK_SLOT_INFO_PTR pInfo
1.417 +)
1.418 +{
1.419 + CK_RV error = CKR_OK;
1.420 + CK_ULONG nSlots;
1.421 + NSSCKFWSlot **slots;
1.422 + NSSCKFWSlot *fwSlot;
1.423 +
1.424 + if (!fwInstance) {
1.425 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.426 + goto loser;
1.427 + }
1.428 +
1.429 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.430 + if( (CK_ULONG)0 == nSlots ) {
1.431 + goto loser;
1.432 + }
1.433 +
1.434 + if( (slotID < 1) || (slotID > nSlots) ) {
1.435 + error = CKR_SLOT_ID_INVALID;
1.436 + goto loser;
1.437 + }
1.438 +
1.439 + if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
1.440 + error = CKR_ARGUMENTS_BAD;
1.441 + goto loser;
1.442 + }
1.443 +
1.444 + /*
1.445 + * A purify error here indicates caller error.
1.446 + */
1.447 + (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
1.448 +
1.449 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.450 + if( (NSSCKFWSlot **)NULL == slots ) {
1.451 + goto loser;
1.452 + }
1.453 +
1.454 + fwSlot = slots[ slotID-1 ];
1.455 +
1.456 + error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
1.457 + if( CKR_OK != error ) {
1.458 + goto loser;
1.459 + }
1.460 +
1.461 + error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
1.462 + if( CKR_OK != error ) {
1.463 + goto loser;
1.464 + }
1.465 +
1.466 + if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.467 + pInfo->flags |= CKF_TOKEN_PRESENT;
1.468 + }
1.469 +
1.470 + if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
1.471 + pInfo->flags |= CKF_REMOVABLE_DEVICE;
1.472 + }
1.473 +
1.474 + if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
1.475 + pInfo->flags |= CKF_HW_SLOT;
1.476 + }
1.477 +
1.478 + pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
1.479 + pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
1.480 +
1.481 + return CKR_OK;
1.482 +
1.483 + loser:
1.484 + switch( error ) {
1.485 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.486 + case CKR_DEVICE_ERROR:
1.487 + case CKR_FUNCTION_FAILED:
1.488 + case CKR_GENERAL_ERROR:
1.489 + case CKR_HOST_MEMORY:
1.490 + case CKR_SLOT_ID_INVALID:
1.491 + break;
1.492 + default:
1.493 + case CKR_OK:
1.494 + error = CKR_GENERAL_ERROR;
1.495 + }
1.496 +
1.497 + return error;
1.498 +}
1.499 +
1.500 +/*
1.501 + * NSSCKFWC_GetTokenInfo
1.502 + *
1.503 + */
1.504 +NSS_IMPLEMENT CK_RV
1.505 +NSSCKFWC_GetTokenInfo
1.506 +(
1.507 + NSSCKFWInstance *fwInstance,
1.508 + CK_SLOT_ID slotID,
1.509 + CK_TOKEN_INFO_PTR pInfo
1.510 +)
1.511 +{
1.512 + CK_RV error = CKR_OK;
1.513 + CK_ULONG nSlots;
1.514 + NSSCKFWSlot **slots;
1.515 + NSSCKFWSlot *fwSlot;
1.516 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.517 +
1.518 + if (!fwInstance) {
1.519 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.520 + goto loser;
1.521 + }
1.522 +
1.523 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.524 + if( (CK_ULONG)0 == nSlots ) {
1.525 + goto loser;
1.526 + }
1.527 +
1.528 + if( (slotID < 1) || (slotID > nSlots) ) {
1.529 + error = CKR_SLOT_ID_INVALID;
1.530 + goto loser;
1.531 + }
1.532 +
1.533 + if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
1.534 + error = CKR_ARGUMENTS_BAD;
1.535 + goto loser;
1.536 + }
1.537 +
1.538 + /*
1.539 + * A purify error here indicates caller error.
1.540 + */
1.541 + (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
1.542 +
1.543 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.544 + if( (NSSCKFWSlot **)NULL == slots ) {
1.545 + goto loser;
1.546 + }
1.547 +
1.548 + fwSlot = slots[ slotID-1 ];
1.549 +
1.550 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.551 + error = CKR_TOKEN_NOT_PRESENT;
1.552 + goto loser;
1.553 + }
1.554 +
1.555 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.556 + if (!fwToken) {
1.557 + goto loser;
1.558 + }
1.559 +
1.560 + error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
1.561 + if( CKR_OK != error ) {
1.562 + goto loser;
1.563 + }
1.564 +
1.565 + error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
1.566 + if( CKR_OK != error ) {
1.567 + goto loser;
1.568 + }
1.569 +
1.570 + error = nssCKFWToken_GetModel(fwToken, pInfo->model);
1.571 + if( CKR_OK != error ) {
1.572 + goto loser;
1.573 + }
1.574 +
1.575 + error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
1.576 + if( CKR_OK != error ) {
1.577 + goto loser;
1.578 + }
1.579 +
1.580 + if( nssCKFWToken_GetHasRNG(fwToken) ) {
1.581 + pInfo->flags |= CKF_RNG;
1.582 + }
1.583 +
1.584 + if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
1.585 + pInfo->flags |= CKF_WRITE_PROTECTED;
1.586 + }
1.587 +
1.588 + if( nssCKFWToken_GetLoginRequired(fwToken) ) {
1.589 + pInfo->flags |= CKF_LOGIN_REQUIRED;
1.590 + }
1.591 +
1.592 + if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
1.593 + pInfo->flags |= CKF_USER_PIN_INITIALIZED;
1.594 + }
1.595 +
1.596 + if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
1.597 + pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
1.598 + }
1.599 +
1.600 + if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
1.601 + pInfo->flags |= CKF_CLOCK_ON_TOKEN;
1.602 + }
1.603 +
1.604 + if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
1.605 + pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
1.606 + }
1.607 +
1.608 + if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
1.609 + pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
1.610 + }
1.611 +
1.612 + pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
1.613 + pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
1.614 + pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
1.615 + pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
1.616 + pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
1.617 + pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
1.618 + pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
1.619 + pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
1.620 + pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
1.621 + pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
1.622 + pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
1.623 + pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
1.624 +
1.625 + error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
1.626 + if( CKR_OK != error ) {
1.627 + goto loser;
1.628 + }
1.629 +
1.630 + return CKR_OK;
1.631 +
1.632 + loser:
1.633 + switch( error ) {
1.634 + case CKR_DEVICE_REMOVED:
1.635 + case CKR_TOKEN_NOT_PRESENT:
1.636 + if (fwToken)
1.637 + nssCKFWToken_Destroy(fwToken);
1.638 + break;
1.639 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.640 + case CKR_DEVICE_ERROR:
1.641 + case CKR_DEVICE_MEMORY:
1.642 + case CKR_FUNCTION_FAILED:
1.643 + case CKR_GENERAL_ERROR:
1.644 + case CKR_HOST_MEMORY:
1.645 + case CKR_SLOT_ID_INVALID:
1.646 + case CKR_TOKEN_NOT_RECOGNIZED:
1.647 + break;
1.648 + default:
1.649 + case CKR_OK:
1.650 + error = CKR_GENERAL_ERROR;
1.651 + break;
1.652 + }
1.653 +
1.654 + return error;
1.655 +}
1.656 +
1.657 +/*
1.658 + * NSSCKFWC_WaitForSlotEvent
1.659 + *
1.660 + */
1.661 +NSS_IMPLEMENT CK_RV
1.662 +NSSCKFWC_WaitForSlotEvent
1.663 +(
1.664 + NSSCKFWInstance *fwInstance,
1.665 + CK_FLAGS flags,
1.666 + CK_SLOT_ID_PTR pSlot,
1.667 + CK_VOID_PTR pReserved
1.668 +)
1.669 +{
1.670 + CK_RV error = CKR_OK;
1.671 + CK_ULONG nSlots;
1.672 + CK_BBOOL block;
1.673 + NSSCKFWSlot **slots;
1.674 + NSSCKFWSlot *fwSlot;
1.675 + CK_ULONG i;
1.676 +
1.677 + if (!fwInstance) {
1.678 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.679 + goto loser;
1.680 + }
1.681 +
1.682 + if( flags & ~CKF_DONT_BLOCK ) {
1.683 + error = CKR_ARGUMENTS_BAD;
1.684 + goto loser;
1.685 + }
1.686 +
1.687 + block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
1.688 +
1.689 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.690 + if( (CK_ULONG)0 == nSlots ) {
1.691 + goto loser;
1.692 + }
1.693 +
1.694 + if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
1.695 + error = CKR_ARGUMENTS_BAD;
1.696 + goto loser;
1.697 + }
1.698 +
1.699 + if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
1.700 + error = CKR_ARGUMENTS_BAD;
1.701 + goto loser;
1.702 + }
1.703 +
1.704 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.705 + if( (NSSCKFWSlot **)NULL == slots ) {
1.706 + goto loser;
1.707 + }
1.708 +
1.709 + fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
1.710 + if (!fwSlot) {
1.711 + goto loser;
1.712 + }
1.713 +
1.714 + for( i = 0; i < nSlots; i++ ) {
1.715 + if( fwSlot == slots[i] ) {
1.716 + *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
1.717 + return CKR_OK;
1.718 + }
1.719 + }
1.720 +
1.721 + error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
1.722 +
1.723 + loser:
1.724 + switch( error ) {
1.725 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.726 + case CKR_FUNCTION_FAILED:
1.727 + case CKR_GENERAL_ERROR:
1.728 + case CKR_HOST_MEMORY:
1.729 + case CKR_NO_EVENT:
1.730 + break;
1.731 + default:
1.732 + case CKR_OK:
1.733 + error = CKR_GENERAL_ERROR;
1.734 + break;
1.735 + }
1.736 +
1.737 + return error;
1.738 +}
1.739 +
1.740 +/*
1.741 + * NSSCKFWC_GetMechanismList
1.742 + *
1.743 + */
1.744 +NSS_IMPLEMENT CK_RV
1.745 +NSSCKFWC_GetMechanismList
1.746 +(
1.747 + NSSCKFWInstance *fwInstance,
1.748 + CK_SLOT_ID slotID,
1.749 + CK_MECHANISM_TYPE_PTR pMechanismList,
1.750 + CK_ULONG_PTR pulCount
1.751 +)
1.752 +{
1.753 + CK_RV error = CKR_OK;
1.754 + CK_ULONG nSlots;
1.755 + NSSCKFWSlot **slots;
1.756 + NSSCKFWSlot *fwSlot;
1.757 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.758 + CK_ULONG count;
1.759 +
1.760 + if (!fwInstance) {
1.761 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.762 + goto loser;
1.763 + }
1.764 +
1.765 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.766 + if( (CK_ULONG)0 == nSlots ) {
1.767 + goto loser;
1.768 + }
1.769 +
1.770 + if( (slotID < 1) || (slotID > nSlots) ) {
1.771 + error = CKR_SLOT_ID_INVALID;
1.772 + goto loser;
1.773 + }
1.774 +
1.775 + if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
1.776 + error = CKR_ARGUMENTS_BAD;
1.777 + goto loser;
1.778 + }
1.779 +
1.780 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.781 + if( (NSSCKFWSlot **)NULL == slots ) {
1.782 + goto loser;
1.783 + }
1.784 +
1.785 + fwSlot = slots[ slotID-1 ];
1.786 +
1.787 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.788 + error = CKR_TOKEN_NOT_PRESENT;
1.789 + goto loser;
1.790 + }
1.791 +
1.792 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.793 + if (!fwToken) {
1.794 + goto loser;
1.795 + }
1.796 +
1.797 + count = nssCKFWToken_GetMechanismCount(fwToken);
1.798 +
1.799 + if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
1.800 + *pulCount = count;
1.801 + return CKR_OK;
1.802 + }
1.803 +
1.804 + if( *pulCount < count ) {
1.805 + *pulCount = count;
1.806 + error = CKR_BUFFER_TOO_SMALL;
1.807 + goto loser;
1.808 + }
1.809 +
1.810 + /*
1.811 + * A purify error here indicates caller error.
1.812 + */
1.813 + (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
1.814 +
1.815 + *pulCount = count;
1.816 +
1.817 + if( 0 != count ) {
1.818 + error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
1.819 + } else {
1.820 + error = CKR_OK;
1.821 + }
1.822 +
1.823 + if( CKR_OK == error ) {
1.824 + return CKR_OK;
1.825 + }
1.826 +
1.827 + loser:
1.828 + switch( error ) {
1.829 + case CKR_DEVICE_REMOVED:
1.830 + case CKR_TOKEN_NOT_PRESENT:
1.831 + if (fwToken)
1.832 + nssCKFWToken_Destroy(fwToken);
1.833 + break;
1.834 + case CKR_ARGUMENTS_BAD:
1.835 + case CKR_BUFFER_TOO_SMALL:
1.836 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.837 + case CKR_DEVICE_ERROR:
1.838 + case CKR_DEVICE_MEMORY:
1.839 + case CKR_FUNCTION_FAILED:
1.840 + case CKR_GENERAL_ERROR:
1.841 + case CKR_HOST_MEMORY:
1.842 + case CKR_SLOT_ID_INVALID:
1.843 + case CKR_TOKEN_NOT_RECOGNIZED:
1.844 + break;
1.845 + default:
1.846 + case CKR_OK:
1.847 + error = CKR_GENERAL_ERROR;
1.848 + break;
1.849 + }
1.850 +
1.851 + return error;
1.852 +}
1.853 +
1.854 +/*
1.855 + * NSSCKFWC_GetMechanismInfo
1.856 + *
1.857 + */
1.858 +NSS_IMPLEMENT CK_RV
1.859 +NSSCKFWC_GetMechanismInfo
1.860 +(
1.861 + NSSCKFWInstance *fwInstance,
1.862 + CK_SLOT_ID slotID,
1.863 + CK_MECHANISM_TYPE type,
1.864 + CK_MECHANISM_INFO_PTR pInfo
1.865 +)
1.866 +{
1.867 + CK_RV error = CKR_OK;
1.868 + CK_ULONG nSlots;
1.869 + NSSCKFWSlot **slots;
1.870 + NSSCKFWSlot *fwSlot;
1.871 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.872 + NSSCKFWMechanism *fwMechanism;
1.873 +
1.874 + if (!fwInstance) {
1.875 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.876 + goto loser;
1.877 + }
1.878 +
1.879 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.880 + if( (CK_ULONG)0 == nSlots ) {
1.881 + goto loser;
1.882 + }
1.883 +
1.884 + if( (slotID < 1) || (slotID > nSlots) ) {
1.885 + error = CKR_SLOT_ID_INVALID;
1.886 + goto loser;
1.887 + }
1.888 +
1.889 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.890 + if( (NSSCKFWSlot **)NULL == slots ) {
1.891 + goto loser;
1.892 + }
1.893 +
1.894 + fwSlot = slots[ slotID-1 ];
1.895 +
1.896 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.897 + error = CKR_TOKEN_NOT_PRESENT;
1.898 + goto loser;
1.899 + }
1.900 +
1.901 + if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
1.902 + error = CKR_ARGUMENTS_BAD;
1.903 + goto loser;
1.904 + }
1.905 +
1.906 + /*
1.907 + * A purify error here indicates caller error.
1.908 + */
1.909 + (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
1.910 +
1.911 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.912 + if (!fwToken) {
1.913 + goto loser;
1.914 + }
1.915 +
1.916 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
1.917 + if (!fwMechanism) {
1.918 + goto loser;
1.919 + }
1.920 +
1.921 + pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
1.922 + pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
1.923 +
1.924 + if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
1.925 + pInfo->flags |= CKF_HW;
1.926 + }
1.927 + if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
1.928 + pInfo->flags |= CKF_ENCRYPT;
1.929 + }
1.930 + if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
1.931 + pInfo->flags |= CKF_DECRYPT;
1.932 + }
1.933 + if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
1.934 + pInfo->flags |= CKF_DIGEST;
1.935 + }
1.936 + if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
1.937 + pInfo->flags |= CKF_SIGN;
1.938 + }
1.939 + if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
1.940 + pInfo->flags |= CKF_SIGN_RECOVER;
1.941 + }
1.942 + if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
1.943 + pInfo->flags |= CKF_VERIFY;
1.944 + }
1.945 + if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
1.946 + pInfo->flags |= CKF_VERIFY_RECOVER;
1.947 + }
1.948 + if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
1.949 + pInfo->flags |= CKF_GENERATE;
1.950 + }
1.951 + if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
1.952 + pInfo->flags |= CKF_GENERATE_KEY_PAIR;
1.953 + }
1.954 + if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
1.955 + pInfo->flags |= CKF_WRAP;
1.956 + }
1.957 + if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
1.958 + pInfo->flags |= CKF_UNWRAP;
1.959 + }
1.960 + if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
1.961 + pInfo->flags |= CKF_DERIVE;
1.962 + }
1.963 + nssCKFWMechanism_Destroy(fwMechanism);
1.964 +
1.965 + return error;
1.966 +
1.967 + loser:
1.968 + switch( error ) {
1.969 + case CKR_DEVICE_REMOVED:
1.970 + case CKR_TOKEN_NOT_PRESENT:
1.971 + if (fwToken)
1.972 + nssCKFWToken_Destroy(fwToken);
1.973 + break;
1.974 + case CKR_ARGUMENTS_BAD:
1.975 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.976 + case CKR_DEVICE_ERROR:
1.977 + case CKR_DEVICE_MEMORY:
1.978 + case CKR_FUNCTION_FAILED:
1.979 + case CKR_GENERAL_ERROR:
1.980 + case CKR_HOST_MEMORY:
1.981 + case CKR_MECHANISM_INVALID:
1.982 + case CKR_SLOT_ID_INVALID:
1.983 + case CKR_TOKEN_NOT_RECOGNIZED:
1.984 + break;
1.985 + default:
1.986 + case CKR_OK:
1.987 + error = CKR_GENERAL_ERROR;
1.988 + break;
1.989 + }
1.990 +
1.991 + return error;
1.992 +}
1.993 +
1.994 +/*
1.995 + * NSSCKFWC_InitToken
1.996 + *
1.997 + */
1.998 +NSS_IMPLEMENT CK_RV
1.999 +NSSCKFWC_InitToken
1.1000 +(
1.1001 + NSSCKFWInstance *fwInstance,
1.1002 + CK_SLOT_ID slotID,
1.1003 + CK_CHAR_PTR pPin,
1.1004 + CK_ULONG ulPinLen,
1.1005 + CK_CHAR_PTR pLabel
1.1006 +)
1.1007 +{
1.1008 + CK_RV error = CKR_OK;
1.1009 + CK_ULONG nSlots;
1.1010 + NSSCKFWSlot **slots;
1.1011 + NSSCKFWSlot *fwSlot;
1.1012 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.1013 + NSSItem pin;
1.1014 + NSSUTF8 *label;
1.1015 +
1.1016 + if (!fwInstance) {
1.1017 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1018 + goto loser;
1.1019 + }
1.1020 +
1.1021 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.1022 + if( (CK_ULONG)0 == nSlots ) {
1.1023 + goto loser;
1.1024 + }
1.1025 +
1.1026 + if( (slotID < 1) || (slotID > nSlots) ) {
1.1027 + error = CKR_SLOT_ID_INVALID;
1.1028 + goto loser;
1.1029 + }
1.1030 +
1.1031 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.1032 + if( (NSSCKFWSlot **)NULL == slots ) {
1.1033 + goto loser;
1.1034 + }
1.1035 +
1.1036 + fwSlot = slots[ slotID-1 ];
1.1037 +
1.1038 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.1039 + error = CKR_TOKEN_NOT_PRESENT;
1.1040 + goto loser;
1.1041 + }
1.1042 +
1.1043 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.1044 + if (!fwToken) {
1.1045 + goto loser;
1.1046 + }
1.1047 +
1.1048 + pin.size = (PRUint32)ulPinLen;
1.1049 + pin.data = (void *)pPin;
1.1050 + label = (NSSUTF8 *)pLabel; /* identity conversion */
1.1051 +
1.1052 + error = nssCKFWToken_InitToken(fwToken, &pin, label);
1.1053 + if( CKR_OK != error ) {
1.1054 + goto loser;
1.1055 + }
1.1056 +
1.1057 + return CKR_OK;
1.1058 +
1.1059 + loser:
1.1060 + switch( error ) {
1.1061 + case CKR_DEVICE_REMOVED:
1.1062 + case CKR_TOKEN_NOT_PRESENT:
1.1063 + if (fwToken)
1.1064 + nssCKFWToken_Destroy(fwToken);
1.1065 + break;
1.1066 + case CKR_ARGUMENTS_BAD:
1.1067 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1068 + case CKR_DEVICE_ERROR:
1.1069 + case CKR_DEVICE_MEMORY:
1.1070 + case CKR_FUNCTION_FAILED:
1.1071 + case CKR_GENERAL_ERROR:
1.1072 + case CKR_HOST_MEMORY:
1.1073 + case CKR_PIN_INCORRECT:
1.1074 + case CKR_PIN_LOCKED:
1.1075 + case CKR_SESSION_EXISTS:
1.1076 + case CKR_SLOT_ID_INVALID:
1.1077 + case CKR_TOKEN_NOT_RECOGNIZED:
1.1078 + case CKR_TOKEN_WRITE_PROTECTED:
1.1079 + break;
1.1080 + default:
1.1081 + case CKR_OK:
1.1082 + error = CKR_GENERAL_ERROR;
1.1083 + break;
1.1084 + }
1.1085 +
1.1086 + return error;
1.1087 +}
1.1088 +
1.1089 +/*
1.1090 + * NSSCKFWC_InitPIN
1.1091 + *
1.1092 + */
1.1093 +NSS_IMPLEMENT CK_RV
1.1094 +NSSCKFWC_InitPIN
1.1095 +(
1.1096 + NSSCKFWInstance *fwInstance,
1.1097 + CK_SESSION_HANDLE hSession,
1.1098 + CK_CHAR_PTR pPin,
1.1099 + CK_ULONG ulPinLen
1.1100 +)
1.1101 +{
1.1102 + CK_RV error = CKR_OK;
1.1103 + NSSCKFWSession *fwSession;
1.1104 + NSSItem pin, *arg;
1.1105 +
1.1106 + if (!fwInstance) {
1.1107 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1108 + goto loser;
1.1109 + }
1.1110 +
1.1111 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1112 + if (!fwSession) {
1.1113 + error = CKR_SESSION_HANDLE_INVALID;
1.1114 + goto loser;
1.1115 + }
1.1116 +
1.1117 + if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1.1118 + arg = (NSSItem *)NULL;
1.1119 + } else {
1.1120 + arg = &pin;
1.1121 + pin.size = (PRUint32)ulPinLen;
1.1122 + pin.data = (void *)pPin;
1.1123 + }
1.1124 +
1.1125 + error = nssCKFWSession_InitPIN(fwSession, arg);
1.1126 + if( CKR_OK != error ) {
1.1127 + goto loser;
1.1128 + }
1.1129 +
1.1130 + return CKR_OK;
1.1131 +
1.1132 + loser:
1.1133 + switch( error ) {
1.1134 + case CKR_SESSION_CLOSED:
1.1135 + /* destroy session? */
1.1136 + break;
1.1137 + case CKR_DEVICE_REMOVED:
1.1138 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1139 + break;
1.1140 + case CKR_ARGUMENTS_BAD:
1.1141 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1142 + case CKR_DEVICE_ERROR:
1.1143 + case CKR_DEVICE_MEMORY:
1.1144 + case CKR_FUNCTION_FAILED:
1.1145 + case CKR_GENERAL_ERROR:
1.1146 + case CKR_HOST_MEMORY:
1.1147 + case CKR_PIN_INVALID:
1.1148 + case CKR_PIN_LEN_RANGE:
1.1149 + case CKR_SESSION_READ_ONLY:
1.1150 + case CKR_SESSION_HANDLE_INVALID:
1.1151 + case CKR_TOKEN_WRITE_PROTECTED:
1.1152 + case CKR_USER_NOT_LOGGED_IN:
1.1153 + break;
1.1154 + default:
1.1155 + case CKR_OK:
1.1156 + error = CKR_GENERAL_ERROR;
1.1157 + break;
1.1158 + }
1.1159 +
1.1160 + return error;
1.1161 +}
1.1162 +
1.1163 +/*
1.1164 + * NSSCKFWC_SetPIN
1.1165 + *
1.1166 + */
1.1167 +NSS_IMPLEMENT CK_RV
1.1168 +NSSCKFWC_SetPIN
1.1169 +(
1.1170 + NSSCKFWInstance *fwInstance,
1.1171 + CK_SESSION_HANDLE hSession,
1.1172 + CK_CHAR_PTR pOldPin,
1.1173 + CK_ULONG ulOldLen,
1.1174 + CK_CHAR_PTR pNewPin,
1.1175 + CK_ULONG ulNewLen
1.1176 +)
1.1177 +{
1.1178 + CK_RV error = CKR_OK;
1.1179 + NSSCKFWSession *fwSession;
1.1180 + NSSItem oldPin, newPin, *oldArg, *newArg;
1.1181 +
1.1182 + if (!fwInstance) {
1.1183 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1184 + goto loser;
1.1185 + }
1.1186 +
1.1187 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1188 + if (!fwSession) {
1.1189 + error = CKR_SESSION_HANDLE_INVALID;
1.1190 + goto loser;
1.1191 + }
1.1192 +
1.1193 + if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1.1194 + oldArg = (NSSItem *)NULL;
1.1195 + } else {
1.1196 + oldArg = &oldPin;
1.1197 + oldPin.size = (PRUint32)ulOldLen;
1.1198 + oldPin.data = (void *)pOldPin;
1.1199 + }
1.1200 +
1.1201 + if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1.1202 + newArg = (NSSItem *)NULL;
1.1203 + } else {
1.1204 + newArg = &newPin;
1.1205 + newPin.size = (PRUint32)ulNewLen;
1.1206 + newPin.data = (void *)pNewPin;
1.1207 + }
1.1208 +
1.1209 + error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1.1210 + if( CKR_OK != error ) {
1.1211 + goto loser;
1.1212 + }
1.1213 +
1.1214 + return CKR_OK;
1.1215 +
1.1216 + loser:
1.1217 + switch( error ) {
1.1218 + case CKR_SESSION_CLOSED:
1.1219 + /* destroy session? */
1.1220 + break;
1.1221 + case CKR_DEVICE_REMOVED:
1.1222 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1223 + break;
1.1224 + case CKR_ARGUMENTS_BAD:
1.1225 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1226 + case CKR_DEVICE_ERROR:
1.1227 + case CKR_DEVICE_MEMORY:
1.1228 + case CKR_FUNCTION_FAILED:
1.1229 + case CKR_GENERAL_ERROR:
1.1230 + case CKR_HOST_MEMORY:
1.1231 + case CKR_PIN_INCORRECT:
1.1232 + case CKR_PIN_INVALID:
1.1233 + case CKR_PIN_LEN_RANGE:
1.1234 + case CKR_PIN_LOCKED:
1.1235 + case CKR_SESSION_HANDLE_INVALID:
1.1236 + case CKR_SESSION_READ_ONLY:
1.1237 + case CKR_TOKEN_WRITE_PROTECTED:
1.1238 + break;
1.1239 + default:
1.1240 + case CKR_OK:
1.1241 + error = CKR_GENERAL_ERROR;
1.1242 + break;
1.1243 + }
1.1244 +
1.1245 + return error;
1.1246 +}
1.1247 +
1.1248 +/*
1.1249 + * NSSCKFWC_OpenSession
1.1250 + *
1.1251 + */
1.1252 +NSS_IMPLEMENT CK_RV
1.1253 +NSSCKFWC_OpenSession
1.1254 +(
1.1255 + NSSCKFWInstance *fwInstance,
1.1256 + CK_SLOT_ID slotID,
1.1257 + CK_FLAGS flags,
1.1258 + CK_VOID_PTR pApplication,
1.1259 + CK_NOTIFY Notify,
1.1260 + CK_SESSION_HANDLE_PTR phSession
1.1261 +)
1.1262 +{
1.1263 + CK_RV error = CKR_OK;
1.1264 + CK_ULONG nSlots;
1.1265 + NSSCKFWSlot **slots;
1.1266 + NSSCKFWSlot *fwSlot;
1.1267 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.1268 + NSSCKFWSession *fwSession;
1.1269 + CK_BBOOL rw;
1.1270 +
1.1271 + if (!fwInstance) {
1.1272 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1273 + goto loser;
1.1274 + }
1.1275 +
1.1276 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.1277 + if( (CK_ULONG)0 == nSlots ) {
1.1278 + goto loser;
1.1279 + }
1.1280 +
1.1281 + if( (slotID < 1) || (slotID > nSlots) ) {
1.1282 + error = CKR_SLOT_ID_INVALID;
1.1283 + goto loser;
1.1284 + }
1.1285 +
1.1286 + if( flags & CKF_RW_SESSION ) {
1.1287 + rw = CK_TRUE;
1.1288 + } else {
1.1289 + rw = CK_FALSE;
1.1290 + }
1.1291 +
1.1292 + if( flags & CKF_SERIAL_SESSION ) {
1.1293 + ;
1.1294 + } else {
1.1295 + error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1.1296 + goto loser;
1.1297 + }
1.1298 +
1.1299 + if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1.1300 + error = CKR_ARGUMENTS_BAD;
1.1301 + goto loser;
1.1302 + }
1.1303 +
1.1304 + if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1.1305 + error = CKR_ARGUMENTS_BAD;
1.1306 + goto loser;
1.1307 + }
1.1308 +
1.1309 + /*
1.1310 + * A purify error here indicates caller error.
1.1311 + */
1.1312 + *phSession = (CK_SESSION_HANDLE)0;
1.1313 +
1.1314 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.1315 + if( (NSSCKFWSlot **)NULL == slots ) {
1.1316 + goto loser;
1.1317 + }
1.1318 +
1.1319 + fwSlot = slots[ slotID-1 ];
1.1320 +
1.1321 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.1322 + error = CKR_TOKEN_NOT_PRESENT;
1.1323 + goto loser;
1.1324 + }
1.1325 +
1.1326 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.1327 + if (!fwToken) {
1.1328 + goto loser;
1.1329 + }
1.1330 +
1.1331 + fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1.1332 + Notify, &error);
1.1333 + if (!fwSession) {
1.1334 + goto loser;
1.1335 + }
1.1336 +
1.1337 + *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1.1338 + fwSession, &error);
1.1339 + if( (CK_SESSION_HANDLE)0 == *phSession ) {
1.1340 + goto loser;
1.1341 + }
1.1342 +
1.1343 + return CKR_OK;
1.1344 +
1.1345 + loser:
1.1346 + switch( error ) {
1.1347 + case CKR_SESSION_CLOSED:
1.1348 + /* destroy session? */
1.1349 + break;
1.1350 + case CKR_DEVICE_REMOVED:
1.1351 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1352 + break;
1.1353 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1354 + case CKR_DEVICE_ERROR:
1.1355 + case CKR_DEVICE_MEMORY:
1.1356 + case CKR_FUNCTION_FAILED:
1.1357 + case CKR_GENERAL_ERROR:
1.1358 + case CKR_HOST_MEMORY:
1.1359 + case CKR_SESSION_COUNT:
1.1360 + case CKR_SESSION_EXISTS:
1.1361 + case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1.1362 + case CKR_SESSION_READ_WRITE_SO_EXISTS:
1.1363 + case CKR_SLOT_ID_INVALID:
1.1364 + case CKR_TOKEN_NOT_PRESENT:
1.1365 + case CKR_TOKEN_NOT_RECOGNIZED:
1.1366 + case CKR_TOKEN_WRITE_PROTECTED:
1.1367 + break;
1.1368 + default:
1.1369 + case CKR_OK:
1.1370 + error = CKR_GENERAL_ERROR;
1.1371 + break;
1.1372 + }
1.1373 +
1.1374 + return error;
1.1375 +}
1.1376 +
1.1377 +/*
1.1378 + * NSSCKFWC_CloseSession
1.1379 + *
1.1380 + */
1.1381 +NSS_IMPLEMENT CK_RV
1.1382 +NSSCKFWC_CloseSession
1.1383 +(
1.1384 + NSSCKFWInstance *fwInstance,
1.1385 + CK_SESSION_HANDLE hSession
1.1386 +)
1.1387 +{
1.1388 + CK_RV error = CKR_OK;
1.1389 + NSSCKFWSession *fwSession;
1.1390 +
1.1391 + if (!fwInstance) {
1.1392 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1393 + goto loser;
1.1394 + }
1.1395 +
1.1396 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1397 + if (!fwSession) {
1.1398 + error = CKR_SESSION_HANDLE_INVALID;
1.1399 + goto loser;
1.1400 + }
1.1401 +
1.1402 + nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1.1403 + error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1.1404 +
1.1405 + if( CKR_OK != error ) {
1.1406 + goto loser;
1.1407 + }
1.1408 +
1.1409 + return CKR_OK;
1.1410 +
1.1411 + loser:
1.1412 + switch( error ) {
1.1413 + case CKR_SESSION_CLOSED:
1.1414 + /* destroy session? */
1.1415 + break;
1.1416 + case CKR_DEVICE_REMOVED:
1.1417 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1418 + break;
1.1419 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1420 + case CKR_DEVICE_ERROR:
1.1421 + case CKR_DEVICE_MEMORY:
1.1422 + case CKR_FUNCTION_FAILED:
1.1423 + case CKR_GENERAL_ERROR:
1.1424 + case CKR_HOST_MEMORY:
1.1425 + case CKR_SESSION_HANDLE_INVALID:
1.1426 + break;
1.1427 + default:
1.1428 + case CKR_OK:
1.1429 + error = CKR_GENERAL_ERROR;
1.1430 + break;
1.1431 + }
1.1432 +
1.1433 + return error;
1.1434 +}
1.1435 +
1.1436 +/*
1.1437 + * NSSCKFWC_CloseAllSessions
1.1438 + *
1.1439 + */
1.1440 +NSS_IMPLEMENT CK_RV
1.1441 +NSSCKFWC_CloseAllSessions
1.1442 +(
1.1443 + NSSCKFWInstance *fwInstance,
1.1444 + CK_SLOT_ID slotID
1.1445 +)
1.1446 +{
1.1447 + CK_RV error = CKR_OK;
1.1448 + CK_ULONG nSlots;
1.1449 + NSSCKFWSlot **slots;
1.1450 + NSSCKFWSlot *fwSlot;
1.1451 + NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1.1452 +
1.1453 + if (!fwInstance) {
1.1454 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1455 + goto loser;
1.1456 + }
1.1457 +
1.1458 + nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1.1459 + if( (CK_ULONG)0 == nSlots ) {
1.1460 + goto loser;
1.1461 + }
1.1462 +
1.1463 + if( (slotID < 1) || (slotID > nSlots) ) {
1.1464 + error = CKR_SLOT_ID_INVALID;
1.1465 + goto loser;
1.1466 + }
1.1467 +
1.1468 + slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1.1469 + if( (NSSCKFWSlot **)NULL == slots ) {
1.1470 + goto loser;
1.1471 + }
1.1472 +
1.1473 + fwSlot = slots[ slotID-1 ];
1.1474 +
1.1475 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.1476 + error = CKR_TOKEN_NOT_PRESENT;
1.1477 + goto loser;
1.1478 + }
1.1479 +
1.1480 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.1481 + if (!fwToken) {
1.1482 + goto loser;
1.1483 + }
1.1484 +
1.1485 + error = nssCKFWToken_CloseAllSessions(fwToken);
1.1486 + if( CKR_OK != error ) {
1.1487 + goto loser;
1.1488 + }
1.1489 +
1.1490 + return CKR_OK;
1.1491 +
1.1492 + loser:
1.1493 + switch( error ) {
1.1494 + case CKR_DEVICE_REMOVED:
1.1495 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1496 + break;
1.1497 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1498 + case CKR_DEVICE_ERROR:
1.1499 + case CKR_DEVICE_MEMORY:
1.1500 + case CKR_FUNCTION_FAILED:
1.1501 + case CKR_GENERAL_ERROR:
1.1502 + case CKR_HOST_MEMORY:
1.1503 + case CKR_SLOT_ID_INVALID:
1.1504 + case CKR_TOKEN_NOT_PRESENT:
1.1505 + break;
1.1506 + default:
1.1507 + case CKR_OK:
1.1508 + error = CKR_GENERAL_ERROR;
1.1509 + break;
1.1510 + }
1.1511 +
1.1512 + return error;
1.1513 +}
1.1514 +
1.1515 +/*
1.1516 + * NSSCKFWC_GetSessionInfo
1.1517 + *
1.1518 + */
1.1519 +NSS_IMPLEMENT CK_RV
1.1520 +NSSCKFWC_GetSessionInfo
1.1521 +(
1.1522 + NSSCKFWInstance *fwInstance,
1.1523 + CK_SESSION_HANDLE hSession,
1.1524 + CK_SESSION_INFO_PTR pInfo
1.1525 +)
1.1526 +{
1.1527 + CK_RV error = CKR_OK;
1.1528 + NSSCKFWSession *fwSession;
1.1529 + NSSCKFWSlot *fwSlot;
1.1530 +
1.1531 + if (!fwInstance) {
1.1532 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1533 + goto loser;
1.1534 + }
1.1535 +
1.1536 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1537 + if (!fwSession) {
1.1538 + error = CKR_SESSION_HANDLE_INVALID;
1.1539 + goto loser;
1.1540 + }
1.1541 +
1.1542 + if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1.1543 + error = CKR_ARGUMENTS_BAD;
1.1544 + goto loser;
1.1545 + }
1.1546 +
1.1547 + /*
1.1548 + * A purify error here indicates caller error.
1.1549 + */
1.1550 + (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1.1551 +
1.1552 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.1553 + if (!fwSlot) {
1.1554 + error = CKR_GENERAL_ERROR;
1.1555 + goto loser;
1.1556 + }
1.1557 +
1.1558 + pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1.1559 + pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1.1560 +
1.1561 + if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1.1562 + pInfo->flags |= CKF_RW_SESSION;
1.1563 + }
1.1564 +
1.1565 + pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1.1566 +
1.1567 + pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1.1568 +
1.1569 + return CKR_OK;
1.1570 +
1.1571 + loser:
1.1572 + switch( error ) {
1.1573 + case CKR_SESSION_CLOSED:
1.1574 + /* destroy session? */
1.1575 + break;
1.1576 + case CKR_DEVICE_REMOVED:
1.1577 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1578 + break;
1.1579 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1580 + case CKR_DEVICE_ERROR:
1.1581 + case CKR_DEVICE_MEMORY:
1.1582 + case CKR_FUNCTION_FAILED:
1.1583 + case CKR_GENERAL_ERROR:
1.1584 + case CKR_HOST_MEMORY:
1.1585 + case CKR_SESSION_HANDLE_INVALID:
1.1586 + break;
1.1587 + default:
1.1588 + case CKR_OK:
1.1589 + error = CKR_GENERAL_ERROR;
1.1590 + break;
1.1591 + }
1.1592 +
1.1593 + return error;
1.1594 +}
1.1595 +
1.1596 +/*
1.1597 + * NSSCKFWC_GetOperationState
1.1598 + *
1.1599 + */
1.1600 +NSS_IMPLEMENT CK_RV
1.1601 +NSSCKFWC_GetOperationState
1.1602 +(
1.1603 + NSSCKFWInstance *fwInstance,
1.1604 + CK_SESSION_HANDLE hSession,
1.1605 + CK_BYTE_PTR pOperationState,
1.1606 + CK_ULONG_PTR pulOperationStateLen
1.1607 +)
1.1608 +{
1.1609 + CK_RV error = CKR_OK;
1.1610 + NSSCKFWSession *fwSession;
1.1611 + CK_ULONG len;
1.1612 + NSSItem buf;
1.1613 +
1.1614 + if (!fwInstance) {
1.1615 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1616 + goto loser;
1.1617 + }
1.1618 +
1.1619 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1620 + if (!fwSession) {
1.1621 + error = CKR_SESSION_HANDLE_INVALID;
1.1622 + goto loser;
1.1623 + }
1.1624 +
1.1625 + if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1.1626 + error = CKR_ARGUMENTS_BAD;
1.1627 + goto loser;
1.1628 + }
1.1629 +
1.1630 + len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1.1631 + if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1.1632 + goto loser;
1.1633 + }
1.1634 +
1.1635 + if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1.1636 + *pulOperationStateLen = len;
1.1637 + return CKR_OK;
1.1638 + }
1.1639 +
1.1640 + if( *pulOperationStateLen < len ) {
1.1641 + *pulOperationStateLen = len;
1.1642 + error = CKR_BUFFER_TOO_SMALL;
1.1643 + goto loser;
1.1644 + }
1.1645 +
1.1646 + buf.size = (PRUint32)*pulOperationStateLen;
1.1647 + buf.data = (void *)pOperationState;
1.1648 + *pulOperationStateLen = len;
1.1649 + error = nssCKFWSession_GetOperationState(fwSession, &buf);
1.1650 +
1.1651 + if( CKR_OK != error ) {
1.1652 + goto loser;
1.1653 + }
1.1654 +
1.1655 + return CKR_OK;
1.1656 +
1.1657 + loser:
1.1658 + switch( error ) {
1.1659 + case CKR_SESSION_CLOSED:
1.1660 + /* destroy session? */
1.1661 + break;
1.1662 + case CKR_DEVICE_REMOVED:
1.1663 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1664 + break;
1.1665 + case CKR_BUFFER_TOO_SMALL:
1.1666 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1667 + case CKR_DEVICE_ERROR:
1.1668 + case CKR_DEVICE_MEMORY:
1.1669 + case CKR_FUNCTION_FAILED:
1.1670 + case CKR_GENERAL_ERROR:
1.1671 + case CKR_HOST_MEMORY:
1.1672 + case CKR_OPERATION_NOT_INITIALIZED:
1.1673 + case CKR_SESSION_HANDLE_INVALID:
1.1674 + case CKR_STATE_UNSAVEABLE:
1.1675 + break;
1.1676 + default:
1.1677 + case CKR_OK:
1.1678 + error = CKR_GENERAL_ERROR;
1.1679 + break;
1.1680 + }
1.1681 +
1.1682 + return error;
1.1683 +}
1.1684 +
1.1685 +/*
1.1686 + * NSSCKFWC_SetOperationState
1.1687 + *
1.1688 + */
1.1689 +NSS_IMPLEMENT CK_RV
1.1690 +NSSCKFWC_SetOperationState
1.1691 +(
1.1692 + NSSCKFWInstance *fwInstance,
1.1693 + CK_SESSION_HANDLE hSession,
1.1694 + CK_BYTE_PTR pOperationState,
1.1695 + CK_ULONG ulOperationStateLen,
1.1696 + CK_OBJECT_HANDLE hEncryptionKey,
1.1697 + CK_OBJECT_HANDLE hAuthenticationKey
1.1698 +)
1.1699 +{
1.1700 + CK_RV error = CKR_OK;
1.1701 + NSSCKFWSession *fwSession;
1.1702 + NSSCKFWObject *eKey;
1.1703 + NSSCKFWObject *aKey;
1.1704 + NSSItem state;
1.1705 +
1.1706 + if (!fwInstance) {
1.1707 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1708 + goto loser;
1.1709 + }
1.1710 +
1.1711 + if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1.1712 + error = CKR_ARGUMENTS_BAD;
1.1713 + goto loser;
1.1714 + }
1.1715 +
1.1716 + /*
1.1717 + * We could loop through the buffer, to catch any purify errors
1.1718 + * in a place with a "user error" note.
1.1719 + */
1.1720 +
1.1721 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1722 + if (!fwSession) {
1.1723 + error = CKR_SESSION_HANDLE_INVALID;
1.1724 + goto loser;
1.1725 + }
1.1726 +
1.1727 + if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1.1728 + eKey = (NSSCKFWObject *)NULL;
1.1729 + } else {
1.1730 + eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1.1731 + if (!eKey) {
1.1732 + error = CKR_KEY_HANDLE_INVALID;
1.1733 + goto loser;
1.1734 + }
1.1735 + }
1.1736 +
1.1737 + if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1.1738 + aKey = (NSSCKFWObject *)NULL;
1.1739 + } else {
1.1740 + aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1.1741 + if (!aKey) {
1.1742 + error = CKR_KEY_HANDLE_INVALID;
1.1743 + goto loser;
1.1744 + }
1.1745 + }
1.1746 +
1.1747 + state.data = pOperationState;
1.1748 + state.size = ulOperationStateLen;
1.1749 +
1.1750 + error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1.1751 + if( CKR_OK != error ) {
1.1752 + goto loser;
1.1753 + }
1.1754 +
1.1755 + return CKR_OK;
1.1756 +
1.1757 + loser:
1.1758 + switch( error ) {
1.1759 + case CKR_SESSION_CLOSED:
1.1760 + /* destroy session? */
1.1761 + break;
1.1762 + case CKR_DEVICE_REMOVED:
1.1763 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1764 + break;
1.1765 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1766 + case CKR_DEVICE_ERROR:
1.1767 + case CKR_DEVICE_MEMORY:
1.1768 + case CKR_FUNCTION_FAILED:
1.1769 + case CKR_GENERAL_ERROR:
1.1770 + case CKR_HOST_MEMORY:
1.1771 + case CKR_KEY_CHANGED:
1.1772 + case CKR_KEY_NEEDED:
1.1773 + case CKR_KEY_NOT_NEEDED:
1.1774 + case CKR_SAVED_STATE_INVALID:
1.1775 + case CKR_SESSION_HANDLE_INVALID:
1.1776 + break;
1.1777 + default:
1.1778 + case CKR_OK:
1.1779 + error = CKR_GENERAL_ERROR;
1.1780 + break;
1.1781 + }
1.1782 +
1.1783 + return error;
1.1784 +}
1.1785 +
1.1786 +/*
1.1787 + * NSSCKFWC_Login
1.1788 + *
1.1789 + */
1.1790 +NSS_IMPLEMENT CK_RV
1.1791 +NSSCKFWC_Login
1.1792 +(
1.1793 + NSSCKFWInstance *fwInstance,
1.1794 + CK_SESSION_HANDLE hSession,
1.1795 + CK_USER_TYPE userType,
1.1796 + CK_CHAR_PTR pPin,
1.1797 + CK_ULONG ulPinLen
1.1798 +)
1.1799 +{
1.1800 + CK_RV error = CKR_OK;
1.1801 + NSSCKFWSession *fwSession;
1.1802 + NSSItem pin, *arg;
1.1803 +
1.1804 + if (!fwInstance) {
1.1805 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1806 + goto loser;
1.1807 + }
1.1808 +
1.1809 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1810 + if (!fwSession) {
1.1811 + error = CKR_SESSION_HANDLE_INVALID;
1.1812 + goto loser;
1.1813 + }
1.1814 +
1.1815 + if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1.1816 + arg = (NSSItem *)NULL;
1.1817 + } else {
1.1818 + arg = &pin;
1.1819 + pin.size = (PRUint32)ulPinLen;
1.1820 + pin.data = (void *)pPin;
1.1821 + }
1.1822 +
1.1823 + error = nssCKFWSession_Login(fwSession, userType, arg);
1.1824 + if( CKR_OK != error ) {
1.1825 + goto loser;
1.1826 + }
1.1827 +
1.1828 + return CKR_OK;
1.1829 +
1.1830 + loser:
1.1831 + switch( error ) {
1.1832 + case CKR_SESSION_CLOSED:
1.1833 + /* destroy session? */
1.1834 + break;
1.1835 + case CKR_DEVICE_REMOVED:
1.1836 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1837 + break;
1.1838 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1839 + case CKR_DEVICE_ERROR:
1.1840 + case CKR_DEVICE_MEMORY:
1.1841 + case CKR_FUNCTION_FAILED:
1.1842 + case CKR_GENERAL_ERROR:
1.1843 + case CKR_HOST_MEMORY:
1.1844 + case CKR_PIN_EXPIRED:
1.1845 + case CKR_PIN_INCORRECT:
1.1846 + case CKR_PIN_LOCKED:
1.1847 + case CKR_SESSION_HANDLE_INVALID:
1.1848 + case CKR_SESSION_READ_ONLY_EXISTS:
1.1849 + case CKR_USER_ALREADY_LOGGED_IN:
1.1850 + case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1.1851 + case CKR_USER_PIN_NOT_INITIALIZED:
1.1852 + case CKR_USER_TOO_MANY_TYPES:
1.1853 + case CKR_USER_TYPE_INVALID:
1.1854 + break;
1.1855 + default:
1.1856 + case CKR_OK:
1.1857 + error = CKR_GENERAL_ERROR;
1.1858 + break;
1.1859 + }
1.1860 +
1.1861 + return error;
1.1862 +}
1.1863 +
1.1864 +/*
1.1865 + * NSSCKFWC_Logout
1.1866 + *
1.1867 + */
1.1868 +NSS_IMPLEMENT CK_RV
1.1869 +NSSCKFWC_Logout
1.1870 +(
1.1871 + NSSCKFWInstance *fwInstance,
1.1872 + CK_SESSION_HANDLE hSession
1.1873 +)
1.1874 +{
1.1875 + CK_RV error = CKR_OK;
1.1876 + NSSCKFWSession *fwSession;
1.1877 +
1.1878 + if (!fwInstance) {
1.1879 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1880 + goto loser;
1.1881 + }
1.1882 +
1.1883 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1884 + if (!fwSession) {
1.1885 + error = CKR_SESSION_HANDLE_INVALID;
1.1886 + goto loser;
1.1887 + }
1.1888 +
1.1889 + error = nssCKFWSession_Logout(fwSession);
1.1890 + if( CKR_OK != error ) {
1.1891 + goto loser;
1.1892 + }
1.1893 +
1.1894 + return CKR_OK;
1.1895 +
1.1896 + loser:
1.1897 + switch( error ) {
1.1898 + case CKR_SESSION_CLOSED:
1.1899 + /* destroy session? */
1.1900 + break;
1.1901 + case CKR_DEVICE_REMOVED:
1.1902 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1903 + break;
1.1904 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1905 + case CKR_DEVICE_ERROR:
1.1906 + case CKR_DEVICE_MEMORY:
1.1907 + case CKR_FUNCTION_FAILED:
1.1908 + case CKR_GENERAL_ERROR:
1.1909 + case CKR_HOST_MEMORY:
1.1910 + case CKR_SESSION_HANDLE_INVALID:
1.1911 + case CKR_USER_NOT_LOGGED_IN:
1.1912 + break;
1.1913 + default:
1.1914 + case CKR_OK:
1.1915 + error = CKR_GENERAL_ERROR;
1.1916 + break;
1.1917 + }
1.1918 +
1.1919 + return error;
1.1920 +}
1.1921 +
1.1922 +/*
1.1923 + * NSSCKFWC_CreateObject
1.1924 + *
1.1925 + */
1.1926 +NSS_IMPLEMENT CK_RV
1.1927 +NSSCKFWC_CreateObject
1.1928 +(
1.1929 + NSSCKFWInstance *fwInstance,
1.1930 + CK_SESSION_HANDLE hSession,
1.1931 + CK_ATTRIBUTE_PTR pTemplate,
1.1932 + CK_ULONG ulCount,
1.1933 + CK_OBJECT_HANDLE_PTR phObject
1.1934 +)
1.1935 +{
1.1936 + CK_RV error = CKR_OK;
1.1937 + NSSCKFWSession *fwSession;
1.1938 + NSSCKFWObject *fwObject;
1.1939 +
1.1940 + if (!fwInstance) {
1.1941 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.1942 + goto loser;
1.1943 + }
1.1944 +
1.1945 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.1946 + if (!fwSession) {
1.1947 + error = CKR_SESSION_HANDLE_INVALID;
1.1948 + goto loser;
1.1949 + }
1.1950 +
1.1951 + if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1.1952 + error = CKR_ARGUMENTS_BAD;
1.1953 + goto loser;
1.1954 + }
1.1955 +
1.1956 + /*
1.1957 + * A purify error here indicates caller error.
1.1958 + */
1.1959 + *phObject = (CK_OBJECT_HANDLE)0;
1.1960 +
1.1961 + fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
1.1962 + ulCount, &error);
1.1963 + if (!fwObject) {
1.1964 + goto loser;
1.1965 + }
1.1966 +
1.1967 + *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1.1968 + if( (CK_OBJECT_HANDLE)0 == *phObject ) {
1.1969 + nssCKFWObject_Destroy(fwObject);
1.1970 + goto loser;
1.1971 + }
1.1972 +
1.1973 + return CKR_OK;
1.1974 +
1.1975 + loser:
1.1976 + switch( error ) {
1.1977 + case CKR_SESSION_CLOSED:
1.1978 + /* destroy session? */
1.1979 + break;
1.1980 + case CKR_DEVICE_REMOVED:
1.1981 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.1982 + break;
1.1983 + case CKR_ATTRIBUTE_READ_ONLY:
1.1984 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.1985 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.1986 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.1987 + case CKR_DEVICE_ERROR:
1.1988 + case CKR_DEVICE_MEMORY:
1.1989 + case CKR_FUNCTION_FAILED:
1.1990 + case CKR_GENERAL_ERROR:
1.1991 + case CKR_HOST_MEMORY:
1.1992 + case CKR_SESSION_HANDLE_INVALID:
1.1993 + case CKR_SESSION_READ_ONLY:
1.1994 + case CKR_TEMPLATE_INCOMPLETE:
1.1995 + case CKR_TEMPLATE_INCONSISTENT:
1.1996 + case CKR_TOKEN_WRITE_PROTECTED:
1.1997 + case CKR_USER_NOT_LOGGED_IN:
1.1998 + break;
1.1999 + default:
1.2000 + case CKR_OK:
1.2001 + error = CKR_GENERAL_ERROR;
1.2002 + break;
1.2003 + }
1.2004 +
1.2005 + return error;
1.2006 +}
1.2007 +
1.2008 +/*
1.2009 + * NSSCKFWC_CopyObject
1.2010 + *
1.2011 + */
1.2012 +NSS_IMPLEMENT CK_RV
1.2013 +NSSCKFWC_CopyObject
1.2014 +(
1.2015 + NSSCKFWInstance *fwInstance,
1.2016 + CK_SESSION_HANDLE hSession,
1.2017 + CK_OBJECT_HANDLE hObject,
1.2018 + CK_ATTRIBUTE_PTR pTemplate,
1.2019 + CK_ULONG ulCount,
1.2020 + CK_OBJECT_HANDLE_PTR phNewObject
1.2021 +)
1.2022 +{
1.2023 + CK_RV error = CKR_OK;
1.2024 + NSSCKFWSession *fwSession;
1.2025 + NSSCKFWObject *fwObject;
1.2026 + NSSCKFWObject *fwNewObject;
1.2027 +
1.2028 + if (!fwInstance) {
1.2029 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2030 + goto loser;
1.2031 + }
1.2032 +
1.2033 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2034 + if (!fwSession) {
1.2035 + error = CKR_SESSION_HANDLE_INVALID;
1.2036 + goto loser;
1.2037 + }
1.2038 +
1.2039 + if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
1.2040 + error = CKR_ARGUMENTS_BAD;
1.2041 + goto loser;
1.2042 + }
1.2043 +
1.2044 + /*
1.2045 + * A purify error here indicates caller error.
1.2046 + */
1.2047 + *phNewObject = (CK_OBJECT_HANDLE)0;
1.2048 +
1.2049 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
1.2050 + if (!fwObject) {
1.2051 + error = CKR_OBJECT_HANDLE_INVALID;
1.2052 + goto loser;
1.2053 + }
1.2054 +
1.2055 + fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
1.2056 + pTemplate, ulCount, &error);
1.2057 + if (!fwNewObject) {
1.2058 + goto loser;
1.2059 + }
1.2060 +
1.2061 + *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
1.2062 + fwNewObject, &error);
1.2063 + if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
1.2064 + nssCKFWObject_Destroy(fwNewObject);
1.2065 + goto loser;
1.2066 + }
1.2067 +
1.2068 + return CKR_OK;
1.2069 +
1.2070 + loser:
1.2071 + switch( error ) {
1.2072 + case CKR_SESSION_CLOSED:
1.2073 + /* destroy session? */
1.2074 + break;
1.2075 + case CKR_DEVICE_REMOVED:
1.2076 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2077 + break;
1.2078 + case CKR_ATTRIBUTE_READ_ONLY:
1.2079 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2080 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.2081 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2082 + case CKR_DEVICE_ERROR:
1.2083 + case CKR_DEVICE_MEMORY:
1.2084 + case CKR_FUNCTION_FAILED:
1.2085 + case CKR_GENERAL_ERROR:
1.2086 + case CKR_HOST_MEMORY:
1.2087 + case CKR_OBJECT_HANDLE_INVALID:
1.2088 + case CKR_SESSION_HANDLE_INVALID:
1.2089 + case CKR_SESSION_READ_ONLY:
1.2090 + case CKR_TEMPLATE_INCONSISTENT:
1.2091 + case CKR_TOKEN_WRITE_PROTECTED:
1.2092 + case CKR_USER_NOT_LOGGED_IN:
1.2093 + break;
1.2094 + default:
1.2095 + case CKR_OK:
1.2096 + error = CKR_GENERAL_ERROR;
1.2097 + break;
1.2098 + }
1.2099 +
1.2100 + return error;
1.2101 +}
1.2102 +
1.2103 +/*
1.2104 + * NSSCKFWC_DestroyObject
1.2105 + *
1.2106 + */
1.2107 +NSS_IMPLEMENT CK_RV
1.2108 +NSSCKFWC_DestroyObject
1.2109 +(
1.2110 + NSSCKFWInstance *fwInstance,
1.2111 + CK_SESSION_HANDLE hSession,
1.2112 + CK_OBJECT_HANDLE hObject
1.2113 +)
1.2114 +{
1.2115 + CK_RV error = CKR_OK;
1.2116 + NSSCKFWSession *fwSession;
1.2117 + NSSCKFWObject *fwObject;
1.2118 +
1.2119 + if (!fwInstance) {
1.2120 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2121 + goto loser;
1.2122 + }
1.2123 +
1.2124 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2125 + if (!fwSession) {
1.2126 + error = CKR_SESSION_HANDLE_INVALID;
1.2127 + goto loser;
1.2128 + }
1.2129 +
1.2130 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
1.2131 + if (!fwObject) {
1.2132 + error = CKR_OBJECT_HANDLE_INVALID;
1.2133 + goto loser;
1.2134 + }
1.2135 +
1.2136 + nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
1.2137 + nssCKFWObject_Destroy(fwObject);
1.2138 +
1.2139 + return CKR_OK;
1.2140 +
1.2141 + loser:
1.2142 + switch( error ) {
1.2143 + case CKR_SESSION_CLOSED:
1.2144 + /* destroy session? */
1.2145 + break;
1.2146 + case CKR_DEVICE_REMOVED:
1.2147 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2148 + break;
1.2149 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2150 + case CKR_DEVICE_ERROR:
1.2151 + case CKR_DEVICE_MEMORY:
1.2152 + case CKR_FUNCTION_FAILED:
1.2153 + case CKR_GENERAL_ERROR:
1.2154 + case CKR_HOST_MEMORY:
1.2155 + case CKR_OBJECT_HANDLE_INVALID:
1.2156 + case CKR_SESSION_HANDLE_INVALID:
1.2157 + case CKR_SESSION_READ_ONLY:
1.2158 + case CKR_TOKEN_WRITE_PROTECTED:
1.2159 + break;
1.2160 + default:
1.2161 + case CKR_OK:
1.2162 + error = CKR_GENERAL_ERROR;
1.2163 + break;
1.2164 + }
1.2165 +
1.2166 + return error;
1.2167 +}
1.2168 +
1.2169 +/*
1.2170 + * NSSCKFWC_GetObjectSize
1.2171 + *
1.2172 + */
1.2173 +NSS_IMPLEMENT CK_RV
1.2174 +NSSCKFWC_GetObjectSize
1.2175 +(
1.2176 + NSSCKFWInstance *fwInstance,
1.2177 + CK_SESSION_HANDLE hSession,
1.2178 + CK_OBJECT_HANDLE hObject,
1.2179 + CK_ULONG_PTR pulSize
1.2180 +)
1.2181 +{
1.2182 + CK_RV error = CKR_OK;
1.2183 + NSSCKFWSession *fwSession;
1.2184 + NSSCKFWObject *fwObject;
1.2185 +
1.2186 + if (!fwInstance) {
1.2187 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2188 + goto loser;
1.2189 + }
1.2190 +
1.2191 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2192 + if (!fwSession) {
1.2193 + error = CKR_SESSION_HANDLE_INVALID;
1.2194 + goto loser;
1.2195 + }
1.2196 +
1.2197 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
1.2198 + if (!fwObject) {
1.2199 + error = CKR_OBJECT_HANDLE_INVALID;
1.2200 + goto loser;
1.2201 + }
1.2202 +
1.2203 + if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
1.2204 + error = CKR_ARGUMENTS_BAD;
1.2205 + goto loser;
1.2206 + }
1.2207 +
1.2208 + /*
1.2209 + * A purify error here indicates caller error.
1.2210 + */
1.2211 + *pulSize = (CK_ULONG)0;
1.2212 +
1.2213 + *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
1.2214 + if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
1.2215 + goto loser;
1.2216 + }
1.2217 +
1.2218 + return CKR_OK;
1.2219 +
1.2220 + loser:
1.2221 + switch( error ) {
1.2222 + case CKR_SESSION_CLOSED:
1.2223 + /* destroy session? */
1.2224 + break;
1.2225 + case CKR_DEVICE_REMOVED:
1.2226 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2227 + break;
1.2228 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2229 + case CKR_DEVICE_ERROR:
1.2230 + case CKR_DEVICE_MEMORY:
1.2231 + case CKR_FUNCTION_FAILED:
1.2232 + case CKR_GENERAL_ERROR:
1.2233 + case CKR_HOST_MEMORY:
1.2234 + case CKR_INFORMATION_SENSITIVE:
1.2235 + case CKR_OBJECT_HANDLE_INVALID:
1.2236 + case CKR_SESSION_HANDLE_INVALID:
1.2237 + break;
1.2238 + default:
1.2239 + case CKR_OK:
1.2240 + error = CKR_GENERAL_ERROR;
1.2241 + break;
1.2242 + }
1.2243 +
1.2244 + return error;
1.2245 +}
1.2246 +
1.2247 +/*
1.2248 + * NSSCKFWC_GetAttributeValue
1.2249 + *
1.2250 + */
1.2251 +NSS_IMPLEMENT CK_RV
1.2252 +NSSCKFWC_GetAttributeValue
1.2253 +(
1.2254 + NSSCKFWInstance *fwInstance,
1.2255 + CK_SESSION_HANDLE hSession,
1.2256 + CK_OBJECT_HANDLE hObject,
1.2257 + CK_ATTRIBUTE_PTR pTemplate,
1.2258 + CK_ULONG ulCount
1.2259 +)
1.2260 +{
1.2261 + CK_RV error = CKR_OK;
1.2262 + NSSCKFWSession *fwSession;
1.2263 + NSSCKFWObject *fwObject;
1.2264 + CK_BBOOL sensitive = CK_FALSE;
1.2265 + CK_BBOOL invalid = CK_FALSE;
1.2266 + CK_BBOOL tooSmall = CK_FALSE;
1.2267 + CK_ULONG i;
1.2268 +
1.2269 + if (!fwInstance) {
1.2270 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2271 + goto loser;
1.2272 + }
1.2273 +
1.2274 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2275 + if (!fwSession) {
1.2276 + error = CKR_SESSION_HANDLE_INVALID;
1.2277 + goto loser;
1.2278 + }
1.2279 +
1.2280 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
1.2281 + if (!fwObject) {
1.2282 + error = CKR_OBJECT_HANDLE_INVALID;
1.2283 + goto loser;
1.2284 + }
1.2285 +
1.2286 + if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
1.2287 + error = CKR_ARGUMENTS_BAD;
1.2288 + goto loser;
1.2289 + }
1.2290 +
1.2291 + for( i = 0; i < ulCount; i++ ) {
1.2292 + CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
1.2293 + pTemplate[i].type, &error);
1.2294 + if( (CK_ULONG)0 == size ) {
1.2295 + switch( error ) {
1.2296 + case CKR_ATTRIBUTE_SENSITIVE:
1.2297 + case CKR_INFORMATION_SENSITIVE:
1.2298 + sensitive = CK_TRUE;
1.2299 + pTemplate[i].ulValueLen = (CK_ULONG)(-1);
1.2300 + continue;
1.2301 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2302 + invalid = CK_TRUE;
1.2303 + pTemplate[i].ulValueLen = (CK_ULONG)(-1);
1.2304 + continue;
1.2305 + case CKR_OK:
1.2306 + break;
1.2307 + default:
1.2308 + goto loser;
1.2309 + }
1.2310 + }
1.2311 +
1.2312 + if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
1.2313 + pTemplate[i].ulValueLen = size;
1.2314 + } else {
1.2315 + NSSItem it, *p;
1.2316 +
1.2317 + if( pTemplate[i].ulValueLen < size ) {
1.2318 + tooSmall = CK_TRUE;
1.2319 + continue;
1.2320 + }
1.2321 +
1.2322 + it.size = (PRUint32)pTemplate[i].ulValueLen;
1.2323 + it.data = (void *)pTemplate[i].pValue;
1.2324 + p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
1.2325 + (NSSArena *)NULL, &error);
1.2326 + if (!p) {
1.2327 + switch( error ) {
1.2328 + case CKR_ATTRIBUTE_SENSITIVE:
1.2329 + case CKR_INFORMATION_SENSITIVE:
1.2330 + sensitive = CK_TRUE;
1.2331 + pTemplate[i].ulValueLen = (CK_ULONG)(-1);
1.2332 + continue;
1.2333 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2334 + invalid = CK_TRUE;
1.2335 + pTemplate[i].ulValueLen = (CK_ULONG)(-1);
1.2336 + continue;
1.2337 + default:
1.2338 + goto loser;
1.2339 + }
1.2340 + }
1.2341 +
1.2342 + pTemplate[i].ulValueLen = size;
1.2343 + }
1.2344 + }
1.2345 +
1.2346 + if( sensitive ) {
1.2347 + error = CKR_ATTRIBUTE_SENSITIVE;
1.2348 + goto loser;
1.2349 + } else if( invalid ) {
1.2350 + error = CKR_ATTRIBUTE_TYPE_INVALID;
1.2351 + goto loser;
1.2352 + } else if( tooSmall ) {
1.2353 + error = CKR_BUFFER_TOO_SMALL;
1.2354 + goto loser;
1.2355 + }
1.2356 +
1.2357 + return CKR_OK;
1.2358 +
1.2359 + loser:
1.2360 + switch( error ) {
1.2361 + case CKR_SESSION_CLOSED:
1.2362 + /* destroy session? */
1.2363 + break;
1.2364 + case CKR_DEVICE_REMOVED:
1.2365 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2366 + break;
1.2367 + case CKR_ATTRIBUTE_SENSITIVE:
1.2368 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2369 + case CKR_BUFFER_TOO_SMALL:
1.2370 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2371 + case CKR_DEVICE_ERROR:
1.2372 + case CKR_DEVICE_MEMORY:
1.2373 + case CKR_FUNCTION_FAILED:
1.2374 + case CKR_GENERAL_ERROR:
1.2375 + case CKR_HOST_MEMORY:
1.2376 + case CKR_OBJECT_HANDLE_INVALID:
1.2377 + case CKR_SESSION_HANDLE_INVALID:
1.2378 + break;
1.2379 + default:
1.2380 + case CKR_OK:
1.2381 + error = CKR_GENERAL_ERROR;
1.2382 + break;
1.2383 + }
1.2384 +
1.2385 + return error;
1.2386 +}
1.2387 +
1.2388 +/*
1.2389 + * NSSCKFWC_SetAttributeValue
1.2390 + *
1.2391 + */
1.2392 +NSS_IMPLEMENT CK_RV
1.2393 +NSSCKFWC_SetAttributeValue
1.2394 +(
1.2395 + NSSCKFWInstance *fwInstance,
1.2396 + CK_SESSION_HANDLE hSession,
1.2397 + CK_OBJECT_HANDLE hObject,
1.2398 + CK_ATTRIBUTE_PTR pTemplate,
1.2399 + CK_ULONG ulCount
1.2400 +)
1.2401 +{
1.2402 + CK_RV error = CKR_OK;
1.2403 + NSSCKFWSession *fwSession;
1.2404 + NSSCKFWObject *fwObject;
1.2405 + CK_ULONG i;
1.2406 +
1.2407 + if (!fwInstance) {
1.2408 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2409 + goto loser;
1.2410 + }
1.2411 +
1.2412 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2413 + if (!fwSession) {
1.2414 + error = CKR_SESSION_HANDLE_INVALID;
1.2415 + goto loser;
1.2416 + }
1.2417 +
1.2418 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
1.2419 + if (!fwObject) {
1.2420 + error = CKR_OBJECT_HANDLE_INVALID;
1.2421 + goto loser;
1.2422 + }
1.2423 +
1.2424 + if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
1.2425 + error = CKR_ARGUMENTS_BAD;
1.2426 + goto loser;
1.2427 + }
1.2428 +
1.2429 + for (i=0; i < ulCount; i++) {
1.2430 + NSSItem value;
1.2431 +
1.2432 + value.data = pTemplate[i].pValue;
1.2433 + value.size = pTemplate[i].ulValueLen;
1.2434 +
1.2435 + error = nssCKFWObject_SetAttribute(fwObject, fwSession,
1.2436 + pTemplate[i].type, &value);
1.2437 +
1.2438 + if( CKR_OK != error ) {
1.2439 + goto loser;
1.2440 + }
1.2441 + }
1.2442 +
1.2443 + return CKR_OK;
1.2444 +
1.2445 + loser:
1.2446 + switch( error ) {
1.2447 + case CKR_SESSION_CLOSED:
1.2448 + /* destroy session? */
1.2449 + break;
1.2450 + case CKR_DEVICE_REMOVED:
1.2451 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2452 + break;
1.2453 + case CKR_ATTRIBUTE_READ_ONLY:
1.2454 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2455 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.2456 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2457 + case CKR_DEVICE_ERROR:
1.2458 + case CKR_DEVICE_MEMORY:
1.2459 + case CKR_FUNCTION_FAILED:
1.2460 + case CKR_GENERAL_ERROR:
1.2461 + case CKR_HOST_MEMORY:
1.2462 + case CKR_OBJECT_HANDLE_INVALID:
1.2463 + case CKR_SESSION_HANDLE_INVALID:
1.2464 + case CKR_SESSION_READ_ONLY:
1.2465 + case CKR_TEMPLATE_INCONSISTENT:
1.2466 + case CKR_TOKEN_WRITE_PROTECTED:
1.2467 + break;
1.2468 + default:
1.2469 + case CKR_OK:
1.2470 + error = CKR_GENERAL_ERROR;
1.2471 + break;
1.2472 + }
1.2473 +
1.2474 + return error;
1.2475 +}
1.2476 +
1.2477 +/*
1.2478 + * NSSCKFWC_FindObjectsInit
1.2479 + *
1.2480 + */
1.2481 +NSS_IMPLEMENT CK_RV
1.2482 +NSSCKFWC_FindObjectsInit
1.2483 +(
1.2484 + NSSCKFWInstance *fwInstance,
1.2485 + CK_SESSION_HANDLE hSession,
1.2486 + CK_ATTRIBUTE_PTR pTemplate,
1.2487 + CK_ULONG ulCount
1.2488 +)
1.2489 +{
1.2490 + CK_RV error = CKR_OK;
1.2491 + NSSCKFWSession *fwSession;
1.2492 + NSSCKFWFindObjects *fwFindObjects;
1.2493 +
1.2494 + if (!fwInstance) {
1.2495 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2496 + goto loser;
1.2497 + }
1.2498 +
1.2499 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2500 + if (!fwSession) {
1.2501 + error = CKR_SESSION_HANDLE_INVALID;
1.2502 + goto loser;
1.2503 + }
1.2504 +
1.2505 + if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
1.2506 + error = CKR_ARGUMENTS_BAD;
1.2507 + goto loser;
1.2508 + }
1.2509 +
1.2510 + fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
1.2511 + if (fwFindObjects) {
1.2512 + error = CKR_OPERATION_ACTIVE;
1.2513 + goto loser;
1.2514 + }
1.2515 +
1.2516 + if( CKR_OPERATION_NOT_INITIALIZED != error ) {
1.2517 + goto loser;
1.2518 + }
1.2519 +
1.2520 + fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
1.2521 + pTemplate, ulCount, &error);
1.2522 + if (!fwFindObjects) {
1.2523 + goto loser;
1.2524 + }
1.2525 +
1.2526 + error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
1.2527 +
1.2528 + if( CKR_OK != error ) {
1.2529 + nssCKFWFindObjects_Destroy(fwFindObjects);
1.2530 + goto loser;
1.2531 + }
1.2532 +
1.2533 + return CKR_OK;
1.2534 +
1.2535 + loser:
1.2536 + switch( error ) {
1.2537 + case CKR_SESSION_CLOSED:
1.2538 + /* destroy session? */
1.2539 + break;
1.2540 + case CKR_DEVICE_REMOVED:
1.2541 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2542 + break;
1.2543 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.2544 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.2545 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2546 + case CKR_DEVICE_ERROR:
1.2547 + case CKR_DEVICE_MEMORY:
1.2548 + case CKR_FUNCTION_FAILED:
1.2549 + case CKR_GENERAL_ERROR:
1.2550 + case CKR_HOST_MEMORY:
1.2551 + case CKR_OPERATION_ACTIVE:
1.2552 + case CKR_SESSION_HANDLE_INVALID:
1.2553 + break;
1.2554 + default:
1.2555 + case CKR_OK:
1.2556 + error = CKR_GENERAL_ERROR;
1.2557 + break;
1.2558 + }
1.2559 +
1.2560 + return error;
1.2561 +}
1.2562 +
1.2563 +/*
1.2564 + * NSSCKFWC_FindObjects
1.2565 + *
1.2566 + */
1.2567 +NSS_IMPLEMENT CK_RV
1.2568 +NSSCKFWC_FindObjects
1.2569 +(
1.2570 + NSSCKFWInstance *fwInstance,
1.2571 + CK_SESSION_HANDLE hSession,
1.2572 + CK_OBJECT_HANDLE_PTR phObject,
1.2573 + CK_ULONG ulMaxObjectCount,
1.2574 + CK_ULONG_PTR pulObjectCount
1.2575 +)
1.2576 +{
1.2577 + CK_RV error = CKR_OK;
1.2578 + NSSCKFWSession *fwSession;
1.2579 + NSSCKFWFindObjects *fwFindObjects;
1.2580 + CK_ULONG i;
1.2581 +
1.2582 + if (!fwInstance) {
1.2583 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2584 + goto loser;
1.2585 + }
1.2586 +
1.2587 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2588 + if (!fwSession) {
1.2589 + error = CKR_SESSION_HANDLE_INVALID;
1.2590 + goto loser;
1.2591 + }
1.2592 +
1.2593 + if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1.2594 + error = CKR_ARGUMENTS_BAD;
1.2595 + goto loser;
1.2596 + }
1.2597 +
1.2598 + /*
1.2599 + * A purify error here indicates caller error.
1.2600 + */
1.2601 + (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
1.2602 + *pulObjectCount = (CK_ULONG)0;
1.2603 +
1.2604 + fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
1.2605 + if (!fwFindObjects) {
1.2606 + goto loser;
1.2607 + }
1.2608 +
1.2609 + for( i = 0; i < ulMaxObjectCount; i++ ) {
1.2610 + NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
1.2611 + NULL, &error);
1.2612 + if (!fwObject) {
1.2613 + break;
1.2614 + }
1.2615 +
1.2616 + phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
1.2617 + if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
1.2618 + phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1.2619 + }
1.2620 + if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
1.2621 + /* This isn't right either, is it? */
1.2622 + nssCKFWObject_Destroy(fwObject);
1.2623 + goto loser;
1.2624 + }
1.2625 + }
1.2626 +
1.2627 + *pulObjectCount = i;
1.2628 +
1.2629 + return CKR_OK;
1.2630 +
1.2631 + loser:
1.2632 + switch( error ) {
1.2633 + case CKR_SESSION_CLOSED:
1.2634 + /* destroy session? */
1.2635 + break;
1.2636 + case CKR_DEVICE_REMOVED:
1.2637 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2638 + break;
1.2639 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2640 + case CKR_DEVICE_ERROR:
1.2641 + case CKR_DEVICE_MEMORY:
1.2642 + case CKR_FUNCTION_FAILED:
1.2643 + case CKR_GENERAL_ERROR:
1.2644 + case CKR_HOST_MEMORY:
1.2645 + case CKR_OPERATION_NOT_INITIALIZED:
1.2646 + case CKR_SESSION_HANDLE_INVALID:
1.2647 + break;
1.2648 + default:
1.2649 + case CKR_OK:
1.2650 + error = CKR_GENERAL_ERROR;
1.2651 + break;
1.2652 + }
1.2653 +
1.2654 + return error;
1.2655 +}
1.2656 +
1.2657 +/*
1.2658 + * NSSCKFWC_FindObjectsFinal
1.2659 + *
1.2660 + */
1.2661 +NSS_IMPLEMENT CK_RV
1.2662 +NSSCKFWC_FindObjectsFinal
1.2663 +(
1.2664 + NSSCKFWInstance *fwInstance,
1.2665 + CK_SESSION_HANDLE hSession
1.2666 +)
1.2667 +{
1.2668 + CK_RV error = CKR_OK;
1.2669 + NSSCKFWSession *fwSession;
1.2670 + NSSCKFWFindObjects *fwFindObjects;
1.2671 +
1.2672 + if (!fwInstance) {
1.2673 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2674 + goto loser;
1.2675 + }
1.2676 +
1.2677 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2678 + if (!fwSession) {
1.2679 + error = CKR_SESSION_HANDLE_INVALID;
1.2680 + goto loser;
1.2681 + }
1.2682 +
1.2683 + fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
1.2684 + if (!fwFindObjects) {
1.2685 + error = CKR_OPERATION_NOT_INITIALIZED;
1.2686 + goto loser;
1.2687 + }
1.2688 +
1.2689 + nssCKFWFindObjects_Destroy(fwFindObjects);
1.2690 + error = nssCKFWSession_SetFWFindObjects(fwSession,
1.2691 + (NSSCKFWFindObjects *)NULL);
1.2692 +
1.2693 + if( CKR_OK != error ) {
1.2694 + goto loser;
1.2695 + }
1.2696 +
1.2697 + return CKR_OK;
1.2698 +
1.2699 + loser:
1.2700 + switch( error ) {
1.2701 + case CKR_SESSION_CLOSED:
1.2702 + /* destroy session? */
1.2703 + break;
1.2704 + case CKR_DEVICE_REMOVED:
1.2705 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.2706 + break;
1.2707 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2708 + case CKR_DEVICE_ERROR:
1.2709 + case CKR_DEVICE_MEMORY:
1.2710 + case CKR_FUNCTION_FAILED:
1.2711 + case CKR_GENERAL_ERROR:
1.2712 + case CKR_HOST_MEMORY:
1.2713 + case CKR_OPERATION_NOT_INITIALIZED:
1.2714 + case CKR_SESSION_HANDLE_INVALID:
1.2715 + break;
1.2716 + default:
1.2717 + case CKR_OK:
1.2718 + error = CKR_GENERAL_ERROR;
1.2719 + break;
1.2720 + }
1.2721 +
1.2722 + return error;
1.2723 +}
1.2724 +
1.2725 +/*
1.2726 + * NSSCKFWC_EncryptInit
1.2727 + *
1.2728 + */
1.2729 +NSS_IMPLEMENT CK_RV
1.2730 +NSSCKFWC_EncryptInit
1.2731 +(
1.2732 + NSSCKFWInstance *fwInstance,
1.2733 + CK_SESSION_HANDLE hSession,
1.2734 + CK_MECHANISM_PTR pMechanism,
1.2735 + CK_OBJECT_HANDLE hKey
1.2736 +)
1.2737 +{
1.2738 + CK_RV error = CKR_OK;
1.2739 + NSSCKFWSession *fwSession;
1.2740 + NSSCKFWObject *fwObject;
1.2741 + NSSCKFWSlot *fwSlot;
1.2742 + NSSCKFWToken *fwToken;
1.2743 + NSSCKFWMechanism *fwMechanism;
1.2744 +
1.2745 + if (!fwInstance) {
1.2746 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2747 + goto loser;
1.2748 + }
1.2749 +
1.2750 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2751 + if (!fwSession) {
1.2752 + error = CKR_SESSION_HANDLE_INVALID;
1.2753 + goto loser;
1.2754 + }
1.2755 +
1.2756 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.2757 + if (!fwObject) {
1.2758 + error = CKR_KEY_HANDLE_INVALID;
1.2759 + goto loser;
1.2760 + }
1.2761 +
1.2762 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.2763 + if (!fwSlot) {
1.2764 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.2765 + goto loser;
1.2766 + }
1.2767 +
1.2768 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.2769 + error = CKR_TOKEN_NOT_PRESENT;
1.2770 + goto loser;
1.2771 + }
1.2772 +
1.2773 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.2774 + if (!fwToken) {
1.2775 + goto loser;
1.2776 + }
1.2777 +
1.2778 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.2779 + if (!fwMechanism) {
1.2780 + goto loser;
1.2781 + }
1.2782 +
1.2783 + error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
1.2784 + fwSession, fwObject);
1.2785 +
1.2786 + nssCKFWMechanism_Destroy(fwMechanism);
1.2787 +
1.2788 + if (CKR_OK == error) {
1.2789 + return CKR_OK;
1.2790 + }
1.2791 +
1.2792 +loser:
1.2793 + /* verify error */
1.2794 + switch( error ) {
1.2795 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2796 + case CKR_DEVICE_ERROR:
1.2797 + case CKR_DEVICE_MEMORY:
1.2798 + case CKR_DEVICE_REMOVED:
1.2799 + case CKR_FUNCTION_CANCELED:
1.2800 + case CKR_FUNCTION_FAILED:
1.2801 + case CKR_GENERAL_ERROR:
1.2802 + case CKR_HOST_MEMORY:
1.2803 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.2804 + case CKR_KEY_HANDLE_INVALID:
1.2805 + case CKR_KEY_SIZE_RANGE:
1.2806 + case CKR_KEY_TYPE_INCONSISTENT:
1.2807 + case CKR_MECHANISM_INVALID:
1.2808 + case CKR_MECHANISM_PARAM_INVALID:
1.2809 + case CKR_OPERATION_ACTIVE:
1.2810 + case CKR_PIN_EXPIRED:
1.2811 + case CKR_SESSION_CLOSED:
1.2812 + case CKR_SESSION_HANDLE_INVALID:
1.2813 + case CKR_USER_NOT_LOGGED_IN:
1.2814 + break;
1.2815 + default:
1.2816 + case CKR_OK:
1.2817 + error = CKR_GENERAL_ERROR;
1.2818 + break;
1.2819 + }
1.2820 + return error;
1.2821 +}
1.2822 +
1.2823 +/*
1.2824 + * NSSCKFWC_Encrypt
1.2825 + *
1.2826 + */
1.2827 +NSS_IMPLEMENT CK_RV
1.2828 +NSSCKFWC_Encrypt
1.2829 +(
1.2830 + NSSCKFWInstance *fwInstance,
1.2831 + CK_SESSION_HANDLE hSession,
1.2832 + CK_BYTE_PTR pData,
1.2833 + CK_ULONG ulDataLen,
1.2834 + CK_BYTE_PTR pEncryptedData,
1.2835 + CK_ULONG_PTR pulEncryptedDataLen
1.2836 +)
1.2837 +{
1.2838 + CK_RV error = CKR_OK;
1.2839 + NSSCKFWSession *fwSession;
1.2840 +
1.2841 + if (!fwInstance) {
1.2842 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2843 + goto loser;
1.2844 + }
1.2845 +
1.2846 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2847 + if (!fwSession) {
1.2848 + error = CKR_SESSION_HANDLE_INVALID;
1.2849 + goto loser;
1.2850 + }
1.2851 +
1.2852 + error = nssCKFWSession_UpdateFinal(fwSession,
1.2853 + NSSCKFWCryptoOperationType_Encrypt,
1.2854 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.2855 + pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
1.2856 +
1.2857 + if (CKR_OK == error) {
1.2858 + return CKR_OK;
1.2859 + }
1.2860 +
1.2861 +loser:
1.2862 + /* verify error */
1.2863 + switch( error ) {
1.2864 + case CKR_ARGUMENTS_BAD:
1.2865 + case CKR_BUFFER_TOO_SMALL:
1.2866 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2867 + case CKR_DATA_INVALID:
1.2868 + case CKR_DATA_LEN_RANGE:
1.2869 + case CKR_DEVICE_ERROR:
1.2870 + case CKR_DEVICE_MEMORY:
1.2871 + case CKR_DEVICE_REMOVED:
1.2872 + case CKR_FUNCTION_CANCELED:
1.2873 + case CKR_FUNCTION_FAILED:
1.2874 + case CKR_GENERAL_ERROR:
1.2875 + case CKR_HOST_MEMORY:
1.2876 + case CKR_OPERATION_NOT_INITIALIZED:
1.2877 + case CKR_SESSION_HANDLE_INVALID:
1.2878 + case CKR_SESSION_CLOSED:
1.2879 + break;
1.2880 + default:
1.2881 + case CKR_OK:
1.2882 + error = CKR_GENERAL_ERROR;
1.2883 + break;
1.2884 + }
1.2885 + return error;
1.2886 +}
1.2887 +
1.2888 +/*
1.2889 + * NSSCKFWC_EncryptUpdate
1.2890 + *
1.2891 + */
1.2892 +NSS_IMPLEMENT CK_RV
1.2893 +NSSCKFWC_EncryptUpdate
1.2894 +(
1.2895 + NSSCKFWInstance *fwInstance,
1.2896 + CK_SESSION_HANDLE hSession,
1.2897 + CK_BYTE_PTR pPart,
1.2898 + CK_ULONG ulPartLen,
1.2899 + CK_BYTE_PTR pEncryptedPart,
1.2900 + CK_ULONG_PTR pulEncryptedPartLen
1.2901 +)
1.2902 +{
1.2903 + CK_RV error = CKR_OK;
1.2904 + NSSCKFWSession *fwSession;
1.2905 +
1.2906 + if (!fwInstance) {
1.2907 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2908 + goto loser;
1.2909 + }
1.2910 +
1.2911 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2912 + if (!fwSession) {
1.2913 + error = CKR_SESSION_HANDLE_INVALID;
1.2914 + goto loser;
1.2915 + }
1.2916 +
1.2917 + error = nssCKFWSession_Update(fwSession,
1.2918 + NSSCKFWCryptoOperationType_Encrypt,
1.2919 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.2920 + pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
1.2921 +
1.2922 + if (CKR_OK == error) {
1.2923 + return CKR_OK;
1.2924 + }
1.2925 +
1.2926 +loser:
1.2927 + /* verify error */
1.2928 + switch( error ) {
1.2929 + case CKR_ARGUMENTS_BAD:
1.2930 + case CKR_BUFFER_TOO_SMALL:
1.2931 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2932 + case CKR_DATA_LEN_RANGE:
1.2933 + case CKR_DEVICE_ERROR:
1.2934 + case CKR_DEVICE_MEMORY:
1.2935 + case CKR_DEVICE_REMOVED:
1.2936 + case CKR_FUNCTION_CANCELED:
1.2937 + case CKR_FUNCTION_FAILED:
1.2938 + case CKR_GENERAL_ERROR:
1.2939 + case CKR_HOST_MEMORY:
1.2940 + case CKR_OPERATION_NOT_INITIALIZED:
1.2941 + case CKR_SESSION_CLOSED:
1.2942 + case CKR_SESSION_HANDLE_INVALID:
1.2943 + break;
1.2944 + default:
1.2945 + case CKR_OK:
1.2946 + error = CKR_GENERAL_ERROR;
1.2947 + break;
1.2948 + }
1.2949 + return error;
1.2950 +}
1.2951 +
1.2952 +/*
1.2953 + * NSSCKFWC_EncryptFinal
1.2954 + *
1.2955 + */
1.2956 +NSS_IMPLEMENT CK_RV
1.2957 +NSSCKFWC_EncryptFinal
1.2958 +(
1.2959 + NSSCKFWInstance *fwInstance,
1.2960 + CK_SESSION_HANDLE hSession,
1.2961 + CK_BYTE_PTR pLastEncryptedPart,
1.2962 + CK_ULONG_PTR pulLastEncryptedPartLen
1.2963 +)
1.2964 +{
1.2965 + CK_RV error = CKR_OK;
1.2966 + NSSCKFWSession *fwSession;
1.2967 +
1.2968 + if (!fwInstance) {
1.2969 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.2970 + goto loser;
1.2971 + }
1.2972 +
1.2973 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.2974 + if (!fwSession) {
1.2975 + error = CKR_SESSION_HANDLE_INVALID;
1.2976 + goto loser;
1.2977 + }
1.2978 +
1.2979 + error = nssCKFWSession_Final(fwSession,
1.2980 + NSSCKFWCryptoOperationType_Encrypt,
1.2981 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.2982 + pLastEncryptedPart, pulLastEncryptedPartLen);
1.2983 +
1.2984 + if (CKR_OK == error) {
1.2985 + return CKR_OK;
1.2986 + }
1.2987 +
1.2988 +loser:
1.2989 + /* verify error */
1.2990 + switch( error ) {
1.2991 + case CKR_ARGUMENTS_BAD:
1.2992 + case CKR_BUFFER_TOO_SMALL:
1.2993 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.2994 + case CKR_DATA_LEN_RANGE:
1.2995 + case CKR_DEVICE_ERROR:
1.2996 + case CKR_DEVICE_MEMORY:
1.2997 + case CKR_DEVICE_REMOVED:
1.2998 + case CKR_FUNCTION_CANCELED:
1.2999 + case CKR_FUNCTION_FAILED:
1.3000 + case CKR_GENERAL_ERROR:
1.3001 + case CKR_HOST_MEMORY:
1.3002 + case CKR_OPERATION_NOT_INITIALIZED:
1.3003 + case CKR_SESSION_CLOSED:
1.3004 + case CKR_SESSION_HANDLE_INVALID:
1.3005 + break;
1.3006 + default:
1.3007 + case CKR_OK:
1.3008 + error = CKR_GENERAL_ERROR;
1.3009 + break;
1.3010 + }
1.3011 + return error;
1.3012 +}
1.3013 +
1.3014 +/*
1.3015 + * NSSCKFWC_DecryptInit
1.3016 + *
1.3017 + */
1.3018 +NSS_IMPLEMENT CK_RV
1.3019 +NSSCKFWC_DecryptInit
1.3020 +(
1.3021 + NSSCKFWInstance *fwInstance,
1.3022 + CK_SESSION_HANDLE hSession,
1.3023 + CK_MECHANISM_PTR pMechanism,
1.3024 + CK_OBJECT_HANDLE hKey
1.3025 +)
1.3026 +{
1.3027 + CK_RV error = CKR_OK;
1.3028 + NSSCKFWSession *fwSession;
1.3029 + NSSCKFWObject *fwObject;
1.3030 + NSSCKFWSlot *fwSlot;
1.3031 + NSSCKFWToken *fwToken;
1.3032 + NSSCKFWMechanism *fwMechanism;
1.3033 +
1.3034 + if (!fwInstance) {
1.3035 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3036 + goto loser;
1.3037 + }
1.3038 +
1.3039 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3040 + if (!fwSession) {
1.3041 + error = CKR_SESSION_HANDLE_INVALID;
1.3042 + goto loser;
1.3043 + }
1.3044 +
1.3045 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.3046 + if (!fwObject) {
1.3047 + error = CKR_KEY_HANDLE_INVALID;
1.3048 + goto loser;
1.3049 + }
1.3050 +
1.3051 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.3052 + if (!fwSlot) {
1.3053 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.3054 + goto loser;
1.3055 + }
1.3056 +
1.3057 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.3058 + error = CKR_TOKEN_NOT_PRESENT;
1.3059 + goto loser;
1.3060 + }
1.3061 +
1.3062 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.3063 + if (!fwToken) {
1.3064 + goto loser;
1.3065 + }
1.3066 +
1.3067 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.3068 + if (!fwMechanism) {
1.3069 + goto loser;
1.3070 + }
1.3071 +
1.3072 + error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
1.3073 + fwSession, fwObject);
1.3074 + nssCKFWMechanism_Destroy(fwMechanism);
1.3075 +
1.3076 + if (CKR_OK == error) {
1.3077 + return CKR_OK;
1.3078 + }
1.3079 +
1.3080 +loser:
1.3081 + /* verify error */
1.3082 + switch( error ) {
1.3083 + case CKR_ARGUMENTS_BAD:
1.3084 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3085 + case CKR_DEVICE_ERROR:
1.3086 + case CKR_DEVICE_MEMORY:
1.3087 + case CKR_DEVICE_REMOVED:
1.3088 + case CKR_FUNCTION_CANCELED:
1.3089 + case CKR_FUNCTION_FAILED:
1.3090 + case CKR_GENERAL_ERROR:
1.3091 + case CKR_HOST_MEMORY:
1.3092 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.3093 + case CKR_KEY_HANDLE_INVALID:
1.3094 + case CKR_KEY_SIZE_RANGE:
1.3095 + case CKR_KEY_TYPE_INCONSISTENT:
1.3096 + case CKR_MECHANISM_INVALID:
1.3097 + case CKR_MECHANISM_PARAM_INVALID:
1.3098 + case CKR_OPERATION_ACTIVE:
1.3099 + case CKR_PIN_EXPIRED:
1.3100 + case CKR_SESSION_CLOSED:
1.3101 + case CKR_SESSION_HANDLE_INVALID:
1.3102 + case CKR_USER_NOT_LOGGED_IN:
1.3103 + break;
1.3104 + default:
1.3105 + case CKR_OK:
1.3106 + error = CKR_GENERAL_ERROR;
1.3107 + break;
1.3108 + }
1.3109 + return error;
1.3110 +}
1.3111 +
1.3112 +/*
1.3113 + * NSSCKFWC_Decrypt
1.3114 + *
1.3115 + */
1.3116 +NSS_IMPLEMENT CK_RV
1.3117 +NSSCKFWC_Decrypt
1.3118 +(
1.3119 + NSSCKFWInstance *fwInstance,
1.3120 + CK_SESSION_HANDLE hSession,
1.3121 + CK_BYTE_PTR pEncryptedData,
1.3122 + CK_ULONG ulEncryptedDataLen,
1.3123 + CK_BYTE_PTR pData,
1.3124 + CK_ULONG_PTR pulDataLen
1.3125 +)
1.3126 +{
1.3127 + CK_RV error = CKR_OK;
1.3128 + NSSCKFWSession *fwSession;
1.3129 +
1.3130 + if (!fwInstance) {
1.3131 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3132 + goto loser;
1.3133 + }
1.3134 +
1.3135 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3136 + if (!fwSession) {
1.3137 + error = CKR_SESSION_HANDLE_INVALID;
1.3138 + goto loser;
1.3139 + }
1.3140 +
1.3141 + error = nssCKFWSession_UpdateFinal(fwSession,
1.3142 + NSSCKFWCryptoOperationType_Decrypt,
1.3143 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.3144 + pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
1.3145 +
1.3146 + if (CKR_OK == error) {
1.3147 + return CKR_OK;
1.3148 + }
1.3149 +
1.3150 +loser:
1.3151 + /* verify error */
1.3152 + switch( error ) {
1.3153 + case CKR_ARGUMENTS_BAD:
1.3154 + case CKR_BUFFER_TOO_SMALL:
1.3155 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3156 + case CKR_DEVICE_ERROR:
1.3157 + case CKR_DEVICE_MEMORY:
1.3158 + case CKR_DEVICE_REMOVED:
1.3159 + case CKR_ENCRYPTED_DATA_INVALID:
1.3160 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.3161 + case CKR_FUNCTION_CANCELED:
1.3162 + case CKR_FUNCTION_FAILED:
1.3163 + case CKR_GENERAL_ERROR:
1.3164 + case CKR_HOST_MEMORY:
1.3165 + case CKR_OPERATION_NOT_INITIALIZED:
1.3166 + case CKR_SESSION_CLOSED:
1.3167 + case CKR_SESSION_HANDLE_INVALID:
1.3168 + case CKR_USER_NOT_LOGGED_IN:
1.3169 + break;
1.3170 + case CKR_DATA_LEN_RANGE:
1.3171 + error = CKR_ENCRYPTED_DATA_LEN_RANGE;
1.3172 + break;
1.3173 + case CKR_DATA_INVALID:
1.3174 + error = CKR_ENCRYPTED_DATA_INVALID;
1.3175 + break;
1.3176 + default:
1.3177 + case CKR_OK:
1.3178 + error = CKR_GENERAL_ERROR;
1.3179 + break;
1.3180 + }
1.3181 + return error;
1.3182 +}
1.3183 +
1.3184 +/*
1.3185 + * NSSCKFWC_DecryptUpdate
1.3186 + *
1.3187 + */
1.3188 +NSS_IMPLEMENT CK_RV
1.3189 +NSSCKFWC_DecryptUpdate
1.3190 +(
1.3191 + NSSCKFWInstance *fwInstance,
1.3192 + CK_SESSION_HANDLE hSession,
1.3193 + CK_BYTE_PTR pEncryptedPart,
1.3194 + CK_ULONG ulEncryptedPartLen,
1.3195 + CK_BYTE_PTR pPart,
1.3196 + CK_ULONG_PTR pulPartLen
1.3197 +)
1.3198 +{
1.3199 + CK_RV error = CKR_OK;
1.3200 + NSSCKFWSession *fwSession;
1.3201 +
1.3202 + if (!fwInstance) {
1.3203 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3204 + goto loser;
1.3205 + }
1.3206 +
1.3207 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3208 + if (!fwSession) {
1.3209 + error = CKR_SESSION_HANDLE_INVALID;
1.3210 + goto loser;
1.3211 + }
1.3212 +
1.3213 + error = nssCKFWSession_Update(fwSession,
1.3214 + NSSCKFWCryptoOperationType_Decrypt,
1.3215 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.3216 + pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
1.3217 +
1.3218 + if (CKR_OK == error) {
1.3219 + return CKR_OK;
1.3220 + }
1.3221 +
1.3222 +loser:
1.3223 + /* verify error */
1.3224 + switch( error ) {
1.3225 + case CKR_ARGUMENTS_BAD:
1.3226 + case CKR_BUFFER_TOO_SMALL:
1.3227 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3228 + case CKR_DEVICE_ERROR:
1.3229 + case CKR_DEVICE_MEMORY:
1.3230 + case CKR_DEVICE_REMOVED:
1.3231 + case CKR_ENCRYPTED_DATA_INVALID:
1.3232 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.3233 + case CKR_FUNCTION_CANCELED:
1.3234 + case CKR_FUNCTION_FAILED:
1.3235 + case CKR_GENERAL_ERROR:
1.3236 + case CKR_HOST_MEMORY:
1.3237 + case CKR_OPERATION_NOT_INITIALIZED:
1.3238 + case CKR_SESSION_CLOSED:
1.3239 + case CKR_SESSION_HANDLE_INVALID:
1.3240 + case CKR_USER_NOT_LOGGED_IN:
1.3241 + break;
1.3242 + case CKR_DATA_LEN_RANGE:
1.3243 + error = CKR_ENCRYPTED_DATA_LEN_RANGE;
1.3244 + break;
1.3245 + case CKR_DATA_INVALID:
1.3246 + error = CKR_ENCRYPTED_DATA_INVALID;
1.3247 + break;
1.3248 + default:
1.3249 + case CKR_OK:
1.3250 + error = CKR_GENERAL_ERROR;
1.3251 + break;
1.3252 + }
1.3253 + return error;
1.3254 +}
1.3255 +
1.3256 +/*
1.3257 + * NSSCKFWC_DecryptFinal
1.3258 + *
1.3259 + */
1.3260 +NSS_IMPLEMENT CK_RV
1.3261 +NSSCKFWC_DecryptFinal
1.3262 +(
1.3263 + NSSCKFWInstance *fwInstance,
1.3264 + CK_SESSION_HANDLE hSession,
1.3265 + CK_BYTE_PTR pLastPart,
1.3266 + CK_ULONG_PTR pulLastPartLen
1.3267 +)
1.3268 +{
1.3269 + CK_RV error = CKR_OK;
1.3270 + NSSCKFWSession *fwSession;
1.3271 +
1.3272 + if (!fwInstance) {
1.3273 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3274 + goto loser;
1.3275 + }
1.3276 +
1.3277 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3278 + if (!fwSession) {
1.3279 + error = CKR_SESSION_HANDLE_INVALID;
1.3280 + goto loser;
1.3281 + }
1.3282 +
1.3283 + error = nssCKFWSession_Final(fwSession,
1.3284 + NSSCKFWCryptoOperationType_Decrypt,
1.3285 + NSSCKFWCryptoOperationState_EncryptDecrypt,
1.3286 + pLastPart, pulLastPartLen);
1.3287 +
1.3288 + if (CKR_OK == error) {
1.3289 + return CKR_OK;
1.3290 + }
1.3291 +
1.3292 +loser:
1.3293 + /* verify error */
1.3294 + switch( error ) {
1.3295 + case CKR_ARGUMENTS_BAD:
1.3296 + case CKR_BUFFER_TOO_SMALL:
1.3297 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3298 + case CKR_DEVICE_ERROR:
1.3299 + case CKR_DEVICE_MEMORY:
1.3300 + case CKR_DEVICE_REMOVED:
1.3301 + case CKR_FUNCTION_FAILED:
1.3302 + case CKR_FUNCTION_CANCELED:
1.3303 + case CKR_ENCRYPTED_DATA_INVALID:
1.3304 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.3305 + case CKR_GENERAL_ERROR:
1.3306 + case CKR_HOST_MEMORY:
1.3307 + case CKR_OPERATION_NOT_INITIALIZED:
1.3308 + case CKR_SESSION_CLOSED:
1.3309 + case CKR_SESSION_HANDLE_INVALID:
1.3310 + case CKR_USER_NOT_LOGGED_IN:
1.3311 + break;
1.3312 + case CKR_DATA_LEN_RANGE:
1.3313 + error = CKR_ENCRYPTED_DATA_LEN_RANGE;
1.3314 + break;
1.3315 + case CKR_DATA_INVALID:
1.3316 + error = CKR_ENCRYPTED_DATA_INVALID;
1.3317 + break;
1.3318 + default:
1.3319 + case CKR_OK:
1.3320 + error = CKR_GENERAL_ERROR;
1.3321 + break;
1.3322 + }
1.3323 + return error;
1.3324 +}
1.3325 +
1.3326 +/*
1.3327 + * NSSCKFWC_DigestInit
1.3328 + *
1.3329 + */
1.3330 +NSS_IMPLEMENT CK_RV
1.3331 +NSSCKFWC_DigestInit
1.3332 +(
1.3333 + NSSCKFWInstance *fwInstance,
1.3334 + CK_SESSION_HANDLE hSession,
1.3335 + CK_MECHANISM_PTR pMechanism
1.3336 +)
1.3337 +{
1.3338 + CK_RV error = CKR_OK;
1.3339 + NSSCKFWSession *fwSession;
1.3340 + NSSCKFWSlot *fwSlot;
1.3341 + NSSCKFWToken *fwToken;
1.3342 + NSSCKFWMechanism *fwMechanism;
1.3343 +
1.3344 + if (!fwInstance) {
1.3345 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3346 + goto loser;
1.3347 + }
1.3348 +
1.3349 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3350 + if (!fwSession) {
1.3351 + error = CKR_SESSION_HANDLE_INVALID;
1.3352 + goto loser;
1.3353 + }
1.3354 +
1.3355 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.3356 + if (!fwSlot) {
1.3357 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.3358 + goto loser;
1.3359 + }
1.3360 +
1.3361 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.3362 + error = CKR_TOKEN_NOT_PRESENT;
1.3363 + goto loser;
1.3364 + }
1.3365 +
1.3366 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.3367 + if (!fwToken) {
1.3368 + goto loser;
1.3369 + }
1.3370 +
1.3371 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.3372 + if (!fwMechanism) {
1.3373 + goto loser;
1.3374 + }
1.3375 +
1.3376 + error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
1.3377 +
1.3378 + nssCKFWMechanism_Destroy(fwMechanism);
1.3379 +
1.3380 + if (CKR_OK == error) {
1.3381 + return CKR_OK;
1.3382 + }
1.3383 +
1.3384 +loser:
1.3385 + /* verify error */
1.3386 + switch( error ) {
1.3387 + case CKR_ARGUMENTS_BAD:
1.3388 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3389 + case CKR_DEVICE_ERROR:
1.3390 + case CKR_DEVICE_MEMORY:
1.3391 + case CKR_DEVICE_REMOVED:
1.3392 + case CKR_FUNCTION_CANCELED:
1.3393 + case CKR_FUNCTION_FAILED:
1.3394 + case CKR_GENERAL_ERROR:
1.3395 + case CKR_HOST_MEMORY:
1.3396 + case CKR_MECHANISM_INVALID:
1.3397 + case CKR_MECHANISM_PARAM_INVALID:
1.3398 + case CKR_OPERATION_ACTIVE:
1.3399 + case CKR_PIN_EXPIRED:
1.3400 + case CKR_SESSION_CLOSED:
1.3401 + case CKR_SESSION_HANDLE_INVALID:
1.3402 + case CKR_USER_NOT_LOGGED_IN:
1.3403 + break;
1.3404 + default:
1.3405 + case CKR_OK:
1.3406 + error = CKR_GENERAL_ERROR;
1.3407 + break;
1.3408 + }
1.3409 + return error;
1.3410 +}
1.3411 +
1.3412 +/*
1.3413 + * NSSCKFWC_Digest
1.3414 + *
1.3415 + */
1.3416 +NSS_IMPLEMENT CK_RV
1.3417 +NSSCKFWC_Digest
1.3418 +(
1.3419 + NSSCKFWInstance *fwInstance,
1.3420 + CK_SESSION_HANDLE hSession,
1.3421 + CK_BYTE_PTR pData,
1.3422 + CK_ULONG ulDataLen,
1.3423 + CK_BYTE_PTR pDigest,
1.3424 + CK_ULONG_PTR pulDigestLen
1.3425 +)
1.3426 +{
1.3427 + CK_RV error = CKR_OK;
1.3428 + NSSCKFWSession *fwSession;
1.3429 +
1.3430 + if (!fwInstance) {
1.3431 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3432 + goto loser;
1.3433 + }
1.3434 +
1.3435 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3436 + if (!fwSession) {
1.3437 + error = CKR_SESSION_HANDLE_INVALID;
1.3438 + goto loser;
1.3439 + }
1.3440 +
1.3441 + error = nssCKFWSession_UpdateFinal(fwSession,
1.3442 + NSSCKFWCryptoOperationType_Digest,
1.3443 + NSSCKFWCryptoOperationState_Digest,
1.3444 + pData, ulDataLen, pDigest, pulDigestLen);
1.3445 +
1.3446 + if (CKR_OK == error) {
1.3447 + return CKR_OK;
1.3448 + }
1.3449 +
1.3450 +loser:
1.3451 + /* verify error */
1.3452 + switch( error ) {
1.3453 + case CKR_ARGUMENTS_BAD:
1.3454 + case CKR_BUFFER_TOO_SMALL:
1.3455 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3456 + case CKR_DEVICE_ERROR:
1.3457 + case CKR_DEVICE_MEMORY:
1.3458 + case CKR_DEVICE_REMOVED:
1.3459 + case CKR_FUNCTION_CANCELED:
1.3460 + case CKR_FUNCTION_FAILED:
1.3461 + case CKR_GENERAL_ERROR:
1.3462 + case CKR_HOST_MEMORY:
1.3463 + case CKR_OPERATION_NOT_INITIALIZED:
1.3464 + case CKR_SESSION_CLOSED:
1.3465 + case CKR_SESSION_HANDLE_INVALID:
1.3466 + break;
1.3467 + default:
1.3468 + case CKR_OK:
1.3469 + error = CKR_GENERAL_ERROR;
1.3470 + break;
1.3471 + }
1.3472 + return error;
1.3473 +}
1.3474 +
1.3475 +/*
1.3476 + * NSSCKFWC_DigestUpdate
1.3477 + *
1.3478 + */
1.3479 +NSS_IMPLEMENT CK_RV
1.3480 +NSSCKFWC_DigestUpdate
1.3481 +(
1.3482 + NSSCKFWInstance *fwInstance,
1.3483 + CK_SESSION_HANDLE hSession,
1.3484 + CK_BYTE_PTR pData,
1.3485 + CK_ULONG ulDataLen
1.3486 +)
1.3487 +{
1.3488 + CK_RV error = CKR_OK;
1.3489 + NSSCKFWSession *fwSession;
1.3490 +
1.3491 + if (!fwInstance) {
1.3492 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3493 + goto loser;
1.3494 + }
1.3495 +
1.3496 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3497 + if (!fwSession) {
1.3498 + error = CKR_SESSION_HANDLE_INVALID;
1.3499 + goto loser;
1.3500 + }
1.3501 +
1.3502 + error = nssCKFWSession_DigestUpdate(fwSession,
1.3503 + NSSCKFWCryptoOperationType_Digest,
1.3504 + NSSCKFWCryptoOperationState_Digest,
1.3505 + pData, ulDataLen);
1.3506 +
1.3507 + if (CKR_OK == error) {
1.3508 + return CKR_OK;
1.3509 + }
1.3510 +
1.3511 +loser:
1.3512 + /* verify error */
1.3513 + switch( error ) {
1.3514 + case CKR_ARGUMENTS_BAD:
1.3515 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3516 + case CKR_DEVICE_ERROR:
1.3517 + case CKR_DEVICE_MEMORY:
1.3518 + case CKR_DEVICE_REMOVED:
1.3519 + case CKR_FUNCTION_CANCELED:
1.3520 + case CKR_FUNCTION_FAILED:
1.3521 + case CKR_GENERAL_ERROR:
1.3522 + case CKR_HOST_MEMORY:
1.3523 + case CKR_OPERATION_NOT_INITIALIZED:
1.3524 + case CKR_SESSION_CLOSED:
1.3525 + case CKR_SESSION_HANDLE_INVALID:
1.3526 + break;
1.3527 + default:
1.3528 + case CKR_OK:
1.3529 + error = CKR_GENERAL_ERROR;
1.3530 + break;
1.3531 + }
1.3532 + return error;
1.3533 +}
1.3534 +
1.3535 +/*
1.3536 + * NSSCKFWC_DigestKey
1.3537 + *
1.3538 + */
1.3539 +NSS_IMPLEMENT CK_RV
1.3540 +NSSCKFWC_DigestKey
1.3541 +(
1.3542 + NSSCKFWInstance *fwInstance,
1.3543 + CK_SESSION_HANDLE hSession,
1.3544 + CK_OBJECT_HANDLE hKey
1.3545 +)
1.3546 +{
1.3547 + CK_RV error = CKR_OK;
1.3548 + NSSCKFWSession *fwSession;
1.3549 + NSSCKFWObject *fwObject;
1.3550 +
1.3551 + if (!fwInstance) {
1.3552 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3553 + goto loser;
1.3554 + }
1.3555 +
1.3556 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3557 + if (!fwSession) {
1.3558 + error = CKR_SESSION_HANDLE_INVALID;
1.3559 + goto loser;
1.3560 + }
1.3561 +
1.3562 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.3563 + if (!fwObject) {
1.3564 + error = CKR_KEY_HANDLE_INVALID;
1.3565 + goto loser;
1.3566 + }
1.3567 +
1.3568 + error = nssCKFWSession_DigestKey(fwSession, fwObject);
1.3569 +
1.3570 + if (CKR_OK == error) {
1.3571 + return CKR_OK;
1.3572 + }
1.3573 +
1.3574 +loser:
1.3575 + /* verify error */
1.3576 + switch( error ) {
1.3577 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3578 + case CKR_DEVICE_ERROR:
1.3579 + case CKR_DEVICE_MEMORY:
1.3580 + case CKR_DEVICE_REMOVED:
1.3581 + case CKR_FUNCTION_CANCELED:
1.3582 + case CKR_FUNCTION_FAILED:
1.3583 + case CKR_GENERAL_ERROR:
1.3584 + case CKR_HOST_MEMORY:
1.3585 + case CKR_KEY_HANDLE_INVALID:
1.3586 + case CKR_KEY_INDIGESTIBLE:
1.3587 + case CKR_KEY_SIZE_RANGE:
1.3588 + case CKR_OPERATION_NOT_INITIALIZED:
1.3589 + case CKR_SESSION_CLOSED:
1.3590 + case CKR_SESSION_HANDLE_INVALID:
1.3591 + break;
1.3592 + default:
1.3593 + case CKR_OK:
1.3594 + error = CKR_GENERAL_ERROR;
1.3595 + break;
1.3596 + }
1.3597 + return error;
1.3598 +}
1.3599 +
1.3600 +/*
1.3601 + * NSSCKFWC_DigestFinal
1.3602 + *
1.3603 + */
1.3604 +NSS_IMPLEMENT CK_RV
1.3605 +NSSCKFWC_DigestFinal
1.3606 +(
1.3607 + NSSCKFWInstance *fwInstance,
1.3608 + CK_SESSION_HANDLE hSession,
1.3609 + CK_BYTE_PTR pDigest,
1.3610 + CK_ULONG_PTR pulDigestLen
1.3611 +)
1.3612 +{
1.3613 + CK_RV error = CKR_OK;
1.3614 + NSSCKFWSession *fwSession;
1.3615 +
1.3616 + if (!fwInstance) {
1.3617 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3618 + goto loser;
1.3619 + }
1.3620 +
1.3621 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3622 + if (!fwSession) {
1.3623 + error = CKR_SESSION_HANDLE_INVALID;
1.3624 + goto loser;
1.3625 + }
1.3626 +
1.3627 + error = nssCKFWSession_Final(fwSession,
1.3628 + NSSCKFWCryptoOperationType_Digest,
1.3629 + NSSCKFWCryptoOperationState_Digest,
1.3630 + pDigest, pulDigestLen);
1.3631 +
1.3632 + if (CKR_OK == error) {
1.3633 + return CKR_OK;
1.3634 + }
1.3635 +
1.3636 +loser:
1.3637 + /* verify error */
1.3638 + switch( error ) {
1.3639 + case CKR_ARGUMENTS_BAD:
1.3640 + case CKR_BUFFER_TOO_SMALL:
1.3641 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3642 + case CKR_DEVICE_ERROR:
1.3643 + case CKR_DEVICE_MEMORY:
1.3644 + case CKR_DEVICE_REMOVED:
1.3645 + case CKR_FUNCTION_CANCELED:
1.3646 + case CKR_FUNCTION_FAILED:
1.3647 + case CKR_GENERAL_ERROR:
1.3648 + case CKR_HOST_MEMORY:
1.3649 + case CKR_OPERATION_NOT_INITIALIZED:
1.3650 + case CKR_SESSION_CLOSED:
1.3651 + case CKR_SESSION_HANDLE_INVALID:
1.3652 + break;
1.3653 + default:
1.3654 + case CKR_OK:
1.3655 + error = CKR_GENERAL_ERROR;
1.3656 + break;
1.3657 + }
1.3658 + return error;
1.3659 +}
1.3660 +
1.3661 +/*
1.3662 + * NSSCKFWC_SignInit
1.3663 + *
1.3664 + */
1.3665 +NSS_IMPLEMENT CK_RV
1.3666 +NSSCKFWC_SignInit
1.3667 +(
1.3668 + NSSCKFWInstance *fwInstance,
1.3669 + CK_SESSION_HANDLE hSession,
1.3670 + CK_MECHANISM_PTR pMechanism,
1.3671 + CK_OBJECT_HANDLE hKey
1.3672 +)
1.3673 +{
1.3674 + CK_RV error = CKR_OK;
1.3675 + NSSCKFWSession *fwSession;
1.3676 + NSSCKFWObject *fwObject;
1.3677 + NSSCKFWSlot *fwSlot;
1.3678 + NSSCKFWToken *fwToken;
1.3679 + NSSCKFWMechanism *fwMechanism;
1.3680 +
1.3681 + if (!fwInstance) {
1.3682 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3683 + goto loser;
1.3684 + }
1.3685 +
1.3686 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3687 + if (!fwSession) {
1.3688 + error = CKR_SESSION_HANDLE_INVALID;
1.3689 + goto loser;
1.3690 + }
1.3691 +
1.3692 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.3693 + if (!fwObject) {
1.3694 + error = CKR_KEY_HANDLE_INVALID;
1.3695 + goto loser;
1.3696 + }
1.3697 +
1.3698 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.3699 + if (!fwSlot) {
1.3700 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.3701 + goto loser;
1.3702 + }
1.3703 +
1.3704 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.3705 + error = CKR_TOKEN_NOT_PRESENT;
1.3706 + goto loser;
1.3707 + }
1.3708 +
1.3709 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.3710 + if (!fwToken) {
1.3711 + goto loser;
1.3712 + }
1.3713 +
1.3714 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.3715 + if (!fwMechanism) {
1.3716 + goto loser;
1.3717 + }
1.3718 +
1.3719 + error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
1.3720 + fwObject);
1.3721 +
1.3722 + nssCKFWMechanism_Destroy(fwMechanism);
1.3723 +
1.3724 + if (CKR_OK == error) {
1.3725 + return CKR_OK;
1.3726 + }
1.3727 +
1.3728 +loser:
1.3729 + /* verify error */
1.3730 + switch( error ) {
1.3731 + case CKR_ARGUMENTS_BAD:
1.3732 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3733 + case CKR_DEVICE_ERROR:
1.3734 + case CKR_DEVICE_MEMORY:
1.3735 + case CKR_DEVICE_REMOVED:
1.3736 + case CKR_FUNCTION_CANCELED:
1.3737 + case CKR_FUNCTION_FAILED:
1.3738 + case CKR_GENERAL_ERROR:
1.3739 + case CKR_HOST_MEMORY:
1.3740 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.3741 + case CKR_KEY_HANDLE_INVALID:
1.3742 + case CKR_KEY_SIZE_RANGE:
1.3743 + case CKR_KEY_TYPE_INCONSISTENT:
1.3744 + case CKR_MECHANISM_INVALID:
1.3745 + case CKR_MECHANISM_PARAM_INVALID:
1.3746 + case CKR_OPERATION_ACTIVE:
1.3747 + case CKR_PIN_EXPIRED:
1.3748 + case CKR_SESSION_CLOSED:
1.3749 + case CKR_SESSION_HANDLE_INVALID:
1.3750 + case CKR_USER_NOT_LOGGED_IN:
1.3751 + break;
1.3752 + default:
1.3753 + case CKR_OK:
1.3754 + error = CKR_GENERAL_ERROR;
1.3755 + break;
1.3756 + }
1.3757 + return error;
1.3758 +}
1.3759 +
1.3760 +/*
1.3761 + * NSSCKFWC_Sign
1.3762 + *
1.3763 + */
1.3764 +NSS_IMPLEMENT CK_RV
1.3765 +NSSCKFWC_Sign
1.3766 +(
1.3767 + NSSCKFWInstance *fwInstance,
1.3768 + CK_SESSION_HANDLE hSession,
1.3769 + CK_BYTE_PTR pData,
1.3770 + CK_ULONG ulDataLen,
1.3771 + CK_BYTE_PTR pSignature,
1.3772 + CK_ULONG_PTR pulSignatureLen
1.3773 +)
1.3774 +{
1.3775 + CK_RV error = CKR_OK;
1.3776 + NSSCKFWSession *fwSession;
1.3777 +
1.3778 + if (!fwInstance) {
1.3779 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3780 + goto loser;
1.3781 + }
1.3782 +
1.3783 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3784 + if (!fwSession) {
1.3785 + error = CKR_SESSION_HANDLE_INVALID;
1.3786 + goto loser;
1.3787 + }
1.3788 +
1.3789 + error = nssCKFWSession_UpdateFinal(fwSession,
1.3790 + NSSCKFWCryptoOperationType_Sign,
1.3791 + NSSCKFWCryptoOperationState_SignVerify,
1.3792 + pData, ulDataLen, pSignature, pulSignatureLen);
1.3793 +
1.3794 + if (CKR_OK == error) {
1.3795 + return CKR_OK;
1.3796 + }
1.3797 +
1.3798 +loser:
1.3799 + /* verify error */
1.3800 + switch( error ) {
1.3801 + case CKR_ARGUMENTS_BAD:
1.3802 + case CKR_BUFFER_TOO_SMALL:
1.3803 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3804 + case CKR_DATA_INVALID:
1.3805 + case CKR_DATA_LEN_RANGE:
1.3806 + case CKR_DEVICE_ERROR:
1.3807 + case CKR_DEVICE_MEMORY:
1.3808 + case CKR_DEVICE_REMOVED:
1.3809 + case CKR_FUNCTION_CANCELED:
1.3810 + case CKR_FUNCTION_FAILED:
1.3811 + case CKR_GENERAL_ERROR:
1.3812 + case CKR_HOST_MEMORY:
1.3813 + case CKR_OPERATION_NOT_INITIALIZED:
1.3814 + case CKR_SESSION_CLOSED:
1.3815 + case CKR_SESSION_HANDLE_INVALID:
1.3816 + case CKR_USER_NOT_LOGGED_IN:
1.3817 + case CKR_FUNCTION_REJECTED:
1.3818 + break;
1.3819 + default:
1.3820 + case CKR_OK:
1.3821 + error = CKR_GENERAL_ERROR;
1.3822 + break;
1.3823 + }
1.3824 + return error;
1.3825 +}
1.3826 +
1.3827 +/*
1.3828 + * NSSCKFWC_SignUpdate
1.3829 + *
1.3830 + */
1.3831 +NSS_IMPLEMENT CK_RV
1.3832 +NSSCKFWC_SignUpdate
1.3833 +(
1.3834 + NSSCKFWInstance *fwInstance,
1.3835 + CK_SESSION_HANDLE hSession,
1.3836 + CK_BYTE_PTR pPart,
1.3837 + CK_ULONG ulPartLen
1.3838 +)
1.3839 +{
1.3840 + CK_RV error = CKR_OK;
1.3841 + NSSCKFWSession *fwSession;
1.3842 +
1.3843 + if (!fwInstance) {
1.3844 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3845 + goto loser;
1.3846 + }
1.3847 +
1.3848 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3849 + if (!fwSession) {
1.3850 + error = CKR_SESSION_HANDLE_INVALID;
1.3851 + goto loser;
1.3852 + }
1.3853 +
1.3854 + error = nssCKFWSession_DigestUpdate(fwSession,
1.3855 + NSSCKFWCryptoOperationType_Sign,
1.3856 + NSSCKFWCryptoOperationState_SignVerify,
1.3857 + pPart, ulPartLen);
1.3858 +
1.3859 + if (CKR_OK == error) {
1.3860 + return CKR_OK;
1.3861 + }
1.3862 +
1.3863 +loser:
1.3864 + /* verify error */
1.3865 + switch( error ) {
1.3866 + case CKR_ARGUMENTS_BAD:
1.3867 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3868 + case CKR_DATA_LEN_RANGE:
1.3869 + case CKR_DEVICE_ERROR:
1.3870 + case CKR_DEVICE_MEMORY:
1.3871 + case CKR_DEVICE_REMOVED:
1.3872 + case CKR_FUNCTION_CANCELED:
1.3873 + case CKR_FUNCTION_FAILED:
1.3874 + case CKR_GENERAL_ERROR:
1.3875 + case CKR_HOST_MEMORY:
1.3876 + case CKR_OPERATION_NOT_INITIALIZED:
1.3877 + case CKR_SESSION_CLOSED:
1.3878 + case CKR_SESSION_HANDLE_INVALID:
1.3879 + case CKR_USER_NOT_LOGGED_IN:
1.3880 + break;
1.3881 + default:
1.3882 + case CKR_OK:
1.3883 + error = CKR_GENERAL_ERROR;
1.3884 + break;
1.3885 + }
1.3886 + return error;
1.3887 +}
1.3888 +
1.3889 +/*
1.3890 + * NSSCKFWC_SignFinal
1.3891 + *
1.3892 + */
1.3893 +NSS_IMPLEMENT CK_RV
1.3894 +NSSCKFWC_SignFinal
1.3895 +(
1.3896 + NSSCKFWInstance *fwInstance,
1.3897 + CK_SESSION_HANDLE hSession,
1.3898 + CK_BYTE_PTR pSignature,
1.3899 + CK_ULONG_PTR pulSignatureLen
1.3900 +)
1.3901 +{
1.3902 + CK_RV error = CKR_OK;
1.3903 + NSSCKFWSession *fwSession;
1.3904 +
1.3905 + if (!fwInstance) {
1.3906 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3907 + goto loser;
1.3908 + }
1.3909 +
1.3910 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3911 + if (!fwSession) {
1.3912 + error = CKR_SESSION_HANDLE_INVALID;
1.3913 + goto loser;
1.3914 + }
1.3915 +
1.3916 + error = nssCKFWSession_Final(fwSession,
1.3917 + NSSCKFWCryptoOperationType_Sign,
1.3918 + NSSCKFWCryptoOperationState_SignVerify,
1.3919 + pSignature, pulSignatureLen);
1.3920 +
1.3921 + if (CKR_OK == error) {
1.3922 + return CKR_OK;
1.3923 + }
1.3924 +
1.3925 +loser:
1.3926 + /* verify error */
1.3927 + switch( error ) {
1.3928 + case CKR_ARGUMENTS_BAD:
1.3929 + case CKR_BUFFER_TOO_SMALL:
1.3930 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.3931 + case CKR_DATA_LEN_RANGE:
1.3932 + case CKR_DEVICE_ERROR:
1.3933 + case CKR_DEVICE_MEMORY:
1.3934 + case CKR_DEVICE_REMOVED:
1.3935 + case CKR_FUNCTION_CANCELED:
1.3936 + case CKR_FUNCTION_FAILED:
1.3937 + case CKR_GENERAL_ERROR:
1.3938 + case CKR_HOST_MEMORY:
1.3939 + case CKR_OPERATION_NOT_INITIALIZED:
1.3940 + case CKR_SESSION_CLOSED:
1.3941 + case CKR_SESSION_HANDLE_INVALID:
1.3942 + case CKR_USER_NOT_LOGGED_IN:
1.3943 + case CKR_FUNCTION_REJECTED:
1.3944 + break;
1.3945 + default:
1.3946 + case CKR_OK:
1.3947 + error = CKR_GENERAL_ERROR;
1.3948 + break;
1.3949 + }
1.3950 + return error;
1.3951 +}
1.3952 +
1.3953 +/*
1.3954 + * NSSCKFWC_SignRecoverInit
1.3955 + *
1.3956 + */
1.3957 +NSS_IMPLEMENT CK_RV
1.3958 +NSSCKFWC_SignRecoverInit
1.3959 +(
1.3960 + NSSCKFWInstance *fwInstance,
1.3961 + CK_SESSION_HANDLE hSession,
1.3962 + CK_MECHANISM_PTR pMechanism,
1.3963 + CK_OBJECT_HANDLE hKey
1.3964 +)
1.3965 +{
1.3966 + CK_RV error = CKR_OK;
1.3967 + NSSCKFWSession *fwSession;
1.3968 + NSSCKFWObject *fwObject;
1.3969 + NSSCKFWSlot *fwSlot;
1.3970 + NSSCKFWToken *fwToken;
1.3971 + NSSCKFWMechanism *fwMechanism;
1.3972 +
1.3973 + if (!fwInstance) {
1.3974 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.3975 + goto loser;
1.3976 + }
1.3977 +
1.3978 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.3979 + if (!fwSession) {
1.3980 + error = CKR_SESSION_HANDLE_INVALID;
1.3981 + goto loser;
1.3982 + }
1.3983 +
1.3984 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.3985 + if (!fwObject) {
1.3986 + error = CKR_KEY_HANDLE_INVALID;
1.3987 + goto loser;
1.3988 + }
1.3989 +
1.3990 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.3991 + if (!fwSlot) {
1.3992 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.3993 + goto loser;
1.3994 + }
1.3995 +
1.3996 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.3997 + error = CKR_TOKEN_NOT_PRESENT;
1.3998 + goto loser;
1.3999 + }
1.4000 +
1.4001 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.4002 + if (!fwToken) {
1.4003 + goto loser;
1.4004 + }
1.4005 +
1.4006 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.4007 + if (!fwMechanism) {
1.4008 + goto loser;
1.4009 + }
1.4010 +
1.4011 + error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
1.4012 + fwObject);
1.4013 +
1.4014 + nssCKFWMechanism_Destroy(fwMechanism);
1.4015 +
1.4016 + if (CKR_OK == error) {
1.4017 + return CKR_OK;
1.4018 + }
1.4019 +
1.4020 +loser:
1.4021 + /* verify error */
1.4022 + switch( error ) {
1.4023 + case CKR_ARGUMENTS_BAD:
1.4024 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4025 + case CKR_DEVICE_ERROR:
1.4026 + case CKR_DEVICE_MEMORY:
1.4027 + case CKR_DEVICE_REMOVED:
1.4028 + case CKR_FUNCTION_CANCELED:
1.4029 + case CKR_FUNCTION_FAILED:
1.4030 + case CKR_GENERAL_ERROR:
1.4031 + case CKR_HOST_MEMORY:
1.4032 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.4033 + case CKR_KEY_HANDLE_INVALID:
1.4034 + case CKR_KEY_SIZE_RANGE:
1.4035 + case CKR_KEY_TYPE_INCONSISTENT:
1.4036 + case CKR_MECHANISM_INVALID:
1.4037 + case CKR_MECHANISM_PARAM_INVALID:
1.4038 + case CKR_OPERATION_ACTIVE:
1.4039 + case CKR_PIN_EXPIRED:
1.4040 + case CKR_SESSION_CLOSED:
1.4041 + case CKR_SESSION_HANDLE_INVALID:
1.4042 + case CKR_USER_NOT_LOGGED_IN:
1.4043 + break;
1.4044 + default:
1.4045 + case CKR_OK:
1.4046 + error = CKR_GENERAL_ERROR;
1.4047 + break;
1.4048 + }
1.4049 + return error;
1.4050 +}
1.4051 +
1.4052 +/*
1.4053 + * NSSCKFWC_SignRecover
1.4054 + *
1.4055 + */
1.4056 +NSS_IMPLEMENT CK_RV
1.4057 +NSSCKFWC_SignRecover
1.4058 +(
1.4059 + NSSCKFWInstance *fwInstance,
1.4060 + CK_SESSION_HANDLE hSession,
1.4061 + CK_BYTE_PTR pData,
1.4062 + CK_ULONG ulDataLen,
1.4063 + CK_BYTE_PTR pSignature,
1.4064 + CK_ULONG_PTR pulSignatureLen
1.4065 +)
1.4066 +{
1.4067 + CK_RV error = CKR_OK;
1.4068 + NSSCKFWSession *fwSession;
1.4069 +
1.4070 + if (!fwInstance) {
1.4071 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4072 + goto loser;
1.4073 + }
1.4074 +
1.4075 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4076 + if (!fwSession) {
1.4077 + error = CKR_SESSION_HANDLE_INVALID;
1.4078 + goto loser;
1.4079 + }
1.4080 +
1.4081 + error = nssCKFWSession_UpdateFinal(fwSession,
1.4082 + NSSCKFWCryptoOperationType_SignRecover,
1.4083 + NSSCKFWCryptoOperationState_SignVerify,
1.4084 + pData, ulDataLen, pSignature, pulSignatureLen);
1.4085 +
1.4086 + if (CKR_OK == error) {
1.4087 + return CKR_OK;
1.4088 + }
1.4089 +
1.4090 +loser:
1.4091 + /* verify error */
1.4092 + switch( error ) {
1.4093 + case CKR_ARGUMENTS_BAD:
1.4094 + case CKR_BUFFER_TOO_SMALL:
1.4095 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4096 + case CKR_DATA_INVALID:
1.4097 + case CKR_DATA_LEN_RANGE:
1.4098 + case CKR_DEVICE_ERROR:
1.4099 + case CKR_DEVICE_MEMORY:
1.4100 + case CKR_DEVICE_REMOVED:
1.4101 + case CKR_FUNCTION_CANCELED:
1.4102 + case CKR_FUNCTION_FAILED:
1.4103 + case CKR_GENERAL_ERROR:
1.4104 + case CKR_HOST_MEMORY:
1.4105 + case CKR_OPERATION_NOT_INITIALIZED:
1.4106 + case CKR_SESSION_CLOSED:
1.4107 + case CKR_SESSION_HANDLE_INVALID:
1.4108 + case CKR_USER_NOT_LOGGED_IN:
1.4109 + break;
1.4110 + default:
1.4111 + case CKR_OK:
1.4112 + error = CKR_GENERAL_ERROR;
1.4113 + break;
1.4114 + }
1.4115 + return error;
1.4116 +}
1.4117 +
1.4118 +/*
1.4119 + * NSSCKFWC_VerifyInit
1.4120 + *
1.4121 + */
1.4122 +NSS_IMPLEMENT CK_RV
1.4123 +NSSCKFWC_VerifyInit
1.4124 +(
1.4125 + NSSCKFWInstance *fwInstance,
1.4126 + CK_SESSION_HANDLE hSession,
1.4127 + CK_MECHANISM_PTR pMechanism,
1.4128 + CK_OBJECT_HANDLE hKey
1.4129 +)
1.4130 +{
1.4131 + CK_RV error = CKR_OK;
1.4132 + NSSCKFWSession *fwSession;
1.4133 + NSSCKFWObject *fwObject;
1.4134 + NSSCKFWSlot *fwSlot;
1.4135 + NSSCKFWToken *fwToken;
1.4136 + NSSCKFWMechanism *fwMechanism;
1.4137 +
1.4138 + if (!fwInstance) {
1.4139 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4140 + goto loser;
1.4141 + }
1.4142 +
1.4143 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4144 + if (!fwSession) {
1.4145 + error = CKR_SESSION_HANDLE_INVALID;
1.4146 + goto loser;
1.4147 + }
1.4148 +
1.4149 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.4150 + if (!fwObject) {
1.4151 + error = CKR_KEY_HANDLE_INVALID;
1.4152 + goto loser;
1.4153 + }
1.4154 +
1.4155 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.4156 + if (!fwSlot) {
1.4157 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.4158 + goto loser;
1.4159 + }
1.4160 +
1.4161 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.4162 + error = CKR_TOKEN_NOT_PRESENT;
1.4163 + goto loser;
1.4164 + }
1.4165 +
1.4166 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.4167 + if (!fwToken) {
1.4168 + goto loser;
1.4169 + }
1.4170 +
1.4171 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.4172 + if (!fwMechanism) {
1.4173 + goto loser;
1.4174 + }
1.4175 +
1.4176 + error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
1.4177 + fwObject);
1.4178 +
1.4179 + nssCKFWMechanism_Destroy(fwMechanism);
1.4180 +
1.4181 + if (CKR_OK == error) {
1.4182 + return CKR_OK;
1.4183 + }
1.4184 +
1.4185 +loser:
1.4186 + /* verify error */
1.4187 + switch( error ) {
1.4188 + case CKR_ARGUMENTS_BAD:
1.4189 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4190 + case CKR_DEVICE_ERROR:
1.4191 + case CKR_DEVICE_MEMORY:
1.4192 + case CKR_DEVICE_REMOVED:
1.4193 + case CKR_FUNCTION_CANCELED:
1.4194 + case CKR_FUNCTION_FAILED:
1.4195 + case CKR_GENERAL_ERROR:
1.4196 + case CKR_HOST_MEMORY:
1.4197 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.4198 + case CKR_KEY_HANDLE_INVALID:
1.4199 + case CKR_KEY_SIZE_RANGE:
1.4200 + case CKR_KEY_TYPE_INCONSISTENT:
1.4201 + case CKR_MECHANISM_INVALID:
1.4202 + case CKR_MECHANISM_PARAM_INVALID:
1.4203 + case CKR_OPERATION_ACTIVE:
1.4204 + case CKR_PIN_EXPIRED:
1.4205 + case CKR_SESSION_CLOSED:
1.4206 + case CKR_SESSION_HANDLE_INVALID:
1.4207 + case CKR_USER_NOT_LOGGED_IN:
1.4208 + break;
1.4209 + default:
1.4210 + case CKR_OK:
1.4211 + error = CKR_GENERAL_ERROR;
1.4212 + break;
1.4213 + }
1.4214 + return error;
1.4215 +}
1.4216 +
1.4217 +/*
1.4218 + * NSSCKFWC_Verify
1.4219 + *
1.4220 + */
1.4221 +NSS_IMPLEMENT CK_RV
1.4222 +NSSCKFWC_Verify
1.4223 +(
1.4224 + NSSCKFWInstance *fwInstance,
1.4225 + CK_SESSION_HANDLE hSession,
1.4226 + CK_BYTE_PTR pData,
1.4227 + CK_ULONG ulDataLen,
1.4228 + CK_BYTE_PTR pSignature,
1.4229 + CK_ULONG ulSignatureLen
1.4230 +)
1.4231 +{
1.4232 + CK_RV error = CKR_OK;
1.4233 + NSSCKFWSession *fwSession;
1.4234 +
1.4235 + if (!fwInstance) {
1.4236 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4237 + goto loser;
1.4238 + }
1.4239 +
1.4240 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4241 + if (!fwSession) {
1.4242 + error = CKR_SESSION_HANDLE_INVALID;
1.4243 + goto loser;
1.4244 + }
1.4245 +
1.4246 + error = nssCKFWSession_UpdateFinal(fwSession,
1.4247 + NSSCKFWCryptoOperationType_Verify,
1.4248 + NSSCKFWCryptoOperationState_SignVerify,
1.4249 + pData, ulDataLen, pSignature, &ulSignatureLen);
1.4250 +
1.4251 + if (CKR_OK == error) {
1.4252 + return CKR_OK;
1.4253 + }
1.4254 +
1.4255 +loser:
1.4256 + /* verify error */
1.4257 + switch( error ) {
1.4258 + case CKR_ARGUMENTS_BAD:
1.4259 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4260 + case CKR_DATA_INVALID:
1.4261 + case CKR_DATA_LEN_RANGE:
1.4262 + case CKR_DEVICE_ERROR:
1.4263 + case CKR_DEVICE_MEMORY:
1.4264 + case CKR_DEVICE_REMOVED:
1.4265 + case CKR_FUNCTION_CANCELED:
1.4266 + case CKR_FUNCTION_FAILED:
1.4267 + case CKR_GENERAL_ERROR:
1.4268 + case CKR_HOST_MEMORY:
1.4269 + case CKR_OPERATION_NOT_INITIALIZED:
1.4270 + case CKR_SESSION_CLOSED:
1.4271 + case CKR_SESSION_HANDLE_INVALID:
1.4272 + case CKR_SIGNATURE_INVALID:
1.4273 + case CKR_SIGNATURE_LEN_RANGE:
1.4274 + break;
1.4275 + default:
1.4276 + case CKR_OK:
1.4277 + error = CKR_GENERAL_ERROR;
1.4278 + break;
1.4279 + }
1.4280 + return error;
1.4281 +}
1.4282 +
1.4283 +/*
1.4284 + * NSSCKFWC_VerifyUpdate
1.4285 + *
1.4286 + */
1.4287 +NSS_IMPLEMENT CK_RV
1.4288 +NSSCKFWC_VerifyUpdate
1.4289 +(
1.4290 + NSSCKFWInstance *fwInstance,
1.4291 + CK_SESSION_HANDLE hSession,
1.4292 + CK_BYTE_PTR pPart,
1.4293 + CK_ULONG ulPartLen
1.4294 +)
1.4295 +{
1.4296 + CK_RV error = CKR_OK;
1.4297 + NSSCKFWSession *fwSession;
1.4298 +
1.4299 + if (!fwInstance) {
1.4300 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4301 + goto loser;
1.4302 + }
1.4303 +
1.4304 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4305 + if (!fwSession) {
1.4306 + error = CKR_SESSION_HANDLE_INVALID;
1.4307 + goto loser;
1.4308 + }
1.4309 +
1.4310 + error = nssCKFWSession_DigestUpdate(fwSession,
1.4311 + NSSCKFWCryptoOperationType_Verify,
1.4312 + NSSCKFWCryptoOperationState_SignVerify,
1.4313 + pPart, ulPartLen);
1.4314 +
1.4315 + if (CKR_OK == error) {
1.4316 + return CKR_OK;
1.4317 + }
1.4318 +
1.4319 +loser:
1.4320 + /* verify error */
1.4321 + switch( error ) {
1.4322 + case CKR_ARGUMENTS_BAD:
1.4323 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4324 + case CKR_DATA_LEN_RANGE:
1.4325 + case CKR_DEVICE_ERROR:
1.4326 + case CKR_DEVICE_MEMORY:
1.4327 + case CKR_DEVICE_REMOVED:
1.4328 + case CKR_FUNCTION_CANCELED:
1.4329 + case CKR_FUNCTION_FAILED:
1.4330 + case CKR_GENERAL_ERROR:
1.4331 + case CKR_HOST_MEMORY:
1.4332 + case CKR_OPERATION_NOT_INITIALIZED:
1.4333 + case CKR_SESSION_CLOSED:
1.4334 + case CKR_SESSION_HANDLE_INVALID:
1.4335 + break;
1.4336 + default:
1.4337 + case CKR_OK:
1.4338 + error = CKR_GENERAL_ERROR;
1.4339 + break;
1.4340 + }
1.4341 + return error;
1.4342 +}
1.4343 +
1.4344 +/*
1.4345 + * NSSCKFWC_VerifyFinal
1.4346 + *
1.4347 + */
1.4348 +NSS_IMPLEMENT CK_RV
1.4349 +NSSCKFWC_VerifyFinal
1.4350 +(
1.4351 + NSSCKFWInstance *fwInstance,
1.4352 + CK_SESSION_HANDLE hSession,
1.4353 + CK_BYTE_PTR pSignature,
1.4354 + CK_ULONG ulSignatureLen
1.4355 +)
1.4356 +{
1.4357 + CK_RV error = CKR_OK;
1.4358 + NSSCKFWSession *fwSession;
1.4359 +
1.4360 + if (!fwInstance) {
1.4361 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4362 + goto loser;
1.4363 + }
1.4364 +
1.4365 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4366 + if (!fwSession) {
1.4367 + error = CKR_SESSION_HANDLE_INVALID;
1.4368 + goto loser;
1.4369 + }
1.4370 +
1.4371 + error = nssCKFWSession_Final(fwSession,
1.4372 + NSSCKFWCryptoOperationType_Verify,
1.4373 + NSSCKFWCryptoOperationState_SignVerify,
1.4374 + pSignature, &ulSignatureLen);
1.4375 +
1.4376 + if (CKR_OK == error) {
1.4377 + return CKR_OK;
1.4378 + }
1.4379 +
1.4380 +loser:
1.4381 + /* verify error */
1.4382 + switch( error ) {
1.4383 + case CKR_ARGUMENTS_BAD:
1.4384 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4385 + case CKR_DATA_LEN_RANGE:
1.4386 + case CKR_DEVICE_ERROR:
1.4387 + case CKR_DEVICE_MEMORY:
1.4388 + case CKR_DEVICE_REMOVED:
1.4389 + case CKR_FUNCTION_CANCELED:
1.4390 + case CKR_FUNCTION_FAILED:
1.4391 + case CKR_GENERAL_ERROR:
1.4392 + case CKR_HOST_MEMORY:
1.4393 + case CKR_OPERATION_NOT_INITIALIZED:
1.4394 + case CKR_SESSION_CLOSED:
1.4395 + case CKR_SESSION_HANDLE_INVALID:
1.4396 + case CKR_SIGNATURE_INVALID:
1.4397 + case CKR_SIGNATURE_LEN_RANGE:
1.4398 + break;
1.4399 + default:
1.4400 + case CKR_OK:
1.4401 + error = CKR_GENERAL_ERROR;
1.4402 + break;
1.4403 + }
1.4404 + return error;
1.4405 +}
1.4406 +
1.4407 +/*
1.4408 + * NSSCKFWC_VerifyRecoverInit
1.4409 + *
1.4410 + */
1.4411 +NSS_IMPLEMENT CK_RV
1.4412 +NSSCKFWC_VerifyRecoverInit
1.4413 +(
1.4414 + NSSCKFWInstance *fwInstance,
1.4415 + CK_SESSION_HANDLE hSession,
1.4416 + CK_MECHANISM_PTR pMechanism,
1.4417 + CK_OBJECT_HANDLE hKey
1.4418 +)
1.4419 +{
1.4420 + CK_RV error = CKR_OK;
1.4421 + NSSCKFWSession *fwSession;
1.4422 + NSSCKFWObject *fwObject;
1.4423 + NSSCKFWSlot *fwSlot;
1.4424 + NSSCKFWToken *fwToken;
1.4425 + NSSCKFWMechanism *fwMechanism;
1.4426 +
1.4427 + if (!fwInstance) {
1.4428 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4429 + goto loser;
1.4430 + }
1.4431 +
1.4432 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4433 + if (!fwSession) {
1.4434 + error = CKR_SESSION_HANDLE_INVALID;
1.4435 + goto loser;
1.4436 + }
1.4437 +
1.4438 + fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.4439 + if (!fwObject) {
1.4440 + error = CKR_KEY_HANDLE_INVALID;
1.4441 + goto loser;
1.4442 + }
1.4443 +
1.4444 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.4445 + if (!fwSlot) {
1.4446 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.4447 + goto loser;
1.4448 + }
1.4449 +
1.4450 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.4451 + error = CKR_TOKEN_NOT_PRESENT;
1.4452 + goto loser;
1.4453 + }
1.4454 +
1.4455 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.4456 + if (!fwToken) {
1.4457 + goto loser;
1.4458 + }
1.4459 +
1.4460 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.4461 + if (!fwMechanism) {
1.4462 + goto loser;
1.4463 + }
1.4464 +
1.4465 + error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
1.4466 + fwSession, fwObject);
1.4467 +
1.4468 + nssCKFWMechanism_Destroy(fwMechanism);
1.4469 +
1.4470 + if (CKR_OK == error) {
1.4471 + return CKR_OK;
1.4472 + }
1.4473 +
1.4474 +loser:
1.4475 + /* verify error */
1.4476 + switch( error ) {
1.4477 + case CKR_ARGUMENTS_BAD:
1.4478 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4479 + case CKR_DEVICE_ERROR:
1.4480 + case CKR_DEVICE_MEMORY:
1.4481 + case CKR_DEVICE_REMOVED:
1.4482 + case CKR_FUNCTION_CANCELED:
1.4483 + case CKR_FUNCTION_FAILED:
1.4484 + case CKR_GENERAL_ERROR:
1.4485 + case CKR_HOST_MEMORY:
1.4486 + case CKR_KEY_FUNCTION_NOT_PERMITTED:
1.4487 + case CKR_KEY_HANDLE_INVALID:
1.4488 + case CKR_KEY_SIZE_RANGE:
1.4489 + case CKR_KEY_TYPE_INCONSISTENT:
1.4490 + case CKR_MECHANISM_INVALID:
1.4491 + case CKR_MECHANISM_PARAM_INVALID:
1.4492 + case CKR_OPERATION_ACTIVE:
1.4493 + case CKR_PIN_EXPIRED:
1.4494 + case CKR_SESSION_HANDLE_INVALID:
1.4495 + case CKR_SESSION_CLOSED:
1.4496 + case CKR_USER_NOT_LOGGED_IN:
1.4497 + break;
1.4498 + default:
1.4499 + case CKR_OK:
1.4500 + error = CKR_GENERAL_ERROR;
1.4501 + break;
1.4502 + }
1.4503 + return error;
1.4504 +}
1.4505 +
1.4506 +/*
1.4507 + * NSSCKFWC_VerifyRecover
1.4508 + *
1.4509 + */
1.4510 +NSS_IMPLEMENT CK_RV
1.4511 +NSSCKFWC_VerifyRecover
1.4512 +(
1.4513 + NSSCKFWInstance *fwInstance,
1.4514 + CK_SESSION_HANDLE hSession,
1.4515 + CK_BYTE_PTR pSignature,
1.4516 + CK_ULONG ulSignatureLen,
1.4517 + CK_BYTE_PTR pData,
1.4518 + CK_ULONG_PTR pulDataLen
1.4519 +)
1.4520 +{
1.4521 + CK_RV error = CKR_OK;
1.4522 + NSSCKFWSession *fwSession;
1.4523 +
1.4524 + if (!fwInstance) {
1.4525 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4526 + goto loser;
1.4527 + }
1.4528 +
1.4529 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4530 + if (!fwSession) {
1.4531 + error = CKR_SESSION_HANDLE_INVALID;
1.4532 + goto loser;
1.4533 + }
1.4534 +
1.4535 + error = nssCKFWSession_UpdateFinal(fwSession,
1.4536 + NSSCKFWCryptoOperationType_VerifyRecover,
1.4537 + NSSCKFWCryptoOperationState_SignVerify,
1.4538 + pSignature, ulSignatureLen, pData, pulDataLen);
1.4539 + if (CKR_OK == error) {
1.4540 + return CKR_OK;
1.4541 + }
1.4542 +loser:
1.4543 + /* verify error */
1.4544 + switch( error ) {
1.4545 + case CKR_ARGUMENTS_BAD:
1.4546 + case CKR_BUFFER_TOO_SMALL:
1.4547 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4548 + case CKR_DATA_INVALID:
1.4549 + case CKR_DATA_LEN_RANGE:
1.4550 + case CKR_DEVICE_ERROR:
1.4551 + case CKR_DEVICE_MEMORY:
1.4552 + case CKR_DEVICE_REMOVED:
1.4553 + case CKR_FUNCTION_CANCELED:
1.4554 + case CKR_FUNCTION_FAILED:
1.4555 + case CKR_GENERAL_ERROR:
1.4556 + case CKR_HOST_MEMORY:
1.4557 + case CKR_OPERATION_NOT_INITIALIZED:
1.4558 + case CKR_SESSION_CLOSED:
1.4559 + case CKR_SESSION_HANDLE_INVALID:
1.4560 + case CKR_SIGNATURE_INVALID:
1.4561 + case CKR_SIGNATURE_LEN_RANGE:
1.4562 + break;
1.4563 + default:
1.4564 + case CKR_OK:
1.4565 + error = CKR_GENERAL_ERROR;
1.4566 + break;
1.4567 + }
1.4568 + return error;
1.4569 +}
1.4570 +
1.4571 +/*
1.4572 + * NSSCKFWC_DigestEncryptUpdate
1.4573 + *
1.4574 + */
1.4575 +NSS_IMPLEMENT CK_RV
1.4576 +NSSCKFWC_DigestEncryptUpdate
1.4577 +(
1.4578 + NSSCKFWInstance *fwInstance,
1.4579 + CK_SESSION_HANDLE hSession,
1.4580 + CK_BYTE_PTR pPart,
1.4581 + CK_ULONG ulPartLen,
1.4582 + CK_BYTE_PTR pEncryptedPart,
1.4583 + CK_ULONG_PTR pulEncryptedPartLen
1.4584 +)
1.4585 +{
1.4586 + CK_RV error = CKR_OK;
1.4587 + NSSCKFWSession *fwSession;
1.4588 +
1.4589 + if (!fwInstance) {
1.4590 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4591 + goto loser;
1.4592 + }
1.4593 +
1.4594 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4595 + if (!fwSession) {
1.4596 + error = CKR_SESSION_HANDLE_INVALID;
1.4597 + goto loser;
1.4598 + }
1.4599 +
1.4600 + error = nssCKFWSession_UpdateCombo(fwSession,
1.4601 + NSSCKFWCryptoOperationType_Encrypt,
1.4602 + NSSCKFWCryptoOperationType_Digest,
1.4603 + NSSCKFWCryptoOperationState_Digest,
1.4604 + pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
1.4605 +
1.4606 + if (CKR_OK == error) {
1.4607 + return CKR_OK;
1.4608 + }
1.4609 +
1.4610 +loser:
1.4611 + /* verify error */
1.4612 + switch( error ) {
1.4613 + case CKR_ARGUMENTS_BAD:
1.4614 + case CKR_BUFFER_TOO_SMALL:
1.4615 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4616 + case CKR_DATA_LEN_RANGE:
1.4617 + case CKR_DEVICE_ERROR:
1.4618 + case CKR_DEVICE_MEMORY:
1.4619 + case CKR_DEVICE_REMOVED:
1.4620 + case CKR_FUNCTION_CANCELED:
1.4621 + case CKR_FUNCTION_FAILED:
1.4622 + case CKR_GENERAL_ERROR:
1.4623 + case CKR_HOST_MEMORY:
1.4624 + case CKR_OPERATION_NOT_INITIALIZED:
1.4625 + case CKR_SESSION_CLOSED:
1.4626 + case CKR_SESSION_HANDLE_INVALID:
1.4627 + break;
1.4628 + default:
1.4629 + case CKR_OK:
1.4630 + error = CKR_GENERAL_ERROR;
1.4631 + break;
1.4632 + }
1.4633 + return error;
1.4634 +}
1.4635 +
1.4636 +/*
1.4637 + * NSSCKFWC_DecryptDigestUpdate
1.4638 + *
1.4639 + */
1.4640 +NSS_IMPLEMENT CK_RV
1.4641 +NSSCKFWC_DecryptDigestUpdate
1.4642 +(
1.4643 + NSSCKFWInstance *fwInstance,
1.4644 + CK_SESSION_HANDLE hSession,
1.4645 + CK_BYTE_PTR pEncryptedPart,
1.4646 + CK_ULONG ulEncryptedPartLen,
1.4647 + CK_BYTE_PTR pPart,
1.4648 + CK_ULONG_PTR pulPartLen
1.4649 +)
1.4650 +{
1.4651 + CK_RV error = CKR_OK;
1.4652 + NSSCKFWSession *fwSession;
1.4653 +
1.4654 + if (!fwInstance) {
1.4655 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4656 + goto loser;
1.4657 + }
1.4658 +
1.4659 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4660 + if (!fwSession) {
1.4661 + error = CKR_SESSION_HANDLE_INVALID;
1.4662 + goto loser;
1.4663 + }
1.4664 +
1.4665 + error = nssCKFWSession_UpdateCombo(fwSession,
1.4666 + NSSCKFWCryptoOperationType_Decrypt,
1.4667 + NSSCKFWCryptoOperationType_Digest,
1.4668 + NSSCKFWCryptoOperationState_Digest,
1.4669 + pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
1.4670 +
1.4671 + if (CKR_OK == error) {
1.4672 + return CKR_OK;
1.4673 + }
1.4674 +
1.4675 +loser:
1.4676 + /* verify error */
1.4677 + switch( error ) {
1.4678 + case CKR_ARGUMENTS_BAD:
1.4679 + case CKR_BUFFER_TOO_SMALL:
1.4680 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4681 + case CKR_DEVICE_ERROR:
1.4682 + case CKR_DEVICE_MEMORY:
1.4683 + case CKR_DEVICE_REMOVED:
1.4684 + case CKR_ENCRYPTED_DATA_INVALID:
1.4685 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.4686 + case CKR_FUNCTION_CANCELED:
1.4687 + case CKR_FUNCTION_FAILED:
1.4688 + case CKR_GENERAL_ERROR:
1.4689 + case CKR_HOST_MEMORY:
1.4690 + case CKR_OPERATION_NOT_INITIALIZED:
1.4691 + case CKR_SESSION_CLOSED:
1.4692 + case CKR_SESSION_HANDLE_INVALID:
1.4693 + break;
1.4694 + case CKR_DATA_INVALID:
1.4695 + error = CKR_ENCRYPTED_DATA_INVALID;
1.4696 + break;
1.4697 + case CKR_DATA_LEN_RANGE:
1.4698 + error = CKR_ENCRYPTED_DATA_LEN_RANGE;
1.4699 + break;
1.4700 + default:
1.4701 + case CKR_OK:
1.4702 + error = CKR_GENERAL_ERROR;
1.4703 + break;
1.4704 + }
1.4705 + return error;
1.4706 +}
1.4707 +
1.4708 +/*
1.4709 + * NSSCKFWC_SignEncryptUpdate
1.4710 + *
1.4711 + */
1.4712 +NSS_IMPLEMENT CK_RV
1.4713 +NSSCKFWC_SignEncryptUpdate
1.4714 +(
1.4715 + NSSCKFWInstance *fwInstance,
1.4716 + CK_SESSION_HANDLE hSession,
1.4717 + CK_BYTE_PTR pPart,
1.4718 + CK_ULONG ulPartLen,
1.4719 + CK_BYTE_PTR pEncryptedPart,
1.4720 + CK_ULONG_PTR pulEncryptedPartLen
1.4721 +)
1.4722 +{
1.4723 + CK_RV error = CKR_OK;
1.4724 + NSSCKFWSession *fwSession;
1.4725 +
1.4726 + if (!fwInstance) {
1.4727 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4728 + goto loser;
1.4729 + }
1.4730 +
1.4731 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4732 + if (!fwSession) {
1.4733 + error = CKR_SESSION_HANDLE_INVALID;
1.4734 + goto loser;
1.4735 + }
1.4736 +
1.4737 + error = nssCKFWSession_UpdateCombo(fwSession,
1.4738 + NSSCKFWCryptoOperationType_Encrypt,
1.4739 + NSSCKFWCryptoOperationType_Sign,
1.4740 + NSSCKFWCryptoOperationState_SignVerify,
1.4741 + pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
1.4742 +
1.4743 + if (CKR_OK == error) {
1.4744 + return CKR_OK;
1.4745 + }
1.4746 +
1.4747 +loser:
1.4748 + /* verify error */
1.4749 + switch( error ) {
1.4750 + case CKR_ARGUMENTS_BAD:
1.4751 + case CKR_BUFFER_TOO_SMALL:
1.4752 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4753 + case CKR_DATA_LEN_RANGE:
1.4754 + case CKR_DEVICE_ERROR:
1.4755 + case CKR_DEVICE_MEMORY:
1.4756 + case CKR_DEVICE_REMOVED:
1.4757 + case CKR_FUNCTION_CANCELED:
1.4758 + case CKR_FUNCTION_FAILED:
1.4759 + case CKR_GENERAL_ERROR:
1.4760 + case CKR_HOST_MEMORY:
1.4761 + case CKR_OPERATION_NOT_INITIALIZED:
1.4762 + case CKR_SESSION_CLOSED:
1.4763 + case CKR_SESSION_HANDLE_INVALID:
1.4764 + case CKR_USER_NOT_LOGGED_IN:
1.4765 + break;
1.4766 + default:
1.4767 + case CKR_OK:
1.4768 + error = CKR_GENERAL_ERROR;
1.4769 + break;
1.4770 + }
1.4771 + return error;
1.4772 +}
1.4773 +
1.4774 +/*
1.4775 + * NSSCKFWC_DecryptVerifyUpdate
1.4776 + *
1.4777 + */
1.4778 +NSS_IMPLEMENT CK_RV
1.4779 +NSSCKFWC_DecryptVerifyUpdate
1.4780 +(
1.4781 + NSSCKFWInstance *fwInstance,
1.4782 + CK_SESSION_HANDLE hSession,
1.4783 + CK_BYTE_PTR pEncryptedPart,
1.4784 + CK_ULONG ulEncryptedPartLen,
1.4785 + CK_BYTE_PTR pPart,
1.4786 + CK_ULONG_PTR pulPartLen
1.4787 +)
1.4788 +{
1.4789 + CK_RV error = CKR_OK;
1.4790 + NSSCKFWSession *fwSession;
1.4791 +
1.4792 + if (!fwInstance) {
1.4793 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4794 + goto loser;
1.4795 + }
1.4796 +
1.4797 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4798 + if (!fwSession) {
1.4799 + error = CKR_SESSION_HANDLE_INVALID;
1.4800 + goto loser;
1.4801 + }
1.4802 +
1.4803 + error = nssCKFWSession_UpdateCombo(fwSession,
1.4804 + NSSCKFWCryptoOperationType_Decrypt,
1.4805 + NSSCKFWCryptoOperationType_Verify,
1.4806 + NSSCKFWCryptoOperationState_SignVerify,
1.4807 + pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
1.4808 +
1.4809 + if (CKR_OK == error) {
1.4810 + return CKR_OK;
1.4811 + }
1.4812 +
1.4813 +loser:
1.4814 + /* verify error */
1.4815 + switch( error ) {
1.4816 + case CKR_ARGUMENTS_BAD:
1.4817 + case CKR_BUFFER_TOO_SMALL:
1.4818 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4819 + case CKR_DATA_LEN_RANGE:
1.4820 + case CKR_DEVICE_ERROR:
1.4821 + case CKR_DEVICE_MEMORY:
1.4822 + case CKR_DEVICE_REMOVED:
1.4823 + case CKR_ENCRYPTED_DATA_INVALID:
1.4824 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.4825 + case CKR_FUNCTION_CANCELED:
1.4826 + case CKR_FUNCTION_FAILED:
1.4827 + case CKR_GENERAL_ERROR:
1.4828 + case CKR_HOST_MEMORY:
1.4829 + case CKR_OPERATION_NOT_INITIALIZED:
1.4830 + case CKR_SESSION_CLOSED:
1.4831 + case CKR_SESSION_HANDLE_INVALID:
1.4832 + break;
1.4833 + case CKR_DATA_INVALID:
1.4834 + error = CKR_ENCRYPTED_DATA_INVALID;
1.4835 + break;
1.4836 + default:
1.4837 + case CKR_OK:
1.4838 + error = CKR_GENERAL_ERROR;
1.4839 + break;
1.4840 + }
1.4841 + return error;
1.4842 +}
1.4843 +
1.4844 +/*
1.4845 + * NSSCKFWC_GenerateKey
1.4846 + *
1.4847 + */
1.4848 +NSS_IMPLEMENT CK_RV
1.4849 +NSSCKFWC_GenerateKey
1.4850 +(
1.4851 + NSSCKFWInstance *fwInstance,
1.4852 + CK_SESSION_HANDLE hSession,
1.4853 + CK_MECHANISM_PTR pMechanism,
1.4854 + CK_ATTRIBUTE_PTR pTemplate,
1.4855 + CK_ULONG ulCount,
1.4856 + CK_OBJECT_HANDLE_PTR phKey
1.4857 +)
1.4858 +{
1.4859 + CK_RV error = CKR_OK;
1.4860 + NSSCKFWSession *fwSession;
1.4861 + NSSCKFWObject *fwObject;
1.4862 + NSSCKFWSlot *fwSlot;
1.4863 + NSSCKFWToken *fwToken;
1.4864 + NSSCKFWMechanism *fwMechanism;
1.4865 +
1.4866 + if (!fwInstance) {
1.4867 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4868 + goto loser;
1.4869 + }
1.4870 +
1.4871 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4872 + if (!fwSession) {
1.4873 + error = CKR_SESSION_HANDLE_INVALID;
1.4874 + goto loser;
1.4875 + }
1.4876 +
1.4877 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.4878 + if (!fwSlot) {
1.4879 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.4880 + goto loser;
1.4881 + }
1.4882 +
1.4883 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.4884 + error = CKR_TOKEN_NOT_PRESENT;
1.4885 + goto loser;
1.4886 + }
1.4887 +
1.4888 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.4889 + if (!fwToken) {
1.4890 + goto loser;
1.4891 + }
1.4892 +
1.4893 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.4894 + if (!fwMechanism) {
1.4895 + goto loser;
1.4896 + }
1.4897 +
1.4898 + fwObject = nssCKFWMechanism_GenerateKey(
1.4899 + fwMechanism,
1.4900 + pMechanism,
1.4901 + fwSession,
1.4902 + pTemplate,
1.4903 + ulCount,
1.4904 + &error);
1.4905 +
1.4906 + nssCKFWMechanism_Destroy(fwMechanism);
1.4907 + if (!fwObject) {
1.4908 + goto loser;
1.4909 + }
1.4910 + *phKey= nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1.4911 +
1.4912 + if (CKR_OK == error) {
1.4913 + return CKR_OK;
1.4914 + }
1.4915 +
1.4916 +loser:
1.4917 + /* verify error */
1.4918 + switch( error ) {
1.4919 + case CKR_ARGUMENTS_BAD:
1.4920 + case CKR_ATTRIBUTE_READ_ONLY:
1.4921 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.4922 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.4923 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.4924 + case CKR_DEVICE_ERROR:
1.4925 + case CKR_DEVICE_MEMORY:
1.4926 + case CKR_DEVICE_REMOVED:
1.4927 + case CKR_FUNCTION_CANCELED:
1.4928 + case CKR_FUNCTION_FAILED:
1.4929 + case CKR_GENERAL_ERROR:
1.4930 + case CKR_HOST_MEMORY:
1.4931 + case CKR_MECHANISM_INVALID:
1.4932 + case CKR_MECHANISM_PARAM_INVALID:
1.4933 + case CKR_OPERATION_ACTIVE:
1.4934 + case CKR_PIN_EXPIRED:
1.4935 + case CKR_SESSION_CLOSED:
1.4936 + case CKR_SESSION_HANDLE_INVALID:
1.4937 + case CKR_SESSION_READ_ONLY:
1.4938 + case CKR_TEMPLATE_INCOMPLETE:
1.4939 + case CKR_TEMPLATE_INCONSISTENT:
1.4940 + case CKR_TOKEN_WRITE_PROTECTED:
1.4941 + case CKR_USER_NOT_LOGGED_IN:
1.4942 + break;
1.4943 + default:
1.4944 + case CKR_OK:
1.4945 + error = CKR_GENERAL_ERROR;
1.4946 + break;
1.4947 + }
1.4948 + return error;
1.4949 +}
1.4950 +
1.4951 +/*
1.4952 + * NSSCKFWC_GenerateKeyPair
1.4953 + *
1.4954 + */
1.4955 +NSS_IMPLEMENT CK_RV
1.4956 +NSSCKFWC_GenerateKeyPair
1.4957 +(
1.4958 + NSSCKFWInstance *fwInstance,
1.4959 + CK_SESSION_HANDLE hSession,
1.4960 + CK_MECHANISM_PTR pMechanism,
1.4961 + CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1.4962 + CK_ULONG ulPublicKeyAttributeCount,
1.4963 + CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1.4964 + CK_ULONG ulPrivateKeyAttributeCount,
1.4965 + CK_OBJECT_HANDLE_PTR phPublicKey,
1.4966 + CK_OBJECT_HANDLE_PTR phPrivateKey
1.4967 +)
1.4968 +{
1.4969 + CK_RV error = CKR_OK;
1.4970 + NSSCKFWSession *fwSession;
1.4971 + NSSCKFWObject *fwPrivateKeyObject;
1.4972 + NSSCKFWObject *fwPublicKeyObject;
1.4973 + NSSCKFWSlot *fwSlot;
1.4974 + NSSCKFWToken *fwToken;
1.4975 + NSSCKFWMechanism *fwMechanism;
1.4976 +
1.4977 + if (!fwInstance) {
1.4978 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.4979 + goto loser;
1.4980 + }
1.4981 +
1.4982 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.4983 + if (!fwSession) {
1.4984 + error = CKR_SESSION_HANDLE_INVALID;
1.4985 + goto loser;
1.4986 + }
1.4987 +
1.4988 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.4989 + if (!fwSlot) {
1.4990 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.4991 + goto loser;
1.4992 + }
1.4993 +
1.4994 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.4995 + error = CKR_TOKEN_NOT_PRESENT;
1.4996 + goto loser;
1.4997 + }
1.4998 +
1.4999 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.5000 + if (!fwToken) {
1.5001 + goto loser;
1.5002 + }
1.5003 +
1.5004 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.5005 + if (!fwMechanism) {
1.5006 + goto loser;
1.5007 + }
1.5008 +
1.5009 + error= nssCKFWMechanism_GenerateKeyPair(
1.5010 + fwMechanism,
1.5011 + pMechanism,
1.5012 + fwSession,
1.5013 + pPublicKeyTemplate,
1.5014 + ulPublicKeyAttributeCount,
1.5015 + pPublicKeyTemplate,
1.5016 + ulPublicKeyAttributeCount,
1.5017 + &fwPublicKeyObject,
1.5018 + &fwPrivateKeyObject);
1.5019 +
1.5020 + nssCKFWMechanism_Destroy(fwMechanism);
1.5021 + if (CKR_OK != error) {
1.5022 + goto loser;
1.5023 + }
1.5024 + *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
1.5025 + fwPublicKeyObject,
1.5026 + &error);
1.5027 + if (CKR_OK != error) {
1.5028 + goto loser;
1.5029 + }
1.5030 + *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
1.5031 + fwPrivateKeyObject,
1.5032 + &error);
1.5033 + if (CKR_OK == error) {
1.5034 + return CKR_OK;
1.5035 + }
1.5036 +
1.5037 +loser:
1.5038 + /* verify error */
1.5039 + switch( error ) {
1.5040 + case CKR_ARGUMENTS_BAD:
1.5041 + case CKR_ATTRIBUTE_READ_ONLY:
1.5042 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.5043 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.5044 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5045 + case CKR_DEVICE_ERROR:
1.5046 + case CKR_DEVICE_MEMORY:
1.5047 + case CKR_DEVICE_REMOVED:
1.5048 + case CKR_DOMAIN_PARAMS_INVALID:
1.5049 + case CKR_FUNCTION_CANCELED:
1.5050 + case CKR_FUNCTION_FAILED:
1.5051 + case CKR_GENERAL_ERROR:
1.5052 + case CKR_HOST_MEMORY:
1.5053 + case CKR_MECHANISM_INVALID:
1.5054 + case CKR_MECHANISM_PARAM_INVALID:
1.5055 + case CKR_OPERATION_ACTIVE:
1.5056 + case CKR_PIN_EXPIRED:
1.5057 + case CKR_SESSION_CLOSED:
1.5058 + case CKR_SESSION_HANDLE_INVALID:
1.5059 + case CKR_SESSION_READ_ONLY:
1.5060 + case CKR_TEMPLATE_INCOMPLETE:
1.5061 + case CKR_TEMPLATE_INCONSISTENT:
1.5062 + case CKR_TOKEN_WRITE_PROTECTED:
1.5063 + case CKR_USER_NOT_LOGGED_IN:
1.5064 + break;
1.5065 + default:
1.5066 + case CKR_OK:
1.5067 + error = CKR_GENERAL_ERROR;
1.5068 + break;
1.5069 + }
1.5070 + return error;
1.5071 +}
1.5072 +
1.5073 +/*
1.5074 + * NSSCKFWC_WrapKey
1.5075 + *
1.5076 + */
1.5077 +NSS_IMPLEMENT CK_RV
1.5078 +NSSCKFWC_WrapKey
1.5079 +(
1.5080 + NSSCKFWInstance *fwInstance,
1.5081 + CK_SESSION_HANDLE hSession,
1.5082 + CK_MECHANISM_PTR pMechanism,
1.5083 + CK_OBJECT_HANDLE hWrappingKey,
1.5084 + CK_OBJECT_HANDLE hKey,
1.5085 + CK_BYTE_PTR pWrappedKey,
1.5086 + CK_ULONG_PTR pulWrappedKeyLen
1.5087 +)
1.5088 +{
1.5089 + CK_RV error = CKR_OK;
1.5090 + NSSCKFWSession *fwSession;
1.5091 + NSSCKFWObject *fwKeyObject;
1.5092 + NSSCKFWObject *fwWrappingKeyObject;
1.5093 + NSSCKFWSlot *fwSlot;
1.5094 + NSSCKFWToken *fwToken;
1.5095 + NSSCKFWMechanism *fwMechanism;
1.5096 + NSSItem wrappedKey;
1.5097 + CK_ULONG wrappedKeyLength = 0;
1.5098 +
1.5099 + if (!fwInstance) {
1.5100 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.5101 + goto loser;
1.5102 + }
1.5103 +
1.5104 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.5105 + if (!fwSession) {
1.5106 + error = CKR_SESSION_HANDLE_INVALID;
1.5107 + goto loser;
1.5108 + }
1.5109 +
1.5110 + fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
1.5111 + hWrappingKey);
1.5112 + if (!fwWrappingKeyObject) {
1.5113 + error = CKR_WRAPPING_KEY_HANDLE_INVALID;
1.5114 + goto loser;
1.5115 + }
1.5116 +
1.5117 + fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
1.5118 + if (!fwKeyObject) {
1.5119 + error = CKR_KEY_HANDLE_INVALID;
1.5120 + goto loser;
1.5121 + }
1.5122 +
1.5123 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.5124 + if (!fwSlot) {
1.5125 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.5126 + goto loser;
1.5127 + }
1.5128 +
1.5129 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.5130 + error = CKR_TOKEN_NOT_PRESENT;
1.5131 + goto loser;
1.5132 + }
1.5133 +
1.5134 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.5135 + if (!fwToken) {
1.5136 + goto loser;
1.5137 + }
1.5138 +
1.5139 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.5140 + if (!fwMechanism) {
1.5141 + goto loser;
1.5142 + }
1.5143 +
1.5144 + /*
1.5145 + * first get the length...
1.5146 + */
1.5147 + wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
1.5148 + fwMechanism,
1.5149 + pMechanism,
1.5150 + fwSession,
1.5151 + fwWrappingKeyObject,
1.5152 + fwKeyObject,
1.5153 + &error);
1.5154 + if ((CK_ULONG) 0 == wrappedKeyLength) {
1.5155 + nssCKFWMechanism_Destroy(fwMechanism);
1.5156 + goto loser;
1.5157 + }
1.5158 + if ((CK_BYTE_PTR)NULL == pWrappedKey) {
1.5159 + *pulWrappedKeyLen = wrappedKeyLength;
1.5160 + nssCKFWMechanism_Destroy(fwMechanism);
1.5161 + return CKR_OK;
1.5162 + }
1.5163 + if (wrappedKeyLength > *pulWrappedKeyLen) {
1.5164 + *pulWrappedKeyLen = wrappedKeyLength;
1.5165 + nssCKFWMechanism_Destroy(fwMechanism);
1.5166 + error = CKR_BUFFER_TOO_SMALL;
1.5167 + goto loser;
1.5168 + }
1.5169 +
1.5170 +
1.5171 + wrappedKey.data = pWrappedKey;
1.5172 + wrappedKey.size = wrappedKeyLength;
1.5173 +
1.5174 + error = nssCKFWMechanism_WrapKey(
1.5175 + fwMechanism,
1.5176 + pMechanism,
1.5177 + fwSession,
1.5178 + fwWrappingKeyObject,
1.5179 + fwKeyObject,
1.5180 + &wrappedKey);
1.5181 +
1.5182 + nssCKFWMechanism_Destroy(fwMechanism);
1.5183 + *pulWrappedKeyLen = wrappedKey.size;
1.5184 +
1.5185 + if (CKR_OK == error) {
1.5186 + return CKR_OK;
1.5187 + }
1.5188 +
1.5189 +loser:
1.5190 + /* verify error */
1.5191 + switch( error ) {
1.5192 + case CKR_ARGUMENTS_BAD:
1.5193 + case CKR_BUFFER_TOO_SMALL:
1.5194 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5195 + case CKR_DEVICE_ERROR:
1.5196 + case CKR_DEVICE_MEMORY:
1.5197 + case CKR_DEVICE_REMOVED:
1.5198 + case CKR_FUNCTION_CANCELED:
1.5199 + case CKR_FUNCTION_FAILED:
1.5200 + case CKR_GENERAL_ERROR:
1.5201 + case CKR_HOST_MEMORY:
1.5202 + case CKR_KEY_HANDLE_INVALID:
1.5203 + case CKR_KEY_NOT_WRAPPABLE:
1.5204 + case CKR_KEY_SIZE_RANGE:
1.5205 + case CKR_KEY_UNEXTRACTABLE:
1.5206 + case CKR_MECHANISM_INVALID:
1.5207 + case CKR_MECHANISM_PARAM_INVALID:
1.5208 + case CKR_OPERATION_ACTIVE:
1.5209 + case CKR_PIN_EXPIRED:
1.5210 + case CKR_SESSION_CLOSED:
1.5211 + case CKR_SESSION_HANDLE_INVALID:
1.5212 + case CKR_WRAPPING_KEY_HANDLE_INVALID:
1.5213 + case CKR_WRAPPING_KEY_SIZE_RANGE:
1.5214 + case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
1.5215 + break;
1.5216 + case CKR_KEY_TYPE_INCONSISTENT:
1.5217 + error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
1.5218 + break;
1.5219 + default:
1.5220 + case CKR_OK:
1.5221 + error = CKR_GENERAL_ERROR;
1.5222 + break;
1.5223 + }
1.5224 + return error;
1.5225 +}
1.5226 +
1.5227 +/*
1.5228 + * NSSCKFWC_UnwrapKey
1.5229 + *
1.5230 + */
1.5231 +NSS_IMPLEMENT CK_RV
1.5232 +NSSCKFWC_UnwrapKey
1.5233 +(
1.5234 + NSSCKFWInstance *fwInstance,
1.5235 + CK_SESSION_HANDLE hSession,
1.5236 + CK_MECHANISM_PTR pMechanism,
1.5237 + CK_OBJECT_HANDLE hUnwrappingKey,
1.5238 + CK_BYTE_PTR pWrappedKey,
1.5239 + CK_ULONG ulWrappedKeyLen,
1.5240 + CK_ATTRIBUTE_PTR pTemplate,
1.5241 + CK_ULONG ulAttributeCount,
1.5242 + CK_OBJECT_HANDLE_PTR phKey
1.5243 +)
1.5244 +{
1.5245 + CK_RV error = CKR_OK;
1.5246 + NSSCKFWSession *fwSession;
1.5247 + NSSCKFWObject *fwObject;
1.5248 + NSSCKFWObject *fwWrappingKeyObject;
1.5249 + NSSCKFWSlot *fwSlot;
1.5250 + NSSCKFWToken *fwToken;
1.5251 + NSSCKFWMechanism *fwMechanism;
1.5252 + NSSItem wrappedKey;
1.5253 +
1.5254 + if (!fwInstance) {
1.5255 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.5256 + goto loser;
1.5257 + }
1.5258 +
1.5259 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.5260 + if (!fwSession) {
1.5261 + error = CKR_SESSION_HANDLE_INVALID;
1.5262 + goto loser;
1.5263 + }
1.5264 +
1.5265 + fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
1.5266 + hUnwrappingKey);
1.5267 + if (!fwWrappingKeyObject) {
1.5268 + error = CKR_WRAPPING_KEY_HANDLE_INVALID;
1.5269 + goto loser;
1.5270 + }
1.5271 +
1.5272 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.5273 + if (!fwSlot) {
1.5274 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.5275 + goto loser;
1.5276 + }
1.5277 +
1.5278 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.5279 + error = CKR_TOKEN_NOT_PRESENT;
1.5280 + goto loser;
1.5281 + }
1.5282 +
1.5283 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.5284 + if (!fwToken) {
1.5285 + goto loser;
1.5286 + }
1.5287 +
1.5288 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.5289 + if (!fwMechanism) {
1.5290 + goto loser;
1.5291 + }
1.5292 +
1.5293 + wrappedKey.data = pWrappedKey;
1.5294 + wrappedKey.size = ulWrappedKeyLen;
1.5295 +
1.5296 + fwObject = nssCKFWMechanism_UnwrapKey(
1.5297 + fwMechanism,
1.5298 + pMechanism,
1.5299 + fwSession,
1.5300 + fwWrappingKeyObject,
1.5301 + &wrappedKey,
1.5302 + pTemplate,
1.5303 + ulAttributeCount,
1.5304 + &error);
1.5305 +
1.5306 + nssCKFWMechanism_Destroy(fwMechanism);
1.5307 + if (!fwObject) {
1.5308 + goto loser;
1.5309 + }
1.5310 + *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1.5311 +
1.5312 + if (CKR_OK == error) {
1.5313 + return CKR_OK;
1.5314 + }
1.5315 +
1.5316 +loser:
1.5317 + /* verify error */
1.5318 + switch( error ) {
1.5319 + case CKR_ARGUMENTS_BAD:
1.5320 + case CKR_ATTRIBUTE_READ_ONLY:
1.5321 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.5322 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.5323 + case CKR_BUFFER_TOO_SMALL:
1.5324 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5325 + case CKR_DEVICE_ERROR:
1.5326 + case CKR_DEVICE_MEMORY:
1.5327 + case CKR_DEVICE_REMOVED:
1.5328 + case CKR_DOMAIN_PARAMS_INVALID:
1.5329 + case CKR_FUNCTION_CANCELED:
1.5330 + case CKR_FUNCTION_FAILED:
1.5331 + case CKR_GENERAL_ERROR:
1.5332 + case CKR_HOST_MEMORY:
1.5333 + case CKR_MECHANISM_INVALID:
1.5334 + case CKR_MECHANISM_PARAM_INVALID:
1.5335 + case CKR_OPERATION_ACTIVE:
1.5336 + case CKR_PIN_EXPIRED:
1.5337 + case CKR_SESSION_CLOSED:
1.5338 + case CKR_SESSION_HANDLE_INVALID:
1.5339 + case CKR_SESSION_READ_ONLY:
1.5340 + case CKR_TEMPLATE_INCOMPLETE:
1.5341 + case CKR_TEMPLATE_INCONSISTENT:
1.5342 + case CKR_TOKEN_WRITE_PROTECTED:
1.5343 + case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
1.5344 + case CKR_UNWRAPPING_KEY_SIZE_RANGE:
1.5345 + case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
1.5346 + case CKR_USER_NOT_LOGGED_IN:
1.5347 + case CKR_WRAPPED_KEY_INVALID:
1.5348 + case CKR_WRAPPED_KEY_LEN_RANGE:
1.5349 + break;
1.5350 + case CKR_KEY_HANDLE_INVALID:
1.5351 + error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
1.5352 + break;
1.5353 + case CKR_KEY_SIZE_RANGE:
1.5354 + error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
1.5355 + break;
1.5356 + case CKR_KEY_TYPE_INCONSISTENT:
1.5357 + error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
1.5358 + break;
1.5359 + case CKR_ENCRYPTED_DATA_INVALID:
1.5360 + error = CKR_WRAPPED_KEY_INVALID;
1.5361 + break;
1.5362 + case CKR_ENCRYPTED_DATA_LEN_RANGE:
1.5363 + error = CKR_WRAPPED_KEY_LEN_RANGE;
1.5364 + break;
1.5365 + default:
1.5366 + case CKR_OK:
1.5367 + error = CKR_GENERAL_ERROR;
1.5368 + break;
1.5369 + }
1.5370 + return error;
1.5371 +}
1.5372 +
1.5373 +/*
1.5374 + * NSSCKFWC_DeriveKey
1.5375 + *
1.5376 + */
1.5377 +NSS_IMPLEMENT CK_RV
1.5378 +NSSCKFWC_DeriveKey
1.5379 +(
1.5380 + NSSCKFWInstance *fwInstance,
1.5381 + CK_SESSION_HANDLE hSession,
1.5382 + CK_MECHANISM_PTR pMechanism,
1.5383 + CK_OBJECT_HANDLE hBaseKey,
1.5384 + CK_ATTRIBUTE_PTR pTemplate,
1.5385 + CK_ULONG ulAttributeCount,
1.5386 + CK_OBJECT_HANDLE_PTR phKey
1.5387 +)
1.5388 +{
1.5389 + CK_RV error = CKR_OK;
1.5390 + NSSCKFWSession *fwSession;
1.5391 + NSSCKFWObject *fwObject;
1.5392 + NSSCKFWObject *fwBaseKeyObject;
1.5393 + NSSCKFWSlot *fwSlot;
1.5394 + NSSCKFWToken *fwToken;
1.5395 + NSSCKFWMechanism *fwMechanism;
1.5396 +
1.5397 + if (!fwInstance) {
1.5398 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.5399 + goto loser;
1.5400 + }
1.5401 +
1.5402 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.5403 + if (!fwSession) {
1.5404 + error = CKR_SESSION_HANDLE_INVALID;
1.5405 + goto loser;
1.5406 + }
1.5407 +
1.5408 + fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
1.5409 + if (!fwBaseKeyObject) {
1.5410 + error = CKR_KEY_HANDLE_INVALID;
1.5411 + goto loser;
1.5412 + }
1.5413 +
1.5414 + fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1.5415 + if (!fwSlot) {
1.5416 + error = CKR_GENERAL_ERROR; /* should never happen! */
1.5417 + goto loser;
1.5418 + }
1.5419 +
1.5420 + if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1.5421 + error = CKR_TOKEN_NOT_PRESENT;
1.5422 + goto loser;
1.5423 + }
1.5424 +
1.5425 + fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1.5426 + if (!fwToken) {
1.5427 + goto loser;
1.5428 + }
1.5429 +
1.5430 + fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
1.5431 + if (!fwMechanism) {
1.5432 + goto loser;
1.5433 + }
1.5434 +
1.5435 + fwObject = nssCKFWMechanism_DeriveKey(
1.5436 + fwMechanism,
1.5437 + pMechanism,
1.5438 + fwSession,
1.5439 + fwBaseKeyObject,
1.5440 + pTemplate,
1.5441 + ulAttributeCount,
1.5442 + &error);
1.5443 +
1.5444 + nssCKFWMechanism_Destroy(fwMechanism);
1.5445 + if (!fwObject) {
1.5446 + goto loser;
1.5447 + }
1.5448 + *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1.5449 +
1.5450 + if (CKR_OK == error) {
1.5451 + return CKR_OK;
1.5452 + }
1.5453 +
1.5454 +loser:
1.5455 + /* verify error */
1.5456 + switch( error ) {
1.5457 + case CKR_ARGUMENTS_BAD:
1.5458 + case CKR_ATTRIBUTE_READ_ONLY:
1.5459 + case CKR_ATTRIBUTE_TYPE_INVALID:
1.5460 + case CKR_ATTRIBUTE_VALUE_INVALID:
1.5461 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5462 + case CKR_DEVICE_ERROR:
1.5463 + case CKR_DEVICE_MEMORY:
1.5464 + case CKR_DEVICE_REMOVED:
1.5465 + case CKR_DOMAIN_PARAMS_INVALID:
1.5466 + case CKR_FUNCTION_CANCELED:
1.5467 + case CKR_FUNCTION_FAILED:
1.5468 + case CKR_GENERAL_ERROR:
1.5469 + case CKR_HOST_MEMORY:
1.5470 + case CKR_KEY_HANDLE_INVALID:
1.5471 + case CKR_KEY_SIZE_RANGE:
1.5472 + case CKR_KEY_TYPE_INCONSISTENT:
1.5473 + case CKR_MECHANISM_INVALID:
1.5474 + case CKR_MECHANISM_PARAM_INVALID:
1.5475 + case CKR_OPERATION_ACTIVE:
1.5476 + case CKR_PIN_EXPIRED:
1.5477 + case CKR_SESSION_CLOSED:
1.5478 + case CKR_SESSION_HANDLE_INVALID:
1.5479 + case CKR_SESSION_READ_ONLY:
1.5480 + case CKR_TEMPLATE_INCOMPLETE:
1.5481 + case CKR_TEMPLATE_INCONSISTENT:
1.5482 + case CKR_TOKEN_WRITE_PROTECTED:
1.5483 + case CKR_USER_NOT_LOGGED_IN:
1.5484 + break;
1.5485 + default:
1.5486 + case CKR_OK:
1.5487 + error = CKR_GENERAL_ERROR;
1.5488 + break;
1.5489 + }
1.5490 + return error;
1.5491 +}
1.5492 +
1.5493 +/*
1.5494 + * NSSCKFWC_SeedRandom
1.5495 + *
1.5496 + */
1.5497 +NSS_IMPLEMENT CK_RV
1.5498 +NSSCKFWC_SeedRandom
1.5499 +(
1.5500 + NSSCKFWInstance *fwInstance,
1.5501 + CK_SESSION_HANDLE hSession,
1.5502 + CK_BYTE_PTR pSeed,
1.5503 + CK_ULONG ulSeedLen
1.5504 +)
1.5505 +{
1.5506 + CK_RV error = CKR_OK;
1.5507 + NSSCKFWSession *fwSession;
1.5508 + NSSItem seed;
1.5509 +
1.5510 + if (!fwInstance) {
1.5511 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.5512 + goto loser;
1.5513 + }
1.5514 +
1.5515 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.5516 + if (!fwSession) {
1.5517 + error = CKR_SESSION_HANDLE_INVALID;
1.5518 + goto loser;
1.5519 + }
1.5520 +
1.5521 + if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
1.5522 + error = CKR_ARGUMENTS_BAD;
1.5523 + goto loser;
1.5524 + }
1.5525 +
1.5526 + /* We could read through the buffer in a Purify trap */
1.5527 +
1.5528 + seed.size = (PRUint32)ulSeedLen;
1.5529 + seed.data = (void *)pSeed;
1.5530 +
1.5531 + error = nssCKFWSession_SeedRandom(fwSession, &seed);
1.5532 +
1.5533 + if( CKR_OK != error ) {
1.5534 + goto loser;
1.5535 + }
1.5536 +
1.5537 + return CKR_OK;
1.5538 +
1.5539 + loser:
1.5540 + switch( error ) {
1.5541 + case CKR_SESSION_CLOSED:
1.5542 + /* destroy session? */
1.5543 + break;
1.5544 + case CKR_DEVICE_REMOVED:
1.5545 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.5546 + break;
1.5547 + case CKR_ARGUMENTS_BAD:
1.5548 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5549 + case CKR_DEVICE_ERROR:
1.5550 + case CKR_DEVICE_MEMORY:
1.5551 + case CKR_FUNCTION_CANCELED:
1.5552 + case CKR_FUNCTION_FAILED:
1.5553 + case CKR_GENERAL_ERROR:
1.5554 + case CKR_HOST_MEMORY:
1.5555 + case CKR_OPERATION_ACTIVE:
1.5556 + case CKR_RANDOM_SEED_NOT_SUPPORTED:
1.5557 + case CKR_RANDOM_NO_RNG:
1.5558 + case CKR_SESSION_HANDLE_INVALID:
1.5559 + case CKR_USER_NOT_LOGGED_IN:
1.5560 + break;
1.5561 + default:
1.5562 + case CKR_OK:
1.5563 + error = CKR_GENERAL_ERROR;
1.5564 + break;
1.5565 + }
1.5566 +
1.5567 + return error;
1.5568 +}
1.5569 +
1.5570 +/*
1.5571 + * NSSCKFWC_GenerateRandom
1.5572 + *
1.5573 + */
1.5574 +NSS_IMPLEMENT CK_RV
1.5575 +NSSCKFWC_GenerateRandom
1.5576 +(
1.5577 + NSSCKFWInstance *fwInstance,
1.5578 + CK_SESSION_HANDLE hSession,
1.5579 + CK_BYTE_PTR pRandomData,
1.5580 + CK_ULONG ulRandomLen
1.5581 +)
1.5582 +{
1.5583 + CK_RV error = CKR_OK;
1.5584 + NSSCKFWSession *fwSession;
1.5585 + NSSItem buffer;
1.5586 +
1.5587 + if (!fwInstance) {
1.5588 + error = CKR_CRYPTOKI_NOT_INITIALIZED;
1.5589 + goto loser;
1.5590 + }
1.5591 +
1.5592 + fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1.5593 + if (!fwSession) {
1.5594 + error = CKR_SESSION_HANDLE_INVALID;
1.5595 + goto loser;
1.5596 + }
1.5597 +
1.5598 + if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
1.5599 + error = CKR_ARGUMENTS_BAD;
1.5600 + goto loser;
1.5601 + }
1.5602 +
1.5603 + /*
1.5604 + * A purify error here indicates caller error.
1.5605 + */
1.5606 + (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
1.5607 +
1.5608 + buffer.size = (PRUint32)ulRandomLen;
1.5609 + buffer.data = (void *)pRandomData;
1.5610 +
1.5611 + error = nssCKFWSession_GetRandom(fwSession, &buffer);
1.5612 +
1.5613 + if( CKR_OK != error ) {
1.5614 + goto loser;
1.5615 + }
1.5616 +
1.5617 + return CKR_OK;
1.5618 +
1.5619 + loser:
1.5620 + switch( error ) {
1.5621 + case CKR_SESSION_CLOSED:
1.5622 + /* destroy session? */
1.5623 + break;
1.5624 + case CKR_DEVICE_REMOVED:
1.5625 + /* (void)nssCKFWToken_Destroy(fwToken); */
1.5626 + break;
1.5627 + case CKR_ARGUMENTS_BAD:
1.5628 + case CKR_CRYPTOKI_NOT_INITIALIZED:
1.5629 + case CKR_DEVICE_ERROR:
1.5630 + case CKR_DEVICE_MEMORY:
1.5631 + case CKR_FUNCTION_CANCELED:
1.5632 + case CKR_FUNCTION_FAILED:
1.5633 + case CKR_GENERAL_ERROR:
1.5634 + case CKR_HOST_MEMORY:
1.5635 + case CKR_OPERATION_ACTIVE:
1.5636 + case CKR_RANDOM_NO_RNG:
1.5637 + case CKR_SESSION_HANDLE_INVALID:
1.5638 + case CKR_USER_NOT_LOGGED_IN:
1.5639 + break;
1.5640 + default:
1.5641 + case CKR_OK:
1.5642 + error = CKR_GENERAL_ERROR;
1.5643 + break;
1.5644 + }
1.5645 +
1.5646 + return error;
1.5647 +}
1.5648 +
1.5649 +/*
1.5650 + * NSSCKFWC_GetFunctionStatus
1.5651 + *
1.5652 + */
1.5653 +NSS_IMPLEMENT CK_RV
1.5654 +NSSCKFWC_GetFunctionStatus
1.5655 +(
1.5656 + NSSCKFWInstance *fwInstance,
1.5657 + CK_SESSION_HANDLE hSession
1.5658 +)
1.5659 +{
1.5660 + return CKR_FUNCTION_NOT_PARALLEL;
1.5661 +}
1.5662 +
1.5663 +/*
1.5664 + * NSSCKFWC_CancelFunction
1.5665 + *
1.5666 + */
1.5667 +NSS_IMPLEMENT CK_RV
1.5668 +NSSCKFWC_CancelFunction
1.5669 +(
1.5670 + NSSCKFWInstance *fwInstance,
1.5671 + CK_SESSION_HANDLE hSession
1.5672 +)
1.5673 +{
1.5674 + return CKR_FUNCTION_NOT_PARALLEL;
1.5675 +}
