1
/* ***** BEGIN LICENSE BLOCK *****
2
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
4
* The contents of this file are subject to the Mozilla Public License Version
5
* 1.1 (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
7
* http://www.mozilla.org/MPL/
9
* Software distributed under the License is distributed on an "AS IS" basis,
10
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11
* for the specific language governing rights and limitations under the
14
* The Original Code is the Netscape security libraries.
16
* The Initial Developer of the Original Code is
17
* Netscape Communications Corporation.
18
* Portions created by the Initial Developer are Copyright (C) 1994-2000
19
* the Initial Developer. All Rights Reserved.
23
* Alternatively, the contents of this file may be used under the terms of
24
* either the GNU General Public License Version 2 or later (the "GPL"), or
25
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26
* in which case the provisions of the GPL or the LGPL are applicable instead
27
* of those above. If you wish to allow use of your version of this file only
28
* under the terms of either the GPL or the LGPL, and not to allow others to
29
* use your version of this file under the terms of the MPL, indicate your
30
* decision by deleting the provisions above and replace them with the notice
31
* and other provisions required by the GPL or the LGPL. If you do not delete
32
* the provisions above, a recipient may use your version of this file under
33
* the terms of any one of the MPL, the GPL or the LGPL.
35
* ***** END LICENSE BLOCK ***** */
38
static const char CVS_ID[] = "@(#) $RCSfile: session.c,v $ $Revision: 1.8.28.1 $ $Date: 2006/04/19 23:49:53 $";
44
* This file implements the NSSCKFWSession type and methods.
54
* -- create/destroy --
55
* nssCKFWSession_Create
56
* nssCKFWSession_Destroy
58
* -- public accessors --
59
* NSSCKFWSession_GetMDSession
60
* NSSCKFWSession_GetArena
61
* NSSCKFWSession_CallNotification
62
* NSSCKFWSession_IsRWSession
65
* -- implement public accessors --
66
* nssCKFWSession_GetMDSession
67
* nssCKFWSession_GetArena
68
* nssCKFWSession_CallNotification
69
* nssCKFWSession_IsRWSession
72
* -- private accessors --
73
* nssCKFWSession_GetSlot
74
* nssCKFWSession_GetSessionState
75
* nssCKFWSession_SetFWFindObjects
76
* nssCKFWSession_GetFWFindObjects
77
* nssCKFWSession_SetMDSession
78
* nssCKFWSession_SetHandle
79
* nssCKFWSession_GetHandle
80
* nssCKFWSession_RegisterSessionObject
81
* nssCKFWSession_DeegisterSessionObject
84
* nssCKFWSession_GetDeviceError
85
* nssCKFWSession_Login
86
* nssCKFWSession_Logout
87
* nssCKFWSession_InitPIN
88
* nssCKFWSession_SetPIN
89
* nssCKFWSession_GetOperationStateLen
90
* nssCKFWSession_GetOperationState
91
* nssCKFWSession_SetOperationState
92
* nssCKFWSession_CreateObject
93
* nssCKFWSession_CopyObject
94
* nssCKFWSession_FindObjectsInit
95
* nssCKFWSession_SeedRandom
96
* nssCKFWSession_GetRandom
99
struct NSSCKFWSessionStr {
101
NSSCKMDSession *mdSession;
102
NSSCKFWToken *fwToken;
103
NSSCKMDToken *mdToken;
104
NSSCKFWInstance *fwInstance;
105
NSSCKMDInstance *mdInstance;
106
CK_VOID_PTR pApplication;
110
* Everything above is set at creation time, and then not modified.
111
* The items below are atomic. No locking required. If we fear
112
* about pointer-copies being nonatomic, we'll lock fwFindObjects.
116
NSSCKFWFindObjects *fwFindObjects;
117
nssCKFWHash *sessionObjectHash;
118
CK_SESSION_HANDLE hSession;
123
* But first, the pointer-tracking stuff.
125
* NOTE: the pointer-tracking support in NSS/base currently relies
126
* upon NSPR's CallOnce support. That, however, relies upon NSPR's
127
* locking, which is tied into the runtime. We need a pointer-tracker
128
* implementation that uses the locks supplied through C_Initialize.
129
* That support, however, can be filled in later. So for now, I'll
130
* just do this routines as no-ops.
136
const NSSCKFWSession *fwSession
143
session_remove_pointer
145
const NSSCKFWSession *fwSession
152
nssCKFWSession_verifyPointer
154
const NSSCKFWSession *fwSession
163
* nssCKFWSession_Create
166
NSS_IMPLEMENT NSSCKFWSession *
167
nssCKFWSession_Create
169
NSSCKFWToken *fwToken,
171
CK_VOID_PTR pApplication,
176
NSSArena *arena = (NSSArena *)NULL;
177
NSSCKFWSession *fwSession;
181
if( (CK_RV *)NULL == pError ) {
182
return (NSSCKFWSession *)NULL;
185
*pError = nssCKFWToken_verifyPointer(fwToken);
186
if( CKR_OK != *pError ) {
187
return (NSSCKFWSession *)NULL;
189
#endif /* NSSDEBUG */
191
arena = NSSArena_Create();
192
if( (NSSArena *)NULL == arena ) {
193
*pError = CKR_HOST_MEMORY;
194
return (NSSCKFWSession *)NULL;
197
fwSession = nss_ZNEW(arena, NSSCKFWSession);
198
if( (NSSCKFWSession *)NULL == fwSession ) {
199
*pError = CKR_HOST_MEMORY;
203
fwSession->arena = arena;
204
fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
205
fwSession->fwToken = fwToken;
206
fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
208
fwSlot = nssCKFWToken_GetFWSlot(fwToken);
209
fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
210
fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
213
fwSession->pApplication = pApplication;
214
fwSession->Notify = Notify;
216
fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
218
fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
219
if( (nssCKFWHash *)NULL == fwSession->sessionObjectHash ) {
220
if( CKR_OK == *pError ) {
221
*pError = CKR_GENERAL_ERROR;
227
*pError = session_add_pointer(fwSession);
228
if( CKR_OK != *pError ) {
236
if( (NSSArena *)NULL != arena ) {
237
if( fwSession && (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
238
(void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
240
NSSArena_Destroy(arena);
243
return (NSSCKFWSession *)NULL;
247
nss_ckfw_session_object_destroy_iterator
254
NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
255
nssCKFWObject_Finalize(fwObject);
259
* nssCKFWSession_Destroy
263
nssCKFWSession_Destroy
265
NSSCKFWSession *fwSession,
266
CK_BBOOL removeFromTokenHash
269
CK_RV error = CKR_OK;
270
nssCKFWHash *sessionObjectHash;
273
error = nssCKFWSession_verifyPointer(fwSession);
274
if( CKR_OK != error ) {
277
#endif /* NSSDEBUG */
279
if( removeFromTokenHash ) {
280
error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
284
* Invalidate session objects
287
sessionObjectHash = fwSession->sessionObjectHash;
288
fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
290
nssCKFWHash_Iterate(sessionObjectHash,
291
nss_ckfw_session_object_destroy_iterator,
295
(void)session_remove_pointer(fwSession);
297
(void)nssCKFWHash_Destroy(sessionObjectHash);
298
NSSArena_Destroy(fwSession->arena);
304
* nssCKFWSession_GetMDSession
307
NSS_IMPLEMENT NSSCKMDSession *
308
nssCKFWSession_GetMDSession
310
NSSCKFWSession *fwSession
314
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
315
return (NSSCKMDSession *)NULL;
317
#endif /* NSSDEBUG */
319
return fwSession->mdSession;
323
* nssCKFWSession_GetArena
326
NSS_IMPLEMENT NSSArena *
327
nssCKFWSession_GetArena
329
NSSCKFWSession *fwSession,
334
if( (CK_RV *)NULL == pError ) {
335
return (NSSArena *)NULL;
338
*pError = nssCKFWSession_verifyPointer(fwSession);
339
if( CKR_OK != *pError ) {
340
return (NSSArena *)NULL;
342
#endif /* NSSDEBUG */
344
return fwSession->arena;
348
* nssCKFWSession_CallNotification
352
nssCKFWSession_CallNotification
354
NSSCKFWSession *fwSession,
355
CK_NOTIFICATION event
358
CK_RV error = CKR_OK;
359
CK_SESSION_HANDLE handle;
362
error = nssCKFWSession_verifyPointer(fwSession);
363
if( CKR_OK != error ) {
366
#endif /* NSSDEBUG */
368
if( (CK_NOTIFY)NULL == fwSession->Notify ) {
372
handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
373
if( (CK_SESSION_HANDLE)0 == handle ) {
374
return CKR_GENERAL_ERROR;
377
error = fwSession->Notify(handle, event, fwSession->pApplication);
383
* nssCKFWSession_IsRWSession
386
NSS_IMPLEMENT CK_BBOOL
387
nssCKFWSession_IsRWSession
389
NSSCKFWSession *fwSession
393
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
396
#endif /* NSSDEBUG */
398
return fwSession->rw;
402
* nssCKFWSession_IsSO
405
NSS_IMPLEMENT CK_BBOOL
408
NSSCKFWSession *fwSession
414
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
417
#endif /* NSSDEBUG */
419
state = nssCKFWToken_GetSessionState(fwSession->fwToken);
421
case CKS_RO_PUBLIC_SESSION:
422
case CKS_RO_USER_FUNCTIONS:
423
case CKS_RW_PUBLIC_SESSION:
424
case CKS_RW_USER_FUNCTIONS:
426
case CKS_RW_SO_FUNCTIONS:
434
* nssCKFWSession_GetFWSlot
437
NSS_IMPLEMENT NSSCKFWSlot *
438
nssCKFWSession_GetFWSlot
440
NSSCKFWSession *fwSession
444
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
445
return (NSSCKFWSlot *)NULL;
447
#endif /* NSSDEBUG */
449
return nssCKFWToken_GetFWSlot(fwSession->fwToken);
453
* nssCFKWSession_GetSessionState
456
NSS_IMPLEMENT CK_STATE
457
nssCKFWSession_GetSessionState
459
NSSCKFWSession *fwSession
463
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
464
return CKS_RO_PUBLIC_SESSION; /* whatever */
466
#endif /* NSSDEBUG */
468
return nssCKFWToken_GetSessionState(fwSession->fwToken);
472
* nssCKFWSession_SetFWFindObjects
476
nssCKFWSession_SetFWFindObjects
478
NSSCKFWSession *fwSession,
479
NSSCKFWFindObjects *fwFindObjects
483
CK_RV error = CKR_OK;
484
#endif /* NSSDEBUG */
487
error = nssCKFWSession_verifyPointer(fwSession);
488
if( CKR_OK != error ) {
492
/* fwFindObjects may be null */
493
#endif /* NSSDEBUG */
495
if( ((NSSCKFWFindObjects *)NULL != fwSession->fwFindObjects) &&
496
((NSSCKFWFindObjects *)NULL != fwFindObjects) ) {
497
return CKR_OPERATION_ACTIVE;
500
fwSession->fwFindObjects = fwFindObjects;
506
* nssCKFWSession_GetFWFindObjects
509
NSS_IMPLEMENT NSSCKFWFindObjects *
510
nssCKFWSession_GetFWFindObjects
512
NSSCKFWSession *fwSession,
517
if( (CK_RV *)NULL == pError ) {
518
return (NSSCKFWFindObjects *)NULL;
521
*pError = nssCKFWSession_verifyPointer(fwSession);
522
if( CKR_OK != *pError ) {
523
return (NSSCKFWFindObjects *)NULL;
525
#endif /* NSSDEBUG */
527
if( (NSSCKFWFindObjects *)NULL == fwSession->fwFindObjects ) {
528
*pError = CKR_OPERATION_NOT_INITIALIZED;
529
return (NSSCKFWFindObjects *)NULL;
532
return fwSession->fwFindObjects;
536
* nssCKFWSession_SetMDSession
540
nssCKFWSession_SetMDSession
542
NSSCKFWSession *fwSession,
543
NSSCKMDSession *mdSession
547
CK_RV error = CKR_OK;
548
#endif /* NSSDEBUG */
551
error = nssCKFWSession_verifyPointer(fwSession);
552
if( CKR_OK != error ) {
556
if( (NSSCKMDSession *)NULL == mdSession ) {
557
return CKR_ARGUMENTS_BAD;
559
#endif /* NSSDEBUG */
561
if( (NSSCKMDSession *)NULL != fwSession->mdSession ) {
562
return CKR_GENERAL_ERROR;
565
fwSession->mdSession = mdSession;
571
* nssCKFWSession_SetHandle
575
nssCKFWSession_SetHandle
577
NSSCKFWSession *fwSession,
578
CK_SESSION_HANDLE hSession
582
CK_RV error = CKR_OK;
583
#endif /* NSSDEBUG */
586
error = nssCKFWSession_verifyPointer(fwSession);
587
if( CKR_OK != error ) {
590
#endif /* NSSDEBUG */
592
if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
593
return CKR_GENERAL_ERROR;
596
fwSession->hSession = hSession;
602
* nssCKFWSession_GetHandle
605
NSS_IMPLEMENT CK_SESSION_HANDLE
606
nssCKFWSession_GetHandle
608
NSSCKFWSession *fwSession
612
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
615
#endif /* NSSDEBUG */
617
return fwSession->hSession;
621
* nssCKFWSession_RegisterSessionObject
625
nssCKFWSession_RegisterSessionObject
627
NSSCKFWSession *fwSession,
628
NSSCKFWObject *fwObject
634
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
635
return CKR_GENERAL_ERROR;
637
#endif /* NSSDEBUG */
639
if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
640
rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
647
* nssCKFWSession_DeregisterSessionObject
651
nssCKFWSession_DeregisterSessionObject
653
NSSCKFWSession *fwSession,
654
NSSCKFWObject *fwObject
658
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
659
return CKR_GENERAL_ERROR;
661
#endif /* NSSDEBUG */
663
if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
664
nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
671
* nssCKFWSession_GetDeviceError
674
NSS_IMPLEMENT CK_ULONG
675
nssCKFWSession_GetDeviceError
677
NSSCKFWSession *fwSession
681
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
685
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
688
#endif /* NSSDEBUG */
690
if( (void *)NULL == (void *)fwSession->mdSession->GetDeviceError ) {
694
return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
695
fwSession, fwSession->mdToken, fwSession->fwToken,
696
fwSession->mdInstance, fwSession->fwInstance);
700
* nssCKFWSession_Login
706
NSSCKFWSession *fwSession,
707
CK_USER_TYPE userType,
711
CK_RV error = CKR_OK;
716
error = nssCKFWSession_verifyPointer(fwSession);
717
if( CKR_OK != error ) {
726
return CKR_USER_TYPE_INVALID;
729
if( (NSSItem *)NULL == pin ) {
730
if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
731
return CKR_ARGUMENTS_BAD;
735
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
736
return CKR_GENERAL_ERROR;
738
#endif /* NSSDEBUG */
740
oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
743
* It's not clear what happens when you're already logged in.
744
* I'll just fail; but if we decide to change, the logic is
748
if( CKU_SO == userType ) {
750
case CKS_RO_PUBLIC_SESSION:
752
* There's no such thing as a read-only security officer
753
* session, so fail. The error should be CKR_SESSION_READ_ONLY,
754
* except that C_Login isn't defined to return that. So we'll
755
* do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
757
return CKR_SESSION_READ_ONLY_EXISTS;
758
case CKS_RO_USER_FUNCTIONS:
759
return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
760
case CKS_RW_PUBLIC_SESSION:
761
newState = CKS_RW_SO_FUNCTIONS;
763
case CKS_RW_USER_FUNCTIONS:
764
return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
765
case CKS_RW_SO_FUNCTIONS:
766
return CKR_USER_ALREADY_LOGGED_IN;
768
return CKR_GENERAL_ERROR;
770
} else /* CKU_USER == userType */ {
772
case CKS_RO_PUBLIC_SESSION:
773
newState = CKS_RO_USER_FUNCTIONS;
775
case CKS_RO_USER_FUNCTIONS:
776
return CKR_USER_ALREADY_LOGGED_IN;
777
case CKS_RW_PUBLIC_SESSION:
778
newState = CKS_RW_USER_FUNCTIONS;
780
case CKS_RW_USER_FUNCTIONS:
781
return CKR_USER_ALREADY_LOGGED_IN;
782
case CKS_RW_SO_FUNCTIONS:
783
return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
785
return CKR_GENERAL_ERROR;
790
* So now we're in one of three cases:
792
* Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
793
* Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
794
* Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
797
if( (void *)NULL == (void *)fwSession->mdSession->Login ) {
799
* The Module doesn't want to be informed (or check the pin)
800
* it'll just rely on the Framework as needed.
804
error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
805
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
806
fwSession->fwInstance, userType, pin, oldState, newState);
807
if( CKR_OK != error ) {
812
(void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
817
* nssCKFWSession_Logout
821
nssCKFWSession_Logout
823
NSSCKFWSession *fwSession
826
CK_RV error = CKR_OK;
831
error = nssCKFWSession_verifyPointer(fwSession);
832
if( CKR_OK != error ) {
836
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
837
return CKR_GENERAL_ERROR;
839
#endif /* NSSDEBUG */
841
oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
844
case CKS_RO_PUBLIC_SESSION:
845
return CKR_USER_NOT_LOGGED_IN;
846
case CKS_RO_USER_FUNCTIONS:
847
newState = CKS_RO_PUBLIC_SESSION;
849
case CKS_RW_PUBLIC_SESSION:
850
return CKR_USER_NOT_LOGGED_IN;
851
case CKS_RW_USER_FUNCTIONS:
852
newState = CKS_RW_PUBLIC_SESSION;
854
case CKS_RW_SO_FUNCTIONS:
855
newState = CKS_RW_PUBLIC_SESSION;
858
return CKR_GENERAL_ERROR;
862
* So now we're in one of three cases:
864
* Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
865
* Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
866
* Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
869
if( (void *)NULL == (void *)fwSession->mdSession->Logout ) {
871
* The Module doesn't want to be informed. Okay.
875
error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
876
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
877
fwSession->fwInstance, oldState, newState);
878
if( CKR_OK != error ) {
880
* Now what?! A failure really should end up with the Framework
881
* considering it logged out, right?
887
(void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
892
* nssCKFWSession_InitPIN
896
nssCKFWSession_InitPIN
898
NSSCKFWSession *fwSession,
902
CK_RV error = CKR_OK;
906
error = nssCKFWSession_verifyPointer(fwSession);
907
if( CKR_OK != error ) {
911
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
912
return CKR_GENERAL_ERROR;
914
#endif /* NSSDEBUG */
916
state = nssCKFWToken_GetSessionState(fwSession->fwToken);
917
if( CKS_RW_SO_FUNCTIONS != state ) {
918
return CKR_USER_NOT_LOGGED_IN;
921
if( (NSSItem *)NULL == pin ) {
922
CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
923
if( CK_TRUE != has ) {
924
return CKR_ARGUMENTS_BAD;
928
if( (void *)NULL == (void *)fwSession->mdSession->InitPIN ) {
929
return CKR_TOKEN_WRITE_PROTECTED;
932
error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
933
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
934
fwSession->fwInstance, pin);
940
* nssCKFWSession_SetPIN
944
nssCKFWSession_SetPIN
946
NSSCKFWSession *fwSession,
951
CK_RV error = CKR_OK;
955
error = nssCKFWSession_verifyPointer(fwSession);
956
if( CKR_OK != error ) {
960
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
961
return CKR_GENERAL_ERROR;
963
#endif /* NSSDEBUG */
965
state = nssCKFWToken_GetSessionState(fwSession->fwToken);
966
if( (CKS_RW_SO_FUNCTIONS != state) &&
967
(CKS_RW_USER_FUNCTIONS != state) ) {
968
return CKR_USER_NOT_LOGGED_IN;
971
if( (NSSItem *)NULL == newPin ) {
972
CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
973
if( CK_TRUE != has ) {
974
return CKR_ARGUMENTS_BAD;
978
if( (NSSItem *)NULL == oldPin ) {
979
CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
980
if( CK_TRUE != has ) {
981
return CKR_ARGUMENTS_BAD;
985
if( (void *)NULL == (void *)fwSession->mdSession->SetPIN ) {
986
return CKR_TOKEN_WRITE_PROTECTED;
989
error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
990
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
991
fwSession->fwInstance, newPin, oldPin);
997
* nssCKFWSession_GetOperationStateLen
1000
NSS_IMPLEMENT CK_ULONG
1001
nssCKFWSession_GetOperationStateLen
1003
NSSCKFWSession *fwSession,
1011
if( (CK_RV *)NULL == pError ) {
1015
*pError = nssCKFWSession_verifyPointer(fwSession);
1016
if( CKR_OK != *pError ) {
1020
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1021
*pError = CKR_GENERAL_ERROR;
1024
#endif /* NSSDEBUG */
1026
if( (void *)NULL == (void *)fwSession->mdSession->GetOperationStateLen ) {
1027
*pError = CKR_STATE_UNSAVEABLE;
1031
* We could check that the session is actually in some state..
1034
mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
1035
fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
1036
fwSession->fwInstance, pError);
1038
if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
1043
* Add a bit of sanity-checking
1045
fwAmt = mdAmt + 2*sizeof(CK_ULONG);
1051
* nssCKFWSession_GetOperationState
1055
nssCKFWSession_GetOperationState
1057
NSSCKFWSession *fwSession,
1061
CK_RV error = CKR_OK;
1068
error = nssCKFWSession_verifyPointer(fwSession);
1069
if( CKR_OK != error ) {
1073
if( (NSSItem *)NULL == buffer ) {
1074
return CKR_ARGUMENTS_BAD;
1077
if( (void *)NULL == buffer->data ) {
1078
return CKR_ARGUMENTS_BAD;
1081
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1082
return CKR_GENERAL_ERROR;
1084
#endif /* NSSDEBUG */
1086
if( (void *)NULL == (void *)fwSession->mdSession->GetOperationState ) {
1087
return CKR_STATE_UNSAVEABLE;
1091
* Sanity-check the caller's buffer.
1095
fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1096
if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
1100
if( buffer->size < fwAmt ) {
1101
return CKR_BUFFER_TOO_SMALL;
1104
ulBuffer = (CK_ULONG *)buffer->data;
1106
i2.size = buffer->size - 2*sizeof(CK_ULONG);
1107
i2.data = (void *)&ulBuffer[2];
1109
error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
1110
fwSession, fwSession->mdToken, fwSession->fwToken,
1111
fwSession->mdInstance, fwSession->fwInstance, &i2);
1113
if( CKR_OK != error ) {
1118
* Add a little integrety/identity check.
1119
* NOTE: right now, it's pretty stupid.
1120
* A CRC or something would be better.
1123
ulBuffer[0] = 0x434b4657; /* CKFW */
1125
n = i2.size/sizeof(CK_ULONG);
1126
for( i = 0; i < n; i++ ) {
1127
ulBuffer[1] ^= ulBuffer[2+i];
1134
* nssCKFWSession_SetOperationState
1138
nssCKFWSession_SetOperationState
1140
NSSCKFWSession *fwSession,
1142
NSSCKFWObject *encryptionKey,
1143
NSSCKFWObject *authenticationKey
1146
CK_RV error = CKR_OK;
1151
NSSCKMDObject *mdek;
1152
NSSCKMDObject *mdak;
1155
error = nssCKFWSession_verifyPointer(fwSession);
1156
if( CKR_OK != error ) {
1160
if( (NSSItem *)NULL == state ) {
1161
return CKR_ARGUMENTS_BAD;
1164
if( (void *)NULL == state->data ) {
1165
return CKR_ARGUMENTS_BAD;
1168
if( (NSSCKFWObject *)NULL != encryptionKey ) {
1169
error = nssCKFWObject_verifyPointer(encryptionKey);
1170
if( CKR_OK != error ) {
1175
if( (NSSCKFWObject *)NULL != authenticationKey ) {
1176
error = nssCKFWObject_verifyPointer(authenticationKey);
1177
if( CKR_OK != error ) {
1182
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1183
return CKR_GENERAL_ERROR;
1185
#endif /* NSSDEBUG */
1187
ulBuffer = (CK_ULONG *)state->data;
1188
if( 0x43b4657 != ulBuffer[0] ) {
1189
return CKR_SAVED_STATE_INVALID;
1191
n = (state->size / sizeof(CK_ULONG)) - 2;
1193
for( i = 0; i < n; i++ ) {
1197
if( x != ulBuffer[1] ) {
1198
return CKR_SAVED_STATE_INVALID;
1201
if( (void *)NULL == (void *)fwSession->mdSession->SetOperationState ) {
1202
return CKR_GENERAL_ERROR;
1205
s.size = state->size - 2*sizeof(CK_ULONG);
1206
s.data = (void *)&ulBuffer[2];
1208
if( (NSSCKFWObject *)NULL != encryptionKey ) {
1209
mdek = nssCKFWObject_GetMDObject(encryptionKey);
1211
mdek = (NSSCKMDObject *)NULL;
1214
if( (NSSCKFWObject *)NULL != authenticationKey ) {
1215
mdak = nssCKFWObject_GetMDObject(authenticationKey);
1217
mdak = (NSSCKMDObject *)NULL;
1220
error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
1221
fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
1222
fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
1224
if( CKR_OK != error ) {
1229
* Here'd we restore any session data
1236
nss_attributes_form_token_object
1238
CK_ATTRIBUTE_PTR pTemplate,
1239
CK_ULONG ulAttributeCount
1245
for( i = 0; i < ulAttributeCount; i++ ) {
1246
if( CKA_TOKEN == pTemplate[i].type ) {
1247
/* If we sanity-check, we can remove this sizeof check */
1248
if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
1249
(void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
1261
* nssCKFWSession_CreateObject
1264
NSS_IMPLEMENT NSSCKFWObject *
1265
nssCKFWSession_CreateObject
1267
NSSCKFWSession *fwSession,
1268
CK_ATTRIBUTE_PTR pTemplate,
1269
CK_ULONG ulAttributeCount,
1274
NSSCKMDObject *mdObject;
1275
NSSCKFWObject *fwObject;
1276
CK_BBOOL isTokenObject;
1279
if( (CK_RV *)NULL == pError ) {
1280
return (NSSCKFWObject *)NULL;
1283
*pError = nssCKFWSession_verifyPointer(fwSession);
1284
if( CKR_OK != pError ) {
1285
return (NSSCKFWObject *)NULL;
1288
if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
1289
*pError = CKR_ARGUMENTS_BAD;
1290
return (NSSCKFWObject *)NULL;
1293
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1294
*pError = CKR_GENERAL_ERROR;
1295
return (NSSCKFWObject *)NULL;
1297
#endif /* NSSDEBUG */
1300
* Here would be an excellent place to sanity-check the object.
1303
isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
1304
if( CK_TRUE == isTokenObject ) {
1305
/* === TOKEN OBJECT === */
1307
if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
1308
*pError = CKR_TOKEN_WRITE_PROTECTED;
1309
return (NSSCKFWObject *)NULL;
1312
arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
1313
if( (NSSArena *)NULL == arena ) {
1314
if( CKR_OK == *pError ) {
1315
*pError = CKR_GENERAL_ERROR;
1317
return (NSSCKFWObject *)NULL;
1320
goto callmdcreateobject;
1322
/* === SESSION OBJECT === */
1324
arena = nssCKFWSession_GetArena(fwSession, pError);
1325
if( (NSSArena *)NULL == arena ) {
1326
if( CKR_OK == *pError ) {
1327
*pError = CKR_GENERAL_ERROR;
1329
return (NSSCKFWObject *)NULL;
1332
if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
1333
fwSession->fwInstance) ) {
1334
/* --- module handles the session object -- */
1336
if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
1337
*pError = CKR_GENERAL_ERROR;
1338
return (NSSCKFWObject *)NULL;
1341
goto callmdcreateobject;
1343
/* --- framework handles the session object -- */
1344
mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
1345
arena, pTemplate, ulAttributeCount, pError);
1351
mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
1352
fwSession, fwSession->mdToken, fwSession->fwToken,
1353
fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
1354
ulAttributeCount, pError);
1357
if( (NSSCKMDObject *)NULL == mdObject ) {
1358
if( CKR_OK == *pError ) {
1359
*pError = CKR_GENERAL_ERROR;
1361
return (NSSCKFWObject *)NULL;
1364
fwObject = nssCKFWObject_Create(arena, mdObject, fwSession,
1365
fwSession->fwToken, fwSession->fwInstance, pError);
1366
if( (NSSCKFWObject *)NULL == fwObject ) {
1367
if( CKR_OK == *pError ) {
1368
*pError = CKR_GENERAL_ERROR;
1371
if( (void *)NULL != (void *)mdObject->Destroy ) {
1372
(void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
1373
fwSession->mdSession, fwSession, fwSession->mdToken,
1374
fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
1377
return (NSSCKFWObject *)NULL;
1380
if( CK_FALSE == isTokenObject ) {
1381
if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
1382
*pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
1383
if( CKR_OK != *pError ) {
1384
nssCKFWObject_Finalize(fwObject);
1385
return (NSSCKFWObject *)NULL;
1394
* nssCKFWSession_CopyObject
1397
NSS_IMPLEMENT NSSCKFWObject *
1398
nssCKFWSession_CopyObject
1400
NSSCKFWSession *fwSession,
1401
NSSCKFWObject *fwObject,
1402
CK_ATTRIBUTE_PTR pTemplate,
1403
CK_ULONG ulAttributeCount,
1407
CK_BBOOL oldIsToken;
1408
CK_BBOOL newIsToken;
1413
if( (CK_RV *)NULL == pError ) {
1414
return (NSSCKFWObject *)NULL;
1417
*pError = nssCKFWSession_verifyPointer(fwSession);
1418
if( CKR_OK != *pError ) {
1419
return (NSSCKFWObject *)NULL;
1422
*pError = nssCKFWObject_verifyPointer(fwObject);
1423
if( CKR_OK != *pError ) {
1424
return (NSSCKFWObject *)NULL;
1427
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1428
*pError = CKR_GENERAL_ERROR;
1429
return (NSSCKFWObject *)NULL;
1431
#endif /* NSSDEBUG */
1434
* Sanity-check object
1437
oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
1439
newIsToken = oldIsToken;
1440
for( i = 0; i < ulAttributeCount; i++ ) {
1441
if( CKA_TOKEN == pTemplate[i].type ) {
1442
/* Since we sanity-checked the object, we know this is the right size. */
1443
(void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
1449
* If the Module handles its session objects, or if both the new
1450
* and old object are token objects, use CopyObject if it exists.
1453
if( ((void *)NULL != (void *)fwSession->mdSession->CopyObject) &&
1454
(((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
1455
(CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
1456
fwSession->fwInstance))) ) {
1457
/* use copy object */
1459
NSSCKMDObject *mdOldObject;
1460
NSSCKMDObject *mdObject;
1462
mdOldObject = nssCKFWObject_GetMDObject(fwObject);
1464
if( CK_TRUE == newIsToken ) {
1465
arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
1467
arena = nssCKFWSession_GetArena(fwSession, pError);
1469
if( (NSSArena *)NULL == arena ) {
1470
if( CKR_OK == *pError ) {
1471
*pError = CKR_GENERAL_ERROR;
1473
return (NSSCKFWObject *)NULL;
1476
mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
1477
fwSession, fwSession->mdToken, fwSession->fwToken,
1478
fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
1479
fwObject, arena, pTemplate, ulAttributeCount, pError);
1480
if( (NSSCKMDObject *)NULL == mdObject ) {
1481
if( CKR_OK == *pError ) {
1482
*pError = CKR_GENERAL_ERROR;
1484
return (NSSCKFWObject *)NULL;
1487
rv = nssCKFWObject_Create(arena, mdObject, fwSession,
1488
fwSession->fwToken, fwSession->fwInstance, pError);
1489
if( (NSSCKFWObject *)NULL == fwObject ) {
1490
if( CKR_OK == *pError ) {
1491
*pError = CKR_GENERAL_ERROR;
1494
if( (void *)NULL != (void *)mdObject->Destroy ) {
1495
(void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
1496
fwSession->mdSession, fwSession, fwSession->mdToken,
1497
fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
1500
return (NSSCKFWObject *)NULL;
1503
if( CK_FALSE == newIsToken ) {
1504
if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
1505
*pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
1506
if( CKR_OK != *pError ) {
1507
nssCKFWObject_Finalize(rv);
1508
return (NSSCKFWObject *)NULL;
1515
/* use create object */
1517
CK_ATTRIBUTE_PTR newTemplate;
1518
CK_ULONG i, j, n, newLength, k;
1519
CK_ATTRIBUTE_TYPE_PTR oldTypes;
1522
tmpArena = NSSArena_Create();
1523
if( (NSSArena *)NULL == tmpArena ) {
1524
*pError = CKR_HOST_MEMORY;
1525
return (NSSCKFWObject *)NULL;
1528
n = nssCKFWObject_GetAttributeCount(fwObject, pError);
1529
if( (0 == n) && (CKR_OK != *pError) ) {
1530
return (NSSCKFWObject *)NULL;
1533
oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
1534
if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
1535
NSSArena_Destroy(tmpArena);
1536
*pError = CKR_HOST_MEMORY;
1537
return (NSSCKFWObject *)NULL;
1540
*pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
1541
if( CKR_OK != *pError ) {
1542
NSSArena_Destroy(tmpArena);
1543
return (NSSCKFWObject *)NULL;
1547
for( i = 0; i < ulAttributeCount; i++ ) {
1548
for( j = 0; j < n; j++ ) {
1549
if( oldTypes[j] == pTemplate[i].type ) {
1550
if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
1551
/* Removing the attribute */
1563
newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
1564
if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
1565
NSSArena_Destroy(tmpArena);
1566
*pError = CKR_HOST_MEMORY;
1567
return (NSSCKFWObject *)NULL;
1571
for( j = 0; j < n; j++ ) {
1572
for( i = 0; i < ulAttributeCount; i++ ) {
1573
if( oldTypes[j] == pTemplate[i].type ) {
1574
if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
1575
/* This attribute is being deleted */
1578
/* This attribute is being replaced */
1579
newTemplate[k].type = pTemplate[i].type;
1580
newTemplate[k].pValue = pTemplate[i].pValue;
1581
newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
1587
if( i == ulAttributeCount ) {
1588
/* This attribute is being copied over from the old object */
1591
item.data = (void *)NULL;
1592
it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
1593
&item, tmpArena, pError);
1594
if( (NSSItem *)NULL == it ) {
1595
if( CKR_OK == *pError ) {
1596
*pError = CKR_GENERAL_ERROR;
1598
NSSArena_Destroy(tmpArena);
1599
return (NSSCKFWObject *)NULL;
1601
newTemplate[k].type = oldTypes[j];
1602
newTemplate[k].pValue = it->data;
1603
newTemplate[k].ulValueLen = it->size;
1607
/* assert that k == newLength */
1609
rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
1610
if( (NSSCKFWObject *)NULL == rv ) {
1611
if( CKR_OK == *pError ) {
1612
*pError = CKR_GENERAL_ERROR;
1614
NSSArena_Destroy(tmpArena);
1615
return (NSSCKFWObject *)NULL;
1618
NSSArena_Destroy(tmpArena);
1624
* nssCKFWSession_FindObjectsInit
1627
NSS_IMPLEMENT NSSCKFWFindObjects *
1628
nssCKFWSession_FindObjectsInit
1630
NSSCKFWSession *fwSession,
1631
CK_ATTRIBUTE_PTR pTemplate,
1632
CK_ULONG ulAttributeCount,
1636
NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
1637
NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
1640
if( (CK_RV *)NULL == pError ) {
1641
return (NSSCKFWFindObjects *)NULL;
1644
*pError = nssCKFWSession_verifyPointer(fwSession);
1645
if( CKR_OK != *pError ) {
1646
return (NSSCKFWFindObjects *)NULL;
1649
if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
1650
*pError = CKR_ARGUMENTS_BAD;
1651
return (NSSCKFWFindObjects *)NULL;
1654
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1655
*pError = CKR_GENERAL_ERROR;
1656
return (NSSCKFWFindObjects *)NULL;
1658
#endif /* NSSDEBUG */
1660
if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
1661
fwSession->fwInstance) ) {
1665
* Does the search criteria restrict us to token or session
1669
for( i = 0; i < ulAttributeCount; i++ ) {
1670
if( CKA_TOKEN == pTemplate[i].type ) {
1673
if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
1674
*pError = CKR_ATTRIBUTE_VALUE_INVALID;
1675
return (NSSCKFWFindObjects *)NULL;
1677
(void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
1679
if( CK_TRUE == isToken ) {
1680
/* Pass it on to the module's search routine */
1681
if( (void *)NULL == (void *)fwSession->mdSession->FindObjectsInit ) {
1685
mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1686
fwSession, fwSession->mdToken, fwSession->fwToken,
1687
fwSession->mdInstance, fwSession->fwInstance,
1688
pTemplate, ulAttributeCount, pError);
1690
/* Do the search ourselves */
1691
mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1692
pTemplate, ulAttributeCount, pError);
1695
if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
1696
if( CKR_OK == *pError ) {
1697
*pError = CKR_GENERAL_ERROR;
1699
return (NSSCKFWFindObjects *)NULL;
1706
if( i == ulAttributeCount ) {
1707
/* No, it doesn't. Do a hybrid search. */
1708
mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1709
fwSession, fwSession->mdToken, fwSession->fwToken,
1710
fwSession->mdInstance, fwSession->fwInstance,
1711
pTemplate, ulAttributeCount, pError);
1713
if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
1714
if( CKR_OK == *pError ) {
1715
*pError = CKR_GENERAL_ERROR;
1717
return (NSSCKFWFindObjects *)NULL;
1720
mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
1721
pTemplate, ulAttributeCount, pError);
1722
if( (NSSCKMDFindObjects *)NULL == mdfo2 ) {
1723
if( CKR_OK == *pError ) {
1724
*pError = CKR_GENERAL_ERROR;
1726
if( (void *)NULL != (void *)mdfo1->Final ) {
1727
mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
1728
fwSession, fwSession->mdToken, fwSession->fwToken,
1729
fwSession->mdInstance, fwSession->fwInstance);
1731
return (NSSCKFWFindObjects *)NULL;
1738
/* Module handles all its own objects. Pass on to module's search */
1739
mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
1740
fwSession, fwSession->mdToken, fwSession->fwToken,
1741
fwSession->mdInstance, fwSession->fwInstance,
1742
pTemplate, ulAttributeCount, pError);
1744
if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
1745
if( CKR_OK == *pError ) {
1746
*pError = CKR_GENERAL_ERROR;
1748
return (NSSCKFWFindObjects *)NULL;
1755
return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
1756
fwSession->fwInstance, mdfo1, mdfo2, pError);
1760
* nssCKFWSession_SeedRandom
1764
nssCKFWSession_SeedRandom
1766
NSSCKFWSession *fwSession,
1770
CK_RV error = CKR_OK;
1773
error = nssCKFWSession_verifyPointer(fwSession);
1774
if( CKR_OK != error ) {
1778
if( (NSSItem *)NULL == seed ) {
1779
return CKR_ARGUMENTS_BAD;
1782
if( (void *)NULL == seed->data ) {
1783
return CKR_ARGUMENTS_BAD;
1786
if( 0 == seed->size ) {
1787
return CKR_ARGUMENTS_BAD;
1790
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1791
return CKR_GENERAL_ERROR;
1793
#endif /* NSSDEBUG */
1795
if( (void *)NULL == (void *)fwSession->mdSession->SeedRandom ) {
1796
return CKR_RANDOM_SEED_NOT_SUPPORTED;
1799
error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
1800
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
1801
fwSession->fwInstance, seed);
1807
* nssCKFWSession_GetRandom
1811
nssCKFWSession_GetRandom
1813
NSSCKFWSession *fwSession,
1817
CK_RV error = CKR_OK;
1820
error = nssCKFWSession_verifyPointer(fwSession);
1821
if( CKR_OK != error ) {
1825
if( (NSSItem *)NULL == buffer ) {
1826
return CKR_ARGUMENTS_BAD;
1829
if( (void *)NULL == buffer->data ) {
1830
return CKR_ARGUMENTS_BAD;
1833
if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
1834
return CKR_GENERAL_ERROR;
1836
#endif /* NSSDEBUG */
1838
if( (void *)NULL == (void *)fwSession->mdSession->GetRandom ) {
1839
if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
1840
return CKR_GENERAL_ERROR;
1842
return CKR_RANDOM_NO_RNG;
1846
if( 0 == buffer->size ) {
1850
error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
1851
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
1852
fwSession->fwInstance, buffer);
1858
* NSSCKFWSession_GetMDSession
1862
NSS_IMPLEMENT NSSCKMDSession *
1863
NSSCKFWSession_GetMDSession
1865
NSSCKFWSession *fwSession
1869
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
1870
return (NSSCKMDSession *)NULL;
1874
return nssCKFWSession_GetMDSession(fwSession);
1878
* NSSCKFWSession_GetArena
1882
NSS_IMPLEMENT NSSArena *
1883
NSSCKFWSession_GetArena
1885
NSSCKFWSession *fwSession,
1890
if( (CK_RV *)NULL == pError ) {
1891
return (NSSArena *)NULL;
1894
*pError = nssCKFWSession_verifyPointer(fwSession);
1895
if( CKR_OK != *pError ) {
1896
return (NSSArena *)NULL;
1900
return nssCKFWSession_GetArena(fwSession, pError);
1904
* NSSCKFWSession_CallNotification
1909
NSSCKFWSession_CallNotification
1911
NSSCKFWSession *fwSession,
1912
CK_NOTIFICATION event
1916
CK_RV error = CKR_OK;
1918
error = nssCKFWSession_verifyPointer(fwSession);
1919
if( CKR_OK != error ) {
1924
return nssCKFWSession_CallNotification(fwSession, event);
1928
* NSSCKFWSession_IsRWSession
1932
NSS_IMPLEMENT CK_BBOOL
1933
NSSCKFWSession_IsRWSession
1935
NSSCKFWSession *fwSession
1939
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
1944
return nssCKFWSession_IsRWSession(fwSession);
1948
* NSSCKFWSession_IsSO
1952
NSS_IMPLEMENT CK_BBOOL
1955
NSSCKFWSession *fwSession
1959
if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
1964
return nssCKFWSession_IsSO(fwSession);