1
/* ***** BEGIN LICENSE BLOCK *****
2
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
4
* The contents of this file are subject to the Mozilla Public License Version
5
* 1.1 (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
7
* http://www.mozilla.org/MPL/
9
* Software distributed under the License is distributed on an "AS IS" basis,
10
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11
* for the specific language governing rights and limitations under the
14
* The Original Code is the Netscape security libraries.
16
* The Initial Developer of the Original Code is
17
* Netscape Communications Corporation.
18
* Portions created by the Initial Developer are Copyright (C) 1994-2000
19
* the Initial Developer. All Rights Reserved.
23
* Alternatively, the contents of this file may be used under the terms of
24
* either the GNU General Public License Version 2 or later (the "GPL"), or
25
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26
* in which case the provisions of the GPL or the LGPL are applicable instead
27
* of those above. If you wish to allow use of your version of this file only
28
* under the terms of either the GPL or the LGPL, and not to allow others to
29
* use your version of this file under the terms of the MPL, indicate your
30
* decision by deleting the provisions above and replace them with the notice
31
* and other provisions required by the GPL or the LGPL. If you do not delete
32
* the provisions above, a recipient may use your version of this file under
33
* the terms of any one of the MPL, the GPL or the LGPL.
35
* ***** END LICENSE BLOCK ***** */
38
static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.13.2.1 $ $Date: 2006/06/10 22:19:16 $";
44
* This file contains the routines that actually implement the cryptoki
45
* API, using the internal APIs of the NSS Cryptoki Framework. There is
46
* one routine here for every cryptoki routine. For linking reasons
47
* the actual entry points passed back with C_GetFunctionList have to
48
* exist in one of the Module's source files; however, those are merely
49
* simple wrappers that call these routines. The intelligence of the
50
* implementations is here.
61
* -- NSSCKFWC_GetFunctionList -- see the API insert file
62
* NSSCKFWC_GetSlotList
63
* NSSCKFWC_GetSlotInfo
64
* NSSCKFWC_GetTokenInfo
65
* NSSCKFWC_WaitForSlotEvent
66
* NSSCKFWC_GetMechanismList
67
* NSSCKFWC_GetMechanismInfo
71
* NSSCKFWC_OpenSession
72
* NSSCKFWC_CloseSession
73
* NSSCKFWC_CloseAllSessions
74
* NSSCKFWC_GetSessionInfo
75
* NSSCKFWC_GetOperationState
76
* NSSCKFWC_SetOperationState
79
* NSSCKFWC_CreateObject
81
* NSSCKFWC_DestroyObject
82
* NSSCKFWC_GetObjectSize
83
* NSSCKFWC_GetAttributeValue
84
* NSSCKFWC_SetAttributeValue
85
* NSSCKFWC_FindObjectsInit
86
* NSSCKFWC_FindObjects
87
* NSSCKFWC_FindObjectsFinal
88
* NSSCKFWC_EncryptInit
90
* NSSCKFWC_EncryptUpdate
91
* NSSCKFWC_EncryptFinal
92
* NSSCKFWC_DecryptInit
94
* NSSCKFWC_DecryptUpdate
95
* NSSCKFWC_DecryptFinal
98
* NSSCKFWC_DigestUpdate
100
* NSSCKFWC_DigestFinal
103
* NSSCKFWC_SignUpdate
105
* NSSCKFWC_SignRecoverInit
106
* NSSCKFWC_SignRecover
107
* NSSCKFWC_VerifyInit
109
* NSSCKFWC_VerifyUpdate
110
* NSSCKFWC_VerifyFinal
111
* NSSCKFWC_VerifyRecoverInit
112
* NSSCKFWC_VerifyRecover
113
* NSSCKFWC_DigestEncryptUpdate
114
* NSSCKFWC_DecryptDigestUpdate
115
* NSSCKFWC_SignEncryptUpdate
116
* NSSCKFWC_DecryptVerifyUpdate
117
* NSSCKFWC_GenerateKey
118
* NSSCKFWC_GenerateKeyPair
122
* NSSCKFWC_SeedRandom
123
* NSSCKFWC_GenerateRandom
124
* NSSCKFWC_GetFunctionStatus
125
* NSSCKFWC_CancelFunction
128
/* figure out out locking semantics */
130
nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
131
CryptokiLockingState *pLocking_state) {
132
int functionCount = 0;
134
/* parsed according to (PKCS #11 Section 11.4) */
135
/* no args, the degenerate version of case 1 */
137
*pLocking_state = SingleThreaded;
141
/* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
142
if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
143
*pLocking_state = MultiThreaded;
146
if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
147
if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
148
if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
149
if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
151
/* CKF_OS_LOCKING_OK is not set, and not functions supplied,
153
if (0 == functionCount) {
154
*pLocking_state = SingleThreaded;
158
/* OS_LOCKING_OK is not set and functions have been supplied. Since
159
* ckfw uses nssbase library which explicitly calls NSPR, and since
160
* there is no way to reliably override these explicit calls to NSPR,
161
* therefore we can't support applications which have their own threading
162
* module. Return CKR_CANT_LOCK if they supplied the correct number of
163
* arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
164
* fail the initialize */
165
return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
169
* NSSCKFWC_Initialize
175
NSSCKFWInstance **pFwInstance,
176
NSSCKMDInstance *mdInstance,
177
CK_VOID_PTR pInitArgs
180
CK_RV error = CKR_OK;
181
CryptokiLockingState locking_state;
183
if( (NSSCKFWInstance **)NULL == pFwInstance ) {
184
error = CKR_GENERAL_ERROR;
188
if( (NSSCKFWInstance *)NULL != *pFwInstance ) {
189
error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
193
if( (NSSCKMDInstance *)NULL == mdInstance ) {
194
error = CKR_GENERAL_ERROR;
198
error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
199
if( CKR_OK != error ) {
203
*pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
204
if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
212
case CKR_ARGUMENTS_BAD:
214
case CKR_CRYPTOKI_ALREADY_INITIALIZED:
215
case CKR_FUNCTION_FAILED:
216
case CKR_GENERAL_ERROR:
217
case CKR_HOST_MEMORY:
218
case CKR_NEED_TO_CREATE_THREADS:
222
error = CKR_GENERAL_ERROR;
236
NSSCKFWInstance **pFwInstance
239
CK_RV error = CKR_OK;
241
if( (NSSCKFWInstance **)NULL == pFwInstance ) {
242
error = CKR_GENERAL_ERROR;
246
if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
247
error = CKR_CRYPTOKI_NOT_INITIALIZED;
251
error = nssCKFWInstance_Destroy(*pFwInstance);
254
*pFwInstance = (NSSCKFWInstance *)NULL;
258
case CKR_CRYPTOKI_NOT_INITIALIZED:
259
case CKR_FUNCTION_FAILED:
260
case CKR_GENERAL_ERROR:
261
case CKR_HOST_MEMORY:
265
error = CKR_GENERAL_ERROR;
279
NSSCKFWInstance *fwInstance,
283
CK_RV error = CKR_OK;
285
if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
286
error = CKR_ARGUMENTS_BAD;
291
* A purify error here means a caller error
293
(void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
295
pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
297
error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
298
if( CKR_OK != error ) {
302
pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
304
error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
305
if( CKR_OK != error ) {
309
pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
315
case CKR_CRYPTOKI_NOT_INITIALIZED:
316
case CKR_FUNCTION_FAILED:
317
case CKR_GENERAL_ERROR:
318
case CKR_HOST_MEMORY:
321
error = CKR_GENERAL_ERROR;
329
* C_GetFunctionList is implemented entirely in the Module's file which
330
* includes the Framework API insert file. It requires no "actual"
335
* NSSCKFWC_GetSlotList
341
NSSCKFWInstance *fwInstance,
342
CK_BBOOL tokenPresent,
343
CK_SLOT_ID_PTR pSlotList,
344
CK_ULONG_PTR pulCount
347
CK_RV error = CKR_OK;
350
if( (NSSCKFWInstance *)NULL == fwInstance ) {
351
error = CKR_CRYPTOKI_NOT_INITIALIZED;
355
switch( tokenPresent ) {
360
error = CKR_ARGUMENTS_BAD;
364
if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
365
error = CKR_ARGUMENTS_BAD;
369
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
370
if( (CK_ULONG)0 == nSlots ) {
374
if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
380
* A purify error here indicates caller error.
382
(void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
384
if( *pulCount < nSlots ) {
386
error = CKR_BUFFER_TOO_SMALL;
393
* Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
394
* just index one when we need it.
397
for( i = 0; i < nSlots; i++ ) {
406
case CKR_BUFFER_TOO_SMALL:
407
case CKR_CRYPTOKI_NOT_INITIALIZED:
408
case CKR_FUNCTION_FAILED:
409
case CKR_GENERAL_ERROR:
410
case CKR_HOST_MEMORY:
414
error = CKR_GENERAL_ERROR;
422
* NSSCKFWC_GetSlotInfo
428
NSSCKFWInstance *fwInstance,
430
CK_SLOT_INFO_PTR pInfo
433
CK_RV error = CKR_OK;
438
if( (NSSCKFWInstance *)NULL == fwInstance ) {
439
error = CKR_CRYPTOKI_NOT_INITIALIZED;
443
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
444
if( (CK_ULONG)0 == nSlots ) {
448
if( (slotID < 1) || (slotID > nSlots) ) {
449
error = CKR_SLOT_ID_INVALID;
453
if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
454
error = CKR_ARGUMENTS_BAD;
459
* A purify error here indicates caller error.
461
(void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
463
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
464
if( (NSSCKFWSlot **)NULL == slots ) {
468
fwSlot = slots[ slotID-1 ];
470
error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
471
if( CKR_OK != error ) {
475
error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
476
if( CKR_OK != error ) {
480
if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
481
pInfo->flags |= CKF_TOKEN_PRESENT;
484
if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
485
pInfo->flags |= CKF_REMOVABLE_DEVICE;
488
if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
489
pInfo->flags |= CKF_HW_SLOT;
492
pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
493
pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
499
case CKR_CRYPTOKI_NOT_INITIALIZED:
500
case CKR_DEVICE_ERROR:
501
case CKR_FUNCTION_FAILED:
502
case CKR_GENERAL_ERROR:
503
case CKR_HOST_MEMORY:
504
case CKR_SLOT_ID_INVALID:
508
error = CKR_GENERAL_ERROR;
515
* NSSCKFWC_GetTokenInfo
519
NSSCKFWC_GetTokenInfo
521
NSSCKFWInstance *fwInstance,
523
CK_TOKEN_INFO_PTR pInfo
526
CK_RV error = CKR_OK;
530
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
532
if( (NSSCKFWInstance *)NULL == fwInstance ) {
533
error = CKR_CRYPTOKI_NOT_INITIALIZED;
537
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
538
if( (CK_ULONG)0 == nSlots ) {
542
if( (slotID < 1) || (slotID > nSlots) ) {
543
error = CKR_SLOT_ID_INVALID;
547
if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
548
error = CKR_ARGUMENTS_BAD;
553
* A purify error here indicates caller error.
555
(void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
557
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
558
if( (NSSCKFWSlot **)NULL == slots ) {
562
fwSlot = slots[ slotID-1 ];
564
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
565
error = CKR_TOKEN_NOT_PRESENT;
569
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
570
if( (NSSCKFWToken *)NULL == fwToken ) {
574
error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
575
if( CKR_OK != error ) {
579
error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
580
if( CKR_OK != error ) {
584
error = nssCKFWToken_GetModel(fwToken, pInfo->model);
585
if( CKR_OK != error ) {
589
error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
590
if( CKR_OK != error ) {
594
if( nssCKFWToken_GetHasRNG(fwToken) ) {
595
pInfo->flags |= CKF_RNG;
598
if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
599
pInfo->flags |= CKF_WRITE_PROTECTED;
602
if( nssCKFWToken_GetLoginRequired(fwToken) ) {
603
pInfo->flags |= CKF_LOGIN_REQUIRED;
606
if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
607
pInfo->flags |= CKF_USER_PIN_INITIALIZED;
610
if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
611
pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
614
if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
615
pInfo->flags |= CKF_CLOCK_ON_TOKEN;
618
if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
619
pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
622
if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
623
pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
626
pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
627
pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
628
pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
629
pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
630
pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
631
pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
632
pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
633
pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
634
pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
635
pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
636
pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
637
pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
639
error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
640
if( CKR_OK != error ) {
648
case CKR_DEVICE_REMOVED:
649
case CKR_TOKEN_NOT_PRESENT:
651
nssCKFWToken_Destroy(fwToken);
653
case CKR_CRYPTOKI_NOT_INITIALIZED:
654
case CKR_DEVICE_ERROR:
655
case CKR_DEVICE_MEMORY:
656
case CKR_FUNCTION_FAILED:
657
case CKR_GENERAL_ERROR:
658
case CKR_HOST_MEMORY:
659
case CKR_SLOT_ID_INVALID:
660
case CKR_TOKEN_NOT_RECOGNIZED:
664
error = CKR_GENERAL_ERROR;
672
* NSSCKFWC_WaitForSlotEvent
676
NSSCKFWC_WaitForSlotEvent
678
NSSCKFWInstance *fwInstance,
680
CK_SLOT_ID_PTR pSlot,
681
CK_VOID_PTR pReserved
684
CK_RV error = CKR_OK;
691
if( (NSSCKFWInstance *)NULL == fwInstance ) {
692
error = CKR_CRYPTOKI_NOT_INITIALIZED;
696
if( flags & ~CKF_DONT_BLOCK ) {
697
error = CKR_ARGUMENTS_BAD;
701
block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
703
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
704
if( (CK_ULONG)0 == nSlots ) {
708
if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
709
error = CKR_ARGUMENTS_BAD;
713
if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
714
error = CKR_ARGUMENTS_BAD;
718
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
719
if( (NSSCKFWSlot **)NULL == slots ) {
723
fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
724
if( (NSSCKFWSlot *)NULL == fwSlot ) {
728
for( i = 0; i < nSlots; i++ ) {
729
if( fwSlot == slots[i] ) {
730
*pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
735
error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
739
case CKR_CRYPTOKI_NOT_INITIALIZED:
740
case CKR_FUNCTION_FAILED:
741
case CKR_GENERAL_ERROR:
742
case CKR_HOST_MEMORY:
747
error = CKR_GENERAL_ERROR;
755
* NSSCKFWC_GetMechanismList
759
NSSCKFWC_GetMechanismList
761
NSSCKFWInstance *fwInstance,
763
CK_MECHANISM_TYPE_PTR pMechanismList,
764
CK_ULONG_PTR pulCount
767
CK_RV error = CKR_OK;
771
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
774
if( (NSSCKFWInstance *)NULL == fwInstance ) {
775
error = CKR_CRYPTOKI_NOT_INITIALIZED;
779
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
780
if( (CK_ULONG)0 == nSlots ) {
784
if( (slotID < 1) || (slotID > nSlots) ) {
785
error = CKR_SLOT_ID_INVALID;
789
if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
790
error = CKR_ARGUMENTS_BAD;
794
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
795
if( (NSSCKFWSlot **)NULL == slots ) {
799
fwSlot = slots[ slotID-1 ];
801
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
802
error = CKR_TOKEN_NOT_PRESENT;
806
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
807
if( (NSSCKFWToken *)NULL == fwToken ) {
811
count = nssCKFWToken_GetMechanismCount(fwToken);
813
if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
818
if( *pulCount < count ) {
820
error = CKR_BUFFER_TOO_SMALL;
825
* A purify error here indicates caller error.
827
(void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
832
error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
837
if( CKR_OK == error ) {
843
case CKR_DEVICE_REMOVED:
844
case CKR_TOKEN_NOT_PRESENT:
846
nssCKFWToken_Destroy(fwToken);
848
case CKR_BUFFER_TOO_SMALL:
849
case CKR_CRYPTOKI_NOT_INITIALIZED:
850
case CKR_DEVICE_ERROR:
851
case CKR_DEVICE_MEMORY:
852
case CKR_FUNCTION_FAILED:
853
case CKR_GENERAL_ERROR:
854
case CKR_HOST_MEMORY:
855
case CKR_SLOT_ID_INVALID:
856
case CKR_TOKEN_NOT_RECOGNIZED:
860
error = CKR_GENERAL_ERROR;
868
* NSSCKFWC_GetMechanismInfo
872
NSSCKFWC_GetMechanismInfo
874
NSSCKFWInstance *fwInstance,
876
CK_MECHANISM_TYPE type,
877
CK_MECHANISM_INFO_PTR pInfo
880
CK_RV error = CKR_OK;
884
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
885
NSSCKFWMechanism *fwMechanism;
887
if( (NSSCKFWInstance *)NULL == fwInstance ) {
888
error = CKR_CRYPTOKI_NOT_INITIALIZED;
892
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
893
if( (CK_ULONG)0 == nSlots ) {
897
if( (slotID < 1) || (slotID > nSlots) ) {
898
error = CKR_SLOT_ID_INVALID;
902
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
903
if( (NSSCKFWSlot **)NULL == slots ) {
907
fwSlot = slots[ slotID-1 ];
909
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
910
error = CKR_TOKEN_NOT_PRESENT;
914
if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
915
error = CKR_ARGUMENTS_BAD;
920
* A purify error here indicates caller error.
922
(void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
924
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
925
if( (NSSCKFWToken *)NULL == fwToken ) {
929
fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
930
if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
934
pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism);
935
pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism);
937
if( nssCKFWMechanism_GetInHardware(fwMechanism) ) {
938
pInfo->flags |= CKF_HW;
947
case CKR_DEVICE_REMOVED:
948
case CKR_TOKEN_NOT_PRESENT:
950
nssCKFWToken_Destroy(fwToken);
952
case CKR_CRYPTOKI_NOT_INITIALIZED:
953
case CKR_DEVICE_ERROR:
954
case CKR_DEVICE_MEMORY:
955
case CKR_FUNCTION_FAILED:
956
case CKR_GENERAL_ERROR:
957
case CKR_HOST_MEMORY:
958
case CKR_MECHANISM_INVALID:
959
case CKR_SLOT_ID_INVALID:
960
case CKR_TOKEN_NOT_RECOGNIZED:
964
error = CKR_GENERAL_ERROR;
978
NSSCKFWInstance *fwInstance,
985
CK_RV error = CKR_OK;
989
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
993
if( (NSSCKFWInstance *)NULL == fwInstance ) {
994
error = CKR_CRYPTOKI_NOT_INITIALIZED;
998
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
999
if( (CK_ULONG)0 == nSlots ) {
1003
if( (slotID < 1) || (slotID > nSlots) ) {
1004
error = CKR_SLOT_ID_INVALID;
1008
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1009
if( (NSSCKFWSlot **)NULL == slots ) {
1013
fwSlot = slots[ slotID-1 ];
1015
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1016
error = CKR_TOKEN_NOT_PRESENT;
1020
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1021
if( (NSSCKFWToken *)NULL == fwToken ) {
1025
pin.size = (PRUint32)ulPinLen;
1026
pin.data = (void *)pPin;
1027
label = (NSSUTF8 *)pLabel; /* identity conversion */
1029
error = nssCKFWToken_InitToken(fwToken, &pin, label);
1030
if( CKR_OK != error ) {
1038
case CKR_DEVICE_REMOVED:
1039
case CKR_TOKEN_NOT_PRESENT:
1041
nssCKFWToken_Destroy(fwToken);
1043
case CKR_CRYPTOKI_NOT_INITIALIZED:
1044
case CKR_DEVICE_ERROR:
1045
case CKR_DEVICE_MEMORY:
1046
case CKR_FUNCTION_FAILED:
1047
case CKR_GENERAL_ERROR:
1048
case CKR_HOST_MEMORY:
1049
case CKR_PIN_INCORRECT:
1050
case CKR_PIN_LOCKED:
1051
case CKR_SESSION_EXISTS:
1052
case CKR_SLOT_ID_INVALID:
1053
case CKR_TOKEN_NOT_RECOGNIZED:
1054
case CKR_TOKEN_WRITE_PROTECTED:
1058
error = CKR_GENERAL_ERROR;
1072
NSSCKFWInstance *fwInstance,
1073
CK_SESSION_HANDLE hSession,
1078
CK_RV error = CKR_OK;
1079
NSSCKFWSession *fwSession;
1082
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1083
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1087
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1088
if( (NSSCKFWSession *)NULL == fwSession ) {
1089
error = CKR_SESSION_HANDLE_INVALID;
1093
if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1094
arg = (NSSItem *)NULL;
1097
pin.size = (PRUint32)ulPinLen;
1098
pin.data = (void *)pPin;
1101
error = nssCKFWSession_InitPIN(fwSession, arg);
1102
if( CKR_OK != error ) {
1110
case CKR_SESSION_CLOSED:
1111
/* destroy session? */
1113
case CKR_DEVICE_REMOVED:
1114
/* (void)nssCKFWToken_Destroy(fwToken); */
1116
case CKR_CRYPTOKI_NOT_INITIALIZED:
1117
case CKR_DEVICE_ERROR:
1118
case CKR_DEVICE_MEMORY:
1119
case CKR_FUNCTION_FAILED:
1120
case CKR_GENERAL_ERROR:
1121
case CKR_HOST_MEMORY:
1122
case CKR_PIN_INVALID:
1123
case CKR_PIN_LEN_RANGE:
1124
case CKR_SESSION_READ_ONLY:
1125
case CKR_SESSION_HANDLE_INVALID:
1126
case CKR_TOKEN_WRITE_PROTECTED:
1127
case CKR_USER_NOT_LOGGED_IN:
1131
error = CKR_GENERAL_ERROR;
1145
NSSCKFWInstance *fwInstance,
1146
CK_SESSION_HANDLE hSession,
1147
CK_CHAR_PTR pOldPin,
1149
CK_CHAR_PTR pNewPin,
1153
CK_RV error = CKR_OK;
1154
NSSCKFWSession *fwSession;
1155
NSSItem oldPin, newPin, *oldArg, *newArg;
1157
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1158
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1162
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1163
if( (NSSCKFWSession *)NULL == fwSession ) {
1164
error = CKR_SESSION_HANDLE_INVALID;
1168
if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1169
oldArg = (NSSItem *)NULL;
1172
oldPin.size = (PRUint32)ulOldLen;
1173
oldPin.data = (void *)pOldPin;
1176
if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1177
newArg = (NSSItem *)NULL;
1180
newPin.size = (PRUint32)ulNewLen;
1181
newPin.data = (void *)pNewPin;
1184
error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1185
if( CKR_OK != error ) {
1193
case CKR_SESSION_CLOSED:
1194
/* destroy session? */
1196
case CKR_DEVICE_REMOVED:
1197
/* (void)nssCKFWToken_Destroy(fwToken); */
1199
case CKR_CRYPTOKI_NOT_INITIALIZED:
1200
case CKR_DEVICE_ERROR:
1201
case CKR_DEVICE_MEMORY:
1202
case CKR_FUNCTION_FAILED:
1203
case CKR_GENERAL_ERROR:
1204
case CKR_HOST_MEMORY:
1205
case CKR_PIN_INCORRECT:
1206
case CKR_PIN_INVALID:
1207
case CKR_PIN_LEN_RANGE:
1208
case CKR_PIN_LOCKED:
1209
case CKR_SESSION_HANDLE_INVALID:
1210
case CKR_SESSION_READ_ONLY:
1211
case CKR_TOKEN_WRITE_PROTECTED:
1215
error = CKR_GENERAL_ERROR;
1223
* NSSCKFWC_OpenSession
1227
NSSCKFWC_OpenSession
1229
NSSCKFWInstance *fwInstance,
1232
CK_VOID_PTR pApplication,
1234
CK_SESSION_HANDLE_PTR phSession
1237
CK_RV error = CKR_OK;
1239
NSSCKFWSlot **slots;
1240
NSSCKFWSlot *fwSlot;
1241
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1242
NSSCKFWSession *fwSession;
1245
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1246
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1250
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1251
if( (CK_ULONG)0 == nSlots ) {
1255
if( (slotID < 1) || (slotID > nSlots) ) {
1256
error = CKR_SLOT_ID_INVALID;
1260
if( flags & CKF_RW_SESSION ) {
1266
if( flags & CKF_SERIAL_SESSION ) {
1269
error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1273
if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1274
error = CKR_ARGUMENTS_BAD;
1278
if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1279
error = CKR_ARGUMENTS_BAD;
1284
* A purify error here indicates caller error.
1286
*phSession = (CK_SESSION_HANDLE)0;
1288
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1289
if( (NSSCKFWSlot **)NULL == slots ) {
1293
fwSlot = slots[ slotID-1 ];
1295
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1296
error = CKR_TOKEN_NOT_PRESENT;
1300
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1301
if( (NSSCKFWToken *)NULL == fwToken ) {
1305
fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1307
if( (NSSCKFWSession *)NULL == fwSession ) {
1311
*phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1313
if( (CK_SESSION_HANDLE)0 == *phSession ) {
1321
case CKR_SESSION_CLOSED:
1322
/* destroy session? */
1324
case CKR_DEVICE_REMOVED:
1325
/* (void)nssCKFWToken_Destroy(fwToken); */
1327
case CKR_CRYPTOKI_NOT_INITIALIZED:
1328
case CKR_DEVICE_ERROR:
1329
case CKR_DEVICE_MEMORY:
1330
case CKR_FUNCTION_FAILED:
1331
case CKR_GENERAL_ERROR:
1332
case CKR_HOST_MEMORY:
1333
case CKR_SESSION_COUNT:
1334
case CKR_SESSION_EXISTS:
1335
case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1336
case CKR_SESSION_READ_WRITE_SO_EXISTS:
1337
case CKR_SLOT_ID_INVALID:
1338
case CKR_TOKEN_NOT_PRESENT:
1339
case CKR_TOKEN_NOT_RECOGNIZED:
1340
case CKR_TOKEN_WRITE_PROTECTED:
1344
error = CKR_GENERAL_ERROR;
1352
* NSSCKFWC_CloseSession
1356
NSSCKFWC_CloseSession
1358
NSSCKFWInstance *fwInstance,
1359
CK_SESSION_HANDLE hSession
1362
CK_RV error = CKR_OK;
1363
NSSCKFWSession *fwSession;
1365
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1366
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1370
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1371
if( (NSSCKFWSession *)NULL == fwSession ) {
1372
error = CKR_SESSION_HANDLE_INVALID;
1376
nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1377
error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1379
if( CKR_OK != error ) {
1387
case CKR_SESSION_CLOSED:
1388
/* destroy session? */
1390
case CKR_DEVICE_REMOVED:
1391
/* (void)nssCKFWToken_Destroy(fwToken); */
1393
case CKR_CRYPTOKI_NOT_INITIALIZED:
1394
case CKR_DEVICE_ERROR:
1395
case CKR_DEVICE_MEMORY:
1396
case CKR_FUNCTION_FAILED:
1397
case CKR_GENERAL_ERROR:
1398
case CKR_HOST_MEMORY:
1399
case CKR_SESSION_HANDLE_INVALID:
1403
error = CKR_GENERAL_ERROR;
1411
* NSSCKFWC_CloseAllSessions
1415
NSSCKFWC_CloseAllSessions
1417
NSSCKFWInstance *fwInstance,
1421
CK_RV error = CKR_OK;
1423
NSSCKFWSlot **slots;
1424
NSSCKFWSlot *fwSlot;
1425
NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1427
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1428
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1432
nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1433
if( (CK_ULONG)0 == nSlots ) {
1437
if( (slotID < 1) || (slotID > nSlots) ) {
1438
error = CKR_SLOT_ID_INVALID;
1442
slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1443
if( (NSSCKFWSlot **)NULL == slots ) {
1447
fwSlot = slots[ slotID-1 ];
1449
if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1450
error = CKR_TOKEN_NOT_PRESENT;
1454
fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1455
if( (NSSCKFWToken *)NULL == fwToken ) {
1459
error = nssCKFWToken_CloseAllSessions(fwToken);
1460
if( CKR_OK != error ) {
1468
case CKR_DEVICE_REMOVED:
1469
/* (void)nssCKFWToken_Destroy(fwToken); */
1471
case CKR_CRYPTOKI_NOT_INITIALIZED:
1472
case CKR_DEVICE_ERROR:
1473
case CKR_DEVICE_MEMORY:
1474
case CKR_FUNCTION_FAILED:
1475
case CKR_GENERAL_ERROR:
1476
case CKR_HOST_MEMORY:
1477
case CKR_SLOT_ID_INVALID:
1478
case CKR_TOKEN_NOT_PRESENT:
1482
error = CKR_GENERAL_ERROR;
1490
* NSSCKFWC_GetSessionInfo
1494
NSSCKFWC_GetSessionInfo
1496
NSSCKFWInstance *fwInstance,
1497
CK_SESSION_HANDLE hSession,
1498
CK_SESSION_INFO_PTR pInfo
1501
CK_RV error = CKR_OK;
1502
NSSCKFWSession *fwSession;
1503
NSSCKFWSlot *fwSlot;
1505
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1506
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1510
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1511
if( (NSSCKFWSession *)NULL == fwSession ) {
1512
error = CKR_SESSION_HANDLE_INVALID;
1516
if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1517
error = CKR_ARGUMENTS_BAD;
1522
* A purify error here indicates caller error.
1524
(void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1526
fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1527
if( (NSSCKFWSlot *)NULL == fwSlot ) {
1528
error = CKR_GENERAL_ERROR;
1532
pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1533
pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1535
if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1536
pInfo->flags |= CKF_RW_SESSION;
1539
pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1541
pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1547
case CKR_SESSION_CLOSED:
1548
/* destroy session? */
1550
case CKR_DEVICE_REMOVED:
1551
/* (void)nssCKFWToken_Destroy(fwToken); */
1553
case CKR_CRYPTOKI_NOT_INITIALIZED:
1554
case CKR_DEVICE_ERROR:
1555
case CKR_DEVICE_MEMORY:
1556
case CKR_FUNCTION_FAILED:
1557
case CKR_GENERAL_ERROR:
1558
case CKR_HOST_MEMORY:
1559
case CKR_SESSION_HANDLE_INVALID:
1563
error = CKR_GENERAL_ERROR;
1571
* NSSCKFWC_GetOperationState
1575
NSSCKFWC_GetOperationState
1577
NSSCKFWInstance *fwInstance,
1578
CK_SESSION_HANDLE hSession,
1579
CK_BYTE_PTR pOperationState,
1580
CK_ULONG_PTR pulOperationStateLen
1583
CK_RV error = CKR_OK;
1584
NSSCKFWSession *fwSession;
1588
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1589
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1593
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1594
if( (NSSCKFWSession *)NULL == fwSession ) {
1595
error = CKR_SESSION_HANDLE_INVALID;
1599
if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1600
error = CKR_ARGUMENTS_BAD;
1604
len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1605
if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1609
if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1610
*pulOperationStateLen = len;
1614
if( *pulOperationStateLen < len ) {
1615
*pulOperationStateLen = len;
1616
error = CKR_BUFFER_TOO_SMALL;
1620
buf.size = (PRUint32)*pulOperationStateLen;
1621
buf.data = (void *)pOperationState;
1622
*pulOperationStateLen = len;
1623
error = nssCKFWSession_GetOperationState(fwSession, &buf);
1625
if( CKR_OK != error ) {
1633
case CKR_SESSION_CLOSED:
1634
/* destroy session? */
1636
case CKR_DEVICE_REMOVED:
1637
/* (void)nssCKFWToken_Destroy(fwToken); */
1639
case CKR_BUFFER_TOO_SMALL:
1640
case CKR_CRYPTOKI_NOT_INITIALIZED:
1641
case CKR_DEVICE_ERROR:
1642
case CKR_DEVICE_MEMORY:
1643
case CKR_FUNCTION_FAILED:
1644
case CKR_GENERAL_ERROR:
1645
case CKR_HOST_MEMORY:
1646
case CKR_OPERATION_NOT_INITIALIZED:
1647
case CKR_SESSION_HANDLE_INVALID:
1648
case CKR_STATE_UNSAVEABLE:
1652
error = CKR_GENERAL_ERROR;
1660
* NSSCKFWC_SetOperationState
1664
NSSCKFWC_SetOperationState
1666
NSSCKFWInstance *fwInstance,
1667
CK_SESSION_HANDLE hSession,
1668
CK_BYTE_PTR pOperationState,
1669
CK_ULONG ulOperationStateLen,
1670
CK_OBJECT_HANDLE hEncryptionKey,
1671
CK_OBJECT_HANDLE hAuthenticationKey
1674
CK_RV error = CKR_OK;
1675
NSSCKFWSession *fwSession;
1676
NSSCKFWObject *eKey;
1677
NSSCKFWObject *aKey;
1680
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1681
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1685
if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1686
error = CKR_ARGUMENTS_BAD;
1691
* We could loop through the buffer, to catch any purify errors
1692
* in a place with a "user error" note.
1695
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1696
if( (NSSCKFWSession *)NULL == fwSession ) {
1697
error = CKR_SESSION_HANDLE_INVALID;
1701
if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1702
eKey = (NSSCKFWObject *)NULL;
1704
eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1705
if( (NSSCKFWObject *)NULL == eKey ) {
1706
error = CKR_KEY_HANDLE_INVALID;
1711
if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1712
aKey = (NSSCKFWObject *)NULL;
1714
aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1715
if( (NSSCKFWObject *)NULL == aKey ) {
1716
error = CKR_KEY_HANDLE_INVALID;
1721
error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1722
if( CKR_OK != error ) {
1730
case CKR_SESSION_CLOSED:
1731
/* destroy session? */
1733
case CKR_DEVICE_REMOVED:
1734
/* (void)nssCKFWToken_Destroy(fwToken); */
1736
case CKR_CRYPTOKI_NOT_INITIALIZED:
1737
case CKR_DEVICE_ERROR:
1738
case CKR_DEVICE_MEMORY:
1739
case CKR_FUNCTION_FAILED:
1740
case CKR_GENERAL_ERROR:
1741
case CKR_HOST_MEMORY:
1742
case CKR_KEY_CHANGED:
1743
case CKR_KEY_NEEDED:
1744
case CKR_KEY_NOT_NEEDED:
1745
case CKR_SAVED_STATE_INVALID:
1746
case CKR_SESSION_HANDLE_INVALID:
1750
error = CKR_GENERAL_ERROR;
1764
NSSCKFWInstance *fwInstance,
1765
CK_SESSION_HANDLE hSession,
1766
CK_USER_TYPE userType,
1771
CK_RV error = CKR_OK;
1772
NSSCKFWSession *fwSession;
1775
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1776
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1780
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1781
if( (NSSCKFWSession *)NULL == fwSession ) {
1782
error = CKR_SESSION_HANDLE_INVALID;
1786
if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1787
arg = (NSSItem *)NULL;
1790
pin.size = (PRUint32)ulPinLen;
1791
pin.data = (void *)pPin;
1794
error = nssCKFWSession_Login(fwSession, userType, arg);
1795
if( CKR_OK != error ) {
1803
case CKR_SESSION_CLOSED:
1804
/* destroy session? */
1806
case CKR_DEVICE_REMOVED:
1807
/* (void)nssCKFWToken_Destroy(fwToken); */
1809
case CKR_CRYPTOKI_NOT_INITIALIZED:
1810
case CKR_DEVICE_ERROR:
1811
case CKR_DEVICE_MEMORY:
1812
case CKR_FUNCTION_FAILED:
1813
case CKR_GENERAL_ERROR:
1814
case CKR_HOST_MEMORY:
1815
case CKR_PIN_EXPIRED:
1816
case CKR_PIN_INCORRECT:
1817
case CKR_PIN_LOCKED:
1818
case CKR_SESSION_HANDLE_INVALID:
1819
case CKR_SESSION_READ_ONLY_EXISTS:
1820
case CKR_USER_ALREADY_LOGGED_IN:
1821
case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1822
case CKR_USER_PIN_NOT_INITIALIZED:
1823
case CKR_USER_TOO_MANY_TYPES:
1824
case CKR_USER_TYPE_INVALID:
1828
error = CKR_GENERAL_ERROR;
1842
NSSCKFWInstance *fwInstance,
1843
CK_SESSION_HANDLE hSession
1846
CK_RV error = CKR_OK;
1847
NSSCKFWSession *fwSession;
1849
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1850
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1854
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1855
if( (NSSCKFWSession *)NULL == fwSession ) {
1856
error = CKR_SESSION_HANDLE_INVALID;
1860
error = nssCKFWSession_Logout(fwSession);
1861
if( CKR_OK != error ) {
1869
case CKR_SESSION_CLOSED:
1870
/* destroy session? */
1872
case CKR_DEVICE_REMOVED:
1873
/* (void)nssCKFWToken_Destroy(fwToken); */
1875
case CKR_CRYPTOKI_NOT_INITIALIZED:
1876
case CKR_DEVICE_ERROR:
1877
case CKR_DEVICE_MEMORY:
1878
case CKR_FUNCTION_FAILED:
1879
case CKR_GENERAL_ERROR:
1880
case CKR_HOST_MEMORY:
1881
case CKR_SESSION_HANDLE_INVALID:
1882
case CKR_USER_NOT_LOGGED_IN:
1886
error = CKR_GENERAL_ERROR;
1894
* NSSCKFWC_CreateObject
1898
NSSCKFWC_CreateObject
1900
NSSCKFWInstance *fwInstance,
1901
CK_SESSION_HANDLE hSession,
1902
CK_ATTRIBUTE_PTR pTemplate,
1904
CK_OBJECT_HANDLE_PTR phObject
1907
CK_RV error = CKR_OK;
1908
NSSCKFWSession *fwSession;
1909
NSSCKFWObject *fwObject;
1911
if( (NSSCKFWInstance *)NULL == fwInstance ) {
1912
error = CKR_CRYPTOKI_NOT_INITIALIZED;
1916
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1917
if( (NSSCKFWSession *)NULL == fwSession ) {
1918
error = CKR_SESSION_HANDLE_INVALID;
1922
if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1923
error = CKR_ARGUMENTS_BAD;
1928
* A purify error here indicates caller error.
1930
*phObject = (CK_OBJECT_HANDLE)0;
1932
fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
1934
if( (NSSCKFWObject *)NULL == fwObject ) {
1938
*phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1939
if( (CK_OBJECT_HANDLE)0 == *phObject ) {
1940
nssCKFWObject_Destroy(fwObject);
1948
case CKR_SESSION_CLOSED:
1949
/* destroy session? */
1951
case CKR_DEVICE_REMOVED:
1952
/* (void)nssCKFWToken_Destroy(fwToken); */
1954
case CKR_ATTRIBUTE_READ_ONLY:
1955
case CKR_ATTRIBUTE_TYPE_INVALID:
1956
case CKR_ATTRIBUTE_VALUE_INVALID:
1957
case CKR_CRYPTOKI_NOT_INITIALIZED:
1958
case CKR_DEVICE_ERROR:
1959
case CKR_DEVICE_MEMORY:
1960
case CKR_FUNCTION_FAILED:
1961
case CKR_GENERAL_ERROR:
1962
case CKR_HOST_MEMORY:
1963
case CKR_SESSION_HANDLE_INVALID:
1964
case CKR_SESSION_READ_ONLY:
1965
case CKR_TEMPLATE_INCOMPLETE:
1966
case CKR_TEMPLATE_INCONSISTENT:
1967
case CKR_TOKEN_WRITE_PROTECTED:
1968
case CKR_USER_NOT_LOGGED_IN:
1972
error = CKR_GENERAL_ERROR;
1980
* NSSCKFWC_CopyObject
1986
NSSCKFWInstance *fwInstance,
1987
CK_SESSION_HANDLE hSession,
1988
CK_OBJECT_HANDLE hObject,
1989
CK_ATTRIBUTE_PTR pTemplate,
1991
CK_OBJECT_HANDLE_PTR phNewObject
1994
CK_RV error = CKR_OK;
1995
NSSCKFWSession *fwSession;
1996
NSSCKFWObject *fwObject;
1997
NSSCKFWObject *fwNewObject;
1999
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2000
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2004
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2005
if( (NSSCKFWSession *)NULL == fwSession ) {
2006
error = CKR_SESSION_HANDLE_INVALID;
2010
if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
2011
error = CKR_ARGUMENTS_BAD;
2016
* A purify error here indicates caller error.
2018
*phNewObject = (CK_OBJECT_HANDLE)0;
2020
fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2021
if( (NSSCKFWObject *)NULL == fwObject ) {
2022
error = CKR_OBJECT_HANDLE_INVALID;
2026
fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
2027
pTemplate, ulCount, &error);
2028
if( (NSSCKFWObject *)NULL == fwNewObject ) {
2032
*phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
2033
fwNewObject, &error);
2034
if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
2035
nssCKFWObject_Destroy(fwNewObject);
2043
case CKR_SESSION_CLOSED:
2044
/* destroy session? */
2046
case CKR_DEVICE_REMOVED:
2047
/* (void)nssCKFWToken_Destroy(fwToken); */
2049
case CKR_ATTRIBUTE_READ_ONLY:
2050
case CKR_ATTRIBUTE_TYPE_INVALID:
2051
case CKR_ATTRIBUTE_VALUE_INVALID:
2052
case CKR_CRYPTOKI_NOT_INITIALIZED:
2053
case CKR_DEVICE_ERROR:
2054
case CKR_DEVICE_MEMORY:
2055
case CKR_FUNCTION_FAILED:
2056
case CKR_GENERAL_ERROR:
2057
case CKR_HOST_MEMORY:
2058
case CKR_OBJECT_HANDLE_INVALID:
2059
case CKR_SESSION_HANDLE_INVALID:
2060
case CKR_SESSION_READ_ONLY:
2061
case CKR_TEMPLATE_INCONSISTENT:
2062
case CKR_TOKEN_WRITE_PROTECTED:
2063
case CKR_USER_NOT_LOGGED_IN:
2067
error = CKR_GENERAL_ERROR;
2075
* NSSCKFWC_DestroyObject
2079
NSSCKFWC_DestroyObject
2081
NSSCKFWInstance *fwInstance,
2082
CK_SESSION_HANDLE hSession,
2083
CK_OBJECT_HANDLE hObject
2086
CK_RV error = CKR_OK;
2087
NSSCKFWSession *fwSession;
2088
NSSCKFWObject *fwObject;
2090
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2091
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2095
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2096
if( (NSSCKFWSession *)NULL == fwSession ) {
2097
error = CKR_SESSION_HANDLE_INVALID;
2101
fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2102
if( (NSSCKFWObject *)NULL == fwObject ) {
2103
error = CKR_OBJECT_HANDLE_INVALID;
2107
nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
2108
nssCKFWObject_Destroy(fwObject);
2114
case CKR_SESSION_CLOSED:
2115
/* destroy session? */
2117
case CKR_DEVICE_REMOVED:
2118
/* (void)nssCKFWToken_Destroy(fwToken); */
2120
case CKR_CRYPTOKI_NOT_INITIALIZED:
2121
case CKR_DEVICE_ERROR:
2122
case CKR_DEVICE_MEMORY:
2123
case CKR_FUNCTION_FAILED:
2124
case CKR_GENERAL_ERROR:
2125
case CKR_HOST_MEMORY:
2126
case CKR_OBJECT_HANDLE_INVALID:
2127
case CKR_SESSION_HANDLE_INVALID:
2128
case CKR_SESSION_READ_ONLY:
2129
case CKR_TOKEN_WRITE_PROTECTED:
2133
error = CKR_GENERAL_ERROR;
2141
* NSSCKFWC_GetObjectSize
2145
NSSCKFWC_GetObjectSize
2147
NSSCKFWInstance *fwInstance,
2148
CK_SESSION_HANDLE hSession,
2149
CK_OBJECT_HANDLE hObject,
2150
CK_ULONG_PTR pulSize
2153
CK_RV error = CKR_OK;
2154
NSSCKFWSession *fwSession;
2155
NSSCKFWObject *fwObject;
2157
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2158
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2162
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2163
if( (NSSCKFWSession *)NULL == fwSession ) {
2164
error = CKR_SESSION_HANDLE_INVALID;
2168
fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2169
if( (NSSCKFWObject *)NULL == fwObject ) {
2170
error = CKR_OBJECT_HANDLE_INVALID;
2174
if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
2175
error = CKR_ARGUMENTS_BAD;
2180
* A purify error here indicates caller error.
2182
*pulSize = (CK_ULONG)0;
2184
*pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
2185
if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
2193
case CKR_SESSION_CLOSED:
2194
/* destroy session? */
2196
case CKR_DEVICE_REMOVED:
2197
/* (void)nssCKFWToken_Destroy(fwToken); */
2199
case CKR_CRYPTOKI_NOT_INITIALIZED:
2200
case CKR_DEVICE_ERROR:
2201
case CKR_DEVICE_MEMORY:
2202
case CKR_FUNCTION_FAILED:
2203
case CKR_GENERAL_ERROR:
2204
case CKR_HOST_MEMORY:
2205
case CKR_INFORMATION_SENSITIVE:
2206
case CKR_OBJECT_HANDLE_INVALID:
2207
case CKR_SESSION_HANDLE_INVALID:
2211
error = CKR_GENERAL_ERROR;
2219
* NSSCKFWC_GetAttributeValue
2223
NSSCKFWC_GetAttributeValue
2225
NSSCKFWInstance *fwInstance,
2226
CK_SESSION_HANDLE hSession,
2227
CK_OBJECT_HANDLE hObject,
2228
CK_ATTRIBUTE_PTR pTemplate,
2232
CK_RV error = CKR_OK;
2233
NSSCKFWSession *fwSession;
2234
NSSCKFWObject *fwObject;
2235
CK_BBOOL sensitive = CK_FALSE;
2236
CK_BBOOL invalid = CK_FALSE;
2237
CK_BBOOL tooSmall = CK_FALSE;
2240
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2241
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2245
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2246
if( (NSSCKFWSession *)NULL == fwSession ) {
2247
error = CKR_SESSION_HANDLE_INVALID;
2251
fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2252
if( (NSSCKFWObject *)NULL == fwObject ) {
2253
error = CKR_OBJECT_HANDLE_INVALID;
2257
if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2258
error = CKR_ARGUMENTS_BAD;
2262
for( i = 0; i < ulCount; i++ ) {
2263
CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
2264
pTemplate[i].type, &error);
2265
if( (CK_ULONG)0 == size ) {
2267
case CKR_ATTRIBUTE_SENSITIVE:
2268
case CKR_INFORMATION_SENSITIVE:
2269
sensitive = CK_TRUE;
2270
pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2272
case CKR_ATTRIBUTE_TYPE_INVALID:
2274
pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2283
if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
2284
pTemplate[i].ulValueLen = size;
2288
if( pTemplate[i].ulValueLen < size ) {
2293
it.size = (PRUint32)pTemplate[i].ulValueLen;
2294
it.data = (void *)pTemplate[i].pValue;
2295
p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
2296
(NSSArena *)NULL, &error);
2297
if( (NSSItem *)NULL == p ) {
2299
case CKR_ATTRIBUTE_SENSITIVE:
2300
case CKR_INFORMATION_SENSITIVE:
2301
sensitive = CK_TRUE;
2302
pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2304
case CKR_ATTRIBUTE_TYPE_INVALID:
2306
pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2313
pTemplate[i].ulValueLen = size;
2318
error = CKR_ATTRIBUTE_SENSITIVE;
2320
} else if( invalid ) {
2321
error = CKR_ATTRIBUTE_TYPE_INVALID;
2323
} else if( tooSmall ) {
2324
error = CKR_BUFFER_TOO_SMALL;
2332
case CKR_SESSION_CLOSED:
2333
/* destroy session? */
2335
case CKR_DEVICE_REMOVED:
2336
/* (void)nssCKFWToken_Destroy(fwToken); */
2338
case CKR_ATTRIBUTE_SENSITIVE:
2339
case CKR_ATTRIBUTE_TYPE_INVALID:
2340
case CKR_BUFFER_TOO_SMALL:
2341
case CKR_CRYPTOKI_NOT_INITIALIZED:
2342
case CKR_DEVICE_ERROR:
2343
case CKR_DEVICE_MEMORY:
2344
case CKR_FUNCTION_FAILED:
2345
case CKR_GENERAL_ERROR:
2346
case CKR_HOST_MEMORY:
2347
case CKR_OBJECT_HANDLE_INVALID:
2348
case CKR_SESSION_HANDLE_INVALID:
2352
error = CKR_GENERAL_ERROR;
2360
* NSSCKFWC_SetAttributeValue
2364
NSSCKFWC_SetAttributeValue
2366
NSSCKFWInstance *fwInstance,
2367
CK_SESSION_HANDLE hSession,
2368
CK_OBJECT_HANDLE hObject,
2369
CK_ATTRIBUTE_PTR pTemplate,
2373
CK_RV error = CKR_OK;
2374
NSSCKFWSession *fwSession;
2375
NSSCKFWObject *fwObject;
2376
NSSCKFWObject *newFwObject;
2378
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2379
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2383
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2384
if( (NSSCKFWSession *)NULL == fwSession ) {
2385
error = CKR_SESSION_HANDLE_INVALID;
2389
fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2390
if( (NSSCKFWObject *)NULL == fwObject ) {
2391
error = CKR_OBJECT_HANDLE_INVALID;
2395
if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2396
error = CKR_ARGUMENTS_BAD;
2400
newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject, pTemplate,
2402
if( (NSSCKFWObject *)NULL == newFwObject ) {
2406
error = nssCKFWInstance_ReassignObjectHandle(fwInstance, hObject, newFwObject);
2407
nssCKFWObject_Destroy(fwObject);
2409
if( CKR_OK != error ) {
2417
case CKR_SESSION_CLOSED:
2418
/* destroy session? */
2420
case CKR_DEVICE_REMOVED:
2421
/* (void)nssCKFWToken_Destroy(fwToken); */
2423
case CKR_ATTRIBUTE_READ_ONLY:
2424
case CKR_ATTRIBUTE_TYPE_INVALID:
2425
case CKR_ATTRIBUTE_VALUE_INVALID:
2426
case CKR_CRYPTOKI_NOT_INITIALIZED:
2427
case CKR_DEVICE_ERROR:
2428
case CKR_DEVICE_MEMORY:
2429
case CKR_FUNCTION_FAILED:
2430
case CKR_GENERAL_ERROR:
2431
case CKR_HOST_MEMORY:
2432
case CKR_OBJECT_HANDLE_INVALID:
2433
case CKR_SESSION_HANDLE_INVALID:
2434
case CKR_SESSION_READ_ONLY:
2435
case CKR_TEMPLATE_INCONSISTENT:
2436
case CKR_TOKEN_WRITE_PROTECTED:
2440
error = CKR_GENERAL_ERROR;
2448
* NSSCKFWC_FindObjectsInit
2452
NSSCKFWC_FindObjectsInit
2454
NSSCKFWInstance *fwInstance,
2455
CK_SESSION_HANDLE hSession,
2456
CK_ATTRIBUTE_PTR pTemplate,
2460
CK_RV error = CKR_OK;
2461
NSSCKFWSession *fwSession;
2462
NSSCKFWFindObjects *fwFindObjects;
2464
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2465
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2469
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2470
if( (NSSCKFWSession *)NULL == fwSession ) {
2471
error = CKR_SESSION_HANDLE_INVALID;
2475
if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
2476
error = CKR_ARGUMENTS_BAD;
2480
fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2481
if( (NSSCKFWFindObjects *)NULL != fwFindObjects ) {
2482
error = CKR_OPERATION_ACTIVE;
2486
if( CKR_OPERATION_NOT_INITIALIZED != error ) {
2490
fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
2491
pTemplate, ulCount, &error);
2492
if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2496
error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
2498
if( CKR_OK != error ) {
2499
nssCKFWFindObjects_Destroy(fwFindObjects);
2507
case CKR_SESSION_CLOSED:
2508
/* destroy session? */
2510
case CKR_DEVICE_REMOVED:
2511
/* (void)nssCKFWToken_Destroy(fwToken); */
2513
case CKR_ATTRIBUTE_TYPE_INVALID:
2514
case CKR_ATTRIBUTE_VALUE_INVALID:
2515
case CKR_CRYPTOKI_NOT_INITIALIZED:
2516
case CKR_DEVICE_ERROR:
2517
case CKR_DEVICE_MEMORY:
2518
case CKR_FUNCTION_FAILED:
2519
case CKR_GENERAL_ERROR:
2520
case CKR_HOST_MEMORY:
2521
case CKR_OPERATION_ACTIVE:
2522
case CKR_SESSION_HANDLE_INVALID:
2526
error = CKR_GENERAL_ERROR;
2534
* NSSCKFWC_FindObjects
2538
NSSCKFWC_FindObjects
2540
NSSCKFWInstance *fwInstance,
2541
CK_SESSION_HANDLE hSession,
2542
CK_OBJECT_HANDLE_PTR phObject,
2543
CK_ULONG ulMaxObjectCount,
2544
CK_ULONG_PTR pulObjectCount
2547
CK_RV error = CKR_OK;
2548
NSSCKFWSession *fwSession;
2549
NSSCKFWFindObjects *fwFindObjects;
2552
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2553
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2557
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2558
if( (NSSCKFWSession *)NULL == fwSession ) {
2559
error = CKR_SESSION_HANDLE_INVALID;
2563
if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
2564
error = CKR_ARGUMENTS_BAD;
2569
* A purify error here indicates caller error.
2571
(void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
2572
*pulObjectCount = (CK_ULONG)0;
2574
fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2575
if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2579
for( i = 0; i < ulMaxObjectCount; i++ ) {
2580
NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
2582
if( (NSSCKFWObject *)NULL == fwObject ) {
2586
phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
2587
if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2588
phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
2590
if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2591
/* This isn't right either, is it? */
2592
nssCKFWObject_Destroy(fwObject);
2597
*pulObjectCount = i;
2603
case CKR_SESSION_CLOSED:
2604
/* destroy session? */
2606
case CKR_DEVICE_REMOVED:
2607
/* (void)nssCKFWToken_Destroy(fwToken); */
2609
case CKR_CRYPTOKI_NOT_INITIALIZED:
2610
case CKR_DEVICE_ERROR:
2611
case CKR_DEVICE_MEMORY:
2612
case CKR_FUNCTION_FAILED:
2613
case CKR_GENERAL_ERROR:
2614
case CKR_HOST_MEMORY:
2615
case CKR_OPERATION_NOT_INITIALIZED:
2616
case CKR_SESSION_HANDLE_INVALID:
2620
error = CKR_GENERAL_ERROR;
2628
* NSSCKFWC_FindObjectsFinal
2632
NSSCKFWC_FindObjectsFinal
2634
NSSCKFWInstance *fwInstance,
2635
CK_SESSION_HANDLE hSession
2638
CK_RV error = CKR_OK;
2639
NSSCKFWSession *fwSession;
2640
NSSCKFWFindObjects *fwFindObjects;
2642
if( (NSSCKFWInstance *)NULL == fwInstance ) {
2643
error = CKR_CRYPTOKI_NOT_INITIALIZED;
2647
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2648
if( (NSSCKFWSession *)NULL == fwSession ) {
2649
error = CKR_SESSION_HANDLE_INVALID;
2653
fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2654
if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2655
error = CKR_OPERATION_NOT_INITIALIZED;
2659
nssCKFWFindObjects_Destroy(fwFindObjects);
2660
error = nssCKFWSession_SetFWFindObjects(fwSession, (NSSCKFWFindObjects *)NULL);
2662
if( CKR_OK != error ) {
2670
case CKR_SESSION_CLOSED:
2671
/* destroy session? */
2673
case CKR_DEVICE_REMOVED:
2674
/* (void)nssCKFWToken_Destroy(fwToken); */
2676
case CKR_CRYPTOKI_NOT_INITIALIZED:
2677
case CKR_DEVICE_ERROR:
2678
case CKR_DEVICE_MEMORY:
2679
case CKR_FUNCTION_FAILED:
2680
case CKR_GENERAL_ERROR:
2681
case CKR_HOST_MEMORY:
2682
case CKR_OPERATION_NOT_INITIALIZED:
2683
case CKR_SESSION_HANDLE_INVALID:
2687
error = CKR_GENERAL_ERROR;
2695
* NSSCKFWC_EncryptInit
2699
NSSCKFWC_EncryptInit
2701
NSSCKFWInstance *fwInstance,
2702
CK_SESSION_HANDLE hSession,
2703
CK_MECHANISM_PTR pMechanism,
2704
CK_OBJECT_HANDLE hKey
2707
return CKR_FUNCTION_FAILED;
2717
NSSCKFWInstance *fwInstance,
2718
CK_SESSION_HANDLE hSession,
2721
CK_BYTE_PTR pEncryptedData,
2722
CK_ULONG_PTR pulEncryptedDataLen
2725
return CKR_FUNCTION_FAILED;
2729
* NSSCKFWC_EncryptUpdate
2733
NSSCKFWC_EncryptUpdate
2735
NSSCKFWInstance *fwInstance,
2736
CK_SESSION_HANDLE hSession,
2739
CK_BYTE_PTR pEncryptedPart,
2740
CK_ULONG_PTR pulEncryptedPartLen
2743
return CKR_FUNCTION_FAILED;
2747
* NSSCKFWC_EncryptFinal
2751
NSSCKFWC_EncryptFinal
2753
NSSCKFWInstance *fwInstance,
2754
CK_SESSION_HANDLE hSession,
2755
CK_BYTE_PTR pLastEncryptedPart,
2756
CK_ULONG_PTR pulLastEncryptedPartLen
2759
return CKR_FUNCTION_FAILED;
2763
* NSSCKFWC_DecryptInit
2767
NSSCKFWC_DecryptInit
2769
NSSCKFWInstance *fwInstance,
2770
CK_SESSION_HANDLE hSession,
2771
CK_MECHANISM_PTR pMechanism,
2772
CK_OBJECT_HANDLE hKey
2775
return CKR_FUNCTION_FAILED;
2785
NSSCKFWInstance *fwInstance,
2786
CK_SESSION_HANDLE hSession,
2787
CK_BYTE_PTR pEncryptedData,
2788
CK_ULONG ulEncryptedDataLen,
2790
CK_ULONG_PTR pulDataLen
2793
return CKR_FUNCTION_FAILED;
2797
* NSSCKFWC_DecryptUpdate
2801
NSSCKFWC_DecryptUpdate
2803
NSSCKFWInstance *fwInstance,
2804
CK_SESSION_HANDLE hSession,
2805
CK_BYTE_PTR pEncryptedPart,
2806
CK_ULONG ulEncryptedPartLen,
2808
CK_ULONG_PTR pulPartLen
2811
return CKR_FUNCTION_FAILED;
2815
* NSSCKFWC_DecryptFinal
2819
NSSCKFWC_DecryptFinal
2821
NSSCKFWInstance *fwInstance,
2822
CK_SESSION_HANDLE hSession,
2823
CK_BYTE_PTR pLastPart,
2824
CK_ULONG_PTR pulLastPartLen
2827
return CKR_FUNCTION_FAILED;
2831
* NSSCKFWC_DigestInit
2837
NSSCKFWInstance *fwInstance,
2838
CK_SESSION_HANDLE hSession,
2839
CK_MECHANISM_PTR pMechanism
2842
return CKR_FUNCTION_FAILED;
2852
NSSCKFWInstance *fwInstance,
2853
CK_SESSION_HANDLE hSession,
2856
CK_BYTE_PTR pDigest,
2857
CK_ULONG_PTR pulDigestLen
2860
return CKR_FUNCTION_FAILED;
2864
* NSSCKFWC_DigestUpdate
2868
NSSCKFWC_DigestUpdate
2870
NSSCKFWInstance *fwInstance,
2871
CK_SESSION_HANDLE hSession,
2876
return CKR_FUNCTION_FAILED;
2880
* NSSCKFWC_DigestKey
2886
NSSCKFWInstance *fwInstance,
2887
CK_SESSION_HANDLE hSession,
2888
CK_OBJECT_HANDLE hKey
2891
return CKR_FUNCTION_FAILED;
2895
* NSSCKFWC_DigestFinal
2899
NSSCKFWC_DigestFinal
2901
NSSCKFWInstance *fwInstance,
2902
CK_SESSION_HANDLE hSession,
2903
CK_BYTE_PTR pDigest,
2904
CK_ULONG_PTR pulDigestLen
2907
return CKR_FUNCTION_FAILED;
2917
NSSCKFWInstance *fwInstance,
2918
CK_SESSION_HANDLE hSession,
2919
CK_MECHANISM_PTR pMechanism,
2920
CK_OBJECT_HANDLE hKey
2923
return CKR_FUNCTION_FAILED;
2933
NSSCKFWInstance *fwInstance,
2934
CK_SESSION_HANDLE hSession,
2937
CK_BYTE_PTR pSignature,
2938
CK_ULONG_PTR pulSignatureLen
2941
return CKR_FUNCTION_FAILED;
2945
* NSSCKFWC_SignUpdate
2951
NSSCKFWInstance *fwInstance,
2952
CK_SESSION_HANDLE hSession,
2957
return CKR_FUNCTION_FAILED;
2961
* NSSCKFWC_SignFinal
2967
NSSCKFWInstance *fwInstance,
2968
CK_SESSION_HANDLE hSession,
2969
CK_BYTE_PTR pSignature,
2970
CK_ULONG_PTR pulSignatureLen
2973
return CKR_FUNCTION_FAILED;
2977
* NSSCKFWC_SignRecoverInit
2981
NSSCKFWC_SignRecoverInit
2983
NSSCKFWInstance *fwInstance,
2984
CK_SESSION_HANDLE hSession,
2985
CK_MECHANISM_PTR pMechanism,
2986
CK_OBJECT_HANDLE hKey
2989
return CKR_FUNCTION_FAILED;
2993
* NSSCKFWC_SignRecover
2997
NSSCKFWC_SignRecover
2999
NSSCKFWInstance *fwInstance,
3000
CK_SESSION_HANDLE hSession,
3003
CK_BYTE_PTR pSignature,
3004
CK_ULONG_PTR pulSignatureLen
3007
return CKR_FUNCTION_FAILED;
3011
* NSSCKFWC_VerifyInit
3017
NSSCKFWInstance *fwInstance,
3018
CK_SESSION_HANDLE hSession,
3019
CK_MECHANISM_PTR pMechanism,
3020
CK_OBJECT_HANDLE hKey
3023
return CKR_FUNCTION_FAILED;
3033
NSSCKFWInstance *fwInstance,
3034
CK_SESSION_HANDLE hSession,
3037
CK_BYTE_PTR pSignature,
3038
CK_ULONG ulSignatureLen
3041
return CKR_FUNCTION_FAILED;
3045
* NSSCKFWC_VerifyUpdate
3049
NSSCKFWC_VerifyUpdate
3051
NSSCKFWInstance *fwInstance,
3052
CK_SESSION_HANDLE hSession,
3057
return CKR_FUNCTION_FAILED;
3061
* NSSCKFWC_VerifyFinal
3065
NSSCKFWC_VerifyFinal
3067
NSSCKFWInstance *fwInstance,
3068
CK_SESSION_HANDLE hSession,
3069
CK_BYTE_PTR pSignature,
3070
CK_ULONG ulSignatureLen
3073
return CKR_FUNCTION_FAILED;
3077
* NSSCKFWC_VerifyRecoverInit
3081
NSSCKFWC_VerifyRecoverInit
3083
NSSCKFWInstance *fwInstance,
3084
CK_SESSION_HANDLE hSession,
3085
CK_MECHANISM_PTR pMechanism,
3086
CK_OBJECT_HANDLE hKey
3089
return CKR_FUNCTION_FAILED;
3093
* NSSCKFWC_VerifyRecover
3097
NSSCKFWC_VerifyRecover
3099
NSSCKFWInstance *fwInstance,
3100
CK_SESSION_HANDLE hSession,
3101
CK_BYTE_PTR pSignature,
3102
CK_ULONG ulSignatureLen,
3104
CK_ULONG_PTR pulDataLen
3107
return CKR_FUNCTION_FAILED;
3111
* NSSCKFWC_DigestEncryptUpdate
3115
NSSCKFWC_DigestEncryptUpdate
3117
NSSCKFWInstance *fwInstance,
3118
CK_SESSION_HANDLE hSession,
3121
CK_BYTE_PTR pEncryptedPart,
3122
CK_ULONG_PTR pulEncryptedPartLen
3125
return CKR_FUNCTION_FAILED;
3129
* NSSCKFWC_DecryptDigestUpdate
3133
NSSCKFWC_DecryptDigestUpdate
3135
NSSCKFWInstance *fwInstance,
3136
CK_SESSION_HANDLE hSession,
3137
CK_BYTE_PTR pEncryptedPart,
3138
CK_ULONG ulEncryptedPartLen,
3140
CK_ULONG_PTR pulPartLen
3143
return CKR_FUNCTION_FAILED;
3147
* NSSCKFWC_SignEncryptUpdate
3151
NSSCKFWC_SignEncryptUpdate
3153
NSSCKFWInstance *fwInstance,
3154
CK_SESSION_HANDLE hSession,
3157
CK_BYTE_PTR pEncryptedPart,
3158
CK_ULONG_PTR pulEncryptedPartLen
3161
return CKR_FUNCTION_FAILED;
3165
* NSSCKFWC_DecryptVerifyUpdate
3169
NSSCKFWC_DecryptVerifyUpdate
3171
NSSCKFWInstance *fwInstance,
3172
CK_SESSION_HANDLE hSession,
3173
CK_BYTE_PTR pEncryptedPart,
3174
CK_ULONG ulEncryptedPartLen,
3176
CK_ULONG_PTR pulPartLen
3179
return CKR_FUNCTION_FAILED;
3183
* NSSCKFWC_GenerateKey
3187
NSSCKFWC_GenerateKey
3189
NSSCKFWInstance *fwInstance,
3190
CK_SESSION_HANDLE hSession,
3191
CK_MECHANISM_PTR pMechanism,
3192
CK_ATTRIBUTE_PTR pTemplate,
3194
CK_OBJECT_HANDLE_PTR phKey
3197
return CKR_FUNCTION_FAILED;
3201
* NSSCKFWC_GenerateKeyPair
3205
NSSCKFWC_GenerateKeyPair
3207
NSSCKFWInstance *fwInstance,
3208
CK_SESSION_HANDLE hSession,
3209
CK_MECHANISM_PTR pMechanism,
3210
CK_ATTRIBUTE_PTR pPublicKeyTemplate,
3211
CK_ULONG ulPublicKeyAttributeCount,
3212
CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
3213
CK_ULONG ulPrivateKeyAttributeCount,
3214
CK_OBJECT_HANDLE_PTR phPublicKey,
3215
CK_OBJECT_HANDLE_PTR phPrivateKey
3218
return CKR_FUNCTION_FAILED;
3228
NSSCKFWInstance *fwInstance,
3229
CK_SESSION_HANDLE hSession,
3230
CK_MECHANISM_PTR pMechanism,
3231
CK_OBJECT_HANDLE hWrappingKey,
3232
CK_OBJECT_HANDLE hKey,
3233
CK_BYTE_PTR pWrappedKey,
3234
CK_ULONG_PTR pulWrappedKeyLen
3237
return CKR_FUNCTION_FAILED;
3241
* NSSCKFWC_UnwrapKey
3247
NSSCKFWInstance *fwInstance,
3248
CK_SESSION_HANDLE hSession,
3249
CK_MECHANISM_PTR pMechanism,
3250
CK_OBJECT_HANDLE hUnwrappingKey,
3251
CK_BYTE_PTR pWrappedKey,
3252
CK_ULONG ulWrappedKeyLen,
3253
CK_ATTRIBUTE_PTR pTemplate,
3254
CK_ULONG ulAttributeCount,
3255
CK_OBJECT_HANDLE_PTR phKey
3258
return CKR_FUNCTION_FAILED;
3262
* NSSCKFWC_DeriveKey
3268
NSSCKFWInstance *fwInstance,
3269
CK_SESSION_HANDLE hSession,
3270
CK_MECHANISM_PTR pMechanism,
3271
CK_OBJECT_HANDLE hBaseKey,
3272
CK_ATTRIBUTE_PTR pTemplate,
3273
CK_ULONG ulAttributeCount,
3274
CK_OBJECT_HANDLE_PTR phKey
3277
return CKR_FUNCTION_FAILED;
3281
* NSSCKFWC_SeedRandom
3287
NSSCKFWInstance *fwInstance,
3288
CK_SESSION_HANDLE hSession,
3293
CK_RV error = CKR_OK;
3294
NSSCKFWSession *fwSession;
3297
if( (NSSCKFWInstance *)NULL == fwInstance ) {
3298
error = CKR_CRYPTOKI_NOT_INITIALIZED;
3302
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3303
if( (NSSCKFWSession *)NULL == fwSession ) {
3304
error = CKR_SESSION_HANDLE_INVALID;
3308
if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
3309
error = CKR_ARGUMENTS_BAD;
3313
/* We could read through the buffer in a Purify trap */
3315
seed.size = (PRUint32)ulSeedLen;
3316
seed.data = (void *)pSeed;
3318
error = nssCKFWSession_SeedRandom(fwSession, &seed);
3320
if( CKR_OK != error ) {
3328
case CKR_SESSION_CLOSED:
3329
/* destroy session? */
3331
case CKR_DEVICE_REMOVED:
3332
/* (void)nssCKFWToken_Destroy(fwToken); */
3334
case CKR_CRYPTOKI_NOT_INITIALIZED:
3335
case CKR_DEVICE_ERROR:
3336
case CKR_DEVICE_MEMORY:
3337
case CKR_FUNCTION_CANCELED:
3338
case CKR_FUNCTION_FAILED:
3339
case CKR_GENERAL_ERROR:
3340
case CKR_HOST_MEMORY:
3341
case CKR_OPERATION_ACTIVE:
3342
case CKR_RANDOM_SEED_NOT_SUPPORTED:
3343
case CKR_RANDOM_NO_RNG:
3344
case CKR_SESSION_HANDLE_INVALID:
3345
case CKR_USER_NOT_LOGGED_IN:
3349
error = CKR_GENERAL_ERROR;
3357
* NSSCKFWC_GenerateRandom
3361
NSSCKFWC_GenerateRandom
3363
NSSCKFWInstance *fwInstance,
3364
CK_SESSION_HANDLE hSession,
3365
CK_BYTE_PTR pRandomData,
3366
CK_ULONG ulRandomLen
3369
CK_RV error = CKR_OK;
3370
NSSCKFWSession *fwSession;
3373
if( (NSSCKFWInstance *)NULL == fwInstance ) {
3374
error = CKR_CRYPTOKI_NOT_INITIALIZED;
3378
fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3379
if( (NSSCKFWSession *)NULL == fwSession ) {
3380
error = CKR_SESSION_HANDLE_INVALID;
3384
if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
3385
error = CKR_ARGUMENTS_BAD;
3390
* A purify error here indicates caller error.
3392
(void)nsslibc_memset(pRandomData, 0, ulRandomLen);
3394
buffer.size = (PRUint32)ulRandomLen;
3395
buffer.data = (void *)pRandomData;
3397
error = nssCKFWSession_GetRandom(fwSession, &buffer);
3399
if( CKR_OK != error ) {
3407
case CKR_SESSION_CLOSED:
3408
/* destroy session? */
3410
case CKR_DEVICE_REMOVED:
3411
/* (void)nssCKFWToken_Destroy(fwToken); */
3413
case CKR_CRYPTOKI_NOT_INITIALIZED:
3414
case CKR_DEVICE_ERROR:
3415
case CKR_DEVICE_MEMORY:
3416
case CKR_FUNCTION_CANCELED:
3417
case CKR_FUNCTION_FAILED:
3418
case CKR_GENERAL_ERROR:
3419
case CKR_HOST_MEMORY:
3420
case CKR_OPERATION_ACTIVE:
3421
case CKR_RANDOM_NO_RNG:
3422
case CKR_SESSION_HANDLE_INVALID:
3423
case CKR_USER_NOT_LOGGED_IN:
3427
error = CKR_GENERAL_ERROR;
3435
* NSSCKFWC_GetFunctionStatus
3439
NSSCKFWC_GetFunctionStatus
3441
NSSCKFWInstance *fwInstance,
3442
CK_SESSION_HANDLE hSession
3445
return CKR_FUNCTION_NOT_PARALLEL;
3449
* NSSCKFWC_CancelFunction
3453
NSSCKFWC_CancelFunction
3455
NSSCKFWInstance *fwInstance,
3456
CK_SESSION_HANDLE hSession
3459
return CKR_FUNCTION_NOT_PARALLEL;