search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 449533. Set the mFixedPitch flag within SetFixedPitch. r+sr=vlad
[wine-gecko.git] / security / nss / lib / ckfw / wrap.c
blob3b4c71ec6adcadda60d98d5f82a52550f9f4c2c0
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
34 *
35 * ***** END LICENSE BLOCK ***** */
36
37 #ifdef DEBUG
38 static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.16 $ $Date: 2008/02/25 20:35:23 $";
39 #endif /* DEBUG */
40
41 /*
42 * wrap.c
43 *
44 * This file contains the routines that actually implement the cryptoki
45 * API, using the internal APIs of the NSS Cryptoki Framework. There is
46 * one routine here for every cryptoki routine. For linking reasons
47 * the actual entry points passed back with C_GetFunctionList have to
48 * exist in one of the Module's source files; however, those are merely
49 * simple wrappers that call these routines. The intelligence of the
50 * implementations is here.
51 */
52
53 #ifndef CK_T
54 #include "ck.h"
55 #endif /* CK_T */
56
57 /*
58 * NSSCKFWC_Initialize
59 * NSSCKFWC_Finalize
60 * NSSCKFWC_GetInfo
61 * -- NSSCKFWC_GetFunctionList -- see the API insert file
62 * NSSCKFWC_GetSlotList
63 * NSSCKFWC_GetSlotInfo
64 * NSSCKFWC_GetTokenInfo
65 * NSSCKFWC_WaitForSlotEvent
66 * NSSCKFWC_GetMechanismList
67 * NSSCKFWC_GetMechanismInfo
68 * NSSCKFWC_InitToken
69 * NSSCKFWC_InitPIN
70 * NSSCKFWC_SetPIN
71 * NSSCKFWC_OpenSession
72 * NSSCKFWC_CloseSession
73 * NSSCKFWC_CloseAllSessions
74 * NSSCKFWC_GetSessionInfo
75 * NSSCKFWC_GetOperationState
76 * NSSCKFWC_SetOperationState
77 * NSSCKFWC_Login
78 * NSSCKFWC_Logout
79 * NSSCKFWC_CreateObject
80 * NSSCKFWC_CopyObject
81 * NSSCKFWC_DestroyObject
82 * NSSCKFWC_GetObjectSize
83 * NSSCKFWC_GetAttributeValue
84 * NSSCKFWC_SetAttributeValue
85 * NSSCKFWC_FindObjectsInit
86 * NSSCKFWC_FindObjects
87 * NSSCKFWC_FindObjectsFinal
88 * NSSCKFWC_EncryptInit
89 * NSSCKFWC_Encrypt
90 * NSSCKFWC_EncryptUpdate
91 * NSSCKFWC_EncryptFinal
92 * NSSCKFWC_DecryptInit
93 * NSSCKFWC_Decrypt
94 * NSSCKFWC_DecryptUpdate
95 * NSSCKFWC_DecryptFinal
96 * NSSCKFWC_DigestInit
97 * NSSCKFWC_Digest
98 * NSSCKFWC_DigestUpdate
99 * NSSCKFWC_DigestKey
100 * NSSCKFWC_DigestFinal
101 * NSSCKFWC_SignInit
102 * NSSCKFWC_Sign
103 * NSSCKFWC_SignUpdate
104 * NSSCKFWC_SignFinal
105 * NSSCKFWC_SignRecoverInit
106 * NSSCKFWC_SignRecover
107 * NSSCKFWC_VerifyInit
108 * NSSCKFWC_Verify
109 * NSSCKFWC_VerifyUpdate
110 * NSSCKFWC_VerifyFinal
111 * NSSCKFWC_VerifyRecoverInit
112 * NSSCKFWC_VerifyRecover
113 * NSSCKFWC_DigestEncryptUpdate
114 * NSSCKFWC_DecryptDigestUpdate
115 * NSSCKFWC_SignEncryptUpdate
116 * NSSCKFWC_DecryptVerifyUpdate
117 * NSSCKFWC_GenerateKey
118 * NSSCKFWC_GenerateKeyPair
119 * NSSCKFWC_WrapKey
120 * NSSCKFWC_UnwrapKey
121 * NSSCKFWC_DeriveKey
122 * NSSCKFWC_SeedRandom
123 * NSSCKFWC_GenerateRandom
124 * NSSCKFWC_GetFunctionStatus
125 * NSSCKFWC_CancelFunction
126 */
127
128 /* figure out out locking semantics */
129 static CK_RV
130 nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
131 CryptokiLockingState *pLocking_state) {
132 int functionCount = 0;
133
134 /* parsed according to (PKCS #11 Section 11.4) */
135 /* no args, the degenerate version of case 1 */
136 if (!pInitArgs) {
137 *pLocking_state = SingleThreaded;
138 return CKR_OK;
139 }
140
141 /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
142 if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
143 *pLocking_state = MultiThreaded;
144 return CKR_OK;
145 }
146 if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
147 if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
148 if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
149 if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
150
151 /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
152 * explicit case 1 */
153 if (0 == functionCount) {
154 *pLocking_state = SingleThreaded;
155 return CKR_OK;
156 }
157
158 /* OS_LOCKING_OK is not set and functions have been supplied. Since
159 * ckfw uses nssbase library which explicitly calls NSPR, and since
160 * there is no way to reliably override these explicit calls to NSPR,
161 * therefore we can't support applications which have their own threading
162 * module. Return CKR_CANT_LOCK if they supplied the correct number of
163 * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
164 * fail the initialize */
165 return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
166 }
167
168 static PRInt32 liveInstances;
169
170 /*
171 * NSSCKFWC_Initialize
172 *
173 */
174 NSS_IMPLEMENT CK_RV
175 NSSCKFWC_Initialize
176 (
177 NSSCKFWInstance **pFwInstance,
178 NSSCKMDInstance *mdInstance,
179 CK_VOID_PTR pInitArgs
180 )
181 {
182 CK_RV error = CKR_OK;
183 CryptokiLockingState locking_state;
184
185 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
186 error = CKR_GENERAL_ERROR;
187 goto loser;
188 }
189
190 if( (NSSCKFWInstance *)NULL != *pFwInstance ) {
191 error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
192 goto loser;
193 }
194
195 if( (NSSCKMDInstance *)NULL == mdInstance ) {
196 error = CKR_GENERAL_ERROR;
197 goto loser;
198 }
199
200 error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
201 if( CKR_OK != error ) {
202 goto loser;
203 }
204
205 *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
206 if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
207 goto loser;
208 }
209 PR_AtomicIncrement(&liveInstances);
210 return CKR_OK;
211
212 loser:
213 switch( error ) {
214 case CKR_ARGUMENTS_BAD:
215 case CKR_CANT_LOCK:
216 case CKR_CRYPTOKI_ALREADY_INITIALIZED:
217 case CKR_FUNCTION_FAILED:
218 case CKR_GENERAL_ERROR:
219 case CKR_HOST_MEMORY:
220 case CKR_NEED_TO_CREATE_THREADS:
221 break;
222 default:
223 case CKR_OK:
224 error = CKR_GENERAL_ERROR;
225 break;
226 }
227
228 return error;
229 }
230
231 /*
232 * NSSCKFWC_Finalize
233 *
234 */
235 NSS_IMPLEMENT CK_RV
236 NSSCKFWC_Finalize
237 (
238 NSSCKFWInstance **pFwInstance
239 )
240 {
241 CK_RV error = CKR_OK;
242
243 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
244 error = CKR_GENERAL_ERROR;
245 goto loser;
246 }
247
248 if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
249 error = CKR_CRYPTOKI_NOT_INITIALIZED;
250 goto loser;
251 }
252
253 error = nssCKFWInstance_Destroy(*pFwInstance);
254
255 /* In any case */
256 *pFwInstance = (NSSCKFWInstance *)NULL;
257
258 loser:
259 switch( error ) {
260 PRInt32 remainingInstances;
261 case CKR_OK:
262 remainingInstances = PR_AtomicDecrement(&liveInstances);
263 if (!remainingInstances) {
264 nssArena_Shutdown();
265 }
266 break;
267 case CKR_CRYPTOKI_NOT_INITIALIZED:
268 case CKR_FUNCTION_FAILED:
269 case CKR_GENERAL_ERROR:
270 case CKR_HOST_MEMORY:
271 break;
272 default:
273 error = CKR_GENERAL_ERROR;
274 break;
275 }
276
277 return error;
278 }
279
280 /*
281 * NSSCKFWC_GetInfo
282 *
283 */
284 NSS_IMPLEMENT CK_RV
285 NSSCKFWC_GetInfo
286 (
287 NSSCKFWInstance *fwInstance,
288 CK_INFO_PTR pInfo
289 )
290 {
291 CK_RV error = CKR_OK;
292
293 if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
294 error = CKR_ARGUMENTS_BAD;
295 goto loser;
296 }
297
298 /*
299 * A purify error here means a caller error
300 */
301 (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
302
303 pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
304
305 error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
306 if( CKR_OK != error ) {
307 goto loser;
308 }
309
310 pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
311
312 error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
313 if( CKR_OK != error ) {
314 goto loser;
315 }
316
317 pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
318
319 return CKR_OK;
320
321 loser:
322 switch( error ) {
323 case CKR_CRYPTOKI_NOT_INITIALIZED:
324 case CKR_FUNCTION_FAILED:
325 case CKR_GENERAL_ERROR:
326 case CKR_HOST_MEMORY:
327 break;
328 default:
329 error = CKR_GENERAL_ERROR;
330 break;
331 }
332
333 return error;
334 }
335
336 /*
337 * C_GetFunctionList is implemented entirely in the Module's file which
338 * includes the Framework API insert file. It requires no "actual"
339 * NSSCKFW routine.
340 */
341
342 /*
343 * NSSCKFWC_GetSlotList
344 *
345 */
346 NSS_IMPLEMENT CK_RV
347 NSSCKFWC_GetSlotList
348 (
349 NSSCKFWInstance *fwInstance,
350 CK_BBOOL tokenPresent,
351 CK_SLOT_ID_PTR pSlotList,
352 CK_ULONG_PTR pulCount
353 )
354 {
355 CK_RV error = CKR_OK;
356 CK_ULONG nSlots;
357
358 if( (NSSCKFWInstance *)NULL == fwInstance ) {
359 error = CKR_CRYPTOKI_NOT_INITIALIZED;
360 goto loser;
361 }
362
363 switch( tokenPresent ) {
364 case CK_TRUE:
365 case CK_FALSE:
366 break;
367 default:
368 error = CKR_ARGUMENTS_BAD;
369 goto loser;
370 }
371
372 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
373 error = CKR_ARGUMENTS_BAD;
374 goto loser;
375 }
376
377 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
378 if( (CK_ULONG)0 == nSlots ) {
379 goto loser;
380 }
381
382 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
383 *pulCount = nSlots;
384 return CKR_OK;
385 }
386
387 /*
388 * A purify error here indicates caller error.
389 */
390 (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
391
392 if( *pulCount < nSlots ) {
393 *pulCount = nSlots;
394 error = CKR_BUFFER_TOO_SMALL;
395 goto loser;
396 } else {
397 CK_ULONG i;
398 *pulCount = nSlots;
399
400 /*
401 * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
402 * just index one when we need it.
403 */
404
405 for( i = 0; i < nSlots; i++ ) {
406 pSlotList[i] = i+1;
407 }
408
409 return CKR_OK;
410 }
411
412 loser:
413 switch( error ) {
414 case CKR_BUFFER_TOO_SMALL:
415 case CKR_CRYPTOKI_NOT_INITIALIZED:
416 case CKR_FUNCTION_FAILED:
417 case CKR_GENERAL_ERROR:
418 case CKR_HOST_MEMORY:
419 break;
420 default:
421 case CKR_OK:
422 error = CKR_GENERAL_ERROR;
423 break;
424 }
425
426 return error;
427 }
428
429 /*
430 * NSSCKFWC_GetSlotInfo
431 *
432 */
433 NSS_IMPLEMENT CK_RV
434 NSSCKFWC_GetSlotInfo
435 (
436 NSSCKFWInstance *fwInstance,
437 CK_SLOT_ID slotID,
438 CK_SLOT_INFO_PTR pInfo
439 )
440 {
441 CK_RV error = CKR_OK;
442 CK_ULONG nSlots;
443 NSSCKFWSlot **slots;
444 NSSCKFWSlot *fwSlot;
445
446 if( (NSSCKFWInstance *)NULL == fwInstance ) {
447 error = CKR_CRYPTOKI_NOT_INITIALIZED;
448 goto loser;
449 }
450
451 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
452 if( (CK_ULONG)0 == nSlots ) {
453 goto loser;
454 }
455
456 if( (slotID < 1) || (slotID > nSlots) ) {
457 error = CKR_SLOT_ID_INVALID;
458 goto loser;
459 }
460
461 if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
462 error = CKR_ARGUMENTS_BAD;
463 goto loser;
464 }
465
466 /*
467 * A purify error here indicates caller error.
468 */
469 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
470
471 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
472 if( (NSSCKFWSlot **)NULL == slots ) {
473 goto loser;
474 }
475
476 fwSlot = slots[ slotID-1 ];
477
478 error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
479 if( CKR_OK != error ) {
480 goto loser;
481 }
482
483 error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
484 if( CKR_OK != error ) {
485 goto loser;
486 }
487
488 if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
489 pInfo->flags |= CKF_TOKEN_PRESENT;
490 }
491
492 if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
493 pInfo->flags |= CKF_REMOVABLE_DEVICE;
494 }
495
496 if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
497 pInfo->flags |= CKF_HW_SLOT;
498 }
499
500 pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
501 pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
502
503 return CKR_OK;
504
505 loser:
506 switch( error ) {
507 case CKR_CRYPTOKI_NOT_INITIALIZED:
508 case CKR_DEVICE_ERROR:
509 case CKR_FUNCTION_FAILED:
510 case CKR_GENERAL_ERROR:
511 case CKR_HOST_MEMORY:
512 case CKR_SLOT_ID_INVALID:
513 break;
514 default:
515 case CKR_OK:
516 error = CKR_GENERAL_ERROR;
517 }
518
519 return error;
520 }
521
522 /*
523 * NSSCKFWC_GetTokenInfo
524 *
525 */
526 NSS_IMPLEMENT CK_RV
527 NSSCKFWC_GetTokenInfo
528 (
529 NSSCKFWInstance *fwInstance,
530 CK_SLOT_ID slotID,
531 CK_TOKEN_INFO_PTR pInfo
532 )
533 {
534 CK_RV error = CKR_OK;
535 CK_ULONG nSlots;
536 NSSCKFWSlot **slots;
537 NSSCKFWSlot *fwSlot;
538 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
539
540 if( (NSSCKFWInstance *)NULL == fwInstance ) {
541 error = CKR_CRYPTOKI_NOT_INITIALIZED;
542 goto loser;
543 }
544
545 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
546 if( (CK_ULONG)0 == nSlots ) {
547 goto loser;
548 }
549
550 if( (slotID < 1) || (slotID > nSlots) ) {
551 error = CKR_SLOT_ID_INVALID;
552 goto loser;
553 }
554
555 if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
556 error = CKR_ARGUMENTS_BAD;
557 goto loser;
558 }
559
560 /*
561 * A purify error here indicates caller error.
562 */
563 (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
564
565 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
566 if( (NSSCKFWSlot **)NULL == slots ) {
567 goto loser;
568 }
569
570 fwSlot = slots[ slotID-1 ];
571
572 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
573 error = CKR_TOKEN_NOT_PRESENT;
574 goto loser;
575 }
576
577 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
578 if( (NSSCKFWToken *)NULL == fwToken ) {
579 goto loser;
580 }
581
582 error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
583 if( CKR_OK != error ) {
584 goto loser;
585 }
586
587 error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
588 if( CKR_OK != error ) {
589 goto loser;
590 }
591
592 error = nssCKFWToken_GetModel(fwToken, pInfo->model);
593 if( CKR_OK != error ) {
594 goto loser;
595 }
596
597 error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
598 if( CKR_OK != error ) {
599 goto loser;
600 }
601
602 if( nssCKFWToken_GetHasRNG(fwToken) ) {
603 pInfo->flags |= CKF_RNG;
604 }
605
606 if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
607 pInfo->flags |= CKF_WRITE_PROTECTED;
608 }
609
610 if( nssCKFWToken_GetLoginRequired(fwToken) ) {
611 pInfo->flags |= CKF_LOGIN_REQUIRED;
612 }
613
614 if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
615 pInfo->flags |= CKF_USER_PIN_INITIALIZED;
616 }
617
618 if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
619 pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
620 }
621
622 if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
623 pInfo->flags |= CKF_CLOCK_ON_TOKEN;
624 }
625
626 if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
627 pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
628 }
629
630 if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
631 pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
632 }
633
634 pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
635 pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
636 pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
637 pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
638 pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
639 pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
640 pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
641 pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
642 pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
643 pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
644 pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
645 pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
646
647 error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
648 if( CKR_OK != error ) {
649 goto loser;
650 }
651
652 return CKR_OK;
653
654 loser:
655 switch( error ) {
656 case CKR_DEVICE_REMOVED:
657 case CKR_TOKEN_NOT_PRESENT:
658 if (fwToken)
659 nssCKFWToken_Destroy(fwToken);
660 break;
661 case CKR_CRYPTOKI_NOT_INITIALIZED:
662 case CKR_DEVICE_ERROR:
663 case CKR_DEVICE_MEMORY:
664 case CKR_FUNCTION_FAILED:
665 case CKR_GENERAL_ERROR:
666 case CKR_HOST_MEMORY:
667 case CKR_SLOT_ID_INVALID:
668 case CKR_TOKEN_NOT_RECOGNIZED:
669 break;
670 default:
671 case CKR_OK:
672 error = CKR_GENERAL_ERROR;
673 break;
674 }
675
676 return error;
677 }
678
679 /*
680 * NSSCKFWC_WaitForSlotEvent
681 *
682 */
683 NSS_IMPLEMENT CK_RV
684 NSSCKFWC_WaitForSlotEvent
685 (
686 NSSCKFWInstance *fwInstance,
687 CK_FLAGS flags,
688 CK_SLOT_ID_PTR pSlot,
689 CK_VOID_PTR pReserved
690 )
691 {
692 CK_RV error = CKR_OK;
693 CK_ULONG nSlots;
694 CK_BBOOL block;
695 NSSCKFWSlot **slots;
696 NSSCKFWSlot *fwSlot;
697 CK_ULONG i;
698
699 if( (NSSCKFWInstance *)NULL == fwInstance ) {
700 error = CKR_CRYPTOKI_NOT_INITIALIZED;
701 goto loser;
702 }
703
704 if( flags & ~CKF_DONT_BLOCK ) {
705 error = CKR_ARGUMENTS_BAD;
706 goto loser;
707 }
708
709 block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
710
711 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
712 if( (CK_ULONG)0 == nSlots ) {
713 goto loser;
714 }
715
716 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
717 error = CKR_ARGUMENTS_BAD;
718 goto loser;
719 }
720
721 if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
722 error = CKR_ARGUMENTS_BAD;
723 goto loser;
724 }
725
726 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
727 if( (NSSCKFWSlot **)NULL == slots ) {
728 goto loser;
729 }
730
731 fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
732 if( (NSSCKFWSlot *)NULL == fwSlot ) {
733 goto loser;
734 }
735
736 for( i = 0; i < nSlots; i++ ) {
737 if( fwSlot == slots[i] ) {
738 *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
739 return CKR_OK;
740 }
741 }
742
743 error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
744
745 loser:
746 switch( error ) {
747 case CKR_CRYPTOKI_NOT_INITIALIZED:
748 case CKR_FUNCTION_FAILED:
749 case CKR_GENERAL_ERROR:
750 case CKR_HOST_MEMORY:
751 case CKR_NO_EVENT:
752 break;
753 default:
754 case CKR_OK:
755 error = CKR_GENERAL_ERROR;
756 break;
757 }
758
759 return error;
760 }
761
762 /*
763 * NSSCKFWC_GetMechanismList
764 *
765 */
766 NSS_IMPLEMENT CK_RV
767 NSSCKFWC_GetMechanismList
768 (
769 NSSCKFWInstance *fwInstance,
770 CK_SLOT_ID slotID,
771 CK_MECHANISM_TYPE_PTR pMechanismList,
772 CK_ULONG_PTR pulCount
773 )
774 {
775 CK_RV error = CKR_OK;
776 CK_ULONG nSlots;
777 NSSCKFWSlot **slots;
778 NSSCKFWSlot *fwSlot;
779 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
780 CK_ULONG count;
781
782 if( (NSSCKFWInstance *)NULL == fwInstance ) {
783 error = CKR_CRYPTOKI_NOT_INITIALIZED;
784 goto loser;
785 }
786
787 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
788 if( (CK_ULONG)0 == nSlots ) {
789 goto loser;
790 }
791
792 if( (slotID < 1) || (slotID > nSlots) ) {
793 error = CKR_SLOT_ID_INVALID;
794 goto loser;
795 }
796
797 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
798 error = CKR_ARGUMENTS_BAD;
799 goto loser;
800 }
801
802 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
803 if( (NSSCKFWSlot **)NULL == slots ) {
804 goto loser;
805 }
806
807 fwSlot = slots[ slotID-1 ];
808
809 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
810 error = CKR_TOKEN_NOT_PRESENT;
811 goto loser;
812 }
813
814 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
815 if( (NSSCKFWToken *)NULL == fwToken ) {
816 goto loser;
817 }
818
819 count = nssCKFWToken_GetMechanismCount(fwToken);
820
821 if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
822 *pulCount = count;
823 return CKR_OK;
824 }
825
826 if( *pulCount < count ) {
827 *pulCount = count;
828 error = CKR_BUFFER_TOO_SMALL;
829 goto loser;
830 }
831
832 /*
833 * A purify error here indicates caller error.
834 */
835 (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
836
837 *pulCount = count;
838
839 if( 0 != count ) {
840 error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
841 } else {
842 error = CKR_OK;
843 }
844
845 if( CKR_OK == error ) {
846 return CKR_OK;
847 }
848
849 loser:
850 switch( error ) {
851 case CKR_DEVICE_REMOVED:
852 case CKR_TOKEN_NOT_PRESENT:
853 if (fwToken)
854 nssCKFWToken_Destroy(fwToken);
855 break;
856 case CKR_ARGUMENTS_BAD:
857 case CKR_BUFFER_TOO_SMALL:
858 case CKR_CRYPTOKI_NOT_INITIALIZED:
859 case CKR_DEVICE_ERROR:
860 case CKR_DEVICE_MEMORY:
861 case CKR_FUNCTION_FAILED:
862 case CKR_GENERAL_ERROR:
863 case CKR_HOST_MEMORY:
864 case CKR_SLOT_ID_INVALID:
865 case CKR_TOKEN_NOT_RECOGNIZED:
866 break;
867 default:
868 case CKR_OK:
869 error = CKR_GENERAL_ERROR;
870 break;
871 }
872
873 return error;
874 }
875
876 /*
877 * NSSCKFWC_GetMechanismInfo
878 *
879 */
880 NSS_IMPLEMENT CK_RV
881 NSSCKFWC_GetMechanismInfo
882 (
883 NSSCKFWInstance *fwInstance,
884 CK_SLOT_ID slotID,
885 CK_MECHANISM_TYPE type,
886 CK_MECHANISM_INFO_PTR pInfo
887 )
888 {
889 CK_RV error = CKR_OK;
890 CK_ULONG nSlots;
891 NSSCKFWSlot **slots;
892 NSSCKFWSlot *fwSlot;
893 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
894 NSSCKFWMechanism *fwMechanism;
895
896 if( (NSSCKFWInstance *)NULL == fwInstance ) {
897 error = CKR_CRYPTOKI_NOT_INITIALIZED;
898 goto loser;
899 }
900
901 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
902 if( (CK_ULONG)0 == nSlots ) {
903 goto loser;
904 }
905
906 if( (slotID < 1) || (slotID > nSlots) ) {
907 error = CKR_SLOT_ID_INVALID;
908 goto loser;
909 }
910
911 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
912 if( (NSSCKFWSlot **)NULL == slots ) {
913 goto loser;
914 }
915
916 fwSlot = slots[ slotID-1 ];
917
918 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
919 error = CKR_TOKEN_NOT_PRESENT;
920 goto loser;
921 }
922
923 if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
924 error = CKR_ARGUMENTS_BAD;
925 goto loser;
926 }
927
928 /*
929 * A purify error here indicates caller error.
930 */
931 (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
932
933 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
934 if( (NSSCKFWToken *)NULL == fwToken ) {
935 goto loser;
936 }
937
938 fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
939 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
940 goto loser;
941 }
942
943 pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
944 pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
945
946 if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
947 pInfo->flags |= CKF_HW;
948 }
949 if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
950 pInfo->flags |= CKF_ENCRYPT;
951 }
952 if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
953 pInfo->flags |= CKF_DECRYPT;
954 }
955 if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
956 pInfo->flags |= CKF_DIGEST;
957 }
958 if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
959 pInfo->flags |= CKF_SIGN;
960 }
961 if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
962 pInfo->flags |= CKF_SIGN_RECOVER;
963 }
964 if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
965 pInfo->flags |= CKF_VERIFY;
966 }
967 if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
968 pInfo->flags |= CKF_VERIFY_RECOVER;
969 }
970 if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
971 pInfo->flags |= CKF_GENERATE;
972 }
973 if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
974 pInfo->flags |= CKF_GENERATE_KEY_PAIR;
975 }
976 if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
977 pInfo->flags |= CKF_WRAP;
978 }
979 if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
980 pInfo->flags |= CKF_UNWRAP;
981 }
982 if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
983 pInfo->flags |= CKF_DERIVE;
984 }
985 nssCKFWMechanism_Destroy(fwMechanism);
986
987 return error;
988
989 loser:
990 switch( error ) {
991 case CKR_DEVICE_REMOVED:
992 case CKR_TOKEN_NOT_PRESENT:
993 if (fwToken)
994 nssCKFWToken_Destroy(fwToken);
995 break;
996 case CKR_ARGUMENTS_BAD:
997 case CKR_CRYPTOKI_NOT_INITIALIZED:
998 case CKR_DEVICE_ERROR:
999 case CKR_DEVICE_MEMORY:
1000 case CKR_FUNCTION_FAILED:
1001 case CKR_GENERAL_ERROR:
1002 case CKR_HOST_MEMORY:
1003 case CKR_MECHANISM_INVALID:
1004 case CKR_SLOT_ID_INVALID:
1005 case CKR_TOKEN_NOT_RECOGNIZED:
1006 break;
1007 default:
1008 case CKR_OK:
1009 error = CKR_GENERAL_ERROR;
1010 break;
1011 }
1012
1013 return error;
1014 }
1015
1016 /*
1017 * NSSCKFWC_InitToken
1018 *
1019 */
1020 NSS_IMPLEMENT CK_RV
1021 NSSCKFWC_InitToken
1022 (
1023 NSSCKFWInstance *fwInstance,
1024 CK_SLOT_ID slotID,
1025 CK_CHAR_PTR pPin,
1026 CK_ULONG ulPinLen,
1027 CK_CHAR_PTR pLabel
1028 )
1029 {
1030 CK_RV error = CKR_OK;
1031 CK_ULONG nSlots;
1032 NSSCKFWSlot **slots;
1033 NSSCKFWSlot *fwSlot;
1034 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1035 NSSItem pin;
1036 NSSUTF8 *label;
1037
1038 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1039 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1040 goto loser;
1041 }
1042
1043 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1044 if( (CK_ULONG)0 == nSlots ) {
1045 goto loser;
1046 }
1047
1048 if( (slotID < 1) || (slotID > nSlots) ) {
1049 error = CKR_SLOT_ID_INVALID;
1050 goto loser;
1051 }
1052
1053 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1054 if( (NSSCKFWSlot **)NULL == slots ) {
1055 goto loser;
1056 }
1057
1058 fwSlot = slots[ slotID-1 ];
1059
1060 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1061 error = CKR_TOKEN_NOT_PRESENT;
1062 goto loser;
1063 }
1064
1065 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1066 if( (NSSCKFWToken *)NULL == fwToken ) {
1067 goto loser;
1068 }
1069
1070 pin.size = (PRUint32)ulPinLen;
1071 pin.data = (void *)pPin;
1072 label = (NSSUTF8 *)pLabel; /* identity conversion */
1073
1074 error = nssCKFWToken_InitToken(fwToken, &pin, label);
1075 if( CKR_OK != error ) {
1076 goto loser;
1077 }
1078
1079 return CKR_OK;
1080
1081 loser:
1082 switch( error ) {
1083 case CKR_DEVICE_REMOVED:
1084 case CKR_TOKEN_NOT_PRESENT:
1085 if (fwToken)
1086 nssCKFWToken_Destroy(fwToken);
1087 break;
1088 case CKR_ARGUMENTS_BAD:
1089 case CKR_CRYPTOKI_NOT_INITIALIZED:
1090 case CKR_DEVICE_ERROR:
1091 case CKR_DEVICE_MEMORY:
1092 case CKR_FUNCTION_FAILED:
1093 case CKR_GENERAL_ERROR:
1094 case CKR_HOST_MEMORY:
1095 case CKR_PIN_INCORRECT:
1096 case CKR_PIN_LOCKED:
1097 case CKR_SESSION_EXISTS:
1098 case CKR_SLOT_ID_INVALID:
1099 case CKR_TOKEN_NOT_RECOGNIZED:
1100 case CKR_TOKEN_WRITE_PROTECTED:
1101 break;
1102 default:
1103 case CKR_OK:
1104 error = CKR_GENERAL_ERROR;
1105 break;
1106 }
1107
1108 return error;
1109 }
1110
1111 /*
1112 * NSSCKFWC_InitPIN
1113 *
1114 */
1115 NSS_IMPLEMENT CK_RV
1116 NSSCKFWC_InitPIN
1117 (
1118 NSSCKFWInstance *fwInstance,
1119 CK_SESSION_HANDLE hSession,
1120 CK_CHAR_PTR pPin,
1121 CK_ULONG ulPinLen
1122 )
1123 {
1124 CK_RV error = CKR_OK;
1125 NSSCKFWSession *fwSession;
1126 NSSItem pin, *arg;
1127
1128 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1129 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1130 goto loser;
1131 }
1132
1133 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1134 if( (NSSCKFWSession *)NULL == fwSession ) {
1135 error = CKR_SESSION_HANDLE_INVALID;
1136 goto loser;
1137 }
1138
1139 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1140 arg = (NSSItem *)NULL;
1141 } else {
1142 arg = &pin;
1143 pin.size = (PRUint32)ulPinLen;
1144 pin.data = (void *)pPin;
1145 }
1146
1147 error = nssCKFWSession_InitPIN(fwSession, arg);
1148 if( CKR_OK != error ) {
1149 goto loser;
1150 }
1151
1152 return CKR_OK;
1153
1154 loser:
1155 switch( error ) {
1156 case CKR_SESSION_CLOSED:
1157 /* destroy session? */
1158 break;
1159 case CKR_DEVICE_REMOVED:
1160 /* (void)nssCKFWToken_Destroy(fwToken); */
1161 break;
1162 case CKR_ARGUMENTS_BAD:
1163 case CKR_CRYPTOKI_NOT_INITIALIZED:
1164 case CKR_DEVICE_ERROR:
1165 case CKR_DEVICE_MEMORY:
1166 case CKR_FUNCTION_FAILED:
1167 case CKR_GENERAL_ERROR:
1168 case CKR_HOST_MEMORY:
1169 case CKR_PIN_INVALID:
1170 case CKR_PIN_LEN_RANGE:
1171 case CKR_SESSION_READ_ONLY:
1172 case CKR_SESSION_HANDLE_INVALID:
1173 case CKR_TOKEN_WRITE_PROTECTED:
1174 case CKR_USER_NOT_LOGGED_IN:
1175 break;
1176 default:
1177 case CKR_OK:
1178 error = CKR_GENERAL_ERROR;
1179 break;
1180 }
1181
1182 return error;
1183 }
1184
1185 /*
1186 * NSSCKFWC_SetPIN
1187 *
1188 */
1189 NSS_IMPLEMENT CK_RV
1190 NSSCKFWC_SetPIN
1191 (
1192 NSSCKFWInstance *fwInstance,
1193 CK_SESSION_HANDLE hSession,
1194 CK_CHAR_PTR pOldPin,
1195 CK_ULONG ulOldLen,
1196 CK_CHAR_PTR pNewPin,
1197 CK_ULONG ulNewLen
1198 )
1199 {
1200 CK_RV error = CKR_OK;
1201 NSSCKFWSession *fwSession;
1202 NSSItem oldPin, newPin, *oldArg, *newArg;
1203
1204 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1205 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1206 goto loser;
1207 }
1208
1209 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1210 if( (NSSCKFWSession *)NULL == fwSession ) {
1211 error = CKR_SESSION_HANDLE_INVALID;
1212 goto loser;
1213 }
1214
1215 if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1216 oldArg = (NSSItem *)NULL;
1217 } else {
1218 oldArg = &oldPin;
1219 oldPin.size = (PRUint32)ulOldLen;
1220 oldPin.data = (void *)pOldPin;
1221 }
1222
1223 if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1224 newArg = (NSSItem *)NULL;
1225 } else {
1226 newArg = &newPin;
1227 newPin.size = (PRUint32)ulNewLen;
1228 newPin.data = (void *)pNewPin;
1229 }
1230
1231 error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1232 if( CKR_OK != error ) {
1233 goto loser;
1234 }
1235
1236 return CKR_OK;
1237
1238 loser:
1239 switch( error ) {
1240 case CKR_SESSION_CLOSED:
1241 /* destroy session? */
1242 break;
1243 case CKR_DEVICE_REMOVED:
1244 /* (void)nssCKFWToken_Destroy(fwToken); */
1245 break;
1246 case CKR_ARGUMENTS_BAD:
1247 case CKR_CRYPTOKI_NOT_INITIALIZED:
1248 case CKR_DEVICE_ERROR:
1249 case CKR_DEVICE_MEMORY:
1250 case CKR_FUNCTION_FAILED:
1251 case CKR_GENERAL_ERROR:
1252 case CKR_HOST_MEMORY:
1253 case CKR_PIN_INCORRECT:
1254 case CKR_PIN_INVALID:
1255 case CKR_PIN_LEN_RANGE:
1256 case CKR_PIN_LOCKED:
1257 case CKR_SESSION_HANDLE_INVALID:
1258 case CKR_SESSION_READ_ONLY:
1259 case CKR_TOKEN_WRITE_PROTECTED:
1260 break;
1261 default:
1262 case CKR_OK:
1263 error = CKR_GENERAL_ERROR;
1264 break;
1265 }
1266
1267 return error;
1268 }
1269
1270 /*
1271 * NSSCKFWC_OpenSession
1272 *
1273 */
1274 NSS_IMPLEMENT CK_RV
1275 NSSCKFWC_OpenSession
1276 (
1277 NSSCKFWInstance *fwInstance,
1278 CK_SLOT_ID slotID,
1279 CK_FLAGS flags,
1280 CK_VOID_PTR pApplication,
1281 CK_NOTIFY Notify,
1282 CK_SESSION_HANDLE_PTR phSession
1283 )
1284 {
1285 CK_RV error = CKR_OK;
1286 CK_ULONG nSlots;
1287 NSSCKFWSlot **slots;
1288 NSSCKFWSlot *fwSlot;
1289 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1290 NSSCKFWSession *fwSession;
1291 CK_BBOOL rw;
1292
1293 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1294 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1295 goto loser;
1296 }
1297
1298 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1299 if( (CK_ULONG)0 == nSlots ) {
1300 goto loser;
1301 }
1302
1303 if( (slotID < 1) || (slotID > nSlots) ) {
1304 error = CKR_SLOT_ID_INVALID;
1305 goto loser;
1306 }
1307
1308 if( flags & CKF_RW_SESSION ) {
1309 rw = CK_TRUE;
1310 } else {
1311 rw = CK_FALSE;
1312 }
1313
1314 if( flags & CKF_SERIAL_SESSION ) {
1315 ;
1316 } else {
1317 error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1318 goto loser;
1319 }
1320
1321 if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1322 error = CKR_ARGUMENTS_BAD;
1323 goto loser;
1324 }
1325
1326 if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1327 error = CKR_ARGUMENTS_BAD;
1328 goto loser;
1329 }
1330
1331 /*
1332 * A purify error here indicates caller error.
1333 */
1334 *phSession = (CK_SESSION_HANDLE)0;
1335
1336 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1337 if( (NSSCKFWSlot **)NULL == slots ) {
1338 goto loser;
1339 }
1340
1341 fwSlot = slots[ slotID-1 ];
1342
1343 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1344 error = CKR_TOKEN_NOT_PRESENT;
1345 goto loser;
1346 }
1347
1348 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1349 if( (NSSCKFWToken *)NULL == fwToken ) {
1350 goto loser;
1351 }
1352
1353 fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1354 Notify, &error);
1355 if( (NSSCKFWSession *)NULL == fwSession ) {
1356 goto loser;
1357 }
1358
1359 *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1360 fwSession, &error);
1361 if( (CK_SESSION_HANDLE)0 == *phSession ) {
1362 goto loser;
1363 }
1364
1365 return CKR_OK;
1366
1367 loser:
1368 switch( error ) {
1369 case CKR_SESSION_CLOSED:
1370 /* destroy session? */
1371 break;
1372 case CKR_DEVICE_REMOVED:
1373 /* (void)nssCKFWToken_Destroy(fwToken); */
1374 break;
1375 case CKR_CRYPTOKI_NOT_INITIALIZED:
1376 case CKR_DEVICE_ERROR:
1377 case CKR_DEVICE_MEMORY:
1378 case CKR_FUNCTION_FAILED:
1379 case CKR_GENERAL_ERROR:
1380 case CKR_HOST_MEMORY:
1381 case CKR_SESSION_COUNT:
1382 case CKR_SESSION_EXISTS:
1383 case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1384 case CKR_SESSION_READ_WRITE_SO_EXISTS:
1385 case CKR_SLOT_ID_INVALID:
1386 case CKR_TOKEN_NOT_PRESENT:
1387 case CKR_TOKEN_NOT_RECOGNIZED:
1388 case CKR_TOKEN_WRITE_PROTECTED:
1389 break;
1390 default:
1391 case CKR_OK:
1392 error = CKR_GENERAL_ERROR;
1393 break;
1394 }
1395
1396 return error;
1397 }
1398
1399 /*
1400 * NSSCKFWC_CloseSession
1401 *
1402 */
1403 NSS_IMPLEMENT CK_RV
1404 NSSCKFWC_CloseSession
1405 (
1406 NSSCKFWInstance *fwInstance,
1407 CK_SESSION_HANDLE hSession
1408 )
1409 {
1410 CK_RV error = CKR_OK;
1411 NSSCKFWSession *fwSession;
1412
1413 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1414 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1415 goto loser;
1416 }
1417
1418 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1419 if( (NSSCKFWSession *)NULL == fwSession ) {
1420 error = CKR_SESSION_HANDLE_INVALID;
1421 goto loser;
1422 }
1423
1424 nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1425 error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1426
1427 if( CKR_OK != error ) {
1428 goto loser;
1429 }
1430
1431 return CKR_OK;
1432
1433 loser:
1434 switch( error ) {
1435 case CKR_SESSION_CLOSED:
1436 /* destroy session? */
1437 break;
1438 case CKR_DEVICE_REMOVED:
1439 /* (void)nssCKFWToken_Destroy(fwToken); */
1440 break;
1441 case CKR_CRYPTOKI_NOT_INITIALIZED:
1442 case CKR_DEVICE_ERROR:
1443 case CKR_DEVICE_MEMORY:
1444 case CKR_FUNCTION_FAILED:
1445 case CKR_GENERAL_ERROR:
1446 case CKR_HOST_MEMORY:
1447 case CKR_SESSION_HANDLE_INVALID:
1448 break;
1449 default:
1450 case CKR_OK:
1451 error = CKR_GENERAL_ERROR;
1452 break;
1453 }
1454
1455 return error;
1456 }
1457
1458 /*
1459 * NSSCKFWC_CloseAllSessions
1460 *
1461 */
1462 NSS_IMPLEMENT CK_RV
1463 NSSCKFWC_CloseAllSessions
1464 (
1465 NSSCKFWInstance *fwInstance,
1466 CK_SLOT_ID slotID
1467 )
1468 {
1469 CK_RV error = CKR_OK;
1470 CK_ULONG nSlots;
1471 NSSCKFWSlot **slots;
1472 NSSCKFWSlot *fwSlot;
1473 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1474
1475 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1476 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1477 goto loser;
1478 }
1479
1480 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1481 if( (CK_ULONG)0 == nSlots ) {
1482 goto loser;
1483 }
1484
1485 if( (slotID < 1) || (slotID > nSlots) ) {
1486 error = CKR_SLOT_ID_INVALID;
1487 goto loser;
1488 }
1489
1490 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1491 if( (NSSCKFWSlot **)NULL == slots ) {
1492 goto loser;
1493 }
1494
1495 fwSlot = slots[ slotID-1 ];
1496
1497 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1498 error = CKR_TOKEN_NOT_PRESENT;
1499 goto loser;
1500 }
1501
1502 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1503 if( (NSSCKFWToken *)NULL == fwToken ) {
1504 goto loser;
1505 }
1506
1507 error = nssCKFWToken_CloseAllSessions(fwToken);
1508 if( CKR_OK != error ) {
1509 goto loser;
1510 }
1511
1512 return CKR_OK;
1513
1514 loser:
1515 switch( error ) {
1516 case CKR_DEVICE_REMOVED:
1517 /* (void)nssCKFWToken_Destroy(fwToken); */
1518 break;
1519 case CKR_CRYPTOKI_NOT_INITIALIZED:
1520 case CKR_DEVICE_ERROR:
1521 case CKR_DEVICE_MEMORY:
1522 case CKR_FUNCTION_FAILED:
1523 case CKR_GENERAL_ERROR:
1524 case CKR_HOST_MEMORY:
1525 case CKR_SLOT_ID_INVALID:
1526 case CKR_TOKEN_NOT_PRESENT:
1527 break;
1528 default:
1529 case CKR_OK:
1530 error = CKR_GENERAL_ERROR;
1531 break;
1532 }
1533
1534 return error;
1535 }
1536
1537 /*
1538 * NSSCKFWC_GetSessionInfo
1539 *
1540 */
1541 NSS_IMPLEMENT CK_RV
1542 NSSCKFWC_GetSessionInfo
1543 (
1544 NSSCKFWInstance *fwInstance,
1545 CK_SESSION_HANDLE hSession,
1546 CK_SESSION_INFO_PTR pInfo
1547 )
1548 {
1549 CK_RV error = CKR_OK;
1550 NSSCKFWSession *fwSession;
1551 NSSCKFWSlot *fwSlot;
1552
1553 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1554 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1555 goto loser;
1556 }
1557
1558 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1559 if( (NSSCKFWSession *)NULL == fwSession ) {
1560 error = CKR_SESSION_HANDLE_INVALID;
1561 goto loser;
1562 }
1563
1564 if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1565 error = CKR_ARGUMENTS_BAD;
1566 goto loser;
1567 }
1568
1569 /*
1570 * A purify error here indicates caller error.
1571 */
1572 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1573
1574 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1575 if( (NSSCKFWSlot *)NULL == fwSlot ) {
1576 error = CKR_GENERAL_ERROR;
1577 goto loser;
1578 }
1579
1580 pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1581 pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1582
1583 if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1584 pInfo->flags |= CKF_RW_SESSION;
1585 }
1586
1587 pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1588
1589 pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1590
1591 return CKR_OK;
1592
1593 loser:
1594 switch( error ) {
1595 case CKR_SESSION_CLOSED:
1596 /* destroy session? */
1597 break;
1598 case CKR_DEVICE_REMOVED:
1599 /* (void)nssCKFWToken_Destroy(fwToken); */
1600 break;
1601 case CKR_CRYPTOKI_NOT_INITIALIZED:
1602 case CKR_DEVICE_ERROR:
1603 case CKR_DEVICE_MEMORY:
1604 case CKR_FUNCTION_FAILED:
1605 case CKR_GENERAL_ERROR:
1606 case CKR_HOST_MEMORY:
1607 case CKR_SESSION_HANDLE_INVALID:
1608 break;
1609 default:
1610 case CKR_OK:
1611 error = CKR_GENERAL_ERROR;
1612 break;
1613 }
1614
1615 return error;
1616 }
1617
1618 /*
1619 * NSSCKFWC_GetOperationState
1620 *
1621 */
1622 NSS_IMPLEMENT CK_RV
1623 NSSCKFWC_GetOperationState
1624 (
1625 NSSCKFWInstance *fwInstance,
1626 CK_SESSION_HANDLE hSession,
1627 CK_BYTE_PTR pOperationState,
1628 CK_ULONG_PTR pulOperationStateLen
1629 )
1630 {
1631 CK_RV error = CKR_OK;
1632 NSSCKFWSession *fwSession;
1633 CK_ULONG len;
1634 NSSItem buf;
1635
1636 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1637 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1638 goto loser;
1639 }
1640
1641 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1642 if( (NSSCKFWSession *)NULL == fwSession ) {
1643 error = CKR_SESSION_HANDLE_INVALID;
1644 goto loser;
1645 }
1646
1647 if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1648 error = CKR_ARGUMENTS_BAD;
1649 goto loser;
1650 }
1651
1652 len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1653 if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1654 goto loser;
1655 }
1656
1657 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1658 *pulOperationStateLen = len;
1659 return CKR_OK;
1660 }
1661
1662 if( *pulOperationStateLen < len ) {
1663 *pulOperationStateLen = len;
1664 error = CKR_BUFFER_TOO_SMALL;
1665 goto loser;
1666 }
1667
1668 buf.size = (PRUint32)*pulOperationStateLen;
1669 buf.data = (void *)pOperationState;
1670 *pulOperationStateLen = len;
1671 error = nssCKFWSession_GetOperationState(fwSession, &buf);
1672
1673 if( CKR_OK != error ) {
1674 goto loser;
1675 }
1676
1677 return CKR_OK;
1678
1679 loser:
1680 switch( error ) {
1681 case CKR_SESSION_CLOSED:
1682 /* destroy session? */
1683 break;
1684 case CKR_DEVICE_REMOVED:
1685 /* (void)nssCKFWToken_Destroy(fwToken); */
1686 break;
1687 case CKR_BUFFER_TOO_SMALL:
1688 case CKR_CRYPTOKI_NOT_INITIALIZED:
1689 case CKR_DEVICE_ERROR:
1690 case CKR_DEVICE_MEMORY:
1691 case CKR_FUNCTION_FAILED:
1692 case CKR_GENERAL_ERROR:
1693 case CKR_HOST_MEMORY:
1694 case CKR_OPERATION_NOT_INITIALIZED:
1695 case CKR_SESSION_HANDLE_INVALID:
1696 case CKR_STATE_UNSAVEABLE:
1697 break;
1698 default:
1699 case CKR_OK:
1700 error = CKR_GENERAL_ERROR;
1701 break;
1702 }
1703
1704 return error;
1705 }
1706
1707 /*
1708 * NSSCKFWC_SetOperationState
1709 *
1710 */
1711 NSS_IMPLEMENT CK_RV
1712 NSSCKFWC_SetOperationState
1713 (
1714 NSSCKFWInstance *fwInstance,
1715 CK_SESSION_HANDLE hSession,
1716 CK_BYTE_PTR pOperationState,
1717 CK_ULONG ulOperationStateLen,
1718 CK_OBJECT_HANDLE hEncryptionKey,
1719 CK_OBJECT_HANDLE hAuthenticationKey
1720 )
1721 {
1722 CK_RV error = CKR_OK;
1723 NSSCKFWSession *fwSession;
1724 NSSCKFWObject *eKey;
1725 NSSCKFWObject *aKey;
1726 NSSItem state;
1727
1728 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1729 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1730 goto loser;
1731 }
1732
1733 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1734 error = CKR_ARGUMENTS_BAD;
1735 goto loser;
1736 }
1737
1738 /*
1739 * We could loop through the buffer, to catch any purify errors
1740 * in a place with a "user error" note.
1741 */
1742
1743 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1744 if( (NSSCKFWSession *)NULL == fwSession ) {
1745 error = CKR_SESSION_HANDLE_INVALID;
1746 goto loser;
1747 }
1748
1749 if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1750 eKey = (NSSCKFWObject *)NULL;
1751 } else {
1752 eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1753 if( (NSSCKFWObject *)NULL == eKey ) {
1754 error = CKR_KEY_HANDLE_INVALID;
1755 goto loser;
1756 }
1757 }
1758
1759 if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1760 aKey = (NSSCKFWObject *)NULL;
1761 } else {
1762 aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1763 if( (NSSCKFWObject *)NULL == aKey ) {
1764 error = CKR_KEY_HANDLE_INVALID;
1765 goto loser;
1766 }
1767 }
1768
1769 error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1770 if( CKR_OK != error ) {
1771 goto loser;
1772 }
1773
1774 return CKR_OK;
1775
1776 loser:
1777 switch( error ) {
1778 case CKR_SESSION_CLOSED:
1779 /* destroy session? */
1780 break;
1781 case CKR_DEVICE_REMOVED:
1782 /* (void)nssCKFWToken_Destroy(fwToken); */
1783 break;
1784 case CKR_CRYPTOKI_NOT_INITIALIZED:
1785 case CKR_DEVICE_ERROR:
1786 case CKR_DEVICE_MEMORY:
1787 case CKR_FUNCTION_FAILED:
1788 case CKR_GENERAL_ERROR:
1789 case CKR_HOST_MEMORY:
1790 case CKR_KEY_CHANGED:
1791 case CKR_KEY_NEEDED:
1792 case CKR_KEY_NOT_NEEDED:
1793 case CKR_SAVED_STATE_INVALID:
1794 case CKR_SESSION_HANDLE_INVALID:
1795 break;
1796 default:
1797 case CKR_OK:
1798 error = CKR_GENERAL_ERROR;
1799 break;
1800 }
1801
1802 return error;
1803 }
1804
1805 /*
1806 * NSSCKFWC_Login
1807 *
1808 */
1809 NSS_IMPLEMENT CK_RV
1810 NSSCKFWC_Login
1811 (
1812 NSSCKFWInstance *fwInstance,
1813 CK_SESSION_HANDLE hSession,
1814 CK_USER_TYPE userType,
1815 CK_CHAR_PTR pPin,
1816 CK_ULONG ulPinLen
1817 )
1818 {
1819 CK_RV error = CKR_OK;
1820 NSSCKFWSession *fwSession;
1821 NSSItem pin, *arg;
1822
1823 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1824 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1825 goto loser;
1826 }
1827
1828 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1829 if( (NSSCKFWSession *)NULL == fwSession ) {
1830 error = CKR_SESSION_HANDLE_INVALID;
1831 goto loser;
1832 }
1833
1834 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1835 arg = (NSSItem *)NULL;
1836 } else {
1837 arg = &pin;
1838 pin.size = (PRUint32)ulPinLen;
1839 pin.data = (void *)pPin;
1840 }
1841
1842 error = nssCKFWSession_Login(fwSession, userType, arg);
1843 if( CKR_OK != error ) {
1844 goto loser;
1845 }
1846
1847 return CKR_OK;
1848
1849 loser:
1850 switch( error ) {
1851 case CKR_SESSION_CLOSED:
1852 /* destroy session? */
1853 break;
1854 case CKR_DEVICE_REMOVED:
1855 /* (void)nssCKFWToken_Destroy(fwToken); */
1856 break;
1857 case CKR_CRYPTOKI_NOT_INITIALIZED:
1858 case CKR_DEVICE_ERROR:
1859 case CKR_DEVICE_MEMORY:
1860 case CKR_FUNCTION_FAILED:
1861 case CKR_GENERAL_ERROR:
1862 case CKR_HOST_MEMORY:
1863 case CKR_PIN_EXPIRED:
1864 case CKR_PIN_INCORRECT:
1865 case CKR_PIN_LOCKED:
1866 case CKR_SESSION_HANDLE_INVALID:
1867 case CKR_SESSION_READ_ONLY_EXISTS:
1868 case CKR_USER_ALREADY_LOGGED_IN:
1869 case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1870 case CKR_USER_PIN_NOT_INITIALIZED:
1871 case CKR_USER_TOO_MANY_TYPES:
1872 case CKR_USER_TYPE_INVALID:
1873 break;
1874 default:
1875 case CKR_OK:
1876 error = CKR_GENERAL_ERROR;
1877 break;
1878 }
1879
1880 return error;
1881 }
1882
1883 /*
1884 * NSSCKFWC_Logout
1885 *
1886 */
1887 NSS_IMPLEMENT CK_RV
1888 NSSCKFWC_Logout
1889 (
1890 NSSCKFWInstance *fwInstance,
1891 CK_SESSION_HANDLE hSession
1892 )
1893 {
1894 CK_RV error = CKR_OK;
1895 NSSCKFWSession *fwSession;
1896
1897 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1898 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1899 goto loser;
1900 }
1901
1902 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1903 if( (NSSCKFWSession *)NULL == fwSession ) {
1904 error = CKR_SESSION_HANDLE_INVALID;
1905 goto loser;
1906 }
1907
1908 error = nssCKFWSession_Logout(fwSession);
1909 if( CKR_OK != error ) {
1910 goto loser;
1911 }
1912
1913 return CKR_OK;
1914
1915 loser:
1916 switch( error ) {
1917 case CKR_SESSION_CLOSED:
1918 /* destroy session? */
1919 break;
1920 case CKR_DEVICE_REMOVED:
1921 /* (void)nssCKFWToken_Destroy(fwToken); */
1922 break;
1923 case CKR_CRYPTOKI_NOT_INITIALIZED:
1924 case CKR_DEVICE_ERROR:
1925 case CKR_DEVICE_MEMORY:
1926 case CKR_FUNCTION_FAILED:
1927 case CKR_GENERAL_ERROR:
1928 case CKR_HOST_MEMORY:
1929 case CKR_SESSION_HANDLE_INVALID:
1930 case CKR_USER_NOT_LOGGED_IN:
1931 break;
1932 default:
1933 case CKR_OK:
1934 error = CKR_GENERAL_ERROR;
1935 break;
1936 }
1937
1938 return error;
1939 }
1940
1941 /*
1942 * NSSCKFWC_CreateObject
1943 *
1944 */
1945 NSS_IMPLEMENT CK_RV
1946 NSSCKFWC_CreateObject
1947 (
1948 NSSCKFWInstance *fwInstance,
1949 CK_SESSION_HANDLE hSession,
1950 CK_ATTRIBUTE_PTR pTemplate,
1951 CK_ULONG ulCount,
1952 CK_OBJECT_HANDLE_PTR phObject
1953 )
1954 {
1955 CK_RV error = CKR_OK;
1956 NSSCKFWSession *fwSession;
1957 NSSCKFWObject *fwObject;
1958
1959 if( (NSSCKFWInstance *)NULL == fwInstance ) {
1960 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1961 goto loser;
1962 }
1963
1964 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1965 if( (NSSCKFWSession *)NULL == fwSession ) {
1966 error = CKR_SESSION_HANDLE_INVALID;
1967 goto loser;
1968 }
1969
1970 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1971 error = CKR_ARGUMENTS_BAD;
1972 goto loser;
1973 }
1974
1975 /*
1976 * A purify error here indicates caller error.
1977 */
1978 *phObject = (CK_OBJECT_HANDLE)0;
1979
1980 fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
1981 ulCount, &error);
1982 if( (NSSCKFWObject *)NULL == fwObject ) {
1983 goto loser;
1984 }
1985
1986 *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
1987 if( (CK_OBJECT_HANDLE)0 == *phObject ) {
1988 nssCKFWObject_Destroy(fwObject);
1989 goto loser;
1990 }
1991
1992 return CKR_OK;
1993
1994 loser:
1995 switch( error ) {
1996 case CKR_SESSION_CLOSED:
1997 /* destroy session? */
1998 break;
1999 case CKR_DEVICE_REMOVED:
2000 /* (void)nssCKFWToken_Destroy(fwToken); */
2001 break;
2002 case CKR_ATTRIBUTE_READ_ONLY:
2003 case CKR_ATTRIBUTE_TYPE_INVALID:
2004 case CKR_ATTRIBUTE_VALUE_INVALID:
2005 case CKR_CRYPTOKI_NOT_INITIALIZED:
2006 case CKR_DEVICE_ERROR:
2007 case CKR_DEVICE_MEMORY:
2008 case CKR_FUNCTION_FAILED:
2009 case CKR_GENERAL_ERROR:
2010 case CKR_HOST_MEMORY:
2011 case CKR_SESSION_HANDLE_INVALID:
2012 case CKR_SESSION_READ_ONLY:
2013 case CKR_TEMPLATE_INCOMPLETE:
2014 case CKR_TEMPLATE_INCONSISTENT:
2015 case CKR_TOKEN_WRITE_PROTECTED:
2016 case CKR_USER_NOT_LOGGED_IN:
2017 break;
2018 default:
2019 case CKR_OK:
2020 error = CKR_GENERAL_ERROR;
2021 break;
2022 }
2023
2024 return error;
2025 }
2026
2027 /*
2028 * NSSCKFWC_CopyObject
2029 *
2030 */
2031 NSS_IMPLEMENT CK_RV
2032 NSSCKFWC_CopyObject
2033 (
2034 NSSCKFWInstance *fwInstance,
2035 CK_SESSION_HANDLE hSession,
2036 CK_OBJECT_HANDLE hObject,
2037 CK_ATTRIBUTE_PTR pTemplate,
2038 CK_ULONG ulCount,
2039 CK_OBJECT_HANDLE_PTR phNewObject
2040 )
2041 {
2042 CK_RV error = CKR_OK;
2043 NSSCKFWSession *fwSession;
2044 NSSCKFWObject *fwObject;
2045 NSSCKFWObject *fwNewObject;
2046
2047 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2048 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2049 goto loser;
2050 }
2051
2052 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2053 if( (NSSCKFWSession *)NULL == fwSession ) {
2054 error = CKR_SESSION_HANDLE_INVALID;
2055 goto loser;
2056 }
2057
2058 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
2059 error = CKR_ARGUMENTS_BAD;
2060 goto loser;
2061 }
2062
2063 /*
2064 * A purify error here indicates caller error.
2065 */
2066 *phNewObject = (CK_OBJECT_HANDLE)0;
2067
2068 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2069 if( (NSSCKFWObject *)NULL == fwObject ) {
2070 error = CKR_OBJECT_HANDLE_INVALID;
2071 goto loser;
2072 }
2073
2074 fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
2075 pTemplate, ulCount, &error);
2076 if( (NSSCKFWObject *)NULL == fwNewObject ) {
2077 goto loser;
2078 }
2079
2080 *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
2081 fwNewObject, &error);
2082 if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
2083 nssCKFWObject_Destroy(fwNewObject);
2084 goto loser;
2085 }
2086
2087 return CKR_OK;
2088
2089 loser:
2090 switch( error ) {
2091 case CKR_SESSION_CLOSED:
2092 /* destroy session? */
2093 break;
2094 case CKR_DEVICE_REMOVED:
2095 /* (void)nssCKFWToken_Destroy(fwToken); */
2096 break;
2097 case CKR_ATTRIBUTE_READ_ONLY:
2098 case CKR_ATTRIBUTE_TYPE_INVALID:
2099 case CKR_ATTRIBUTE_VALUE_INVALID:
2100 case CKR_CRYPTOKI_NOT_INITIALIZED:
2101 case CKR_DEVICE_ERROR:
2102 case CKR_DEVICE_MEMORY:
2103 case CKR_FUNCTION_FAILED:
2104 case CKR_GENERAL_ERROR:
2105 case CKR_HOST_MEMORY:
2106 case CKR_OBJECT_HANDLE_INVALID:
2107 case CKR_SESSION_HANDLE_INVALID:
2108 case CKR_SESSION_READ_ONLY:
2109 case CKR_TEMPLATE_INCONSISTENT:
2110 case CKR_TOKEN_WRITE_PROTECTED:
2111 case CKR_USER_NOT_LOGGED_IN:
2112 break;
2113 default:
2114 case CKR_OK:
2115 error = CKR_GENERAL_ERROR;
2116 break;
2117 }
2118
2119 return error;
2120 }
2121
2122 /*
2123 * NSSCKFWC_DestroyObject
2124 *
2125 */
2126 NSS_IMPLEMENT CK_RV
2127 NSSCKFWC_DestroyObject
2128 (
2129 NSSCKFWInstance *fwInstance,
2130 CK_SESSION_HANDLE hSession,
2131 CK_OBJECT_HANDLE hObject
2132 )
2133 {
2134 CK_RV error = CKR_OK;
2135 NSSCKFWSession *fwSession;
2136 NSSCKFWObject *fwObject;
2137
2138 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2139 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2140 goto loser;
2141 }
2142
2143 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2144 if( (NSSCKFWSession *)NULL == fwSession ) {
2145 error = CKR_SESSION_HANDLE_INVALID;
2146 goto loser;
2147 }
2148
2149 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2150 if( (NSSCKFWObject *)NULL == fwObject ) {
2151 error = CKR_OBJECT_HANDLE_INVALID;
2152 goto loser;
2153 }
2154
2155 nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
2156 nssCKFWObject_Destroy(fwObject);
2157
2158 return CKR_OK;
2159
2160 loser:
2161 switch( error ) {
2162 case CKR_SESSION_CLOSED:
2163 /* destroy session? */
2164 break;
2165 case CKR_DEVICE_REMOVED:
2166 /* (void)nssCKFWToken_Destroy(fwToken); */
2167 break;
2168 case CKR_CRYPTOKI_NOT_INITIALIZED:
2169 case CKR_DEVICE_ERROR:
2170 case CKR_DEVICE_MEMORY:
2171 case CKR_FUNCTION_FAILED:
2172 case CKR_GENERAL_ERROR:
2173 case CKR_HOST_MEMORY:
2174 case CKR_OBJECT_HANDLE_INVALID:
2175 case CKR_SESSION_HANDLE_INVALID:
2176 case CKR_SESSION_READ_ONLY:
2177 case CKR_TOKEN_WRITE_PROTECTED:
2178 break;
2179 default:
2180 case CKR_OK:
2181 error = CKR_GENERAL_ERROR;
2182 break;
2183 }
2184
2185 return error;
2186 }
2187
2188 /*
2189 * NSSCKFWC_GetObjectSize
2190 *
2191 */
2192 NSS_IMPLEMENT CK_RV
2193 NSSCKFWC_GetObjectSize
2194 (
2195 NSSCKFWInstance *fwInstance,
2196 CK_SESSION_HANDLE hSession,
2197 CK_OBJECT_HANDLE hObject,
2198 CK_ULONG_PTR pulSize
2199 )
2200 {
2201 CK_RV error = CKR_OK;
2202 NSSCKFWSession *fwSession;
2203 NSSCKFWObject *fwObject;
2204
2205 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2206 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2207 goto loser;
2208 }
2209
2210 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2211 if( (NSSCKFWSession *)NULL == fwSession ) {
2212 error = CKR_SESSION_HANDLE_INVALID;
2213 goto loser;
2214 }
2215
2216 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2217 if( (NSSCKFWObject *)NULL == fwObject ) {
2218 error = CKR_OBJECT_HANDLE_INVALID;
2219 goto loser;
2220 }
2221
2222 if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
2223 error = CKR_ARGUMENTS_BAD;
2224 goto loser;
2225 }
2226
2227 /*
2228 * A purify error here indicates caller error.
2229 */
2230 *pulSize = (CK_ULONG)0;
2231
2232 *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
2233 if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
2234 goto loser;
2235 }
2236
2237 return CKR_OK;
2238
2239 loser:
2240 switch( error ) {
2241 case CKR_SESSION_CLOSED:
2242 /* destroy session? */
2243 break;
2244 case CKR_DEVICE_REMOVED:
2245 /* (void)nssCKFWToken_Destroy(fwToken); */
2246 break;
2247 case CKR_CRYPTOKI_NOT_INITIALIZED:
2248 case CKR_DEVICE_ERROR:
2249 case CKR_DEVICE_MEMORY:
2250 case CKR_FUNCTION_FAILED:
2251 case CKR_GENERAL_ERROR:
2252 case CKR_HOST_MEMORY:
2253 case CKR_INFORMATION_SENSITIVE:
2254 case CKR_OBJECT_HANDLE_INVALID:
2255 case CKR_SESSION_HANDLE_INVALID:
2256 break;
2257 default:
2258 case CKR_OK:
2259 error = CKR_GENERAL_ERROR;
2260 break;
2261 }
2262
2263 return error;
2264 }
2265
2266 /*
2267 * NSSCKFWC_GetAttributeValue
2268 *
2269 */
2270 NSS_IMPLEMENT CK_RV
2271 NSSCKFWC_GetAttributeValue
2272 (
2273 NSSCKFWInstance *fwInstance,
2274 CK_SESSION_HANDLE hSession,
2275 CK_OBJECT_HANDLE hObject,
2276 CK_ATTRIBUTE_PTR pTemplate,
2277 CK_ULONG ulCount
2278 )
2279 {
2280 CK_RV error = CKR_OK;
2281 NSSCKFWSession *fwSession;
2282 NSSCKFWObject *fwObject;
2283 CK_BBOOL sensitive = CK_FALSE;
2284 CK_BBOOL invalid = CK_FALSE;
2285 CK_BBOOL tooSmall = CK_FALSE;
2286 CK_ULONG i;
2287
2288 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2289 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2290 goto loser;
2291 }
2292
2293 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2294 if( (NSSCKFWSession *)NULL == fwSession ) {
2295 error = CKR_SESSION_HANDLE_INVALID;
2296 goto loser;
2297 }
2298
2299 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2300 if( (NSSCKFWObject *)NULL == fwObject ) {
2301 error = CKR_OBJECT_HANDLE_INVALID;
2302 goto loser;
2303 }
2304
2305 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2306 error = CKR_ARGUMENTS_BAD;
2307 goto loser;
2308 }
2309
2310 for( i = 0; i < ulCount; i++ ) {
2311 CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
2312 pTemplate[i].type, &error);
2313 if( (CK_ULONG)0 == size ) {
2314 switch( error ) {
2315 case CKR_ATTRIBUTE_SENSITIVE:
2316 case CKR_INFORMATION_SENSITIVE:
2317 sensitive = CK_TRUE;
2318 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2319 continue;
2320 case CKR_ATTRIBUTE_TYPE_INVALID:
2321 invalid = CK_TRUE;
2322 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2323 continue;
2324 case CKR_OK:
2325 break;
2326 default:
2327 goto loser;
2328 }
2329 }
2330
2331 if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
2332 pTemplate[i].ulValueLen = size;
2333 } else {
2334 NSSItem it, *p;
2335
2336 if( pTemplate[i].ulValueLen < size ) {
2337 tooSmall = CK_TRUE;
2338 continue;
2339 }
2340
2341 it.size = (PRUint32)pTemplate[i].ulValueLen;
2342 it.data = (void *)pTemplate[i].pValue;
2343 p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
2344 (NSSArena *)NULL, &error);
2345 if( (NSSItem *)NULL == p ) {
2346 switch( error ) {
2347 case CKR_ATTRIBUTE_SENSITIVE:
2348 case CKR_INFORMATION_SENSITIVE:
2349 sensitive = CK_TRUE;
2350 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2351 continue;
2352 case CKR_ATTRIBUTE_TYPE_INVALID:
2353 invalid = CK_TRUE;
2354 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2355 continue;
2356 default:
2357 goto loser;
2358 }
2359 }
2360
2361 pTemplate[i].ulValueLen = size;
2362 }
2363 }
2364
2365 if( sensitive ) {
2366 error = CKR_ATTRIBUTE_SENSITIVE;
2367 goto loser;
2368 } else if( invalid ) {
2369 error = CKR_ATTRIBUTE_TYPE_INVALID;
2370 goto loser;
2371 } else if( tooSmall ) {
2372 error = CKR_BUFFER_TOO_SMALL;
2373 goto loser;
2374 }
2375
2376 return CKR_OK;
2377
2378 loser:
2379 switch( error ) {
2380 case CKR_SESSION_CLOSED:
2381 /* destroy session? */
2382 break;
2383 case CKR_DEVICE_REMOVED:
2384 /* (void)nssCKFWToken_Destroy(fwToken); */
2385 break;
2386 case CKR_ATTRIBUTE_SENSITIVE:
2387 case CKR_ATTRIBUTE_TYPE_INVALID:
2388 case CKR_BUFFER_TOO_SMALL:
2389 case CKR_CRYPTOKI_NOT_INITIALIZED:
2390 case CKR_DEVICE_ERROR:
2391 case CKR_DEVICE_MEMORY:
2392 case CKR_FUNCTION_FAILED:
2393 case CKR_GENERAL_ERROR:
2394 case CKR_HOST_MEMORY:
2395 case CKR_OBJECT_HANDLE_INVALID:
2396 case CKR_SESSION_HANDLE_INVALID:
2397 break;
2398 default:
2399 case CKR_OK:
2400 error = CKR_GENERAL_ERROR;
2401 break;
2402 }
2403
2404 return error;
2405 }
2406
2407 /*
2408 * NSSCKFWC_SetAttributeValue
2409 *
2410 */
2411 NSS_IMPLEMENT CK_RV
2412 NSSCKFWC_SetAttributeValue
2413 (
2414 NSSCKFWInstance *fwInstance,
2415 CK_SESSION_HANDLE hSession,
2416 CK_OBJECT_HANDLE hObject,
2417 CK_ATTRIBUTE_PTR pTemplate,
2418 CK_ULONG ulCount
2419 )
2420 {
2421 CK_RV error = CKR_OK;
2422 NSSCKFWSession *fwSession;
2423 NSSCKFWObject *fwObject;
2424 CK_ULONG i;
2425
2426 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2427 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2428 goto loser;
2429 }
2430
2431 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2432 if( (NSSCKFWSession *)NULL == fwSession ) {
2433 error = CKR_SESSION_HANDLE_INVALID;
2434 goto loser;
2435 }
2436
2437 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2438 if( (NSSCKFWObject *)NULL == fwObject ) {
2439 error = CKR_OBJECT_HANDLE_INVALID;
2440 goto loser;
2441 }
2442
2443 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2444 error = CKR_ARGUMENTS_BAD;
2445 goto loser;
2446 }
2447
2448 for (i=0; i < ulCount; i++) {
2449 NSSItem value;
2450
2451 value.data = pTemplate[i].pValue;
2452 value.size = pTemplate[i].ulValueLen;
2453
2454 error = nssCKFWObject_SetAttribute(fwObject, fwSession,
2455 pTemplate[i].type, &value);
2456
2457 if( CKR_OK != error ) {
2458 goto loser;
2459 }
2460 }
2461
2462 return CKR_OK;
2463
2464 loser:
2465 switch( error ) {
2466 case CKR_SESSION_CLOSED:
2467 /* destroy session? */
2468 break;
2469 case CKR_DEVICE_REMOVED:
2470 /* (void)nssCKFWToken_Destroy(fwToken); */
2471 break;
2472 case CKR_ATTRIBUTE_READ_ONLY:
2473 case CKR_ATTRIBUTE_TYPE_INVALID:
2474 case CKR_ATTRIBUTE_VALUE_INVALID:
2475 case CKR_CRYPTOKI_NOT_INITIALIZED:
2476 case CKR_DEVICE_ERROR:
2477 case CKR_DEVICE_MEMORY:
2478 case CKR_FUNCTION_FAILED:
2479 case CKR_GENERAL_ERROR:
2480 case CKR_HOST_MEMORY:
2481 case CKR_OBJECT_HANDLE_INVALID:
2482 case CKR_SESSION_HANDLE_INVALID:
2483 case CKR_SESSION_READ_ONLY:
2484 case CKR_TEMPLATE_INCONSISTENT:
2485 case CKR_TOKEN_WRITE_PROTECTED:
2486 break;
2487 default:
2488 case CKR_OK:
2489 error = CKR_GENERAL_ERROR;
2490 break;
2491 }
2492
2493 return error;
2494 }
2495
2496 /*
2497 * NSSCKFWC_FindObjectsInit
2498 *
2499 */
2500 NSS_IMPLEMENT CK_RV
2501 NSSCKFWC_FindObjectsInit
2502 (
2503 NSSCKFWInstance *fwInstance,
2504 CK_SESSION_HANDLE hSession,
2505 CK_ATTRIBUTE_PTR pTemplate,
2506 CK_ULONG ulCount
2507 )
2508 {
2509 CK_RV error = CKR_OK;
2510 NSSCKFWSession *fwSession;
2511 NSSCKFWFindObjects *fwFindObjects;
2512
2513 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2514 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2515 goto loser;
2516 }
2517
2518 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2519 if( (NSSCKFWSession *)NULL == fwSession ) {
2520 error = CKR_SESSION_HANDLE_INVALID;
2521 goto loser;
2522 }
2523
2524 if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
2525 error = CKR_ARGUMENTS_BAD;
2526 goto loser;
2527 }
2528
2529 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2530 if( (NSSCKFWFindObjects *)NULL != fwFindObjects ) {
2531 error = CKR_OPERATION_ACTIVE;
2532 goto loser;
2533 }
2534
2535 if( CKR_OPERATION_NOT_INITIALIZED != error ) {
2536 goto loser;
2537 }
2538
2539 fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
2540 pTemplate, ulCount, &error);
2541 if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2542 goto loser;
2543 }
2544
2545 error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
2546
2547 if( CKR_OK != error ) {
2548 nssCKFWFindObjects_Destroy(fwFindObjects);
2549 goto loser;
2550 }
2551
2552 return CKR_OK;
2553
2554 loser:
2555 switch( error ) {
2556 case CKR_SESSION_CLOSED:
2557 /* destroy session? */
2558 break;
2559 case CKR_DEVICE_REMOVED:
2560 /* (void)nssCKFWToken_Destroy(fwToken); */
2561 break;
2562 case CKR_ATTRIBUTE_TYPE_INVALID:
2563 case CKR_ATTRIBUTE_VALUE_INVALID:
2564 case CKR_CRYPTOKI_NOT_INITIALIZED:
2565 case CKR_DEVICE_ERROR:
2566 case CKR_DEVICE_MEMORY:
2567 case CKR_FUNCTION_FAILED:
2568 case CKR_GENERAL_ERROR:
2569 case CKR_HOST_MEMORY:
2570 case CKR_OPERATION_ACTIVE:
2571 case CKR_SESSION_HANDLE_INVALID:
2572 break;
2573 default:
2574 case CKR_OK:
2575 error = CKR_GENERAL_ERROR;
2576 break;
2577 }
2578
2579 return error;
2580 }
2581
2582 /*
2583 * NSSCKFWC_FindObjects
2584 *
2585 */
2586 NSS_IMPLEMENT CK_RV
2587 NSSCKFWC_FindObjects
2588 (
2589 NSSCKFWInstance *fwInstance,
2590 CK_SESSION_HANDLE hSession,
2591 CK_OBJECT_HANDLE_PTR phObject,
2592 CK_ULONG ulMaxObjectCount,
2593 CK_ULONG_PTR pulObjectCount
2594 )
2595 {
2596 CK_RV error = CKR_OK;
2597 NSSCKFWSession *fwSession;
2598 NSSCKFWFindObjects *fwFindObjects;
2599 CK_ULONG i;
2600
2601 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2602 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2603 goto loser;
2604 }
2605
2606 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2607 if( (NSSCKFWSession *)NULL == fwSession ) {
2608 error = CKR_SESSION_HANDLE_INVALID;
2609 goto loser;
2610 }
2611
2612 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
2613 error = CKR_ARGUMENTS_BAD;
2614 goto loser;
2615 }
2616
2617 /*
2618 * A purify error here indicates caller error.
2619 */
2620 (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
2621 *pulObjectCount = (CK_ULONG)0;
2622
2623 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2624 if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2625 goto loser;
2626 }
2627
2628 for( i = 0; i < ulMaxObjectCount; i++ ) {
2629 NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
2630 NULL, &error);
2631 if( (NSSCKFWObject *)NULL == fwObject ) {
2632 break;
2633 }
2634
2635 phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
2636 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2637 phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
2638 }
2639 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2640 /* This isn't right either, is it? */
2641 nssCKFWObject_Destroy(fwObject);
2642 goto loser;
2643 }
2644 }
2645
2646 *pulObjectCount = i;
2647
2648 return CKR_OK;
2649
2650 loser:
2651 switch( error ) {
2652 case CKR_SESSION_CLOSED:
2653 /* destroy session? */
2654 break;
2655 case CKR_DEVICE_REMOVED:
2656 /* (void)nssCKFWToken_Destroy(fwToken); */
2657 break;
2658 case CKR_CRYPTOKI_NOT_INITIALIZED:
2659 case CKR_DEVICE_ERROR:
2660 case CKR_DEVICE_MEMORY:
2661 case CKR_FUNCTION_FAILED:
2662 case CKR_GENERAL_ERROR:
2663 case CKR_HOST_MEMORY:
2664 case CKR_OPERATION_NOT_INITIALIZED:
2665 case CKR_SESSION_HANDLE_INVALID:
2666 break;
2667 default:
2668 case CKR_OK:
2669 error = CKR_GENERAL_ERROR;
2670 break;
2671 }
2672
2673 return error;
2674 }
2675
2676 /*
2677 * NSSCKFWC_FindObjectsFinal
2678 *
2679 */
2680 NSS_IMPLEMENT CK_RV
2681 NSSCKFWC_FindObjectsFinal
2682 (
2683 NSSCKFWInstance *fwInstance,
2684 CK_SESSION_HANDLE hSession
2685 )
2686 {
2687 CK_RV error = CKR_OK;
2688 NSSCKFWSession *fwSession;
2689 NSSCKFWFindObjects *fwFindObjects;
2690
2691 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2692 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2693 goto loser;
2694 }
2695
2696 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2697 if( (NSSCKFWSession *)NULL == fwSession ) {
2698 error = CKR_SESSION_HANDLE_INVALID;
2699 goto loser;
2700 }
2701
2702 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2703 if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
2704 error = CKR_OPERATION_NOT_INITIALIZED;
2705 goto loser;
2706 }
2707
2708 nssCKFWFindObjects_Destroy(fwFindObjects);
2709 error = nssCKFWSession_SetFWFindObjects(fwSession,
2710 (NSSCKFWFindObjects *)NULL);
2711
2712 if( CKR_OK != error ) {
2713 goto loser;
2714 }
2715
2716 return CKR_OK;
2717
2718 loser:
2719 switch( error ) {
2720 case CKR_SESSION_CLOSED:
2721 /* destroy session? */
2722 break;
2723 case CKR_DEVICE_REMOVED:
2724 /* (void)nssCKFWToken_Destroy(fwToken); */
2725 break;
2726 case CKR_CRYPTOKI_NOT_INITIALIZED:
2727 case CKR_DEVICE_ERROR:
2728 case CKR_DEVICE_MEMORY:
2729 case CKR_FUNCTION_FAILED:
2730 case CKR_GENERAL_ERROR:
2731 case CKR_HOST_MEMORY:
2732 case CKR_OPERATION_NOT_INITIALIZED:
2733 case CKR_SESSION_HANDLE_INVALID:
2734 break;
2735 default:
2736 case CKR_OK:
2737 error = CKR_GENERAL_ERROR;
2738 break;
2739 }
2740
2741 return error;
2742 }
2743
2744 /*
2745 * NSSCKFWC_EncryptInit
2746 *
2747 */
2748 NSS_IMPLEMENT CK_RV
2749 NSSCKFWC_EncryptInit
2750 (
2751 NSSCKFWInstance *fwInstance,
2752 CK_SESSION_HANDLE hSession,
2753 CK_MECHANISM_PTR pMechanism,
2754 CK_OBJECT_HANDLE hKey
2755 )
2756 {
2757 CK_RV error = CKR_OK;
2758 NSSCKFWSession *fwSession;
2759 NSSCKFWObject *fwObject;
2760 NSSCKFWSlot *fwSlot;
2761 NSSCKFWToken *fwToken;
2762 NSSCKFWMechanism *fwMechanism;
2763
2764 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2765 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2766 goto loser;
2767 }
2768
2769 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2770 if( (NSSCKFWSession *)NULL == fwSession ) {
2771 error = CKR_SESSION_HANDLE_INVALID;
2772 goto loser;
2773 }
2774
2775 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
2776 if( (NSSCKFWObject *)NULL == fwObject ) {
2777 error = CKR_KEY_HANDLE_INVALID;
2778 goto loser;
2779 }
2780
2781 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
2782 if( (NSSCKFWSlot *)NULL == fwSlot ) {
2783 error = CKR_GENERAL_ERROR; /* should never happen! */
2784 goto loser;
2785 }
2786
2787 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
2788 error = CKR_TOKEN_NOT_PRESENT;
2789 goto loser;
2790 }
2791
2792 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
2793 if( (NSSCKFWToken *)NULL == fwToken ) {
2794 goto loser;
2795 }
2796
2797 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
2798 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
2799 goto loser;
2800 }
2801
2802 error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
2803 fwSession, fwObject);
2804
2805 nssCKFWMechanism_Destroy(fwMechanism);
2806
2807 if (CKR_OK == error) {
2808 return CKR_OK;
2809 }
2810
2811 loser:
2812 /* verify error */
2813 switch( error ) {
2814 case CKR_CRYPTOKI_NOT_INITIALIZED:
2815 case CKR_DEVICE_ERROR:
2816 case CKR_DEVICE_MEMORY:
2817 case CKR_DEVICE_REMOVED:
2818 case CKR_FUNCTION_CANCELED:
2819 case CKR_FUNCTION_FAILED:
2820 case CKR_GENERAL_ERROR:
2821 case CKR_HOST_MEMORY:
2822 case CKR_KEY_FUNCTION_NOT_PERMITTED:
2823 case CKR_KEY_HANDLE_INVALID:
2824 case CKR_KEY_SIZE_RANGE:
2825 case CKR_KEY_TYPE_INCONSISTENT:
2826 case CKR_MECHANISM_INVALID:
2827 case CKR_MECHANISM_PARAM_INVALID:
2828 case CKR_OPERATION_ACTIVE:
2829 case CKR_PIN_EXPIRED:
2830 case CKR_SESSION_CLOSED:
2831 case CKR_SESSION_HANDLE_INVALID:
2832 case CKR_USER_NOT_LOGGED_IN:
2833 break;
2834 default:
2835 case CKR_OK:
2836 error = CKR_GENERAL_ERROR;
2837 break;
2838 }
2839 return error;
2840 }
2841
2842 /*
2843 * NSSCKFWC_Encrypt
2844 *
2845 */
2846 NSS_IMPLEMENT CK_RV
2847 NSSCKFWC_Encrypt
2848 (
2849 NSSCKFWInstance *fwInstance,
2850 CK_SESSION_HANDLE hSession,
2851 CK_BYTE_PTR pData,
2852 CK_ULONG ulDataLen,
2853 CK_BYTE_PTR pEncryptedData,
2854 CK_ULONG_PTR pulEncryptedDataLen
2855 )
2856 {
2857 CK_RV error = CKR_OK;
2858 NSSCKFWSession *fwSession;
2859
2860 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2861 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2862 goto loser;
2863 }
2864
2865 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2866 if( (NSSCKFWSession *)NULL == fwSession ) {
2867 error = CKR_SESSION_HANDLE_INVALID;
2868 goto loser;
2869 }
2870
2871 error = nssCKFWSession_UpdateFinal(fwSession,
2872 NSSCKFWCryptoOperationType_Encrypt,
2873 NSSCKFWCryptoOperationState_EncryptDecrypt,
2874 pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
2875
2876 if (CKR_OK == error) {
2877 return CKR_OK;
2878 }
2879
2880 loser:
2881 /* verify error */
2882 switch( error ) {
2883 case CKR_ARGUMENTS_BAD:
2884 case CKR_BUFFER_TOO_SMALL:
2885 case CKR_CRYPTOKI_NOT_INITIALIZED:
2886 case CKR_DATA_INVALID:
2887 case CKR_DATA_LEN_RANGE:
2888 case CKR_DEVICE_ERROR:
2889 case CKR_DEVICE_MEMORY:
2890 case CKR_DEVICE_REMOVED:
2891 case CKR_FUNCTION_CANCELED:
2892 case CKR_FUNCTION_FAILED:
2893 case CKR_GENERAL_ERROR:
2894 case CKR_HOST_MEMORY:
2895 case CKR_OPERATION_NOT_INITIALIZED:
2896 case CKR_SESSION_HANDLE_INVALID:
2897 case CKR_SESSION_CLOSED:
2898 break;
2899 default:
2900 case CKR_OK:
2901 error = CKR_GENERAL_ERROR;
2902 break;
2903 }
2904 return error;
2905 }
2906
2907 /*
2908 * NSSCKFWC_EncryptUpdate
2909 *
2910 */
2911 NSS_IMPLEMENT CK_RV
2912 NSSCKFWC_EncryptUpdate
2913 (
2914 NSSCKFWInstance *fwInstance,
2915 CK_SESSION_HANDLE hSession,
2916 CK_BYTE_PTR pPart,
2917 CK_ULONG ulPartLen,
2918 CK_BYTE_PTR pEncryptedPart,
2919 CK_ULONG_PTR pulEncryptedPartLen
2920 )
2921 {
2922 CK_RV error = CKR_OK;
2923 NSSCKFWSession *fwSession;
2924
2925 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2926 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2927 goto loser;
2928 }
2929
2930 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2931 if( (NSSCKFWSession *)NULL == fwSession ) {
2932 error = CKR_SESSION_HANDLE_INVALID;
2933 goto loser;
2934 }
2935
2936 error = nssCKFWSession_Update(fwSession,
2937 NSSCKFWCryptoOperationType_Encrypt,
2938 NSSCKFWCryptoOperationState_EncryptDecrypt,
2939 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
2940
2941 if (CKR_OK == error) {
2942 return CKR_OK;
2943 }
2944
2945 loser:
2946 /* verify error */
2947 switch( error ) {
2948 case CKR_ARGUMENTS_BAD:
2949 case CKR_BUFFER_TOO_SMALL:
2950 case CKR_CRYPTOKI_NOT_INITIALIZED:
2951 case CKR_DATA_LEN_RANGE:
2952 case CKR_DEVICE_ERROR:
2953 case CKR_DEVICE_MEMORY:
2954 case CKR_DEVICE_REMOVED:
2955 case CKR_FUNCTION_CANCELED:
2956 case CKR_FUNCTION_FAILED:
2957 case CKR_GENERAL_ERROR:
2958 case CKR_HOST_MEMORY:
2959 case CKR_OPERATION_NOT_INITIALIZED:
2960 case CKR_SESSION_CLOSED:
2961 case CKR_SESSION_HANDLE_INVALID:
2962 break;
2963 default:
2964 case CKR_OK:
2965 error = CKR_GENERAL_ERROR;
2966 break;
2967 }
2968 return error;
2969 }
2970
2971 /*
2972 * NSSCKFWC_EncryptFinal
2973 *
2974 */
2975 NSS_IMPLEMENT CK_RV
2976 NSSCKFWC_EncryptFinal
2977 (
2978 NSSCKFWInstance *fwInstance,
2979 CK_SESSION_HANDLE hSession,
2980 CK_BYTE_PTR pLastEncryptedPart,
2981 CK_ULONG_PTR pulLastEncryptedPartLen
2982 )
2983 {
2984 CK_RV error = CKR_OK;
2985 NSSCKFWSession *fwSession;
2986
2987 if( (NSSCKFWInstance *)NULL == fwInstance ) {
2988 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2989 goto loser;
2990 }
2991
2992 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2993 if( (NSSCKFWSession *)NULL == fwSession ) {
2994 error = CKR_SESSION_HANDLE_INVALID;
2995 goto loser;
2996 }
2997
2998 error = nssCKFWSession_Final(fwSession,
2999 NSSCKFWCryptoOperationType_Encrypt,
3000 NSSCKFWCryptoOperationState_EncryptDecrypt,
3001 pLastEncryptedPart, pulLastEncryptedPartLen);
3002
3003 if (CKR_OK == error) {
3004 return CKR_OK;
3005 }
3006
3007 loser:
3008 /* verify error */
3009 switch( error ) {
3010 case CKR_ARGUMENTS_BAD:
3011 case CKR_BUFFER_TOO_SMALL:
3012 case CKR_CRYPTOKI_NOT_INITIALIZED:
3013 case CKR_DATA_LEN_RANGE:
3014 case CKR_DEVICE_ERROR:
3015 case CKR_DEVICE_MEMORY:
3016 case CKR_DEVICE_REMOVED:
3017 case CKR_FUNCTION_CANCELED:
3018 case CKR_FUNCTION_FAILED:
3019 case CKR_GENERAL_ERROR:
3020 case CKR_HOST_MEMORY:
3021 case CKR_OPERATION_NOT_INITIALIZED:
3022 case CKR_SESSION_CLOSED:
3023 case CKR_SESSION_HANDLE_INVALID:
3024 break;
3025 default:
3026 case CKR_OK:
3027 error = CKR_GENERAL_ERROR;
3028 break;
3029 }
3030 return error;
3031 }
3032
3033 /*
3034 * NSSCKFWC_DecryptInit
3035 *
3036 */
3037 NSS_IMPLEMENT CK_RV
3038 NSSCKFWC_DecryptInit
3039 (
3040 NSSCKFWInstance *fwInstance,
3041 CK_SESSION_HANDLE hSession,
3042 CK_MECHANISM_PTR pMechanism,
3043 CK_OBJECT_HANDLE hKey
3044 )
3045 {
3046 CK_RV error = CKR_OK;
3047 NSSCKFWSession *fwSession;
3048 NSSCKFWObject *fwObject;
3049 NSSCKFWSlot *fwSlot;
3050 NSSCKFWToken *fwToken;
3051 NSSCKFWMechanism *fwMechanism;
3052
3053 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3054 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3055 goto loser;
3056 }
3057
3058 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3059 if( (NSSCKFWSession *)NULL == fwSession ) {
3060 error = CKR_SESSION_HANDLE_INVALID;
3061 goto loser;
3062 }
3063
3064 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3065 if( (NSSCKFWObject *)NULL == fwObject ) {
3066 error = CKR_KEY_HANDLE_INVALID;
3067 goto loser;
3068 }
3069
3070 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3071 if( (NSSCKFWSlot *)NULL == fwSlot ) {
3072 error = CKR_GENERAL_ERROR; /* should never happen! */
3073 goto loser;
3074 }
3075
3076 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3077 error = CKR_TOKEN_NOT_PRESENT;
3078 goto loser;
3079 }
3080
3081 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3082 if( (NSSCKFWToken *)NULL == fwToken ) {
3083 goto loser;
3084 }
3085
3086 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3087 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
3088 goto loser;
3089 }
3090
3091 error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
3092 fwSession, fwObject);
3093 nssCKFWMechanism_Destroy(fwMechanism);
3094
3095 if (CKR_OK == error) {
3096 return CKR_OK;
3097 }
3098
3099 loser:
3100 /* verify error */
3101 switch( error ) {
3102 case CKR_ARGUMENTS_BAD:
3103 case CKR_CRYPTOKI_NOT_INITIALIZED:
3104 case CKR_DEVICE_ERROR:
3105 case CKR_DEVICE_MEMORY:
3106 case CKR_DEVICE_REMOVED:
3107 case CKR_FUNCTION_CANCELED:
3108 case CKR_FUNCTION_FAILED:
3109 case CKR_GENERAL_ERROR:
3110 case CKR_HOST_MEMORY:
3111 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3112 case CKR_KEY_HANDLE_INVALID:
3113 case CKR_KEY_SIZE_RANGE:
3114 case CKR_KEY_TYPE_INCONSISTENT:
3115 case CKR_MECHANISM_INVALID:
3116 case CKR_MECHANISM_PARAM_INVALID:
3117 case CKR_OPERATION_ACTIVE:
3118 case CKR_PIN_EXPIRED:
3119 case CKR_SESSION_CLOSED:
3120 case CKR_SESSION_HANDLE_INVALID:
3121 case CKR_USER_NOT_LOGGED_IN:
3122 break;
3123 default:
3124 case CKR_OK:
3125 error = CKR_GENERAL_ERROR;
3126 break;
3127 }
3128 return error;
3129 }
3130
3131 /*
3132 * NSSCKFWC_Decrypt
3133 *
3134 */
3135 NSS_IMPLEMENT CK_RV
3136 NSSCKFWC_Decrypt
3137 (
3138 NSSCKFWInstance *fwInstance,
3139 CK_SESSION_HANDLE hSession,
3140 CK_BYTE_PTR pEncryptedData,
3141 CK_ULONG ulEncryptedDataLen,
3142 CK_BYTE_PTR pData,
3143 CK_ULONG_PTR pulDataLen
3144 )
3145 {
3146 CK_RV error = CKR_OK;
3147 NSSCKFWSession *fwSession;
3148
3149 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3150 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3151 goto loser;
3152 }
3153
3154 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3155 if( (NSSCKFWSession *)NULL == fwSession ) {
3156 error = CKR_SESSION_HANDLE_INVALID;
3157 goto loser;
3158 }
3159
3160 error = nssCKFWSession_UpdateFinal(fwSession,
3161 NSSCKFWCryptoOperationType_Decrypt,
3162 NSSCKFWCryptoOperationState_EncryptDecrypt,
3163 pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
3164
3165 if (CKR_OK == error) {
3166 return CKR_OK;
3167 }
3168
3169 loser:
3170 /* verify error */
3171 switch( error ) {
3172 case CKR_ARGUMENTS_BAD:
3173 case CKR_BUFFER_TOO_SMALL:
3174 case CKR_CRYPTOKI_NOT_INITIALIZED:
3175 case CKR_DEVICE_ERROR:
3176 case CKR_DEVICE_MEMORY:
3177 case CKR_DEVICE_REMOVED:
3178 case CKR_ENCRYPTED_DATA_INVALID:
3179 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3180 case CKR_FUNCTION_CANCELED:
3181 case CKR_FUNCTION_FAILED:
3182 case CKR_GENERAL_ERROR:
3183 case CKR_HOST_MEMORY:
3184 case CKR_OPERATION_NOT_INITIALIZED:
3185 case CKR_SESSION_CLOSED:
3186 case CKR_SESSION_HANDLE_INVALID:
3187 case CKR_USER_NOT_LOGGED_IN:
3188 break;
3189 case CKR_DATA_LEN_RANGE:
3190 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3191 break;
3192 case CKR_DATA_INVALID:
3193 error = CKR_ENCRYPTED_DATA_INVALID;
3194 break;
3195 default:
3196 case CKR_OK:
3197 error = CKR_GENERAL_ERROR;
3198 break;
3199 }
3200 return error;
3201 }
3202
3203 /*
3204 * NSSCKFWC_DecryptUpdate
3205 *
3206 */
3207 NSS_IMPLEMENT CK_RV
3208 NSSCKFWC_DecryptUpdate
3209 (
3210 NSSCKFWInstance *fwInstance,
3211 CK_SESSION_HANDLE hSession,
3212 CK_BYTE_PTR pEncryptedPart,
3213 CK_ULONG ulEncryptedPartLen,
3214 CK_BYTE_PTR pPart,
3215 CK_ULONG_PTR pulPartLen
3216 )
3217 {
3218 CK_RV error = CKR_OK;
3219 NSSCKFWSession *fwSession;
3220
3221 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3222 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3223 goto loser;
3224 }
3225
3226 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3227 if( (NSSCKFWSession *)NULL == fwSession ) {
3228 error = CKR_SESSION_HANDLE_INVALID;
3229 goto loser;
3230 }
3231
3232 error = nssCKFWSession_Update(fwSession,
3233 NSSCKFWCryptoOperationType_Decrypt,
3234 NSSCKFWCryptoOperationState_EncryptDecrypt,
3235 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
3236
3237 if (CKR_OK == error) {
3238 return CKR_OK;
3239 }
3240
3241 loser:
3242 /* verify error */
3243 switch( error ) {
3244 case CKR_ARGUMENTS_BAD:
3245 case CKR_BUFFER_TOO_SMALL:
3246 case CKR_CRYPTOKI_NOT_INITIALIZED:
3247 case CKR_DEVICE_ERROR:
3248 case CKR_DEVICE_MEMORY:
3249 case CKR_DEVICE_REMOVED:
3250 case CKR_ENCRYPTED_DATA_INVALID:
3251 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3252 case CKR_FUNCTION_CANCELED:
3253 case CKR_FUNCTION_FAILED:
3254 case CKR_GENERAL_ERROR:
3255 case CKR_HOST_MEMORY:
3256 case CKR_OPERATION_NOT_INITIALIZED:
3257 case CKR_SESSION_CLOSED:
3258 case CKR_SESSION_HANDLE_INVALID:
3259 case CKR_USER_NOT_LOGGED_IN:
3260 break;
3261 case CKR_DATA_LEN_RANGE:
3262 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3263 break;
3264 case CKR_DATA_INVALID:
3265 error = CKR_ENCRYPTED_DATA_INVALID;
3266 break;
3267 default:
3268 case CKR_OK:
3269 error = CKR_GENERAL_ERROR;
3270 break;
3271 }
3272 return error;
3273 }
3274
3275 /*
3276 * NSSCKFWC_DecryptFinal
3277 *
3278 */
3279 NSS_IMPLEMENT CK_RV
3280 NSSCKFWC_DecryptFinal
3281 (
3282 NSSCKFWInstance *fwInstance,
3283 CK_SESSION_HANDLE hSession,
3284 CK_BYTE_PTR pLastPart,
3285 CK_ULONG_PTR pulLastPartLen
3286 )
3287 {
3288 CK_RV error = CKR_OK;
3289 NSSCKFWSession *fwSession;
3290
3291 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3292 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3293 goto loser;
3294 }
3295
3296 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3297 if( (NSSCKFWSession *)NULL == fwSession ) {
3298 error = CKR_SESSION_HANDLE_INVALID;
3299 goto loser;
3300 }
3301
3302 error = nssCKFWSession_Final(fwSession,
3303 NSSCKFWCryptoOperationType_Decrypt,
3304 NSSCKFWCryptoOperationState_EncryptDecrypt,
3305 pLastPart, pulLastPartLen);
3306
3307 if (CKR_OK == error) {
3308 return CKR_OK;
3309 }
3310
3311 loser:
3312 /* verify error */
3313 switch( error ) {
3314 case CKR_ARGUMENTS_BAD:
3315 case CKR_BUFFER_TOO_SMALL:
3316 case CKR_CRYPTOKI_NOT_INITIALIZED:
3317 case CKR_DEVICE_ERROR:
3318 case CKR_DEVICE_MEMORY:
3319 case CKR_DEVICE_REMOVED:
3320 case CKR_FUNCTION_FAILED:
3321 case CKR_FUNCTION_CANCELED:
3322 case CKR_ENCRYPTED_DATA_INVALID:
3323 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3324 case CKR_GENERAL_ERROR:
3325 case CKR_HOST_MEMORY:
3326 case CKR_OPERATION_NOT_INITIALIZED:
3327 case CKR_SESSION_CLOSED:
3328 case CKR_SESSION_HANDLE_INVALID:
3329 case CKR_USER_NOT_LOGGED_IN:
3330 break;
3331 case CKR_DATA_LEN_RANGE:
3332 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3333 break;
3334 case CKR_DATA_INVALID:
3335 error = CKR_ENCRYPTED_DATA_INVALID;
3336 break;
3337 default:
3338 case CKR_OK:
3339 error = CKR_GENERAL_ERROR;
3340 break;
3341 }
3342 return error;
3343 }
3344
3345 /*
3346 * NSSCKFWC_DigestInit
3347 *
3348 */
3349 NSS_IMPLEMENT CK_RV
3350 NSSCKFWC_DigestInit
3351 (
3352 NSSCKFWInstance *fwInstance,
3353 CK_SESSION_HANDLE hSession,
3354 CK_MECHANISM_PTR pMechanism
3355 )
3356 {
3357 CK_RV error = CKR_OK;
3358 NSSCKFWSession *fwSession;
3359 NSSCKFWSlot *fwSlot;
3360 NSSCKFWToken *fwToken;
3361 NSSCKFWMechanism *fwMechanism;
3362
3363 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3364 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3365 goto loser;
3366 }
3367
3368 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3369 if( (NSSCKFWSession *)NULL == fwSession ) {
3370 error = CKR_SESSION_HANDLE_INVALID;
3371 goto loser;
3372 }
3373
3374 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3375 if( (NSSCKFWSlot *)NULL == fwSlot ) {
3376 error = CKR_GENERAL_ERROR; /* should never happen! */
3377 goto loser;
3378 }
3379
3380 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3381 error = CKR_TOKEN_NOT_PRESENT;
3382 goto loser;
3383 }
3384
3385 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3386 if( (NSSCKFWToken *)NULL == fwToken ) {
3387 goto loser;
3388 }
3389
3390 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3391 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
3392 goto loser;
3393 }
3394
3395 error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
3396
3397 nssCKFWMechanism_Destroy(fwMechanism);
3398
3399 if (CKR_OK == error) {
3400 return CKR_OK;
3401 }
3402
3403 loser:
3404 /* verify error */
3405 switch( error ) {
3406 case CKR_ARGUMENTS_BAD:
3407 case CKR_CRYPTOKI_NOT_INITIALIZED:
3408 case CKR_DEVICE_ERROR:
3409 case CKR_DEVICE_MEMORY:
3410 case CKR_DEVICE_REMOVED:
3411 case CKR_FUNCTION_CANCELED:
3412 case CKR_FUNCTION_FAILED:
3413 case CKR_GENERAL_ERROR:
3414 case CKR_HOST_MEMORY:
3415 case CKR_MECHANISM_INVALID:
3416 case CKR_MECHANISM_PARAM_INVALID:
3417 case CKR_OPERATION_ACTIVE:
3418 case CKR_PIN_EXPIRED:
3419 case CKR_SESSION_CLOSED:
3420 case CKR_SESSION_HANDLE_INVALID:
3421 case CKR_USER_NOT_LOGGED_IN:
3422 break;
3423 default:
3424 case CKR_OK:
3425 error = CKR_GENERAL_ERROR;
3426 break;
3427 }
3428 return error;
3429 }
3430
3431 /*
3432 * NSSCKFWC_Digest
3433 *
3434 */
3435 NSS_IMPLEMENT CK_RV
3436 NSSCKFWC_Digest
3437 (
3438 NSSCKFWInstance *fwInstance,
3439 CK_SESSION_HANDLE hSession,
3440 CK_BYTE_PTR pData,
3441 CK_ULONG ulDataLen,
3442 CK_BYTE_PTR pDigest,
3443 CK_ULONG_PTR pulDigestLen
3444 )
3445 {
3446 CK_RV error = CKR_OK;
3447 NSSCKFWSession *fwSession;
3448
3449 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3450 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3451 goto loser;
3452 }
3453
3454 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3455 if( (NSSCKFWSession *)NULL == fwSession ) {
3456 error = CKR_SESSION_HANDLE_INVALID;
3457 goto loser;
3458 }
3459
3460 error = nssCKFWSession_UpdateFinal(fwSession,
3461 NSSCKFWCryptoOperationType_Digest,
3462 NSSCKFWCryptoOperationState_Digest,
3463 pData, ulDataLen, pDigest, pulDigestLen);
3464
3465 if (CKR_OK == error) {
3466 return CKR_OK;
3467 }
3468
3469 loser:
3470 /* verify error */
3471 switch( error ) {
3472 case CKR_ARGUMENTS_BAD:
3473 case CKR_BUFFER_TOO_SMALL:
3474 case CKR_CRYPTOKI_NOT_INITIALIZED:
3475 case CKR_DEVICE_ERROR:
3476 case CKR_DEVICE_MEMORY:
3477 case CKR_DEVICE_REMOVED:
3478 case CKR_FUNCTION_CANCELED:
3479 case CKR_FUNCTION_FAILED:
3480 case CKR_GENERAL_ERROR:
3481 case CKR_HOST_MEMORY:
3482 case CKR_OPERATION_NOT_INITIALIZED:
3483 case CKR_SESSION_CLOSED:
3484 case CKR_SESSION_HANDLE_INVALID:
3485 break;
3486 default:
3487 case CKR_OK:
3488 error = CKR_GENERAL_ERROR;
3489 break;
3490 }
3491 return error;
3492 }
3493
3494 /*
3495 * NSSCKFWC_DigestUpdate
3496 *
3497 */
3498 NSS_IMPLEMENT CK_RV
3499 NSSCKFWC_DigestUpdate
3500 (
3501 NSSCKFWInstance *fwInstance,
3502 CK_SESSION_HANDLE hSession,
3503 CK_BYTE_PTR pData,
3504 CK_ULONG ulDataLen
3505 )
3506 {
3507 CK_RV error = CKR_OK;
3508 NSSCKFWSession *fwSession;
3509
3510 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3511 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3512 goto loser;
3513 }
3514
3515 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3516 if( (NSSCKFWSession *)NULL == fwSession ) {
3517 error = CKR_SESSION_HANDLE_INVALID;
3518 goto loser;
3519 }
3520
3521 error = nssCKFWSession_DigestUpdate(fwSession,
3522 NSSCKFWCryptoOperationType_Digest,
3523 NSSCKFWCryptoOperationState_Digest,
3524 pData, ulDataLen);
3525
3526 if (CKR_OK == error) {
3527 return CKR_OK;
3528 }
3529
3530 loser:
3531 /* verify error */
3532 switch( error ) {
3533 case CKR_ARGUMENTS_BAD:
3534 case CKR_CRYPTOKI_NOT_INITIALIZED:
3535 case CKR_DEVICE_ERROR:
3536 case CKR_DEVICE_MEMORY:
3537 case CKR_DEVICE_REMOVED:
3538 case CKR_FUNCTION_CANCELED:
3539 case CKR_FUNCTION_FAILED:
3540 case CKR_GENERAL_ERROR:
3541 case CKR_HOST_MEMORY:
3542 case CKR_OPERATION_NOT_INITIALIZED:
3543 case CKR_SESSION_CLOSED:
3544 case CKR_SESSION_HANDLE_INVALID:
3545 break;
3546 default:
3547 case CKR_OK:
3548 error = CKR_GENERAL_ERROR;
3549 break;
3550 }
3551 return error;
3552 }
3553
3554 /*
3555 * NSSCKFWC_DigestKey
3556 *
3557 */
3558 NSS_IMPLEMENT CK_RV
3559 NSSCKFWC_DigestKey
3560 (
3561 NSSCKFWInstance *fwInstance,
3562 CK_SESSION_HANDLE hSession,
3563 CK_OBJECT_HANDLE hKey
3564 )
3565 {
3566 CK_RV error = CKR_OK;
3567 NSSCKFWSession *fwSession;
3568 NSSCKFWObject *fwObject;
3569
3570 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3571 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3572 goto loser;
3573 }
3574
3575 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3576 if( (NSSCKFWSession *)NULL == fwSession ) {
3577 error = CKR_SESSION_HANDLE_INVALID;
3578 goto loser;
3579 }
3580
3581 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3582 if( (NSSCKFWObject *)NULL == fwObject ) {
3583 error = CKR_KEY_HANDLE_INVALID;
3584 goto loser;
3585 }
3586
3587 error = nssCKFWSession_DigestKey(fwSession, fwObject);
3588
3589 if (CKR_OK == error) {
3590 return CKR_OK;
3591 }
3592
3593 loser:
3594 /* verify error */
3595 switch( error ) {
3596 case CKR_CRYPTOKI_NOT_INITIALIZED:
3597 case CKR_DEVICE_ERROR:
3598 case CKR_DEVICE_MEMORY:
3599 case CKR_DEVICE_REMOVED:
3600 case CKR_FUNCTION_CANCELED:
3601 case CKR_FUNCTION_FAILED:
3602 case CKR_GENERAL_ERROR:
3603 case CKR_HOST_MEMORY:
3604 case CKR_KEY_HANDLE_INVALID:
3605 case CKR_KEY_INDIGESTIBLE:
3606 case CKR_KEY_SIZE_RANGE:
3607 case CKR_OPERATION_NOT_INITIALIZED:
3608 case CKR_SESSION_CLOSED:
3609 case CKR_SESSION_HANDLE_INVALID:
3610 break;
3611 default:
3612 case CKR_OK:
3613 error = CKR_GENERAL_ERROR;
3614 break;
3615 }
3616 return error;
3617 }
3618
3619 /*
3620 * NSSCKFWC_DigestFinal
3621 *
3622 */
3623 NSS_IMPLEMENT CK_RV
3624 NSSCKFWC_DigestFinal
3625 (
3626 NSSCKFWInstance *fwInstance,
3627 CK_SESSION_HANDLE hSession,
3628 CK_BYTE_PTR pDigest,
3629 CK_ULONG_PTR pulDigestLen
3630 )
3631 {
3632 CK_RV error = CKR_OK;
3633 NSSCKFWSession *fwSession;
3634
3635 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3636 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3637 goto loser;
3638 }
3639
3640 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3641 if( (NSSCKFWSession *)NULL == fwSession ) {
3642 error = CKR_SESSION_HANDLE_INVALID;
3643 goto loser;
3644 }
3645
3646 error = nssCKFWSession_Final(fwSession,
3647 NSSCKFWCryptoOperationType_Digest,
3648 NSSCKFWCryptoOperationState_Digest,
3649 pDigest, pulDigestLen);
3650
3651 if (CKR_OK == error) {
3652 return CKR_OK;
3653 }
3654
3655 loser:
3656 /* verify error */
3657 switch( error ) {
3658 case CKR_ARGUMENTS_BAD:
3659 case CKR_BUFFER_TOO_SMALL:
3660 case CKR_CRYPTOKI_NOT_INITIALIZED:
3661 case CKR_DEVICE_ERROR:
3662 case CKR_DEVICE_MEMORY:
3663 case CKR_DEVICE_REMOVED:
3664 case CKR_FUNCTION_CANCELED:
3665 case CKR_FUNCTION_FAILED:
3666 case CKR_GENERAL_ERROR:
3667 case CKR_HOST_MEMORY:
3668 case CKR_OPERATION_NOT_INITIALIZED:
3669 case CKR_SESSION_CLOSED:
3670 case CKR_SESSION_HANDLE_INVALID:
3671 break;
3672 default:
3673 case CKR_OK:
3674 error = CKR_GENERAL_ERROR;
3675 break;
3676 }
3677 return error;
3678 }
3679
3680 /*
3681 * NSSCKFWC_SignInit
3682 *
3683 */
3684 NSS_IMPLEMENT CK_RV
3685 NSSCKFWC_SignInit
3686 (
3687 NSSCKFWInstance *fwInstance,
3688 CK_SESSION_HANDLE hSession,
3689 CK_MECHANISM_PTR pMechanism,
3690 CK_OBJECT_HANDLE hKey
3691 )
3692 {
3693 CK_RV error = CKR_OK;
3694 NSSCKFWSession *fwSession;
3695 NSSCKFWObject *fwObject;
3696 NSSCKFWSlot *fwSlot;
3697 NSSCKFWToken *fwToken;
3698 NSSCKFWMechanism *fwMechanism;
3699
3700 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3701 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3702 goto loser;
3703 }
3704
3705 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3706 if( (NSSCKFWSession *)NULL == fwSession ) {
3707 error = CKR_SESSION_HANDLE_INVALID;
3708 goto loser;
3709 }
3710
3711 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3712 if( (NSSCKFWObject *)NULL == fwObject ) {
3713 error = CKR_KEY_HANDLE_INVALID;
3714 goto loser;
3715 }
3716
3717 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3718 if( (NSSCKFWSlot *)NULL == fwSlot ) {
3719 error = CKR_GENERAL_ERROR; /* should never happen! */
3720 goto loser;
3721 }
3722
3723 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3724 error = CKR_TOKEN_NOT_PRESENT;
3725 goto loser;
3726 }
3727
3728 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3729 if( (NSSCKFWToken *)NULL == fwToken ) {
3730 goto loser;
3731 }
3732
3733 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3734 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
3735 goto loser;
3736 }
3737
3738 error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
3739 fwObject);
3740
3741 nssCKFWMechanism_Destroy(fwMechanism);
3742
3743 if (CKR_OK == error) {
3744 return CKR_OK;
3745 }
3746
3747 loser:
3748 /* verify error */
3749 switch( error ) {
3750 case CKR_ARGUMENTS_BAD:
3751 case CKR_CRYPTOKI_NOT_INITIALIZED:
3752 case CKR_DEVICE_ERROR:
3753 case CKR_DEVICE_MEMORY:
3754 case CKR_DEVICE_REMOVED:
3755 case CKR_FUNCTION_CANCELED:
3756 case CKR_FUNCTION_FAILED:
3757 case CKR_GENERAL_ERROR:
3758 case CKR_HOST_MEMORY:
3759 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3760 case CKR_KEY_HANDLE_INVALID:
3761 case CKR_KEY_SIZE_RANGE:
3762 case CKR_KEY_TYPE_INCONSISTENT:
3763 case CKR_MECHANISM_INVALID:
3764 case CKR_MECHANISM_PARAM_INVALID:
3765 case CKR_OPERATION_ACTIVE:
3766 case CKR_PIN_EXPIRED:
3767 case CKR_SESSION_CLOSED:
3768 case CKR_SESSION_HANDLE_INVALID:
3769 case CKR_USER_NOT_LOGGED_IN:
3770 break;
3771 default:
3772 case CKR_OK:
3773 error = CKR_GENERAL_ERROR;
3774 break;
3775 }
3776 return error;
3777 }
3778
3779 /*
3780 * NSSCKFWC_Sign
3781 *
3782 */
3783 NSS_IMPLEMENT CK_RV
3784 NSSCKFWC_Sign
3785 (
3786 NSSCKFWInstance *fwInstance,
3787 CK_SESSION_HANDLE hSession,
3788 CK_BYTE_PTR pData,
3789 CK_ULONG ulDataLen,
3790 CK_BYTE_PTR pSignature,
3791 CK_ULONG_PTR pulSignatureLen
3792 )
3793 {
3794 CK_RV error = CKR_OK;
3795 NSSCKFWSession *fwSession;
3796
3797 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3798 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3799 goto loser;
3800 }
3801
3802 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3803 if( (NSSCKFWSession *)NULL == fwSession ) {
3804 error = CKR_SESSION_HANDLE_INVALID;
3805 goto loser;
3806 }
3807
3808 error = nssCKFWSession_UpdateFinal(fwSession,
3809 NSSCKFWCryptoOperationType_Sign,
3810 NSSCKFWCryptoOperationState_SignVerify,
3811 pData, ulDataLen, pSignature, pulSignatureLen);
3812
3813 if (CKR_OK == error) {
3814 return CKR_OK;
3815 }
3816
3817 loser:
3818 /* verify error */
3819 switch( error ) {
3820 case CKR_ARGUMENTS_BAD:
3821 case CKR_BUFFER_TOO_SMALL:
3822 case CKR_CRYPTOKI_NOT_INITIALIZED:
3823 case CKR_DATA_INVALID:
3824 case CKR_DATA_LEN_RANGE:
3825 case CKR_DEVICE_ERROR:
3826 case CKR_DEVICE_MEMORY:
3827 case CKR_DEVICE_REMOVED:
3828 case CKR_FUNCTION_CANCELED:
3829 case CKR_FUNCTION_FAILED:
3830 case CKR_GENERAL_ERROR:
3831 case CKR_HOST_MEMORY:
3832 case CKR_OPERATION_NOT_INITIALIZED:
3833 case CKR_SESSION_CLOSED:
3834 case CKR_SESSION_HANDLE_INVALID:
3835 case CKR_USER_NOT_LOGGED_IN:
3836 case CKR_FUNCTION_REJECTED:
3837 break;
3838 default:
3839 case CKR_OK:
3840 error = CKR_GENERAL_ERROR;
3841 break;
3842 }
3843 return error;
3844 }
3845
3846 /*
3847 * NSSCKFWC_SignUpdate
3848 *
3849 */
3850 NSS_IMPLEMENT CK_RV
3851 NSSCKFWC_SignUpdate
3852 (
3853 NSSCKFWInstance *fwInstance,
3854 CK_SESSION_HANDLE hSession,
3855 CK_BYTE_PTR pPart,
3856 CK_ULONG ulPartLen
3857 )
3858 {
3859 CK_RV error = CKR_OK;
3860 NSSCKFWSession *fwSession;
3861
3862 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3863 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3864 goto loser;
3865 }
3866
3867 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3868 if( (NSSCKFWSession *)NULL == fwSession ) {
3869 error = CKR_SESSION_HANDLE_INVALID;
3870 goto loser;
3871 }
3872
3873 error = nssCKFWSession_DigestUpdate(fwSession,
3874 NSSCKFWCryptoOperationType_Sign,
3875 NSSCKFWCryptoOperationState_SignVerify,
3876 pPart, ulPartLen);
3877
3878 if (CKR_OK == error) {
3879 return CKR_OK;
3880 }
3881
3882 loser:
3883 /* verify error */
3884 switch( error ) {
3885 case CKR_ARGUMENTS_BAD:
3886 case CKR_CRYPTOKI_NOT_INITIALIZED:
3887 case CKR_DATA_LEN_RANGE:
3888 case CKR_DEVICE_ERROR:
3889 case CKR_DEVICE_MEMORY:
3890 case CKR_DEVICE_REMOVED:
3891 case CKR_FUNCTION_CANCELED:
3892 case CKR_FUNCTION_FAILED:
3893 case CKR_GENERAL_ERROR:
3894 case CKR_HOST_MEMORY:
3895 case CKR_OPERATION_NOT_INITIALIZED:
3896 case CKR_SESSION_CLOSED:
3897 case CKR_SESSION_HANDLE_INVALID:
3898 case CKR_USER_NOT_LOGGED_IN:
3899 break;
3900 default:
3901 case CKR_OK:
3902 error = CKR_GENERAL_ERROR;
3903 break;
3904 }
3905 return error;
3906 }
3907
3908 /*
3909 * NSSCKFWC_SignFinal
3910 *
3911 */
3912 NSS_IMPLEMENT CK_RV
3913 NSSCKFWC_SignFinal
3914 (
3915 NSSCKFWInstance *fwInstance,
3916 CK_SESSION_HANDLE hSession,
3917 CK_BYTE_PTR pSignature,
3918 CK_ULONG_PTR pulSignatureLen
3919 )
3920 {
3921 CK_RV error = CKR_OK;
3922 NSSCKFWSession *fwSession;
3923
3924 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3925 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3926 goto loser;
3927 }
3928
3929 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3930 if( (NSSCKFWSession *)NULL == fwSession ) {
3931 error = CKR_SESSION_HANDLE_INVALID;
3932 goto loser;
3933 }
3934
3935 error = nssCKFWSession_Final(fwSession,
3936 NSSCKFWCryptoOperationType_Sign,
3937 NSSCKFWCryptoOperationState_SignVerify,
3938 pSignature, pulSignatureLen);
3939
3940 if (CKR_OK == error) {
3941 return CKR_OK;
3942 }
3943
3944 loser:
3945 /* verify error */
3946 switch( error ) {
3947 case CKR_ARGUMENTS_BAD:
3948 case CKR_BUFFER_TOO_SMALL:
3949 case CKR_CRYPTOKI_NOT_INITIALIZED:
3950 case CKR_DATA_LEN_RANGE:
3951 case CKR_DEVICE_ERROR:
3952 case CKR_DEVICE_MEMORY:
3953 case CKR_DEVICE_REMOVED:
3954 case CKR_FUNCTION_CANCELED:
3955 case CKR_FUNCTION_FAILED:
3956 case CKR_GENERAL_ERROR:
3957 case CKR_HOST_MEMORY:
3958 case CKR_OPERATION_NOT_INITIALIZED:
3959 case CKR_SESSION_CLOSED:
3960 case CKR_SESSION_HANDLE_INVALID:
3961 case CKR_USER_NOT_LOGGED_IN:
3962 case CKR_FUNCTION_REJECTED:
3963 break;
3964 default:
3965 case CKR_OK:
3966 error = CKR_GENERAL_ERROR;
3967 break;
3968 }
3969 return error;
3970 }
3971
3972 /*
3973 * NSSCKFWC_SignRecoverInit
3974 *
3975 */
3976 NSS_IMPLEMENT CK_RV
3977 NSSCKFWC_SignRecoverInit
3978 (
3979 NSSCKFWInstance *fwInstance,
3980 CK_SESSION_HANDLE hSession,
3981 CK_MECHANISM_PTR pMechanism,
3982 CK_OBJECT_HANDLE hKey
3983 )
3984 {
3985 CK_RV error = CKR_OK;
3986 NSSCKFWSession *fwSession;
3987 NSSCKFWObject *fwObject;
3988 NSSCKFWSlot *fwSlot;
3989 NSSCKFWToken *fwToken;
3990 NSSCKFWMechanism *fwMechanism;
3991
3992 if( (NSSCKFWInstance *)NULL == fwInstance ) {
3993 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3994 goto loser;
3995 }
3996
3997 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3998 if( (NSSCKFWSession *)NULL == fwSession ) {
3999 error = CKR_SESSION_HANDLE_INVALID;
4000 goto loser;
4001 }
4002
4003 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4004 if( (NSSCKFWObject *)NULL == fwObject ) {
4005 error = CKR_KEY_HANDLE_INVALID;
4006 goto loser;
4007 }
4008
4009 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4010 if( (NSSCKFWSlot *)NULL == fwSlot ) {
4011 error = CKR_GENERAL_ERROR; /* should never happen! */
4012 goto loser;
4013 }
4014
4015 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4016 error = CKR_TOKEN_NOT_PRESENT;
4017 goto loser;
4018 }
4019
4020 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4021 if( (NSSCKFWToken *)NULL == fwToken ) {
4022 goto loser;
4023 }
4024
4025 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4026 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
4027 goto loser;
4028 }
4029
4030 error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
4031 fwObject);
4032
4033 nssCKFWMechanism_Destroy(fwMechanism);
4034
4035 if (CKR_OK == error) {
4036 return CKR_OK;
4037 }
4038
4039 loser:
4040 /* verify error */
4041 switch( error ) {
4042 case CKR_ARGUMENTS_BAD:
4043 case CKR_CRYPTOKI_NOT_INITIALIZED:
4044 case CKR_DEVICE_ERROR:
4045 case CKR_DEVICE_MEMORY:
4046 case CKR_DEVICE_REMOVED:
4047 case CKR_FUNCTION_CANCELED:
4048 case CKR_FUNCTION_FAILED:
4049 case CKR_GENERAL_ERROR:
4050 case CKR_HOST_MEMORY:
4051 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4052 case CKR_KEY_HANDLE_INVALID:
4053 case CKR_KEY_SIZE_RANGE:
4054 case CKR_KEY_TYPE_INCONSISTENT:
4055 case CKR_MECHANISM_INVALID:
4056 case CKR_MECHANISM_PARAM_INVALID:
4057 case CKR_OPERATION_ACTIVE:
4058 case CKR_PIN_EXPIRED:
4059 case CKR_SESSION_CLOSED:
4060 case CKR_SESSION_HANDLE_INVALID:
4061 case CKR_USER_NOT_LOGGED_IN:
4062 break;
4063 default:
4064 case CKR_OK:
4065 error = CKR_GENERAL_ERROR;
4066 break;
4067 }
4068 return error;
4069 }
4070
4071 /*
4072 * NSSCKFWC_SignRecover
4073 *
4074 */
4075 NSS_IMPLEMENT CK_RV
4076 NSSCKFWC_SignRecover
4077 (
4078 NSSCKFWInstance *fwInstance,
4079 CK_SESSION_HANDLE hSession,
4080 CK_BYTE_PTR pData,
4081 CK_ULONG ulDataLen,
4082 CK_BYTE_PTR pSignature,
4083 CK_ULONG_PTR pulSignatureLen
4084 )
4085 {
4086 CK_RV error = CKR_OK;
4087 NSSCKFWSession *fwSession;
4088
4089 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4090 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4091 goto loser;
4092 }
4093
4094 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4095 if( (NSSCKFWSession *)NULL == fwSession ) {
4096 error = CKR_SESSION_HANDLE_INVALID;
4097 goto loser;
4098 }
4099
4100 error = nssCKFWSession_UpdateFinal(fwSession,
4101 NSSCKFWCryptoOperationType_SignRecover,
4102 NSSCKFWCryptoOperationState_SignVerify,
4103 pData, ulDataLen, pSignature, pulSignatureLen);
4104
4105 if (CKR_OK == error) {
4106 return CKR_OK;
4107 }
4108
4109 loser:
4110 /* verify error */
4111 switch( error ) {
4112 case CKR_ARGUMENTS_BAD:
4113 case CKR_BUFFER_TOO_SMALL:
4114 case CKR_CRYPTOKI_NOT_INITIALIZED:
4115 case CKR_DATA_INVALID:
4116 case CKR_DATA_LEN_RANGE:
4117 case CKR_DEVICE_ERROR:
4118 case CKR_DEVICE_MEMORY:
4119 case CKR_DEVICE_REMOVED:
4120 case CKR_FUNCTION_CANCELED:
4121 case CKR_FUNCTION_FAILED:
4122 case CKR_GENERAL_ERROR:
4123 case CKR_HOST_MEMORY:
4124 case CKR_OPERATION_NOT_INITIALIZED:
4125 case CKR_SESSION_CLOSED:
4126 case CKR_SESSION_HANDLE_INVALID:
4127 case CKR_USER_NOT_LOGGED_IN:
4128 break;
4129 default:
4130 case CKR_OK:
4131 error = CKR_GENERAL_ERROR;
4132 break;
4133 }
4134 return error;
4135 }
4136
4137 /*
4138 * NSSCKFWC_VerifyInit
4139 *
4140 */
4141 NSS_IMPLEMENT CK_RV
4142 NSSCKFWC_VerifyInit
4143 (
4144 NSSCKFWInstance *fwInstance,
4145 CK_SESSION_HANDLE hSession,
4146 CK_MECHANISM_PTR pMechanism,
4147 CK_OBJECT_HANDLE hKey
4148 )
4149 {
4150 CK_RV error = CKR_OK;
4151 NSSCKFWSession *fwSession;
4152 NSSCKFWObject *fwObject;
4153 NSSCKFWSlot *fwSlot;
4154 NSSCKFWToken *fwToken;
4155 NSSCKFWMechanism *fwMechanism;
4156
4157 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4158 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4159 goto loser;
4160 }
4161
4162 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4163 if( (NSSCKFWSession *)NULL == fwSession ) {
4164 error = CKR_SESSION_HANDLE_INVALID;
4165 goto loser;
4166 }
4167
4168 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4169 if( (NSSCKFWObject *)NULL == fwObject ) {
4170 error = CKR_KEY_HANDLE_INVALID;
4171 goto loser;
4172 }
4173
4174 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4175 if( (NSSCKFWSlot *)NULL == fwSlot ) {
4176 error = CKR_GENERAL_ERROR; /* should never happen! */
4177 goto loser;
4178 }
4179
4180 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4181 error = CKR_TOKEN_NOT_PRESENT;
4182 goto loser;
4183 }
4184
4185 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4186 if( (NSSCKFWToken *)NULL == fwToken ) {
4187 goto loser;
4188 }
4189
4190 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4191 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
4192 goto loser;
4193 }
4194
4195 error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
4196 fwObject);
4197
4198 nssCKFWMechanism_Destroy(fwMechanism);
4199
4200 if (CKR_OK == error) {
4201 return CKR_OK;
4202 }
4203
4204 loser:
4205 /* verify error */
4206 switch( error ) {
4207 case CKR_ARGUMENTS_BAD:
4208 case CKR_CRYPTOKI_NOT_INITIALIZED:
4209 case CKR_DEVICE_ERROR:
4210 case CKR_DEVICE_MEMORY:
4211 case CKR_DEVICE_REMOVED:
4212 case CKR_FUNCTION_CANCELED:
4213 case CKR_FUNCTION_FAILED:
4214 case CKR_GENERAL_ERROR:
4215 case CKR_HOST_MEMORY:
4216 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4217 case CKR_KEY_HANDLE_INVALID:
4218 case CKR_KEY_SIZE_RANGE:
4219 case CKR_KEY_TYPE_INCONSISTENT:
4220 case CKR_MECHANISM_INVALID:
4221 case CKR_MECHANISM_PARAM_INVALID:
4222 case CKR_OPERATION_ACTIVE:
4223 case CKR_PIN_EXPIRED:
4224 case CKR_SESSION_CLOSED:
4225 case CKR_SESSION_HANDLE_INVALID:
4226 case CKR_USER_NOT_LOGGED_IN:
4227 break;
4228 default:
4229 case CKR_OK:
4230 error = CKR_GENERAL_ERROR;
4231 break;
4232 }
4233 return error;
4234 }
4235
4236 /*
4237 * NSSCKFWC_Verify
4238 *
4239 */
4240 NSS_IMPLEMENT CK_RV
4241 NSSCKFWC_Verify
4242 (
4243 NSSCKFWInstance *fwInstance,
4244 CK_SESSION_HANDLE hSession,
4245 CK_BYTE_PTR pData,
4246 CK_ULONG ulDataLen,
4247 CK_BYTE_PTR pSignature,
4248 CK_ULONG ulSignatureLen
4249 )
4250 {
4251 CK_RV error = CKR_OK;
4252 NSSCKFWSession *fwSession;
4253
4254 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4255 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4256 goto loser;
4257 }
4258
4259 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4260 if( (NSSCKFWSession *)NULL == fwSession ) {
4261 error = CKR_SESSION_HANDLE_INVALID;
4262 goto loser;
4263 }
4264
4265 error = nssCKFWSession_UpdateFinal(fwSession,
4266 NSSCKFWCryptoOperationType_Verify,
4267 NSSCKFWCryptoOperationState_SignVerify,
4268 pData, ulDataLen, pSignature, &ulSignatureLen);
4269
4270 if (CKR_OK == error) {
4271 return CKR_OK;
4272 }
4273
4274 loser:
4275 /* verify error */
4276 switch( error ) {
4277 case CKR_ARGUMENTS_BAD:
4278 case CKR_CRYPTOKI_NOT_INITIALIZED:
4279 case CKR_DATA_INVALID:
4280 case CKR_DATA_LEN_RANGE:
4281 case CKR_DEVICE_ERROR:
4282 case CKR_DEVICE_MEMORY:
4283 case CKR_DEVICE_REMOVED:
4284 case CKR_FUNCTION_CANCELED:
4285 case CKR_FUNCTION_FAILED:
4286 case CKR_GENERAL_ERROR:
4287 case CKR_HOST_MEMORY:
4288 case CKR_OPERATION_NOT_INITIALIZED:
4289 case CKR_SESSION_CLOSED:
4290 case CKR_SESSION_HANDLE_INVALID:
4291 case CKR_SIGNATURE_INVALID:
4292 case CKR_SIGNATURE_LEN_RANGE:
4293 break;
4294 default:
4295 case CKR_OK:
4296 error = CKR_GENERAL_ERROR;
4297 break;
4298 }
4299 return error;
4300 }
4301
4302 /*
4303 * NSSCKFWC_VerifyUpdate
4304 *
4305 */
4306 NSS_IMPLEMENT CK_RV
4307 NSSCKFWC_VerifyUpdate
4308 (
4309 NSSCKFWInstance *fwInstance,
4310 CK_SESSION_HANDLE hSession,
4311 CK_BYTE_PTR pPart,
4312 CK_ULONG ulPartLen
4313 )
4314 {
4315 CK_RV error = CKR_OK;
4316 NSSCKFWSession *fwSession;
4317
4318 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4319 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4320 goto loser;
4321 }
4322
4323 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4324 if( (NSSCKFWSession *)NULL == fwSession ) {
4325 error = CKR_SESSION_HANDLE_INVALID;
4326 goto loser;
4327 }
4328
4329 error = nssCKFWSession_DigestUpdate(fwSession,
4330 NSSCKFWCryptoOperationType_Verify,
4331 NSSCKFWCryptoOperationState_SignVerify,
4332 pPart, ulPartLen);
4333
4334 if (CKR_OK == error) {
4335 return CKR_OK;
4336 }
4337
4338 loser:
4339 /* verify error */
4340 switch( error ) {
4341 case CKR_ARGUMENTS_BAD:
4342 case CKR_CRYPTOKI_NOT_INITIALIZED:
4343 case CKR_DATA_LEN_RANGE:
4344 case CKR_DEVICE_ERROR:
4345 case CKR_DEVICE_MEMORY:
4346 case CKR_DEVICE_REMOVED:
4347 case CKR_FUNCTION_CANCELED:
4348 case CKR_FUNCTION_FAILED:
4349 case CKR_GENERAL_ERROR:
4350 case CKR_HOST_MEMORY:
4351 case CKR_OPERATION_NOT_INITIALIZED:
4352 case CKR_SESSION_CLOSED:
4353 case CKR_SESSION_HANDLE_INVALID:
4354 break;
4355 default:
4356 case CKR_OK:
4357 error = CKR_GENERAL_ERROR;
4358 break;
4359 }
4360 return error;
4361 }
4362
4363 /*
4364 * NSSCKFWC_VerifyFinal
4365 *
4366 */
4367 NSS_IMPLEMENT CK_RV
4368 NSSCKFWC_VerifyFinal
4369 (
4370 NSSCKFWInstance *fwInstance,
4371 CK_SESSION_HANDLE hSession,
4372 CK_BYTE_PTR pSignature,
4373 CK_ULONG ulSignatureLen
4374 )
4375 {
4376 CK_RV error = CKR_OK;
4377 NSSCKFWSession *fwSession;
4378
4379 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4380 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4381 goto loser;
4382 }
4383
4384 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4385 if( (NSSCKFWSession *)NULL == fwSession ) {
4386 error = CKR_SESSION_HANDLE_INVALID;
4387 goto loser;
4388 }
4389
4390 error = nssCKFWSession_Final(fwSession,
4391 NSSCKFWCryptoOperationType_Verify,
4392 NSSCKFWCryptoOperationState_SignVerify,
4393 pSignature, &ulSignatureLen);
4394
4395 if (CKR_OK == error) {
4396 return CKR_OK;
4397 }
4398
4399 loser:
4400 /* verify error */
4401 switch( error ) {
4402 case CKR_ARGUMENTS_BAD:
4403 case CKR_CRYPTOKI_NOT_INITIALIZED:
4404 case CKR_DATA_LEN_RANGE:
4405 case CKR_DEVICE_ERROR:
4406 case CKR_DEVICE_MEMORY:
4407 case CKR_DEVICE_REMOVED:
4408 case CKR_FUNCTION_CANCELED:
4409 case CKR_FUNCTION_FAILED:
4410 case CKR_GENERAL_ERROR:
4411 case CKR_HOST_MEMORY:
4412 case CKR_OPERATION_NOT_INITIALIZED:
4413 case CKR_SESSION_CLOSED:
4414 case CKR_SESSION_HANDLE_INVALID:
4415 case CKR_SIGNATURE_INVALID:
4416 case CKR_SIGNATURE_LEN_RANGE:
4417 break;
4418 default:
4419 case CKR_OK:
4420 error = CKR_GENERAL_ERROR;
4421 break;
4422 }
4423 return error;
4424 }
4425
4426 /*
4427 * NSSCKFWC_VerifyRecoverInit
4428 *
4429 */
4430 NSS_IMPLEMENT CK_RV
4431 NSSCKFWC_VerifyRecoverInit
4432 (
4433 NSSCKFWInstance *fwInstance,
4434 CK_SESSION_HANDLE hSession,
4435 CK_MECHANISM_PTR pMechanism,
4436 CK_OBJECT_HANDLE hKey
4437 )
4438 {
4439 CK_RV error = CKR_OK;
4440 NSSCKFWSession *fwSession;
4441 NSSCKFWObject *fwObject;
4442 NSSCKFWSlot *fwSlot;
4443 NSSCKFWToken *fwToken;
4444 NSSCKFWMechanism *fwMechanism;
4445
4446 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4447 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4448 goto loser;
4449 }
4450
4451 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4452 if( (NSSCKFWSession *)NULL == fwSession ) {
4453 error = CKR_SESSION_HANDLE_INVALID;
4454 goto loser;
4455 }
4456
4457 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4458 if( (NSSCKFWObject *)NULL == fwObject ) {
4459 error = CKR_KEY_HANDLE_INVALID;
4460 goto loser;
4461 }
4462
4463 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4464 if( (NSSCKFWSlot *)NULL == fwSlot ) {
4465 error = CKR_GENERAL_ERROR; /* should never happen! */
4466 goto loser;
4467 }
4468
4469 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4470 error = CKR_TOKEN_NOT_PRESENT;
4471 goto loser;
4472 }
4473
4474 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4475 if( (NSSCKFWToken *)NULL == fwToken ) {
4476 goto loser;
4477 }
4478
4479 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4480 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
4481 goto loser;
4482 }
4483
4484 error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
4485 fwSession, fwObject);
4486
4487 nssCKFWMechanism_Destroy(fwMechanism);
4488
4489 if (CKR_OK == error) {
4490 return CKR_OK;
4491 }
4492
4493 loser:
4494 /* verify error */
4495 switch( error ) {
4496 case CKR_ARGUMENTS_BAD:
4497 case CKR_CRYPTOKI_NOT_INITIALIZED:
4498 case CKR_DEVICE_ERROR:
4499 case CKR_DEVICE_MEMORY:
4500 case CKR_DEVICE_REMOVED:
4501 case CKR_FUNCTION_CANCELED:
4502 case CKR_FUNCTION_FAILED:
4503 case CKR_GENERAL_ERROR:
4504 case CKR_HOST_MEMORY:
4505 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4506 case CKR_KEY_HANDLE_INVALID:
4507 case CKR_KEY_SIZE_RANGE:
4508 case CKR_KEY_TYPE_INCONSISTENT:
4509 case CKR_MECHANISM_INVALID:
4510 case CKR_MECHANISM_PARAM_INVALID:
4511 case CKR_OPERATION_ACTIVE:
4512 case CKR_PIN_EXPIRED:
4513 case CKR_SESSION_HANDLE_INVALID:
4514 case CKR_SESSION_CLOSED:
4515 case CKR_USER_NOT_LOGGED_IN:
4516 break;
4517 default:
4518 case CKR_OK:
4519 error = CKR_GENERAL_ERROR;
4520 break;
4521 }
4522 return error;
4523 }
4524
4525 /*
4526 * NSSCKFWC_VerifyRecover
4527 *
4528 */
4529 NSS_IMPLEMENT CK_RV
4530 NSSCKFWC_VerifyRecover
4531 (
4532 NSSCKFWInstance *fwInstance,
4533 CK_SESSION_HANDLE hSession,
4534 CK_BYTE_PTR pSignature,
4535 CK_ULONG ulSignatureLen,
4536 CK_BYTE_PTR pData,
4537 CK_ULONG_PTR pulDataLen
4538 )
4539 {
4540 CK_RV error = CKR_OK;
4541 NSSCKFWSession *fwSession;
4542
4543 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4544 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4545 goto loser;
4546 }
4547
4548 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4549 if( (NSSCKFWSession *)NULL == fwSession ) {
4550 error = CKR_SESSION_HANDLE_INVALID;
4551 goto loser;
4552 }
4553
4554 error = nssCKFWSession_UpdateFinal(fwSession,
4555 NSSCKFWCryptoOperationType_VerifyRecover,
4556 NSSCKFWCryptoOperationState_SignVerify,
4557 pSignature, ulSignatureLen, pData, pulDataLen);
4558 if (CKR_OK == error) {
4559 return CKR_OK;
4560 }
4561 loser:
4562 /* verify error */
4563 switch( error ) {
4564 case CKR_ARGUMENTS_BAD:
4565 case CKR_BUFFER_TOO_SMALL:
4566 case CKR_CRYPTOKI_NOT_INITIALIZED:
4567 case CKR_DATA_INVALID:
4568 case CKR_DATA_LEN_RANGE:
4569 case CKR_DEVICE_ERROR:
4570 case CKR_DEVICE_MEMORY:
4571 case CKR_DEVICE_REMOVED:
4572 case CKR_FUNCTION_CANCELED:
4573 case CKR_FUNCTION_FAILED:
4574 case CKR_GENERAL_ERROR:
4575 case CKR_HOST_MEMORY:
4576 case CKR_OPERATION_NOT_INITIALIZED:
4577 case CKR_SESSION_CLOSED:
4578 case CKR_SESSION_HANDLE_INVALID:
4579 case CKR_SIGNATURE_INVALID:
4580 case CKR_SIGNATURE_LEN_RANGE:
4581 break;
4582 default:
4583 case CKR_OK:
4584 error = CKR_GENERAL_ERROR;
4585 break;
4586 }
4587 return error;
4588 }
4589
4590 /*
4591 * NSSCKFWC_DigestEncryptUpdate
4592 *
4593 */
4594 NSS_IMPLEMENT CK_RV
4595 NSSCKFWC_DigestEncryptUpdate
4596 (
4597 NSSCKFWInstance *fwInstance,
4598 CK_SESSION_HANDLE hSession,
4599 CK_BYTE_PTR pPart,
4600 CK_ULONG ulPartLen,
4601 CK_BYTE_PTR pEncryptedPart,
4602 CK_ULONG_PTR pulEncryptedPartLen
4603 )
4604 {
4605 CK_RV error = CKR_OK;
4606 NSSCKFWSession *fwSession;
4607
4608 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4609 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4610 goto loser;
4611 }
4612
4613 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4614 if( (NSSCKFWSession *)NULL == fwSession ) {
4615 error = CKR_SESSION_HANDLE_INVALID;
4616 goto loser;
4617 }
4618
4619 error = nssCKFWSession_UpdateCombo(fwSession,
4620 NSSCKFWCryptoOperationType_Encrypt,
4621 NSSCKFWCryptoOperationType_Digest,
4622 NSSCKFWCryptoOperationState_Digest,
4623 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4624
4625 if (CKR_OK == error) {
4626 return CKR_OK;
4627 }
4628
4629 loser:
4630 /* verify error */
4631 switch( error ) {
4632 case CKR_ARGUMENTS_BAD:
4633 case CKR_BUFFER_TOO_SMALL:
4634 case CKR_CRYPTOKI_NOT_INITIALIZED:
4635 case CKR_DATA_LEN_RANGE:
4636 case CKR_DEVICE_ERROR:
4637 case CKR_DEVICE_MEMORY:
4638 case CKR_DEVICE_REMOVED:
4639 case CKR_FUNCTION_CANCELED:
4640 case CKR_FUNCTION_FAILED:
4641 case CKR_GENERAL_ERROR:
4642 case CKR_HOST_MEMORY:
4643 case CKR_OPERATION_NOT_INITIALIZED:
4644 case CKR_SESSION_CLOSED:
4645 case CKR_SESSION_HANDLE_INVALID:
4646 break;
4647 default:
4648 case CKR_OK:
4649 error = CKR_GENERAL_ERROR;
4650 break;
4651 }
4652 return error;
4653 }
4654
4655 /*
4656 * NSSCKFWC_DecryptDigestUpdate
4657 *
4658 */
4659 NSS_IMPLEMENT CK_RV
4660 NSSCKFWC_DecryptDigestUpdate
4661 (
4662 NSSCKFWInstance *fwInstance,
4663 CK_SESSION_HANDLE hSession,
4664 CK_BYTE_PTR pEncryptedPart,
4665 CK_ULONG ulEncryptedPartLen,
4666 CK_BYTE_PTR pPart,
4667 CK_ULONG_PTR pulPartLen
4668 )
4669 {
4670 CK_RV error = CKR_OK;
4671 NSSCKFWSession *fwSession;
4672
4673 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4674 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4675 goto loser;
4676 }
4677
4678 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4679 if( (NSSCKFWSession *)NULL == fwSession ) {
4680 error = CKR_SESSION_HANDLE_INVALID;
4681 goto loser;
4682 }
4683
4684 error = nssCKFWSession_UpdateCombo(fwSession,
4685 NSSCKFWCryptoOperationType_Decrypt,
4686 NSSCKFWCryptoOperationType_Digest,
4687 NSSCKFWCryptoOperationState_Digest,
4688 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4689
4690 if (CKR_OK == error) {
4691 return CKR_OK;
4692 }
4693
4694 loser:
4695 /* verify error */
4696 switch( error ) {
4697 case CKR_ARGUMENTS_BAD:
4698 case CKR_BUFFER_TOO_SMALL:
4699 case CKR_CRYPTOKI_NOT_INITIALIZED:
4700 case CKR_DEVICE_ERROR:
4701 case CKR_DEVICE_MEMORY:
4702 case CKR_DEVICE_REMOVED:
4703 case CKR_ENCRYPTED_DATA_INVALID:
4704 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4705 case CKR_FUNCTION_CANCELED:
4706 case CKR_FUNCTION_FAILED:
4707 case CKR_GENERAL_ERROR:
4708 case CKR_HOST_MEMORY:
4709 case CKR_OPERATION_NOT_INITIALIZED:
4710 case CKR_SESSION_CLOSED:
4711 case CKR_SESSION_HANDLE_INVALID:
4712 break;
4713 case CKR_DATA_INVALID:
4714 error = CKR_ENCRYPTED_DATA_INVALID;
4715 break;
4716 case CKR_DATA_LEN_RANGE:
4717 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
4718 break;
4719 default:
4720 case CKR_OK:
4721 error = CKR_GENERAL_ERROR;
4722 break;
4723 }
4724 return error;
4725 }
4726
4727 /*
4728 * NSSCKFWC_SignEncryptUpdate
4729 *
4730 */
4731 NSS_IMPLEMENT CK_RV
4732 NSSCKFWC_SignEncryptUpdate
4733 (
4734 NSSCKFWInstance *fwInstance,
4735 CK_SESSION_HANDLE hSession,
4736 CK_BYTE_PTR pPart,
4737 CK_ULONG ulPartLen,
4738 CK_BYTE_PTR pEncryptedPart,
4739 CK_ULONG_PTR pulEncryptedPartLen
4740 )
4741 {
4742 CK_RV error = CKR_OK;
4743 NSSCKFWSession *fwSession;
4744
4745 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4746 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4747 goto loser;
4748 }
4749
4750 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4751 if( (NSSCKFWSession *)NULL == fwSession ) {
4752 error = CKR_SESSION_HANDLE_INVALID;
4753 goto loser;
4754 }
4755
4756 error = nssCKFWSession_UpdateCombo(fwSession,
4757 NSSCKFWCryptoOperationType_Encrypt,
4758 NSSCKFWCryptoOperationType_Sign,
4759 NSSCKFWCryptoOperationState_SignVerify,
4760 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4761
4762 if (CKR_OK == error) {
4763 return CKR_OK;
4764 }
4765
4766 loser:
4767 /* verify error */
4768 switch( error ) {
4769 case CKR_ARGUMENTS_BAD:
4770 case CKR_BUFFER_TOO_SMALL:
4771 case CKR_CRYPTOKI_NOT_INITIALIZED:
4772 case CKR_DATA_LEN_RANGE:
4773 case CKR_DEVICE_ERROR:
4774 case CKR_DEVICE_MEMORY:
4775 case CKR_DEVICE_REMOVED:
4776 case CKR_FUNCTION_CANCELED:
4777 case CKR_FUNCTION_FAILED:
4778 case CKR_GENERAL_ERROR:
4779 case CKR_HOST_MEMORY:
4780 case CKR_OPERATION_NOT_INITIALIZED:
4781 case CKR_SESSION_CLOSED:
4782 case CKR_SESSION_HANDLE_INVALID:
4783 case CKR_USER_NOT_LOGGED_IN:
4784 break;
4785 default:
4786 case CKR_OK:
4787 error = CKR_GENERAL_ERROR;
4788 break;
4789 }
4790 return error;
4791 }
4792
4793 /*
4794 * NSSCKFWC_DecryptVerifyUpdate
4795 *
4796 */
4797 NSS_IMPLEMENT CK_RV
4798 NSSCKFWC_DecryptVerifyUpdate
4799 (
4800 NSSCKFWInstance *fwInstance,
4801 CK_SESSION_HANDLE hSession,
4802 CK_BYTE_PTR pEncryptedPart,
4803 CK_ULONG ulEncryptedPartLen,
4804 CK_BYTE_PTR pPart,
4805 CK_ULONG_PTR pulPartLen
4806 )
4807 {
4808 CK_RV error = CKR_OK;
4809 NSSCKFWSession *fwSession;
4810
4811 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4812 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4813 goto loser;
4814 }
4815
4816 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4817 if( (NSSCKFWSession *)NULL == fwSession ) {
4818 error = CKR_SESSION_HANDLE_INVALID;
4819 goto loser;
4820 }
4821
4822 error = nssCKFWSession_UpdateCombo(fwSession,
4823 NSSCKFWCryptoOperationType_Decrypt,
4824 NSSCKFWCryptoOperationType_Verify,
4825 NSSCKFWCryptoOperationState_SignVerify,
4826 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4827
4828 if (CKR_OK == error) {
4829 return CKR_OK;
4830 }
4831
4832 loser:
4833 /* verify error */
4834 switch( error ) {
4835 case CKR_ARGUMENTS_BAD:
4836 case CKR_BUFFER_TOO_SMALL:
4837 case CKR_CRYPTOKI_NOT_INITIALIZED:
4838 case CKR_DATA_LEN_RANGE:
4839 case CKR_DEVICE_ERROR:
4840 case CKR_DEVICE_MEMORY:
4841 case CKR_DEVICE_REMOVED:
4842 case CKR_ENCRYPTED_DATA_INVALID:
4843 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4844 case CKR_FUNCTION_CANCELED:
4845 case CKR_FUNCTION_FAILED:
4846 case CKR_GENERAL_ERROR:
4847 case CKR_HOST_MEMORY:
4848 case CKR_OPERATION_NOT_INITIALIZED:
4849 case CKR_SESSION_CLOSED:
4850 case CKR_SESSION_HANDLE_INVALID:
4851 break;
4852 case CKR_DATA_INVALID:
4853 error = CKR_ENCRYPTED_DATA_INVALID;
4854 break;
4855 default:
4856 case CKR_OK:
4857 error = CKR_GENERAL_ERROR;
4858 break;
4859 }
4860 return error;
4861 }
4862
4863 /*
4864 * NSSCKFWC_GenerateKey
4865 *
4866 */
4867 NSS_IMPLEMENT CK_RV
4868 NSSCKFWC_GenerateKey
4869 (
4870 NSSCKFWInstance *fwInstance,
4871 CK_SESSION_HANDLE hSession,
4872 CK_MECHANISM_PTR pMechanism,
4873 CK_ATTRIBUTE_PTR pTemplate,
4874 CK_ULONG ulCount,
4875 CK_OBJECT_HANDLE_PTR phKey
4876 )
4877 {
4878 CK_RV error = CKR_OK;
4879 NSSCKFWSession *fwSession;
4880 NSSCKFWObject *fwObject;
4881 NSSCKFWSlot *fwSlot;
4882 NSSCKFWToken *fwToken;
4883 NSSCKFWMechanism *fwMechanism;
4884
4885 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4886 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4887 goto loser;
4888 }
4889
4890 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4891 if( (NSSCKFWSession *)NULL == fwSession ) {
4892 error = CKR_SESSION_HANDLE_INVALID;
4893 goto loser;
4894 }
4895
4896 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4897 if( (NSSCKFWSlot *)NULL == fwSlot ) {
4898 error = CKR_GENERAL_ERROR; /* should never happen! */
4899 goto loser;
4900 }
4901
4902 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4903 error = CKR_TOKEN_NOT_PRESENT;
4904 goto loser;
4905 }
4906
4907 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4908 if( (NSSCKFWToken *)NULL == fwToken ) {
4909 goto loser;
4910 }
4911
4912 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4913 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
4914 goto loser;
4915 }
4916
4917 fwObject = nssCKFWMechanism_GenerateKey(
4918 fwMechanism,
4919 pMechanism,
4920 fwSession,
4921 pTemplate,
4922 ulCount,
4923 &error);
4924
4925 nssCKFWMechanism_Destroy(fwMechanism);
4926 if ((NSSCKFWObject *)NULL == fwObject) {
4927 goto loser;
4928 }
4929 *phKey= nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
4930
4931 if (CKR_OK == error) {
4932 return CKR_OK;
4933 }
4934
4935 loser:
4936 /* verify error */
4937 switch( error ) {
4938 case CKR_ARGUMENTS_BAD:
4939 case CKR_ATTRIBUTE_READ_ONLY:
4940 case CKR_ATTRIBUTE_TYPE_INVALID:
4941 case CKR_ATTRIBUTE_VALUE_INVALID:
4942 case CKR_CRYPTOKI_NOT_INITIALIZED:
4943 case CKR_DEVICE_ERROR:
4944 case CKR_DEVICE_MEMORY:
4945 case CKR_DEVICE_REMOVED:
4946 case CKR_FUNCTION_CANCELED:
4947 case CKR_FUNCTION_FAILED:
4948 case CKR_GENERAL_ERROR:
4949 case CKR_HOST_MEMORY:
4950 case CKR_MECHANISM_INVALID:
4951 case CKR_MECHANISM_PARAM_INVALID:
4952 case CKR_OPERATION_ACTIVE:
4953 case CKR_PIN_EXPIRED:
4954 case CKR_SESSION_CLOSED:
4955 case CKR_SESSION_HANDLE_INVALID:
4956 case CKR_SESSION_READ_ONLY:
4957 case CKR_TEMPLATE_INCOMPLETE:
4958 case CKR_TEMPLATE_INCONSISTENT:
4959 case CKR_TOKEN_WRITE_PROTECTED:
4960 case CKR_USER_NOT_LOGGED_IN:
4961 break;
4962 default:
4963 case CKR_OK:
4964 error = CKR_GENERAL_ERROR;
4965 break;
4966 }
4967 return error;
4968 }
4969
4970 /*
4971 * NSSCKFWC_GenerateKeyPair
4972 *
4973 */
4974 NSS_IMPLEMENT CK_RV
4975 NSSCKFWC_GenerateKeyPair
4976 (
4977 NSSCKFWInstance *fwInstance,
4978 CK_SESSION_HANDLE hSession,
4979 CK_MECHANISM_PTR pMechanism,
4980 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
4981 CK_ULONG ulPublicKeyAttributeCount,
4982 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
4983 CK_ULONG ulPrivateKeyAttributeCount,
4984 CK_OBJECT_HANDLE_PTR phPublicKey,
4985 CK_OBJECT_HANDLE_PTR phPrivateKey
4986 )
4987 {
4988 CK_RV error = CKR_OK;
4989 NSSCKFWSession *fwSession;
4990 NSSCKFWObject *fwPrivateKeyObject;
4991 NSSCKFWObject *fwPublicKeyObject;
4992 NSSCKFWSlot *fwSlot;
4993 NSSCKFWToken *fwToken;
4994 NSSCKFWMechanism *fwMechanism;
4995
4996 if( (NSSCKFWInstance *)NULL == fwInstance ) {
4997 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4998 goto loser;
4999 }
5000
5001 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5002 if( (NSSCKFWSession *)NULL == fwSession ) {
5003 error = CKR_SESSION_HANDLE_INVALID;
5004 goto loser;
5005 }
5006
5007 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5008 if( (NSSCKFWSlot *)NULL == fwSlot ) {
5009 error = CKR_GENERAL_ERROR; /* should never happen! */
5010 goto loser;
5011 }
5012
5013 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5014 error = CKR_TOKEN_NOT_PRESENT;
5015 goto loser;
5016 }
5017
5018 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5019 if( (NSSCKFWToken *)NULL == fwToken ) {
5020 goto loser;
5021 }
5022
5023 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5024 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
5025 goto loser;
5026 }
5027
5028 error= nssCKFWMechanism_GenerateKeyPair(
5029 fwMechanism,
5030 pMechanism,
5031 fwSession,
5032 pPublicKeyTemplate,
5033 ulPublicKeyAttributeCount,
5034 pPublicKeyTemplate,
5035 ulPublicKeyAttributeCount,
5036 &fwPublicKeyObject,
5037 &fwPrivateKeyObject);
5038
5039 nssCKFWMechanism_Destroy(fwMechanism);
5040 if (CKR_OK != error) {
5041 goto loser;
5042 }
5043 *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5044 fwPublicKeyObject,
5045 &error);
5046 if (CKR_OK != error) {
5047 goto loser;
5048 }
5049 *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5050 fwPrivateKeyObject,
5051 &error);
5052 if (CKR_OK == error) {
5053 return CKR_OK;
5054 }
5055
5056 loser:
5057 /* verify error */
5058 switch( error ) {
5059 case CKR_ARGUMENTS_BAD:
5060 case CKR_ATTRIBUTE_READ_ONLY:
5061 case CKR_ATTRIBUTE_TYPE_INVALID:
5062 case CKR_ATTRIBUTE_VALUE_INVALID:
5063 case CKR_CRYPTOKI_NOT_INITIALIZED:
5064 case CKR_DEVICE_ERROR:
5065 case CKR_DEVICE_MEMORY:
5066 case CKR_DEVICE_REMOVED:
5067 case CKR_DOMAIN_PARAMS_INVALID:
5068 case CKR_FUNCTION_CANCELED:
5069 case CKR_FUNCTION_FAILED:
5070 case CKR_GENERAL_ERROR:
5071 case CKR_HOST_MEMORY:
5072 case CKR_MECHANISM_INVALID:
5073 case CKR_MECHANISM_PARAM_INVALID:
5074 case CKR_OPERATION_ACTIVE:
5075 case CKR_PIN_EXPIRED:
5076 case CKR_SESSION_CLOSED:
5077 case CKR_SESSION_HANDLE_INVALID:
5078 case CKR_SESSION_READ_ONLY:
5079 case CKR_TEMPLATE_INCOMPLETE:
5080 case CKR_TEMPLATE_INCONSISTENT:
5081 case CKR_TOKEN_WRITE_PROTECTED:
5082 case CKR_USER_NOT_LOGGED_IN:
5083 break;
5084 default:
5085 case CKR_OK:
5086 error = CKR_GENERAL_ERROR;
5087 break;
5088 }
5089 return error;
5090 }
5091
5092 /*
5093 * NSSCKFWC_WrapKey
5094 *
5095 */
5096 NSS_IMPLEMENT CK_RV
5097 NSSCKFWC_WrapKey
5098 (
5099 NSSCKFWInstance *fwInstance,
5100 CK_SESSION_HANDLE hSession,
5101 CK_MECHANISM_PTR pMechanism,
5102 CK_OBJECT_HANDLE hWrappingKey,
5103 CK_OBJECT_HANDLE hKey,
5104 CK_BYTE_PTR pWrappedKey,
5105 CK_ULONG_PTR pulWrappedKeyLen
5106 )
5107 {
5108 CK_RV error = CKR_OK;
5109 NSSCKFWSession *fwSession;
5110 NSSCKFWObject *fwKeyObject;
5111 NSSCKFWObject *fwWrappingKeyObject;
5112 NSSCKFWSlot *fwSlot;
5113 NSSCKFWToken *fwToken;
5114 NSSCKFWMechanism *fwMechanism;
5115 NSSItem wrappedKey;
5116 CK_ULONG wrappedKeyLength = 0;
5117
5118 if( (NSSCKFWInstance *)NULL == fwInstance ) {
5119 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5120 goto loser;
5121 }
5122
5123 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5124 if( (NSSCKFWSession *)NULL == fwSession ) {
5125 error = CKR_SESSION_HANDLE_INVALID;
5126 goto loser;
5127 }
5128
5129 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5130 hWrappingKey);
5131 if( (NSSCKFWObject *)NULL == fwWrappingKeyObject ) {
5132 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5133 goto loser;
5134 }
5135
5136 fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
5137 if( (NSSCKFWObject *)NULL == fwKeyObject ) {
5138 error = CKR_KEY_HANDLE_INVALID;
5139 goto loser;
5140 }
5141
5142 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5143 if( (NSSCKFWSlot *)NULL == fwSlot ) {
5144 error = CKR_GENERAL_ERROR; /* should never happen! */
5145 goto loser;
5146 }
5147
5148 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5149 error = CKR_TOKEN_NOT_PRESENT;
5150 goto loser;
5151 }
5152
5153 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5154 if( (NSSCKFWToken *)NULL == fwToken ) {
5155 goto loser;
5156 }
5157
5158 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5159 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
5160 goto loser;
5161 }
5162
5163 /*
5164 * first get the length...
5165 */
5166 wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
5167 fwMechanism,
5168 pMechanism,
5169 fwSession,
5170 fwWrappingKeyObject,
5171 fwKeyObject,
5172 &error);
5173 if ((CK_ULONG) 0 == wrappedKeyLength) {
5174 nssCKFWMechanism_Destroy(fwMechanism);
5175 goto loser;
5176 }
5177 if ((CK_BYTE_PTR)NULL == pWrappedKey) {
5178 *pulWrappedKeyLen = wrappedKeyLength;
5179 nssCKFWMechanism_Destroy(fwMechanism);
5180 return CKR_OK;
5181 }
5182 if (wrappedKeyLength > *pulWrappedKeyLen) {
5183 *pulWrappedKeyLen = wrappedKeyLength;
5184 nssCKFWMechanism_Destroy(fwMechanism);
5185 error = CKR_BUFFER_TOO_SMALL;
5186 goto loser;
5187 }
5188
5189
5190 wrappedKey.data = pWrappedKey;
5191 wrappedKey.size = wrappedKeyLength;
5192
5193 error = nssCKFWMechanism_WrapKey(
5194 fwMechanism,
5195 pMechanism,
5196 fwSession,
5197 fwWrappingKeyObject,
5198 fwKeyObject,
5199 &wrappedKey);
5200
5201 nssCKFWMechanism_Destroy(fwMechanism);
5202 *pulWrappedKeyLen = wrappedKey.size;
5203
5204 if (CKR_OK == error) {
5205 return CKR_OK;
5206 }
5207
5208 loser:
5209 /* verify error */
5210 switch( error ) {
5211 case CKR_ARGUMENTS_BAD:
5212 case CKR_BUFFER_TOO_SMALL:
5213 case CKR_CRYPTOKI_NOT_INITIALIZED:
5214 case CKR_DEVICE_ERROR:
5215 case CKR_DEVICE_MEMORY:
5216 case CKR_DEVICE_REMOVED:
5217 case CKR_FUNCTION_CANCELED:
5218 case CKR_FUNCTION_FAILED:
5219 case CKR_GENERAL_ERROR:
5220 case CKR_HOST_MEMORY:
5221 case CKR_KEY_HANDLE_INVALID:
5222 case CKR_KEY_NOT_WRAPPABLE:
5223 case CKR_KEY_SIZE_RANGE:
5224 case CKR_KEY_UNEXTRACTABLE:
5225 case CKR_MECHANISM_INVALID:
5226 case CKR_MECHANISM_PARAM_INVALID:
5227 case CKR_OPERATION_ACTIVE:
5228 case CKR_PIN_EXPIRED:
5229 case CKR_SESSION_CLOSED:
5230 case CKR_SESSION_HANDLE_INVALID:
5231 case CKR_WRAPPING_KEY_HANDLE_INVALID:
5232 case CKR_WRAPPING_KEY_SIZE_RANGE:
5233 case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
5234 break;
5235 case CKR_KEY_TYPE_INCONSISTENT:
5236 error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
5237 break;
5238 default:
5239 case CKR_OK:
5240 error = CKR_GENERAL_ERROR;
5241 break;
5242 }
5243 return error;
5244 }
5245
5246 /*
5247 * NSSCKFWC_UnwrapKey
5248 *
5249 */
5250 NSS_IMPLEMENT CK_RV
5251 NSSCKFWC_UnwrapKey
5252 (
5253 NSSCKFWInstance *fwInstance,
5254 CK_SESSION_HANDLE hSession,
5255 CK_MECHANISM_PTR pMechanism,
5256 CK_OBJECT_HANDLE hUnwrappingKey,
5257 CK_BYTE_PTR pWrappedKey,
5258 CK_ULONG ulWrappedKeyLen,
5259 CK_ATTRIBUTE_PTR pTemplate,
5260 CK_ULONG ulAttributeCount,
5261 CK_OBJECT_HANDLE_PTR phKey
5262 )
5263 {
5264 CK_RV error = CKR_OK;
5265 NSSCKFWSession *fwSession;
5266 NSSCKFWObject *fwObject;
5267 NSSCKFWObject *fwWrappingKeyObject;
5268 NSSCKFWSlot *fwSlot;
5269 NSSCKFWToken *fwToken;
5270 NSSCKFWMechanism *fwMechanism;
5271 NSSItem wrappedKey;
5272
5273 if( (NSSCKFWInstance *)NULL == fwInstance ) {
5274 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5275 goto loser;
5276 }
5277
5278 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5279 if( (NSSCKFWSession *)NULL == fwSession ) {
5280 error = CKR_SESSION_HANDLE_INVALID;
5281 goto loser;
5282 }
5283
5284 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5285 hUnwrappingKey);
5286 if( (NSSCKFWObject *)NULL == fwWrappingKeyObject ) {
5287 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5288 goto loser;
5289 }
5290
5291 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5292 if( (NSSCKFWSlot *)NULL == fwSlot ) {
5293 error = CKR_GENERAL_ERROR; /* should never happen! */
5294 goto loser;
5295 }
5296
5297 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5298 error = CKR_TOKEN_NOT_PRESENT;
5299 goto loser;
5300 }
5301
5302 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5303 if( (NSSCKFWToken *)NULL == fwToken ) {
5304 goto loser;
5305 }
5306
5307 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5308 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
5309 goto loser;
5310 }
5311
5312 wrappedKey.data = pWrappedKey;
5313 wrappedKey.size = ulWrappedKeyLen;
5314
5315 fwObject = nssCKFWMechanism_UnwrapKey(
5316 fwMechanism,
5317 pMechanism,
5318 fwSession,
5319 fwWrappingKeyObject,
5320 &wrappedKey,
5321 pTemplate,
5322 ulAttributeCount,
5323 &error);
5324
5325 nssCKFWMechanism_Destroy(fwMechanism);
5326 if ((NSSCKFWObject *)NULL == fwObject) {
5327 goto loser;
5328 }
5329 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5330
5331 if (CKR_OK == error) {
5332 return CKR_OK;
5333 }
5334
5335 loser:
5336 /* verify error */
5337 switch( error ) {
5338 case CKR_ARGUMENTS_BAD:
5339 case CKR_ATTRIBUTE_READ_ONLY:
5340 case CKR_ATTRIBUTE_TYPE_INVALID:
5341 case CKR_ATTRIBUTE_VALUE_INVALID:
5342 case CKR_BUFFER_TOO_SMALL:
5343 case CKR_CRYPTOKI_NOT_INITIALIZED:
5344 case CKR_DEVICE_ERROR:
5345 case CKR_DEVICE_MEMORY:
5346 case CKR_DEVICE_REMOVED:
5347 case CKR_DOMAIN_PARAMS_INVALID:
5348 case CKR_FUNCTION_CANCELED:
5349 case CKR_FUNCTION_FAILED:
5350 case CKR_GENERAL_ERROR:
5351 case CKR_HOST_MEMORY:
5352 case CKR_MECHANISM_INVALID:
5353 case CKR_MECHANISM_PARAM_INVALID:
5354 case CKR_OPERATION_ACTIVE:
5355 case CKR_PIN_EXPIRED:
5356 case CKR_SESSION_CLOSED:
5357 case CKR_SESSION_HANDLE_INVALID:
5358 case CKR_SESSION_READ_ONLY:
5359 case CKR_TEMPLATE_INCOMPLETE:
5360 case CKR_TEMPLATE_INCONSISTENT:
5361 case CKR_TOKEN_WRITE_PROTECTED:
5362 case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
5363 case CKR_UNWRAPPING_KEY_SIZE_RANGE:
5364 case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
5365 case CKR_USER_NOT_LOGGED_IN:
5366 case CKR_WRAPPED_KEY_INVALID:
5367 case CKR_WRAPPED_KEY_LEN_RANGE:
5368 break;
5369 case CKR_KEY_HANDLE_INVALID:
5370 error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
5371 break;
5372 case CKR_KEY_SIZE_RANGE:
5373 error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
5374 break;
5375 case CKR_KEY_TYPE_INCONSISTENT:
5376 error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
5377 break;
5378 case CKR_ENCRYPTED_DATA_INVALID:
5379 error = CKR_WRAPPED_KEY_INVALID;
5380 break;
5381 case CKR_ENCRYPTED_DATA_LEN_RANGE:
5382 error = CKR_WRAPPED_KEY_LEN_RANGE;
5383 break;
5384 default:
5385 case CKR_OK:
5386 error = CKR_GENERAL_ERROR;
5387 break;
5388 }
5389 return error;
5390 }
5391
5392 /*
5393 * NSSCKFWC_DeriveKey
5394 *
5395 */
5396 NSS_IMPLEMENT CK_RV
5397 NSSCKFWC_DeriveKey
5398 (
5399 NSSCKFWInstance *fwInstance,
5400 CK_SESSION_HANDLE hSession,
5401 CK_MECHANISM_PTR pMechanism,
5402 CK_OBJECT_HANDLE hBaseKey,
5403 CK_ATTRIBUTE_PTR pTemplate,
5404 CK_ULONG ulAttributeCount,
5405 CK_OBJECT_HANDLE_PTR phKey
5406 )
5407 {
5408 CK_RV error = CKR_OK;
5409 NSSCKFWSession *fwSession;
5410 NSSCKFWObject *fwObject;
5411 NSSCKFWObject *fwBaseKeyObject;
5412 NSSCKFWSlot *fwSlot;
5413 NSSCKFWToken *fwToken;
5414 NSSCKFWMechanism *fwMechanism;
5415
5416 if( (NSSCKFWInstance *)NULL == fwInstance ) {
5417 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5418 goto loser;
5419 }
5420
5421 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5422 if( (NSSCKFWSession *)NULL == fwSession ) {
5423 error = CKR_SESSION_HANDLE_INVALID;
5424 goto loser;
5425 }
5426
5427 fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
5428 if( (NSSCKFWObject *)NULL == fwBaseKeyObject ) {
5429 error = CKR_KEY_HANDLE_INVALID;
5430 goto loser;
5431 }
5432
5433 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5434 if( (NSSCKFWSlot *)NULL == fwSlot ) {
5435 error = CKR_GENERAL_ERROR; /* should never happen! */
5436 goto loser;
5437 }
5438
5439 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5440 error = CKR_TOKEN_NOT_PRESENT;
5441 goto loser;
5442 }
5443
5444 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5445 if( (NSSCKFWToken *)NULL == fwToken ) {
5446 goto loser;
5447 }
5448
5449 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5450 if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
5451 goto loser;
5452 }
5453
5454 fwObject = nssCKFWMechanism_DeriveKey(
5455 fwMechanism,
5456 pMechanism,
5457 fwSession,
5458 fwBaseKeyObject,
5459 pTemplate,
5460 ulAttributeCount,
5461 &error);
5462
5463 nssCKFWMechanism_Destroy(fwMechanism);
5464 if ((NSSCKFWObject *)NULL == fwObject) {
5465 goto loser;
5466 }
5467 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5468
5469 if (CKR_OK == error) {
5470 return CKR_OK;
5471 }
5472
5473 loser:
5474 /* verify error */
5475 switch( error ) {
5476 case CKR_ARGUMENTS_BAD:
5477 case CKR_ATTRIBUTE_READ_ONLY:
5478 case CKR_ATTRIBUTE_TYPE_INVALID:
5479 case CKR_ATTRIBUTE_VALUE_INVALID:
5480 case CKR_CRYPTOKI_NOT_INITIALIZED:
5481 case CKR_DEVICE_ERROR:
5482 case CKR_DEVICE_MEMORY:
5483 case CKR_DEVICE_REMOVED:
5484 case CKR_DOMAIN_PARAMS_INVALID:
5485 case CKR_FUNCTION_CANCELED:
5486 case CKR_FUNCTION_FAILED:
5487 case CKR_GENERAL_ERROR:
5488 case CKR_HOST_MEMORY:
5489 case CKR_KEY_HANDLE_INVALID:
5490 case CKR_KEY_SIZE_RANGE:
5491 case CKR_KEY_TYPE_INCONSISTENT:
5492 case CKR_MECHANISM_INVALID:
5493 case CKR_MECHANISM_PARAM_INVALID:
5494 case CKR_OPERATION_ACTIVE:
5495 case CKR_PIN_EXPIRED:
5496 case CKR_SESSION_CLOSED:
5497 case CKR_SESSION_HANDLE_INVALID:
5498 case CKR_SESSION_READ_ONLY:
5499 case CKR_TEMPLATE_INCOMPLETE:
5500 case CKR_TEMPLATE_INCONSISTENT:
5501 case CKR_TOKEN_WRITE_PROTECTED:
5502 case CKR_USER_NOT_LOGGED_IN:
5503 break;
5504 default:
5505 case CKR_OK:
5506 error = CKR_GENERAL_ERROR;
5507 break;
5508 }
5509 return error;
5510 }
5511
5512 /*
5513 * NSSCKFWC_SeedRandom
5514 *
5515 */
5516 NSS_IMPLEMENT CK_RV
5517 NSSCKFWC_SeedRandom
5518 (
5519 NSSCKFWInstance *fwInstance,
5520 CK_SESSION_HANDLE hSession,
5521 CK_BYTE_PTR pSeed,
5522 CK_ULONG ulSeedLen
5523 )
5524 {
5525 CK_RV error = CKR_OK;
5526 NSSCKFWSession *fwSession;
5527 NSSItem seed;
5528
5529 if( (NSSCKFWInstance *)NULL == fwInstance ) {
5530 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5531 goto loser;
5532 }
5533
5534 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5535 if( (NSSCKFWSession *)NULL == fwSession ) {
5536 error = CKR_SESSION_HANDLE_INVALID;
5537 goto loser;
5538 }
5539
5540 if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
5541 error = CKR_ARGUMENTS_BAD;
5542 goto loser;
5543 }
5544
5545 /* We could read through the buffer in a Purify trap */
5546
5547 seed.size = (PRUint32)ulSeedLen;
5548 seed.data = (void *)pSeed;
5549
5550 error = nssCKFWSession_SeedRandom(fwSession, &seed);
5551
5552 if( CKR_OK != error ) {
5553 goto loser;
5554 }
5555
5556 return CKR_OK;
5557
5558 loser:
5559 switch( error ) {
5560 case CKR_SESSION_CLOSED:
5561 /* destroy session? */
5562 break;
5563 case CKR_DEVICE_REMOVED:
5564 /* (void)nssCKFWToken_Destroy(fwToken); */
5565 break;
5566 case CKR_ARGUMENTS_BAD:
5567 case CKR_CRYPTOKI_NOT_INITIALIZED:
5568 case CKR_DEVICE_ERROR:
5569 case CKR_DEVICE_MEMORY:
5570 case CKR_FUNCTION_CANCELED:
5571 case CKR_FUNCTION_FAILED:
5572 case CKR_GENERAL_ERROR:
5573 case CKR_HOST_MEMORY:
5574 case CKR_OPERATION_ACTIVE:
5575 case CKR_RANDOM_SEED_NOT_SUPPORTED:
5576 case CKR_RANDOM_NO_RNG:
5577 case CKR_SESSION_HANDLE_INVALID:
5578 case CKR_USER_NOT_LOGGED_IN:
5579 break;
5580 default:
5581 case CKR_OK:
5582 error = CKR_GENERAL_ERROR;
5583 break;
5584 }
5585
5586 return error;
5587 }
5588
5589 /*
5590 * NSSCKFWC_GenerateRandom
5591 *
5592 */
5593 NSS_IMPLEMENT CK_RV
5594 NSSCKFWC_GenerateRandom
5595 (
5596 NSSCKFWInstance *fwInstance,
5597 CK_SESSION_HANDLE hSession,
5598 CK_BYTE_PTR pRandomData,
5599 CK_ULONG ulRandomLen
5600 )
5601 {
5602 CK_RV error = CKR_OK;
5603 NSSCKFWSession *fwSession;
5604 NSSItem buffer;
5605
5606 if( (NSSCKFWInstance *)NULL == fwInstance ) {
5607 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5608 goto loser;
5609 }
5610
5611 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5612 if( (NSSCKFWSession *)NULL == fwSession ) {
5613 error = CKR_SESSION_HANDLE_INVALID;
5614 goto loser;
5615 }
5616
5617 if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
5618 error = CKR_ARGUMENTS_BAD;
5619 goto loser;
5620 }
5621
5622 /*
5623 * A purify error here indicates caller error.
5624 */
5625 (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
5626
5627 buffer.size = (PRUint32)ulRandomLen;
5628 buffer.data = (void *)pRandomData;
5629
5630 error = nssCKFWSession_GetRandom(fwSession, &buffer);
5631
5632 if( CKR_OK != error ) {
5633 goto loser;
5634 }
5635
5636 return CKR_OK;
5637
5638 loser:
5639 switch( error ) {
5640 case CKR_SESSION_CLOSED:
5641 /* destroy session? */
5642 break;
5643 case CKR_DEVICE_REMOVED:
5644 /* (void)nssCKFWToken_Destroy(fwToken); */
5645 break;
5646 case CKR_ARGUMENTS_BAD:
5647 case CKR_CRYPTOKI_NOT_INITIALIZED:
5648 case CKR_DEVICE_ERROR:
5649 case CKR_DEVICE_MEMORY:
5650 case CKR_FUNCTION_CANCELED:
5651 case CKR_FUNCTION_FAILED:
5652 case CKR_GENERAL_ERROR:
5653 case CKR_HOST_MEMORY:
5654 case CKR_OPERATION_ACTIVE:
5655 case CKR_RANDOM_NO_RNG:
5656 case CKR_SESSION_HANDLE_INVALID:
5657 case CKR_USER_NOT_LOGGED_IN:
5658 break;
5659 default:
5660 case CKR_OK:
5661 error = CKR_GENERAL_ERROR;
5662 break;
5663 }
5664
5665 return error;
5666 }
5667
5668 /*
5669 * NSSCKFWC_GetFunctionStatus
5670 *
5671 */
5672 NSS_IMPLEMENT CK_RV
5673 NSSCKFWC_GetFunctionStatus
5674 (
5675 NSSCKFWInstance *fwInstance,
5676 CK_SESSION_HANDLE hSession
5677 )
5678 {
5679 return CKR_FUNCTION_NOT_PARALLEL;
5680 }
5681
5682 /*
5683 * NSSCKFWC_CancelFunction
5684 *
5685 */
5686 NSS_IMPLEMENT CK_RV
5687 NSSCKFWC_CancelFunction
5688 (
5689 NSSCKFWInstance *fwInstance,
5690 CK_SESSION_HANDLE hSession
5691 )
5692 {
5693 return CKR_FUNCTION_NOT_PARALLEL;
5694 }
Wine Gecko package