summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFranziskus Kiefer <franziskuskiefer@gmail.com>2016-01-18 15:02:03 +0100
committerFranziskus Kiefer <franziskuskiefer@gmail.com>2016-01-18 15:02:03 +0100
commiteb895cf42d8d6bc3a9006a0d5b39b7697712025c (patch)
treeb9738d5f15d5af404d03ab1e298e1b935460f278
parent4e1f105f08c62199e04ff940c4eac52d0fceaac3 (diff)
downloadnss-hg-eb895cf42d8d6bc3a9006a0d5b39b7697712025c.tar.gz
Bug 1233037, clang-format on lib/ckfw with manual corrections, r=kaie
-rw-r--r--lib/ckfw/builtins/anchor.c4
-rw-r--r--lib/ckfw/builtins/bfind.c394
-rw-r--r--lib/ckfw/builtins/binst.c100
-rw-r--r--lib/ckfw/builtins/bobject.c290
-rw-r--r--lib/ckfw/builtins/bsession.c98
-rw-r--r--lib/ckfw/builtins/bslot.c104
-rw-r--r--lib/ckfw/builtins/btoken.c194
-rw-r--r--lib/ckfw/builtins/builtins.h66
-rw-r--r--lib/ckfw/builtins/ckbiver.c3
-rw-r--r--lib/ckfw/builtins/constants.c53
-rw-r--r--lib/ckfw/builtins/nssckbi.h4
-rw-r--r--lib/ckfw/capi/anchor.c4
-rw-r--r--lib/ckfw/capi/cfind.c930
-rw-r--r--lib/ckfw/capi/cinst.c118
-rw-r--r--lib/ckfw/capi/ckcapi.h255
-rw-r--r--lib/ckfw/capi/ckcapiver.c3
-rw-r--r--lib/ckfw/capi/cobject.c3684
-rw-r--r--lib/ckfw/capi/constants.c41
-rw-r--r--lib/ckfw/capi/crsa.c1110
-rw-r--r--lib/ckfw/capi/csession.c124
-rw-r--r--lib/ckfw/capi/cslot.c104
-rw-r--r--lib/ckfw/capi/ctoken.c266
-rw-r--r--lib/ckfw/capi/nsscapi.h4
-rw-r--r--lib/ckfw/capi/staticobj.c23
-rw-r--r--lib/ckfw/ckfw.h1621
-rw-r--r--lib/ckfw/ckfwm.h66
-rw-r--r--lib/ckfw/ckfwtm.h2
-rw-r--r--lib/ckfw/ckmd.h26
-rw-r--r--lib/ckfw/crypto.c408
-rw-r--r--lib/ckfw/dbm/anchor.c4
-rw-r--r--lib/ckfw/dbm/ckdbm.h252
-rw-r--r--lib/ckfw/dbm/db.c1746
-rw-r--r--lib/ckfw/dbm/find.c203
-rw-r--r--lib/ckfw/dbm/instance.c220
-rw-r--r--lib/ckfw/dbm/object.c246
-rw-r--r--lib/ckfw/dbm/session.c422
-rw-r--r--lib/ckfw/dbm/slot.c245
-rw-r--r--lib/ckfw/dbm/token.c379
-rw-r--r--lib/ckfw/find.c439
-rw-r--r--lib/ckfw/hash.c304
-rw-r--r--lib/ckfw/instance.c1589
-rw-r--r--lib/ckfw/mechanism.c1280
-rw-r--r--lib/ckfw/mutex.c231
-rw-r--r--lib/ckfw/nssckfw.h243
-rw-r--r--lib/ckfw/nssckfwc.h880
-rw-r--r--lib/ckfw/nssckfwt.h3
-rw-r--r--lib/ckfw/nssckmdt.h3521
-rw-r--r--lib/ckfw/nssckt.h1
-rw-r--r--lib/ckfw/nssmkey/ckmk.h206
-rw-r--r--lib/ckfw/nssmkey/ckmkver.c3
-rw-r--r--lib/ckfw/nssmkey/manchor.c4
-rw-r--r--lib/ckfw/nssmkey/mconstants.c41
-rw-r--r--lib/ckfw/nssmkey/mfind.c595
-rw-r--r--lib/ckfw/nssmkey/minst.c118
-rw-r--r--lib/ckfw/nssmkey/mobject.c2928
-rw-r--r--lib/ckfw/nssmkey/mrsa.c773
-rw-r--r--lib/ckfw/nssmkey/msession.c124
-rw-r--r--lib/ckfw/nssmkey/mslot.c104
-rw-r--r--lib/ckfw/nssmkey/mtoken.c266
-rw-r--r--lib/ckfw/nssmkey/nssmkey.h4
-rw-r--r--lib/ckfw/nssmkey/staticobj.c18
-rw-r--r--lib/ckfw/object.c1216
-rw-r--r--lib/ckfw/session.c3289
-rw-r--r--lib/ckfw/sessobj.c1343
-rw-r--r--lib/ckfw/slot.c769
-rw-r--r--lib/ckfw/token.c2149
-rw-r--r--lib/ckfw/wrap.c9747
67 files changed, 22124 insertions, 23880 deletions
diff --git a/lib/ckfw/builtins/anchor.c b/lib/ckfw/builtins/anchor.c
index 51b4a5688..cc0d0c09f 100644
--- a/lib/ckfw/builtins/anchor.c
+++ b/lib/ckfw/builtins/anchor.c
@@ -6,12 +6,12 @@
* builtins/anchor.c
*
* This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
+ * shared library, which is required for dynamic loading. See the
* comments in nssck.api for more information.
*/
#include "builtins.h"
#define MODULE_NAME builtins
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_builtins_mdInstance
+#define INSTANCE_NAME (NSSCKMDInstance *) & nss_builtins_mdInstance
#include "nssck.api"
diff --git a/lib/ckfw/builtins/bfind.c b/lib/ckfw/builtins/bfind.c
index df35ed8b6..ee145b68a 100644
--- a/lib/ckfw/builtins/bfind.c
+++ b/lib/ckfw/builtins/bfind.c
@@ -14,258 +14,250 @@
*/
struct builtinsFOStr {
- NSSArena *arena;
- CK_ULONG n;
- CK_ULONG i;
- builtinsInternalObject **objs;
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ builtinsInternalObject **objs;
};
static void
-builtins_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
- NSSArena *arena = fo->arena;
-
- nss_ZFreeIf(fo->objs);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(mdFindObjects);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
- return;
+ return;
}
static NSSCKMDObject *
-builtins_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+builtins_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
- builtinsInternalObject *io;
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ builtinsInternalObject *io;
- if( fo->i == fo->n ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
- io = fo->objs[ fo->i ];
- fo->i++;
+ io = fo->objs[fo->i];
+ fo->i++;
- return nss_builtins_CreateMDObject(arena, io, pError);
+ return nss_builtins_CreateMDObject(arena, io, pError);
}
static int
-builtins_derUnwrapInt(unsigned char *src, int size, unsigned char **dest) {
+builtins_derUnwrapInt(unsigned char *src, int size, unsigned char **dest)
+{
unsigned char *start = src;
int len = 0;
- if (*src ++ != 2) {
- return 0;
+ if (*src++ != 2) {
+ return 0;
}
len = *src++;
if (len & 0x80) {
- int count = len & 0x7f;
- len =0;
-
- if (count+2 > size) {
- return 0;
- }
- while (count-- > 0) {
- len = (len << 8) | *src++;
- }
+ int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return 0;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | *src++;
+ }
}
- if (len + (src-start) != size) {
- return 0;
+ if (len + (src - start) != size) {
+ return 0;
}
*dest = src;
return len;
}
static CK_BBOOL
-builtins_attrmatch
-(
- CK_ATTRIBUTE_PTR a,
- const NSSItem *b
-)
+builtins_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ const NSSItem *b)
{
- PRBool prb;
-
- if( a->ulValueLen != b->size ) {
- /* match a decoded serial number */
- if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
- int len;
- unsigned char *data = NULL;
-
- len = builtins_derUnwrapInt(b->data,b->size,&data);
- if (data &&
- (len == a->ulValueLen) &&
- nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
- return CK_TRUE;
- }
+ PRBool prb;
+
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ int len;
+ unsigned char *data = NULL;
+
+ len = builtins_derUnwrapInt(b->data, b->size, &data);
+ if (data &&
+ (len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
}
- return CK_FALSE;
- }
- prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
- if( PR_TRUE == prb ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ }
+ else {
+ return CK_FALSE;
+ }
}
-
static CK_BBOOL
-builtins_match
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- builtinsInternalObject *o
-)
+builtins_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ builtinsInternalObject *o)
{
- CK_ULONG i;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG j;
-
- for( j = 0; j < o->n; j++ ) {
- if( o->types[j] == pTemplate[i].type ) {
- if( CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j]) ) {
- return CK_FALSE;
- } else {
- break;
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ CK_ULONG j;
+
+ for (j = 0; j < o->n; j++) {
+ if (o->types[j] == pTemplate[i].type) {
+ if (CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j])) {
+ return CK_FALSE;
+ }
+ else {
+ break;
+ }
+ }
}
- }
- }
- if( j == o->n ) {
- /* Loop ran to the end: no matching attribute */
- return CK_FALSE;
+ if (j == o->n) {
+ /* Loop ran to the end: no matching attribute */
+ return CK_FALSE;
+ }
}
- }
- /* Every attribute passed */
- return CK_TRUE;
+ /* Every attribute passed */
+ return CK_TRUE;
}
NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_builtins_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- /* This could be made more efficient. I'm rather rushed. */
- NSSArena *arena;
- NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
- struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
- /*
+/*
* 99% of the time we get 0 or 1 matches. So we start with a small
* stack-allocated array to hold the matches and switch to a heap-allocated
* array later if the number of matches exceeds STACK_BUF_LENGTH.
*/
- #define STACK_BUF_LENGTH 1
- builtinsInternalObject *stackTemp[STACK_BUF_LENGTH];
- builtinsInternalObject **temp = stackTemp;
- PRBool tempIsHeapAllocated = PR_FALSE;
- PRUint32 i;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo = nss_ZNEW(arena, struct builtinsFOStr);
- if( (struct builtinsFOStr *)NULL == fo ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo->arena = arena;
- /* fo->n and fo->i are already zero */
-
- rv->etc = (void *)fo;
- rv->Final = builtins_mdFindObjects_Final;
- rv->Next = builtins_mdFindObjects_Next;
- rv->null = (void *)NULL;
-
- for( i = 0; i < nss_builtins_nObjects; i++ ) {
- builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
-
- if( CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o) ) {
- if( fo->n == STACK_BUF_LENGTH ) {
- /* Switch from the small stack array to a heap-allocated array large
+#define STACK_BUF_LENGTH 1
+ builtinsInternalObject *stackTemp[STACK_BUF_LENGTH];
+ builtinsInternalObject **temp = stackTemp;
+ PRBool tempIsHeapAllocated = PR_FALSE;
+ PRUint32 i;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct builtinsFOStr);
+ if ((struct builtinsFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = builtins_mdFindObjects_Final;
+ rv->Next = builtins_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ for (i = 0; i < nss_builtins_nObjects; i++) {
+ builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
+
+ if (CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o)) {
+ if (fo->n == STACK_BUF_LENGTH) {
+ /* Switch from the small stack array to a heap-allocated array large
* enough to handle matches in all remaining cases. */
- temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
- fo->n + nss_builtins_nObjects - i);
- if( (builtinsInternalObject **)NULL == temp ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
+ temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
+ fo->n + nss_builtins_nObjects - i);
+ if ((builtinsInternalObject **)NULL == temp) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+ tempIsHeapAllocated = PR_TRUE;
+ (void)nsslibc_memcpy(temp, stackTemp,
+ sizeof(builtinsInternalObject *) * fo->n);
+ }
+
+ temp[fo->n] = o;
+ fo->n++;
}
- tempIsHeapAllocated = PR_TRUE;
- (void)nsslibc_memcpy(temp, stackTemp,
- sizeof(builtinsInternalObject *) * fo->n);
- }
+ }
- temp[ fo->n ] = o;
- fo->n++;
+ fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
+ if ((builtinsInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ temp = (builtinsInternalObject **)NULL;
}
- }
-
- fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
- if( (builtinsInternalObject **)NULL == fo->objs ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
- if (tempIsHeapAllocated) {
- nss_ZFreeIf(temp);
- temp = (builtinsInternalObject **)NULL;
- }
-
- return rv;
-
- loser:
- if (tempIsHeapAllocated) {
- nss_ZFreeIf(temp);
- }
- nss_ZFreeIf(fo);
- nss_ZFreeIf(rv);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
- return (NSSCKMDFindObjects *)NULL;
-}
+ return rv;
+
+loser:
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ }
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/lib/ckfw/builtins/binst.c b/lib/ckfw/builtins/binst.c
index 8cb057d96..ca1dac89c 100644
--- a/lib/ckfw/builtins/binst.c
+++ b/lib/ckfw/builtins/binst.c
@@ -7,7 +7,7 @@
/*
* builtins/instance.c
*
- * This file implements the NSSCKMDInstance object for the
+ * This file implements the NSSCKMDInstance object for the
* "builtin objects" cryptoki module.
*/
@@ -16,84 +16,72 @@
*/
static CK_ULONG
-builtins_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (CK_ULONG)1;
+ return (CK_ULONG)1;
}
static CK_VERSION
-builtins_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_builtins_CryptokiVersion;
+ return nss_builtins_CryptokiVersion;
}
static NSSUTF8 *
-builtins_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
}
static NSSUTF8 *
-builtins_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_LibraryDescription;
+ return (NSSUTF8 *)nss_builtins_LibraryDescription;
}
static CK_VERSION
-builtins_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
#define NSS_VERSION_VARIABLE __nss_builtins_version
#include "verref.h"
- return nss_builtins_LibraryVersion;
+ return nss_builtins_LibraryVersion;
}
static CK_RV
-builtins_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
+builtins_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
{
- slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
- return CKR_OK;
+ slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
+ return CKR_OK;
}
const NSSCKMDInstance
-nss_builtins_mdInstance = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Finalize */
- builtins_mdInstance_GetNSlots,
- builtins_mdInstance_GetCryptokiVersion,
- builtins_mdInstance_GetManufacturerID,
- builtins_mdInstance_GetLibraryDescription,
- builtins_mdInstance_GetLibraryVersion,
- NULL, /* ModuleHandlesSessionObjects -- defaults to false */
- builtins_mdInstance_GetSlots,
- NULL, /* WaitForSlotEvent */
- (void *)NULL /* null terminator */
-};
+ nss_builtins_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ builtins_mdInstance_GetNSlots,
+ builtins_mdInstance_GetCryptokiVersion,
+ builtins_mdInstance_GetManufacturerID,
+ builtins_mdInstance_GetLibraryDescription,
+ builtins_mdInstance_GetLibraryVersion,
+ NULL, /* ModuleHandlesSessionObjects -- defaults to false */
+ builtins_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/builtins/bobject.c b/lib/ckfw/builtins/bobject.c
index 55876c0f2..1c0babdd6 100644
--- a/lib/ckfw/builtins/bobject.c
+++ b/lib/ckfw/builtins/bobject.c
@@ -24,199 +24,183 @@
*/
static CK_RV
-builtins_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CKR_SESSION_READ_ONLY;
+ return CKR_SESSION_READ_ONLY;
}
static CK_BBOOL
-builtins_mdObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_ULONG
-builtins_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- return io->n;
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ return io->n;
}
static CK_RV
-builtins_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+builtins_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
- if( io->n != ulCount ) {
- return CKR_BUFFER_TOO_SMALL;
- }
+ if (io->n != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
- for( i = 0; i < io->n; i++ ) {
- typeArray[i] = io->types[i];
- }
+ for (i = 0; i < io->n; i++) {
+ typeArray[i] = io->types[i];
+ }
- return CKR_OK;
+ return CKR_OK;
}
static CK_ULONG
-builtins_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+builtins_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- return (CK_ULONG)(io->items[i].size);
+ for (i = 0; i < io->n; i++) {
+ if (attribute == io->types[i]) {
+ return (CK_ULONG)(io->items[i].size);
+ }
}
- }
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
}
static NSSCKFWItem
-builtins_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+builtins_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- NSSCKFWItem mdItem;
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- mdItem.needsFreeing = PR_FALSE;
- mdItem.item = (NSSItem*) NULL;
-
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- mdItem.item = (NSSItem*) &io->items[i];
- return mdItem;
+ NSSCKFWItem mdItem;
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)NULL;
+
+ for (i = 0; i < io->n; i++) {
+ if (attribute == io->types[i]) {
+ mdItem.item = (NSSItem *)&io->items[i];
+ return mdItem;
+ }
}
- }
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return mdItem;
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return mdItem;
}
static CK_ULONG
-builtins_mdObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
- CK_ULONG rv = sizeof(CK_ULONG);
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_ULONG rv = sizeof(CK_ULONG);
- for( i = 0; i < io->n; i++ ) {
- rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
- }
+ for (i = 0; i < io->n; i++) {
+ rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
+ }
- return rv;
+ return rv;
}
static const NSSCKMDObject
-builtins_prototype_mdObject = {
- (void *)NULL, /* etc */
- NULL, /* Finalize */
- builtins_mdObject_Destroy,
- builtins_mdObject_IsTokenObject,
- builtins_mdObject_GetAttributeCount,
- builtins_mdObject_GetAttributeTypes,
- builtins_mdObject_GetAttributeSize,
- builtins_mdObject_GetAttribute,
- NULL, /* FreeAttribute */
- NULL, /* SetAttribute */
- builtins_mdObject_GetObjectSize,
- (void *)NULL /* null terminator */
-};
+ builtins_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ builtins_mdObject_Destroy,
+ builtins_mdObject_IsTokenObject,
+ builtins_mdObject_GetAttributeCount,
+ builtins_mdObject_GetAttributeTypes,
+ builtins_mdObject_GetAttributeSize,
+ builtins_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ NULL, /* SetAttribute */
+ builtins_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
NSS_IMPLEMENT NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-)
+nss_builtins_CreateMDObject(
+ NSSArena *arena,
+ builtinsInternalObject *io,
+ CK_RV *pError)
{
- if ( (void*)NULL == io->mdObject.etc) {
- (void) nsslibc_memcpy(&io->mdObject,&builtins_prototype_mdObject,
- sizeof(builtins_prototype_mdObject));
- io->mdObject.etc = (void *)io;
- }
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &builtins_prototype_mdObject,
+ sizeof(builtins_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
- return &io->mdObject;
+ return &io->mdObject;
}
diff --git a/lib/ckfw/builtins/bsession.c b/lib/ckfw/builtins/bsession.c
index 6705bfc61..6828a49af 100644
--- a/lib/ckfw/builtins/bsession.c
+++ b/lib/ckfw/builtins/bsession.c
@@ -7,69 +7,65 @@
/*
* builtins/session.c
*
- * This file implements the NSSCKMDSession object for the
+ * This file implements the NSSCKMDSession object for the
* "builtin objects" cryptoki module.
*/
static NSSCKMDFindObjects *
-builtins_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+builtins_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+ return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
}
NSS_IMPLEMENT NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nss_builtins_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
- NSSArena *arena;
- NSSCKMDSession *rv;
+ NSSArena *arena;
+ NSSCKMDSession *rv;
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- return (NSSCKMDSession *)NULL;
- }
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
- /*
- * rv was zeroed when allocated, so we only
- * need to set the non-zero members.
- */
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
- rv->etc = (void *)fwSession;
- /* rv->Close */
- /* rv->GetDeviceError */
- /* rv->Login */
- /* rv->Logout */
- /* rv->InitPIN */
- /* rv->SetPIN */
- /* rv->GetOperationStateLen */
- /* rv->GetOperationState */
- /* rv->SetOperationState */
- /* rv->CreateObject */
- /* rv->CopyObject */
- rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
- /* rv->SeedRandom */
- /* rv->GetRandom */
- /* rv->null */
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ /* rv->CreateObject */
+ /* rv->CopyObject */
+ rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/builtins/bslot.c b/lib/ckfw/builtins/bslot.c
index 7cc9dcde0..f2ef1efb9 100644
--- a/lib/ckfw/builtins/bslot.c
+++ b/lib/ckfw/builtins/bslot.c
@@ -12,80 +12,70 @@
*/
static NSSUTF8 *
-builtins_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_SlotDescription;
+ return (NSSUTF8 *)nss_builtins_SlotDescription;
}
static NSSUTF8 *
-builtins_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
}
static CK_VERSION
-builtins_mdSlot_GetHardwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_builtins_HardwareVersion;
+ return nss_builtins_HardwareVersion;
}
static CK_VERSION
-builtins_mdSlot_GetFirmwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_builtins_FirmwareVersion;
+ return nss_builtins_FirmwareVersion;
}
static NSSCKMDToken *
-builtins_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSCKMDToken *)&nss_builtins_mdToken;
+ return (NSSCKMDToken *)&nss_builtins_mdToken;
}
const NSSCKMDSlot
-nss_builtins_mdSlot = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Destroy */
- builtins_mdSlot_GetSlotDescription,
- builtins_mdSlot_GetManufacturerID,
- NULL, /* GetTokenPresent -- defaults to true */
- NULL, /* GetRemovableDevice -- defaults to false */
- NULL, /* GetHardwareSlot -- defaults to false */
- builtins_mdSlot_GetHardwareVersion,
- builtins_mdSlot_GetFirmwareVersion,
- builtins_mdSlot_GetToken,
- (void *)NULL /* null terminator */
-};
+ nss_builtins_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ builtins_mdSlot_GetSlotDescription,
+ builtins_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ builtins_mdSlot_GetHardwareVersion,
+ builtins_mdSlot_GetFirmwareVersion,
+ builtins_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/builtins/btoken.c b/lib/ckfw/builtins/btoken.c
index a68d51151..ae1e1380b 100644
--- a/lib/ckfw/builtins/btoken.c
+++ b/lib/ckfw/builtins/btoken.c
@@ -12,140 +12,124 @@
*/
static NSSUTF8 *
-builtins_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_TokenLabel;
+ return (NSSUTF8 *)nss_builtins_TokenLabel;
}
static NSSUTF8 *
-builtins_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
}
static NSSUTF8 *
-builtins_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_TokenModel;
+ return (NSSUTF8 *)nss_builtins_TokenModel;
}
static NSSUTF8 *
-builtins_mdToken_GetSerialNumber
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+builtins_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
+ return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
}
static CK_BBOOL
-builtins_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_VERSION
-builtins_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_builtins_HardwareVersion;
+ return nss_builtins_HardwareVersion;
}
static CK_VERSION
-builtins_mdToken_GetFirmwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+builtins_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_builtins_FirmwareVersion;
+ return nss_builtins_FirmwareVersion;
}
static NSSCKMDSession *
-builtins_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
+builtins_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
{
- return nss_builtins_CreateSession(fwSession, pError);
+ return nss_builtins_CreateSession(fwSession, pError);
}
const NSSCKMDToken
-nss_builtins_mdToken = {
- (void *)NULL, /* etc */
- NULL, /* Setup */
- NULL, /* Invalidate */
- NULL, /* InitToken -- default errs */
- builtins_mdToken_GetLabel,
- builtins_mdToken_GetManufacturerID,
- builtins_mdToken_GetModel,
- builtins_mdToken_GetSerialNumber,
- NULL, /* GetHasRNG -- default is false */
- builtins_mdToken_GetIsWriteProtected,
- NULL, /* GetLoginRequired -- default is false */
- NULL, /* GetUserPinInitialized -- default is false */
- NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
- NULL, /* GetHasClockOnToken -- default is false */
- NULL, /* GetHasProtectedAuthenticationPath -- default is false */
- NULL, /* GetSupportsDualCryptoOperations -- default is false */
- NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxPinLen -- irrelevant */
- NULL, /* GetMinPinLen -- irrelevant */
- NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- builtins_mdToken_GetHardwareVersion,
- builtins_mdToken_GetFirmwareVersion,
- NULL, /* GetUTCTime -- no clock */
- builtins_mdToken_OpenSession,
- NULL, /* GetMechanismCount -- default is zero */
- NULL, /* GetMechanismTypes -- irrelevant */
- NULL, /* GetMechanism -- irrelevant */
- (void *)NULL /* null terminator */
-};
+ nss_builtins_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ builtins_mdToken_GetLabel,
+ builtins_mdToken_GetManufacturerID,
+ builtins_mdToken_GetModel,
+ builtins_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ builtins_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ NULL, /* GetUserPinInitialized -- default is false */
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ builtins_mdToken_GetHardwareVersion,
+ builtins_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ builtins_mdToken_OpenSession,
+ NULL, /* GetMechanismCount -- default is zero */
+ NULL, /* GetMechanismTypes -- irrelevant */
+ NULL, /* GetMechanism -- irrelevant */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/builtins/builtins.h b/lib/ckfw/builtins/builtins.h
index a4a90f16c..a1693c29c 100644
--- a/lib/ckfw/builtins/builtins.h
+++ b/lib/ckfw/builtins/builtins.h
@@ -21,52 +21,46 @@
#endif /* CKT_H */
struct builtinsInternalObjectStr {
- CK_ULONG n;
- const CK_ATTRIBUTE_TYPE *types;
- const NSSItem *items;
- NSSCKMDObject mdObject;
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
+ NSSCKMDObject mdObject;
};
typedef struct builtinsInternalObjectStr builtinsInternalObject;
-extern builtinsInternalObject nss_builtins_data[];
-extern const PRUint32 nss_builtins_nObjects;
+extern builtinsInternalObject nss_builtins_data[];
+extern const PRUint32 nss_builtins_nObjects;
-extern const CK_VERSION nss_builtins_CryptokiVersion;
-extern const CK_VERSION nss_builtins_LibraryVersion;
-extern const CK_VERSION nss_builtins_HardwareVersion;
-extern const CK_VERSION nss_builtins_FirmwareVersion;
+extern const CK_VERSION nss_builtins_CryptokiVersion;
+extern const CK_VERSION nss_builtins_LibraryVersion;
+extern const CK_VERSION nss_builtins_HardwareVersion;
+extern const CK_VERSION nss_builtins_FirmwareVersion;
-extern const NSSUTF8 nss_builtins_ManufacturerID[];
-extern const NSSUTF8 nss_builtins_LibraryDescription[];
-extern const NSSUTF8 nss_builtins_SlotDescription[];
-extern const NSSUTF8 nss_builtins_TokenLabel[];
-extern const NSSUTF8 nss_builtins_TokenModel[];
-extern const NSSUTF8 nss_builtins_TokenSerialNumber[];
+extern const NSSUTF8 nss_builtins_ManufacturerID[];
+extern const NSSUTF8 nss_builtins_LibraryDescription[];
+extern const NSSUTF8 nss_builtins_SlotDescription[];
+extern const NSSUTF8 nss_builtins_TokenLabel[];
+extern const NSSUTF8 nss_builtins_TokenModel[];
+extern const NSSUTF8 nss_builtins_TokenSerialNumber[];
extern const NSSCKMDInstance nss_builtins_mdInstance;
-extern const NSSCKMDSlot nss_builtins_mdSlot;
-extern const NSSCKMDToken nss_builtins_mdToken;
+extern const NSSCKMDSlot nss_builtins_mdSlot;
+extern const NSSCKMDToken nss_builtins_mdToken;
NSS_EXTERN NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nss_builtins_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nss_builtins_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-);
+nss_builtins_CreateMDObject(
+ NSSArena *arena,
+ builtinsInternalObject *io,
+ CK_RV *pError);
diff --git a/lib/ckfw/builtins/ckbiver.c b/lib/ckfw/builtins/ckbiver.c
index 41783b2fb..208066ca3 100644
--- a/lib/ckfw/builtins/ckbiver.c
+++ b/lib/ckfw/builtins/ckbiver.c
@@ -15,5 +15,4 @@
/*
* Version information
*/
-const char __nss_builtins_version[] = "Version: NSS Builtin Trusted Root CAs "
- NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING;
+const char __nss_builtins_version[] = "Version: NSS Builtin Trusted Root CAs " NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/lib/ckfw/builtins/constants.c b/lib/ckfw/builtins/constants.c
index 71146e60d..f5d267b3d 100644
--- a/lib/ckfw/builtins/constants.c
+++ b/lib/ckfw/builtins/constants.c
@@ -21,41 +21,44 @@
#endif /* NSSCKBI_H */
const CK_VERSION
-nss_builtins_CryptokiVersion = {
- NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR,
- NSS_BUILTINS_CRYPTOKI_VERSION_MINOR };
+ nss_builtins_CryptokiVersion = {
+ NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR,
+ NSS_BUILTINS_CRYPTOKI_VERSION_MINOR
+ };
const CK_VERSION
-nss_builtins_LibraryVersion = {
- NSS_BUILTINS_LIBRARY_VERSION_MAJOR,
- NSS_BUILTINS_LIBRARY_VERSION_MINOR};
+ nss_builtins_LibraryVersion = {
+ NSS_BUILTINS_LIBRARY_VERSION_MAJOR,
+ NSS_BUILTINS_LIBRARY_VERSION_MINOR
+ };
const CK_VERSION
-nss_builtins_HardwareVersion = {
- NSS_BUILTINS_HARDWARE_VERSION_MAJOR,
- NSS_BUILTINS_HARDWARE_VERSION_MINOR };
+ nss_builtins_HardwareVersion = {
+ NSS_BUILTINS_HARDWARE_VERSION_MAJOR,
+ NSS_BUILTINS_HARDWARE_VERSION_MINOR
+ };
const CK_VERSION
-nss_builtins_FirmwareVersion = {
- NSS_BUILTINS_FIRMWARE_VERSION_MAJOR,
- NSS_BUILTINS_FIRMWARE_VERSION_MINOR };
+ nss_builtins_FirmwareVersion = {
+ NSS_BUILTINS_FIRMWARE_VERSION_MAJOR,
+ NSS_BUILTINS_FIRMWARE_VERSION_MINOR
+ };
-const NSSUTF8
-nss_builtins_ManufacturerID[] = { "Mozilla Foundation" };
+const NSSUTF8
+ nss_builtins_ManufacturerID[] = { "Mozilla Foundation" };
-const NSSUTF8
-nss_builtins_LibraryDescription[] = { "NSS Builtin Object Cryptoki Module" };
+const NSSUTF8
+ nss_builtins_LibraryDescription[] = { "NSS Builtin Object Cryptoki Module" };
-const NSSUTF8
-nss_builtins_SlotDescription[] = { "NSS Builtin Objects" };
+const NSSUTF8
+ nss_builtins_SlotDescription[] = { "NSS Builtin Objects" };
-const NSSUTF8
-nss_builtins_TokenLabel[] = { "Builtin Object Token" };
+const NSSUTF8
+ nss_builtins_TokenLabel[] = { "Builtin Object Token" };
-const NSSUTF8
-nss_builtins_TokenModel[] = { "1" };
+const NSSUTF8
+ nss_builtins_TokenModel[] = { "1" };
/* should this be e.g. the certdata.txt RCS revision number? */
-const NSSUTF8
-nss_builtins_TokenSerialNumber[] = { "1" };
-
+const NSSUTF8
+ nss_builtins_TokenSerialNumber[] = { "1" };
diff --git a/lib/ckfw/builtins/nssckbi.h b/lib/ckfw/builtins/nssckbi.h
index 5ef3a49fb..3ee2e83af 100644
--- a/lib/ckfw/builtins/nssckbi.h
+++ b/lib/ckfw/builtins/nssckbi.h
@@ -18,7 +18,7 @@
#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2
#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 20
-/* These version numbers detail the changes
+/* These version numbers detail the changes
* to the list of trusted certificates.
*
* The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped
@@ -52,7 +52,7 @@
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0
-/* These version numbers detail the semantic changes to ckbi itself
+/* These version numbers detail the semantic changes to ckbi itself
* (new PKCS #11 objects), etc. */
#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1
#define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0
diff --git a/lib/ckfw/capi/anchor.c b/lib/ckfw/capi/anchor.c
index 97f3f0d01..c8aff6039 100644
--- a/lib/ckfw/capi/anchor.c
+++ b/lib/ckfw/capi/anchor.c
@@ -6,12 +6,12 @@
* capi/canchor.c
*
* This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
+ * shared library, which is required for dynamic loading. See the
* comments in nssck.api for more information.
*/
#include "ckcapi.h"
#define MODULE_NAME ckcapi
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckcapi_mdInstance
+#define INSTANCE_NAME (NSSCKMDInstance *) & nss_ckcapi_mdInstance
#include "nssck.api"
diff --git a/lib/ckfw/capi/cfind.c b/lib/ckfw/capi/cfind.c
index c17ed3c0e..5fb11e35e 100644
--- a/lib/ckfw/capi/cfind.c
+++ b/lib/ckfw/capi/cfind.c
@@ -14,245 +14,237 @@
*/
struct ckcapiFOStr {
- NSSArena *arena;
- CK_ULONG n;
- CK_ULONG i;
- ckcapiInternalObject **objs;
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ ckcapiInternalObject **objs;
};
static void
-ckcapi_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
- NSSArena *arena = fo->arena;
- PRUint32 i;
-
- /* walk down an free the unused 'objs' */
- for (i=fo->i; i < fo->n ; i++) {
- nss_ckcapi_DestroyInternalObject(fo->objs[i]);
- }
-
- nss_ZFreeIf(fo->objs);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(mdFindObjects);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
-
- return;
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+ PRUint32 i;
+
+ /* walk down an free the unused 'objs' */
+ for (i = fo->i; i < fo->n; i++) {
+ nss_ckcapi_DestroyInternalObject(fo->objs[i]);
+ }
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
}
static NSSCKMDObject *
-ckcapi_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+ckcapi_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
- ckcapiInternalObject *io;
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
+ ckcapiInternalObject *io;
- if( fo->i == fo->n ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
- io = fo->objs[ fo->i ];
- fo->i++;
+ io = fo->objs[fo->i];
+ fo->i++;
- return nss_ckcapi_CreateMDObject(arena, io, pError);
+ return nss_ckcapi_CreateMDObject(arena, io, pError);
}
static CK_BBOOL
-ckcapi_attrmatch
-(
- CK_ATTRIBUTE_PTR a,
- ckcapiInternalObject *o
-)
+ckcapi_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ ckcapiInternalObject *o)
{
- PRBool prb;
- const NSSItem *b;
-
- b = nss_ckcapi_FetchAttribute(o, a->type);
- if (b == NULL) {
- return CK_FALSE;
- }
-
- if( a->ulValueLen != b->size ) {
- /* match a decoded serial number */
- if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
- unsigned int len;
- unsigned char *data;
-
- data = nss_ckcapi_DERUnwrap(b->data, b->size, &len, NULL);
- if ((len == a->ulValueLen) &&
- nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
- return CK_TRUE;
- }
+ PRBool prb;
+ const NSSItem *b;
+
+ b = nss_ckcapi_FetchAttribute(o, a->type);
+ if (b == NULL) {
+ return CK_FALSE;
}
- return CK_FALSE;
- }
- prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ unsigned int len;
+ unsigned char *data;
+
+ data = nss_ckcapi_DERUnwrap(b->data, b->size, &len, NULL);
+ if ((len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
- if( PR_TRUE == prb ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ }
+ else {
+ return CK_FALSE;
+ }
+}
static CK_BBOOL
-ckcapi_match
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject *o
-)
+ckcapi_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject *o)
{
- CK_ULONG i;
+ CK_ULONG i;
- for( i = 0; i < ulAttributeCount; i++ ) {
- if (CK_FALSE == ckcapi_attrmatch(&pTemplate[i], o)) {
- return CK_FALSE;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CK_FALSE == ckcapi_attrmatch(&pTemplate[i], o)) {
+ return CK_FALSE;
+ }
}
- }
- /* Every attribute passed */
- return CK_TRUE;
+ /* Every attribute passed */
+ return CK_TRUE;
}
-#define CKAPI_ITEM_CHUNK 20
-
-#define PUT_Object(obj,err) \
- { \
- if (count >= size) { \
- *listp = *listp ? \
- nss_ZREALLOCARRAY(*listp, ckcapiInternalObject *, \
- (size+CKAPI_ITEM_CHUNK) ) : \
- nss_ZNEWARRAY(NULL, ckcapiInternalObject *, \
- (size+CKAPI_ITEM_CHUNK) ) ; \
- if ((ckcapiInternalObject **)NULL == *listp) { \
- err = CKR_HOST_MEMORY; \
- goto loser; \
- } \
- size += CKAPI_ITEM_CHUNK; \
- } \
- (*listp)[ count ] = (obj); \
- count++; \
- }
-
+#define CKAPI_ITEM_CHUNK 20
+
+#define PUT_Object(obj, err) \
+ { \
+ if (count >= size) { \
+ *listp = *listp ? \
+ nss_ZREALLOCARRAY(*listp, ckcapiInternalObject *, \
+ (size + \
+ CKAPI_ITEM_CHUNK)) \
+ : \
+ nss_ZNEWARRAY(NULL, ckcapiInternalObject *, \
+ (size + \
+ CKAPI_ITEM_CHUNK)); \
+ if ((ckcapiInternalObject **)NULL == *listp) { \
+ err = CKR_HOST_MEMORY; \
+ goto loser; \
+ } \
+ size += CKAPI_ITEM_CHUNK; \
+ } \
+ (*listp)[count] = (obj); \
+ count++; \
+ }
/*
* pass parameters back through the callback.
*/
typedef struct BareCollectParamsStr {
- CK_OBJECT_CLASS objClass;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
- ckcapiInternalObject ***listp;
- PRUint32 size;
- PRUint32 count;
+ CK_OBJECT_CLASS objClass;
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+ ckcapiInternalObject ***listp;
+ PRUint32 size;
+ PRUint32 count;
} BareCollectParams;
/* collect_bare's callback. Called for each object that
* supposedly has a PROVINDER_INFO property */
static BOOL WINAPI
-doBareCollect
-(
- const CRYPT_HASH_BLOB *msKeyID,
- DWORD flags,
- void *reserved,
- void *args,
- DWORD cProp,
- DWORD *propID,
- void **propData,
- DWORD *propSize
-)
+doBareCollect(
+ const CRYPT_HASH_BLOB *msKeyID,
+ DWORD flags,
+ void *reserved,
+ void *args,
+ DWORD cProp,
+ DWORD *propID,
+ void **propData,
+ DWORD *propSize)
{
- BareCollectParams *bcp = (BareCollectParams *) args;
- PRUint32 size = bcp->size;
- PRUint32 count = bcp->count;
- ckcapiInternalObject ***listp = bcp->listp;
- ckcapiInternalObject *io = NULL;
- DWORD i;
- CRYPT_KEY_PROV_INFO *keyProvInfo = NULL;
- void *idData;
- CK_RV error;
-
- /* make sure there is a Key Provider Info property */
- for (i=0; i < cProp; i++) {
- if (CERT_KEY_PROV_INFO_PROP_ID == propID[i]) {
- keyProvInfo = (CRYPT_KEY_PROV_INFO *)propData[i];
- break;
+ BareCollectParams *bcp = (BareCollectParams *)args;
+ PRUint32 size = bcp->size;
+ PRUint32 count = bcp->count;
+ ckcapiInternalObject ***listp = bcp->listp;
+ ckcapiInternalObject *io = NULL;
+ DWORD i;
+ CRYPT_KEY_PROV_INFO *keyProvInfo = NULL;
+ void *idData;
+ CK_RV error;
+
+ /* make sure there is a Key Provider Info property */
+ for (i = 0; i < cProp; i++) {
+ if (CERT_KEY_PROV_INFO_PROP_ID == propID[i]) {
+ keyProvInfo = (CRYPT_KEY_PROV_INFO *)propData[i];
+ break;
+ }
+ }
+ if ((CRYPT_KEY_PROV_INFO *)NULL == keyProvInfo) {
+ return 1;
+ }
+
+ /* copy the key ID */
+ idData = nss_ZNEWARRAY(NULL, char, msKeyID->cbData);
+ if ((void *)NULL == idData) {
+ goto loser;
+ }
+ nsslibc_memcpy(idData, msKeyID->pbData, msKeyID->cbData);
+
+ /* build a bare internal object */
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ goto loser;
+ }
+ io->type = ckcapiBareKey;
+ io->objClass = bcp->objClass;
+ io->u.key.provInfo = *keyProvInfo;
+ io->u.key.provInfo.pwszContainerName =
+ nss_ckcapi_WideDup(keyProvInfo->pwszContainerName);
+ io->u.key.provInfo.pwszProvName =
+ nss_ckcapi_WideDup(keyProvInfo->pwszProvName);
+ io->u.key.provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
+ io->u.key.containerName =
+ nss_ckcapi_WideToUTF8(keyProvInfo->pwszContainerName);
+ io->u.key.hProv = 0;
+ io->idData = idData;
+ io->id.data = idData;
+ io->id.size = msKeyID->cbData;
+ idData = NULL;
+
+ /* see if it matches */
+ if (CK_FALSE == ckcapi_match(bcp->pTemplate, bcp->ulAttributeCount, io)) {
+ goto loser;
}
- }
- if ((CRYPT_KEY_PROV_INFO *)NULL == keyProvInfo) {
+ PUT_Object(io, error);
+ bcp->size = size;
+ bcp->count = count;
return 1;
- }
-
- /* copy the key ID */
- idData = nss_ZNEWARRAY(NULL, char, msKeyID->cbData);
- if ((void *)NULL == idData) {
- goto loser;
- }
- nsslibc_memcpy(idData, msKeyID->pbData, msKeyID->cbData);
-
- /* build a bare internal object */
- io = nss_ZNEW(NULL, ckcapiInternalObject);
- if ((ckcapiInternalObject *)NULL == io) {
- goto loser;
- }
- io->type = ckcapiBareKey;
- io->objClass = bcp->objClass;
- io->u.key.provInfo = *keyProvInfo;
- io->u.key.provInfo.pwszContainerName =
- nss_ckcapi_WideDup(keyProvInfo->pwszContainerName);
- io->u.key.provInfo.pwszProvName =
- nss_ckcapi_WideDup(keyProvInfo->pwszProvName);
- io->u.key.provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
- io->u.key.containerName =
- nss_ckcapi_WideToUTF8(keyProvInfo->pwszContainerName);
- io->u.key.hProv = 0;
- io->idData = idData;
- io->id.data = idData;
- io->id.size = msKeyID->cbData;
- idData = NULL;
-
- /* see if it matches */
- if( CK_FALSE == ckcapi_match(bcp->pTemplate, bcp->ulAttributeCount, io) ) {
- goto loser;
- }
- PUT_Object(io, error);
- bcp->size = size;
- bcp->count = count;
- return 1;
loser:
- if (io) {
- nss_ckcapi_DestroyInternalObject(io);
- }
- nss_ZFreeIf(idData);
- return 1;
+ if (io) {
+ nss_ckcapi_DestroyInternalObject(io);
+ }
+ nss_ZFreeIf(idData);
+ return 1;
}
/*
@@ -260,30 +252,29 @@ loser:
*/
static PRUint32
collect_bare(
- CK_OBJECT_CLASS objClass,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject ***listp,
- PRUint32 *sizep,
- PRUint32 count,
- CK_RV *pError
-)
+ CK_OBJECT_CLASS objClass,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
{
- BOOL rc;
- BareCollectParams bareCollectParams;
+ BOOL rc;
+ BareCollectParams bareCollectParams;
- bareCollectParams.objClass = objClass;
- bareCollectParams.pTemplate = pTemplate;
- bareCollectParams.ulAttributeCount = ulAttributeCount;
- bareCollectParams.listp = listp;
- bareCollectParams.size = *sizep;
- bareCollectParams.count = count;
+ bareCollectParams.objClass = objClass;
+ bareCollectParams.pTemplate = pTemplate;
+ bareCollectParams.ulAttributeCount = ulAttributeCount;
+ bareCollectParams.listp = listp;
+ bareCollectParams.size = *sizep;
+ bareCollectParams.count = count;
- rc = CryptEnumKeyIdentifierProperties(NULL, CERT_KEY_PROV_INFO_PROP_ID, 0,
- NULL, NULL, &bareCollectParams, doBareCollect);
+ rc = CryptEnumKeyIdentifierProperties(NULL, CERT_KEY_PROV_INFO_PROP_ID, 0,
+ NULL, NULL, &bareCollectParams, doBareCollect);
- *sizep = bareCollectParams.size;
- return bareCollectParams.count;
+ *sizep = bareCollectParams.size;
+ return bareCollectParams.count;
}
/* find all the certs that represent the appropriate object (cert, priv key, or
@@ -291,291 +282,286 @@ collect_bare(
*/
static PRUint32
collect_class(
- CK_OBJECT_CLASS objClass,
- LPCSTR storeStr,
- PRBool hasID,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject ***listp,
- PRUint32 *sizep,
- PRUint32 count,
- CK_RV *pError
-)
+ CK_OBJECT_CLASS objClass,
+ LPCSTR storeStr,
+ PRBool hasID,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
{
- PRUint32 size = *sizep;
- ckcapiInternalObject *next = NULL;
- HCERTSTORE hStore;
- PCCERT_CONTEXT certContext = NULL;
- PRBool isKey =
- (objClass == CKO_PUBLIC_KEY) | (objClass == CKO_PRIVATE_KEY);
-
- hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
- if (NULL == hStore) {
- return count; /* none found does not imply an error */
- }
-
- /* FUTURE: use CertFindCertificateInStore to filter better -- so we don't
+ PRUint32 size = *sizep;
+ ckcapiInternalObject *next = NULL;
+ HCERTSTORE hStore;
+ PCCERT_CONTEXT certContext = NULL;
+ PRBool isKey =
+ (objClass == CKO_PUBLIC_KEY) | (objClass == CKO_PRIVATE_KEY);
+
+ hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
+ if (NULL == hStore) {
+ return count; /* none found does not imply an error */
+ }
+
+ /* FUTURE: use CertFindCertificateInStore to filter better -- so we don't
* have to enumerate all the certificates */
- while ((PCERT_CONTEXT) NULL !=
- (certContext= CertEnumCertificatesInStore(hStore, certContext))) {
- /* first filter out non user certs if we are looking for keys */
- if (isKey) {
- /* make sure there is a Key Provider Info property */
- CRYPT_KEY_PROV_INFO *keyProvInfo;
- DWORD size = 0;
- BOOL rv;
- rv =CertGetCertificateContextProperty(certContext,
- CERT_KEY_PROV_INFO_PROP_ID, NULL, &size);
- if (!rv) {
- int reason = GetLastError();
- /* we only care if it exists, we don't really need to fetch it yet */
- if (reason == CRYPT_E_NOT_FOUND) {
- continue;
- }
- }
- /* filter out the non-microsoft providers */
- keyProvInfo = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
- if (keyProvInfo) {
- rv =CertGetCertificateContextProperty(certContext,
- CERT_KEY_PROV_INFO_PROP_ID, keyProvInfo, &size);
- if (rv) {
- char *provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
- nss_ZFreeIf(keyProvInfo);
-
- if (provName &&
- (strncmp(provName, "Microsoft", sizeof("Microsoft")-1) != 0)) {
- continue;
- }
- } else {
- int reason = GetLastError();
- /* we only care if it exists, we don't really need to fetch it yet */
- nss_ZFreeIf(keyProvInfo);
- if (reason == CRYPT_E_NOT_FOUND) {
- continue;
- }
-
+ while ((PCERT_CONTEXT)NULL !=
+ (certContext = CertEnumCertificatesInStore(hStore, certContext))) {
+ /* first filter out non user certs if we are looking for keys */
+ if (isKey) {
+ /* make sure there is a Key Provider Info property */
+ CRYPT_KEY_PROV_INFO *keyProvInfo;
+ DWORD size = 0;
+ BOOL rv;
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID, NULL, &size);
+ if (!rv) {
+ int reason = GetLastError();
+ /* we only care if it exists, we don't really need to fetch it yet */
+ if (reason == CRYPT_E_NOT_FOUND) {
+ continue;
+ }
+ }
+ /* filter out the non-microsoft providers */
+ keyProvInfo = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if (keyProvInfo) {
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID, keyProvInfo, &size);
+ if (rv) {
+ char *provName =
+ nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
+ nss_ZFreeIf(keyProvInfo);
+
+ if (provName &&
+ (strncmp(provName, "Microsoft", sizeof("Microsoft") -
+ 1) != 0)) {
+ continue;
+ }
+ }
+ else {
+ int reason =
+ GetLastError();
+ /* we only care if it exists, we don't really need to fetch it yet */
+ nss_ZFreeIf(keyProvInfo);
+ if (reason ==
+ CRYPT_E_NOT_FOUND) {
+ continue;
+ }
+ }
+ }
+ }
+
+ if ((ckcapiInternalObject *)NULL == next) {
+ next = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == next) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ next->type = ckcapiCert;
+ next->objClass = objClass;
+ next->u.cert.certContext = certContext;
+ next->u.cert.hasID = hasID;
+ next->u.cert.certStore = storeStr;
+ if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, next)) {
+ /* clear cached values that may be dependent on our old certContext */
+ memset(&next->u.cert, 0, sizeof(next->u.cert));
+ /* get a 'permanent' context */
+ next->u.cert.certContext = CertDuplicateCertificateContext(certContext);
+ next->objClass = objClass;
+ next->u.cert.certContext = certContext;
+ next->u.cert.hasID = hasID;
+ next->u.cert.certStore = storeStr;
+ PUT_Object(next, *pError);
+ next = NULL; /* need to allocate a new one now */
+ }
+ else {
+ /* don't cache the values we just loaded */
+ memset(&next->u.cert, 0, sizeof(next->u.cert));
}
- }
- }
-
- if ((ckcapiInternalObject *)NULL == next) {
- next = nss_ZNEW(NULL, ckcapiInternalObject);
- if ((ckcapiInternalObject *)NULL == next) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- }
- next->type = ckcapiCert;
- next->objClass = objClass;
- next->u.cert.certContext = certContext;
- next->u.cert.hasID = hasID;
- next->u.cert.certStore = storeStr;
- if( CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, next) ) {
- /* clear cached values that may be dependent on our old certContext */
- memset(&next->u.cert, 0, sizeof(next->u.cert));
- /* get a 'permanent' context */
- next->u.cert.certContext = CertDuplicateCertificateContext(certContext);
- next->objClass = objClass;
- next->u.cert.certContext = certContext;
- next->u.cert.hasID = hasID;
- next->u.cert.certStore = storeStr;
- PUT_Object(next, *pError);
- next = NULL; /* need to allocate a new one now */
- } else {
- /* don't cache the values we just loaded */
- memset(&next->u.cert, 0, sizeof(next->u.cert));
}
- }
loser:
- CertCloseStore(hStore, 0);
- nss_ZFreeIf(next);
- *sizep = size;
- return count;
+ CertCloseStore(hStore, 0);
+ nss_ZFreeIf(next);
+ *sizep = size;
+ return count;
}
NSS_IMPLEMENT PRUint32
nss_ckcapi_collect_all_certs(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject ***listp,
- PRUint32 *sizep,
- PRUint32 count,
- CK_RV *pError
-)
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
{
- count = collect_class(CKO_CERTIFICATE, "My", PR_TRUE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- /*count = collect_class(CKO_CERTIFICATE, "AddressBook", PR_FALSE, pTemplate,
+ count = collect_class(CKO_CERTIFICATE, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ /*count = collect_class(CKO_CERTIFICATE, "AddressBook", PR_FALSE, pTemplate,
ulAttributeCount, listp, sizep, count, pError); */
- count = collect_class(CKO_CERTIFICATE, "CA", PR_FALSE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- count = collect_class(CKO_CERTIFICATE, "Root", PR_FALSE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- count = collect_class(CKO_CERTIFICATE, "Trust", PR_FALSE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- count = collect_class(CKO_CERTIFICATE, "TrustedPeople", PR_FALSE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- count = collect_class(CKO_CERTIFICATE, "AuthRoot", PR_FALSE, pTemplate,
- ulAttributeCount, listp, sizep, count, pError);
- return count;
+ count = collect_class(CKO_CERTIFICATE, "CA", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "Root", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "Trust", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "TrustedPeople", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "AuthRoot", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ return count;
}
CK_OBJECT_CLASS
-ckcapi_GetObjectClass(CK_ATTRIBUTE_PTR pTemplate,
+ckcapi_GetObjectClass(CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount)
{
- CK_ULONG i;
+ CK_ULONG i;
- for (i=0; i < ulAttributeCount; i++)
- {
- if (pTemplate[i].type == CKA_CLASS) {
- return *(CK_OBJECT_CLASS *) pTemplate[i].pValue;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS) {
+ return *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ }
}
- }
- /* need to return a value that says 'fetch them all' */
- return CK_INVALID_HANDLE;
+ /* need to return a value that says 'fetch them all' */
+ return CK_INVALID_HANDLE;
}
static PRUint32
collect_objects(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject ***listp,
- CK_RV *pError
-)
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ CK_RV *pError)
{
- PRUint32 i;
- PRUint32 count = 0;
- PRUint32 size = 0;
- CK_OBJECT_CLASS objClass;
-
- /*
- * first handle the static build in objects (if any)
- */
- for( i = 0; i < nss_ckcapi_nObjects; i++ ) {
- ckcapiInternalObject *o = (ckcapiInternalObject *)&nss_ckcapi_data[i];
-
- if( CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, o) ) {
- PUT_Object(o, *pError);
+ PRUint32 i;
+ PRUint32 count = 0;
+ PRUint32 size = 0;
+ CK_OBJECT_CLASS objClass;
+
+ /*
+ * first handle the static build in objects (if any)
+ */
+ for (i = 0; i < nss_ckcapi_nObjects; i++) {
+ ckcapiInternalObject *o = (ckcapiInternalObject *)&nss_ckcapi_data[i];
+
+ if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, o)) {
+ PUT_Object(o, *pError);
+ }
}
- }
-
- /*
- * now handle the various object types
- */
- objClass = ckcapi_GetObjectClass(pTemplate, ulAttributeCount);
- *pError = CKR_OK;
- switch (objClass) {
- case CKO_CERTIFICATE:
- count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- case CKO_PUBLIC_KEY:
- count = collect_class(objClass, "My", PR_TRUE, pTemplate,
- ulAttributeCount, listp, &size, count, pError);
- count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- case CKO_PRIVATE_KEY:
- count = collect_class(objClass, "My", PR_TRUE, pTemplate,
- ulAttributeCount, listp, &size, count, pError);
- count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- /* all of them */
- case CK_INVALID_HANDLE:
- count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- count = collect_class(CKO_PUBLIC_KEY, "My", PR_TRUE, pTemplate,
- ulAttributeCount, listp, &size, count, pError);
- count = collect_bare(CKO_PUBLIC_KEY, pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- count = collect_class(CKO_PRIVATE_KEY, "My", PR_TRUE, pTemplate,
- ulAttributeCount, listp, &size, count, pError);
- count = collect_bare(CKO_PRIVATE_KEY, pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- default:
- goto done; /* no other object types we understand in this module */
- }
- if (CKR_OK != *pError) {
- goto loser;
- }
+ /*
+ * now handle the various object types
+ */
+ objClass = ckcapi_GetObjectClass(pTemplate, ulAttributeCount);
+ *pError = CKR_OK;
+ switch (objClass) {
+ case CKO_CERTIFICATE:
+ count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ count = collect_class(objClass, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ count = collect_class(objClass, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ /* all of them */
+ case CK_INVALID_HANDLE:
+ count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(CKO_PUBLIC_KEY, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PRIVATE_KEY, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(CKO_PRIVATE_KEY, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ default:
+ goto done; /* no other object types we understand in this module */
+ }
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
done:
- return count;
+ return count;
loser:
- nss_ZFreeIf(*listp);
- return 0;
+ nss_ZFreeIf(*listp);
+ return 0;
}
-
-
NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_ckcapi_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckcapi_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- /* This could be made more efficient. I'm rather rushed. */
- NSSArena *arena;
- NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
- struct ckcapiFOStr *fo = (struct ckcapiFOStr *)NULL;
- ckcapiInternalObject **temp = (ckcapiInternalObject **)NULL;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo = nss_ZNEW(arena, struct ckcapiFOStr);
- if( (struct ckcapiFOStr *)NULL == fo ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo->arena = arena;
- /* fo->n and fo->i are already zero */
-
- rv->etc = (void *)fo;
- rv->Final = ckcapi_mdFindObjects_Final;
- rv->Next = ckcapi_mdFindObjects_Next;
- rv->null = (void *)NULL;
-
- fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
- if (*pError != CKR_OK) {
- goto loser;
- }
-
- fo->objs = nss_ZNEWARRAY(arena, ckcapiInternalObject *, fo->n);
- if( (ckcapiInternalObject **)NULL == fo->objs ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckcapiInternalObject *) * fo->n);
- nss_ZFreeIf(temp);
- temp = (ckcapiInternalObject **)NULL;
-
- return rv;
-
- loser:
- nss_ZFreeIf(temp);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(rv);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
- return (NSSCKMDFindObjects *)NULL;
-}
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)NULL;
+ ckcapiInternalObject **temp = (ckcapiInternalObject **)NULL;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ fo = nss_ZNEW(arena, struct ckcapiFOStr);
+ if ((struct ckcapiFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = ckcapi_mdFindObjects_Final;
+ rv->Next = ckcapi_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
+ if (*pError != CKR_OK) {
+ goto loser;
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, ckcapiInternalObject *, fo->n);
+ if ((ckcapiInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckcapiInternalObject *) * fo->n);
+ nss_ZFreeIf(temp);
+ temp = (ckcapiInternalObject **)NULL;
+
+ return rv;
+
+loser:
+ nss_ZFreeIf(temp);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/lib/ckfw/capi/cinst.c b/lib/ckfw/capi/cinst.c
index 8aac1ca0c..937c289a1 100644
--- a/lib/ckfw/capi/cinst.c
+++ b/lib/ckfw/capi/cinst.c
@@ -7,7 +7,7 @@
/*
* ckcapi/cinstance.c
*
- * This file implements the NSSCKMDInstance object for the
+ * This file implements the NSSCKMDInstance object for the
* "capi" cryptoki module.
*/
@@ -16,96 +16,82 @@
*/
static CK_ULONG
-ckcapi_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (CK_ULONG)1;
+ return (CK_ULONG)1;
}
static CK_VERSION
-ckcapi_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_CryptokiVersion;
+ return nss_ckcapi_CryptokiVersion;
}
static NSSUTF8 *
-ckcapi_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
}
static NSSUTF8 *
-ckcapi_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_LibraryDescription;
+ return (NSSUTF8 *)nss_ckcapi_LibraryDescription;
}
static CK_VERSION
-ckcapi_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_LibraryVersion;
+ return nss_ckcapi_LibraryVersion;
}
static CK_RV
-ckcapi_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
+ckcapi_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
{
- slots[0] = (NSSCKMDSlot *)&nss_ckcapi_mdSlot;
- return CKR_OK;
+ slots[0] = (NSSCKMDSlot *)&nss_ckcapi_mdSlot;
+ return CKR_OK;
}
static CK_BBOOL
-ckcapi_mdInstance_ModuleHandlesSessionObjects
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- /* we don't want to allow any session object creation, at least
- * until we can investigate whether or not we can use those objects
- */
- return CK_TRUE;
+ /* we don't want to allow any session object creation, at least
+ * until we can investigate whether or not we can use those objects
+ */
+ return CK_TRUE;
}
NSS_IMPLEMENT_DATA const NSSCKMDInstance
-nss_ckcapi_mdInstance = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Finalize */
- ckcapi_mdInstance_GetNSlots,
- ckcapi_mdInstance_GetCryptokiVersion,
- ckcapi_mdInstance_GetManufacturerID,
- ckcapi_mdInstance_GetLibraryDescription,
- ckcapi_mdInstance_GetLibraryVersion,
- ckcapi_mdInstance_ModuleHandlesSessionObjects,
- /*NULL, /* HandleSessionObjects */
- ckcapi_mdInstance_GetSlots,
- NULL, /* WaitForSlotEvent */
- (void *)NULL /* null terminator */
-};
+ nss_ckcapi_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ ckcapi_mdInstance_GetNSlots,
+ ckcapi_mdInstance_GetCryptokiVersion,
+ ckcapi_mdInstance_GetManufacturerID,
+ ckcapi_mdInstance_GetLibraryDescription,
+ ckcapi_mdInstance_GetLibraryVersion,
+ ckcapi_mdInstance_ModuleHandlesSessionObjects,
+ /*NULL, /* HandleSessionObjects */
+ ckcapi_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/capi/ckcapi.h b/lib/ckfw/capi/ckcapi.h
index 2ae01e35f..2c4b12aac 100644
--- a/lib/ckfw/capi/ckcapi.h
+++ b/lib/ckfw/capi/ckcapi.h
@@ -31,28 +31,27 @@
* to this PKCS #11 module.
*/
struct ckcapiRawObjectStr {
- CK_ULONG n;
- const CK_ATTRIBUTE_TYPE *types;
- const NSSItem *items;
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
};
typedef struct ckcapiRawObjectStr ckcapiRawObject;
-
/*
* common values needed for both bare keys and cert referenced keys.
*/
struct ckcapiKeyParamsStr {
- NSSItem modulus;
- NSSItem exponent;
- NSSItem privateExponent;
- NSSItem prime1;
- NSSItem prime2;
- NSSItem exponent1;
- NSSItem exponent2;
- NSSItem coefficient;
- unsigned char publicExponentData[sizeof(CK_ULONG)];
- void *privateKey;
- void *pubKey;
+ NSSItem modulus;
+ NSSItem exponent;
+ NSSItem privateExponent;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem coefficient;
+ unsigned char publicExponentData[sizeof(CK_ULONG)];
+ void *privateKey;
+ void *pubKey;
};
typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
@@ -62,11 +61,11 @@ typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
* while the CA is issuing the certificate.
*/
struct ckcapiKeyObjectStr {
- CRYPT_KEY_PROV_INFO provInfo;
- char *provName;
- char *containerName;
- HCRYPTPROV hProv;
- ckcapiKeyParams key;
+ CRYPT_KEY_PROV_INFO provInfo;
+ char *provName;
+ char *containerName;
+ HCRYPTPROV hProv;
+ ckcapiKeyParams key;
};
typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
@@ -74,25 +73,25 @@ typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
* Certificate and certificate referenced keys.
*/
struct ckcapiCertObjectStr {
- PCCERT_CONTEXT certContext;
- PRBool hasID;
- const char *certStore;
- NSSItem label;
- NSSItem subject;
- NSSItem issuer;
- NSSItem serial;
- NSSItem derCert;
- ckcapiKeyParams key;
- unsigned char *labelData;
- /* static data: to do, make this dynamic like labelData */
- unsigned char derSerial[128];
+ PCCERT_CONTEXT certContext;
+ PRBool hasID;
+ const char *certStore;
+ NSSItem label;
+ NSSItem subject;
+ NSSItem issuer;
+ NSSItem serial;
+ NSSItem derCert;
+ ckcapiKeyParams key;
+ unsigned char *labelData;
+ /* static data: to do, make this dynamic like labelData */
+ unsigned char derSerial[128];
};
typedef struct ckcapiCertObjectStr ckcapiCertObject;
typedef enum {
- ckcapiRaw,
- ckcapiCert,
- ckcapiBareKey
+ ckcapiRaw,
+ ckcapiCert,
+ ckcapiBareKey
} ckcapiObjectType;
/*
@@ -100,98 +99,84 @@ typedef enum {
* cfind as ckcapiInternalObjects.
*/
struct ckcapiInternalObjectStr {
- ckcapiObjectType type;
- union {
- ckcapiRawObject raw;
- ckcapiCertObject cert;
- ckcapiKeyObject key;
- } u;
- CK_OBJECT_CLASS objClass;
- NSSItem hashKey;
- NSSItem id;
- void *idData;
- unsigned char hashKeyData[128];
- NSSCKMDObject mdObject;
+ ckcapiObjectType type;
+ union {
+ ckcapiRawObject raw;
+ ckcapiCertObject cert;
+ ckcapiKeyObject key;
+ } u;
+ CK_OBJECT_CLASS objClass;
+ NSSItem hashKey;
+ NSSItem id;
+ void *idData;
+ unsigned char hashKeyData[128];
+ NSSCKMDObject mdObject;
};
typedef struct ckcapiInternalObjectStr ckcapiInternalObject;
/* our raw object data array */
NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
-NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;
-
-NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_ManufacturerID;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_LibraryDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_SlotDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
-NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenLabel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenModel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenSerialNumber;
-
-NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
-NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
-NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
+NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;
+
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_ManufacturerID;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_LibraryDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_SlotDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenLabel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenModel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenSerialNumber;
+
+NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
+NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
+NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;
NSS_EXTERN NSSCKMDSession *
-nss_ckcapi_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nss_ckcapi_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDFindObjects *
-nss_ckcapi_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nss_ckcapi_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* Object Utilities
*/
NSS_EXTERN NSSCKMDObject *
-nss_ckcapi_CreateMDObject
-(
- NSSArena *arena,
- ckcapiInternalObject *io,
- CK_RV *pError
-);
+nss_ckcapi_CreateMDObject(
+ NSSArena *arena,
+ ckcapiInternalObject *io,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDObject *
-nss_ckcapi_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nss_ckcapi_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
NSS_EXTERN const NSSItem *
-nss_ckcapi_FetchAttribute
-(
- ckcapiInternalObject *io,
- CK_ATTRIBUTE_TYPE type
-);
+nss_ckcapi_FetchAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type);
NSS_EXTERN void
-nss_ckcapi_DestroyInternalObject
-(
- ckcapiInternalObject *io
-);
+nss_ckcapi_DestroyInternalObject(
+ ckcapiInternalObject *io);
NSS_EXTERN CK_RV
-nss_ckcapi_FetchKeyContainer
-(
- ckcapiInternalObject *iKey,
- HCRYPTPROV *hProv,
- DWORD *keySpec,
- HCRYPTKEY *hKey
-);
+nss_ckcapi_FetchKeyContainer(
+ ckcapiInternalObject *iKey,
+ HCRYPTPROV *hProv,
+ DWORD *keySpec,
+ HCRYPTKEY *hKey);
/*
* generic utilities
@@ -202,70 +187,56 @@ nss_ckcapi_FetchKeyContainer
* Microsoft, we need to byte swap everything coming into and out of CAPI.
*/
void
-ckcapi_ReverseData
-(
- NSSItem *item
-);
+ckcapi_ReverseData(
+ NSSItem *item);
/*
* unwrap a single DER value
*/
unsigned char *
-nss_ckcapi_DERUnwrap
-(
- unsigned char *src,
- unsigned int size,
- unsigned int *outSize,
- unsigned char **next
-);
+nss_ckcapi_DERUnwrap(
+ unsigned char *src,
+ unsigned int size,
+ unsigned int *outSize,
+ unsigned char **next);
/*
* Return the size in bytes of a wide string
*/
-int
-nss_ckcapi_WideSize
-(
- LPCWSTR wide
-);
+int
+nss_ckcapi_WideSize(
+ LPCWSTR wide);
/*
* Covert a Unicode wide character string to a UTF8 string
*/
char *
-nss_ckcapi_WideToUTF8
-(
- LPCWSTR wide
-);
+nss_ckcapi_WideToUTF8(
+ LPCWSTR wide);
/*
* Return a Wide String duplicated with nss allocated memory.
*/
LPWSTR
-nss_ckcapi_WideDup
-(
- LPCWSTR wide
-);
+nss_ckcapi_WideDup(
+ LPCWSTR wide);
/*
* Covert a UTF8 string to Unicode wide character
*/
LPWSTR
-nss_ckcapi_UTF8ToWide
-(
- char *buf
-);
-
+nss_ckcapi_UTF8ToWide(
+ char *buf);
NSS_EXTERN PRUint32
nss_ckcapi_collect_all_certs(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckcapiInternalObject ***listp,
- PRUint32 *sizep,
- PRUint32 count,
- CK_RV *pError
-);
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError);
+
+#define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))
-#define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))
-
#endif
diff --git a/lib/ckfw/capi/ckcapiver.c b/lib/ckfw/capi/ckcapiver.c
index 54e488756..825b63074 100644
--- a/lib/ckfw/capi/ckcapiver.c
+++ b/lib/ckfw/capi/ckcapiver.c
@@ -14,5 +14,4 @@
/*
* Version information
*/
-const char __nss_ckcapi_version[] = "Version: NSS Access to Microsoft Certificate Store "
- NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING;
+const char __nss_ckcapi_version[] = "Version: NSS Access to Microsoft Certificate Store " NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/lib/ckfw/capi/cobject.c b/lib/ckfw/capi/cobject.c
index 1da5f7d20..03a8a5e7b 100644
--- a/lib/ckfw/capi/cobject.c
+++ b/lib/ckfw/capi/cobject.c
@@ -76,22 +76,30 @@ static const CK_KEY_TYPE ckk_rsa = CKK_RSA;
static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY;
static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY;
-static const NSSItem ckcapi_trueItem = {
- (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) };
-static const NSSItem ckcapi_falseItem = {
- (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) };
-static const NSSItem ckcapi_x509Item = {
- (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) };
-static const NSSItem ckcapi_rsaItem = {
- (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE) };
-static const NSSItem ckcapi_certClassItem = {
- (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) };
+static const NSSItem ckcapi_trueItem = {
+ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckcapi_falseItem = {
+ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckcapi_x509Item = {
+ (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE)
+};
+static const NSSItem ckcapi_rsaItem = {
+ (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE)
+};
+static const NSSItem ckcapi_certClassItem = {
+ (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
static const NSSItem ckcapi_privKeyClassItem = {
- (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS) };
+ (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
static const NSSItem ckcapi_pubKeyClassItem = {
- (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS) };
-static const NSSItem ckcapi_emptyItem = {
- (void *)&ck_true, 0};
+ (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckcapi_emptyItem = {
+ (void *)&ck_true, 0
+};
/*
* these are utilities. The chould be moved to a new utilities file.
@@ -101,117 +109,111 @@ static const NSSItem ckcapi_emptyItem = {
* unwrap a single DER value
*/
unsigned char *
-nss_ckcapi_DERUnwrap
-(
- unsigned char *src,
- unsigned int size,
- unsigned int *outSize,
- unsigned char **next
-)
+nss_ckcapi_DERUnwrap(
+ unsigned char *src,
+ unsigned int size,
+ unsigned int *outSize,
+ unsigned char **next)
{
- unsigned char *start = src;
- unsigned char *end = src+size;
- unsigned int len = 0;
-
- /* initialize error condition return values */
- *outSize = 0;
- if (next) {
- *next = src;
- }
-
- if (size < 2) {
- return start;
- }
- src++; /* skip the tag -- should check it against an expected value! */
- len = (unsigned) *src++;
- if (len & 0x80) {
- unsigned int count = len & 0x7f;
- len = 0;
-
- if (count+2 > size) {
- return start;
- }
- while (count-- > 0) {
- len = (len << 8) | (unsigned) *src++;
- }
- }
- if (len + (src-start) > size) {
- return start;
- }
- if (next) {
- *next = src+len;
- }
- *outSize = len;
-
- return src;
+ unsigned char *start = src;
+ unsigned char *end = src + size;
+ unsigned int len = 0;
+
+ /* initialize error condition return values */
+ *outSize = 0;
+ if (next) {
+ *next = src;
+ }
+
+ if (size < 2) {
+ return start;
+ }
+ src++; /* skip the tag -- should check it against an expected value! */
+ len = (unsigned)*src++;
+ if (len & 0x80) {
+ unsigned int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return start;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | (unsigned)*src++;
+ }
+ }
+ if (len + (src - start) > size) {
+ return start;
+ }
+ if (next) {
+ *next = src + len;
+ }
+ *outSize = len;
+
+ return src;
}
/*
* convert a PKCS #11 bytestrin into a CK_ULONG, the byte stream must be
* less than sizeof (CK_ULONG).
*/
-CK_ULONG
-nss_ckcapi_DataToInt
-(
- NSSItem *data,
- CK_RV *pError
-)
+CK_ULONG
+nss_ckcapi_DataToInt(
+ NSSItem *data,
+ CK_RV *pError)
{
- CK_ULONG value = 0;
- unsigned long count = data->size;
- unsigned char *dataPtr = data->data;
- unsigned long size = 0;
-
- *pError = CKR_OK;
-
- while (count--) {
- value = value << 8;
- value = value + *dataPtr++;
- if (size || value) {
- size++;
- }
- }
- if (size > sizeof(CK_ULONG)) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- }
- return value;
+ CK_ULONG value = 0;
+ unsigned long count = data->size;
+ unsigned char *dataPtr = data->data;
+ unsigned long size = 0;
+
+ *pError = CKR_OK;
+
+ while (count--) {
+ value = value << 8;
+ value = value + *dataPtr++;
+ if (size || value) {
+ size++;
+ }
+ }
+ if (size > sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ return value;
}
/*
* convert a CK_ULONG to a bytestream. Data is stored in the buffer 'buf'
* and must be at least CK_ULONG. Caller must provide buf.
*/
-CK_ULONG
-nss_ckcapi_IntToData
-(
- CK_ULONG value,
- NSSItem *data,
- unsigned char *dataPtr,
- CK_RV *pError
-)
+CK_ULONG
+nss_ckcapi_IntToData(
+ CK_ULONG value,
+ NSSItem *data,
+ unsigned char *dataPtr,
+ CK_RV *pError)
{
- unsigned long count = 0;
- unsigned long i;
-#define SHIFT ((sizeof(CK_ULONG)-1)*8)
- PRBool first = 0;
+ unsigned long count = 0;
+ unsigned long i;
+#define SHIFT ((sizeof(CK_ULONG) - 1) * 8)
+ PRBool first = 0;
- *pError = CKR_OK;
+ *pError = CKR_OK;
- data->data = dataPtr;
- for (i=0; i < sizeof(CK_ULONG); i++) {
- unsigned char digit = (unsigned char)((value >> SHIFT) & 0xff);
+ data->data = dataPtr;
+ for (i = 0; i < sizeof(CK_ULONG); i++) {
+ unsigned char digit = (unsigned char)((value >> SHIFT) & 0xff);
- value = value << 8;
+ value = value << 8;
- /* drop leading zero bytes */
- if (first && (0 == digit)) {
- continue;
+ /* drop leading zero bytes */
+ if (first && (0 == digit)) {
+ continue;
+ }
+ *dataPtr++ = digit;
+ count++;
}
- *dataPtr++ = digit;
- count++;
- }
- data->size = count;
- return count;
+ data->size = count;
+ return count;
}
/*
@@ -219,107 +221,99 @@ nss_ckcapi_IntToData
* data for the item is owned by the template.
*/
CK_RV
-nss_ckcapi_GetAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- NSSItem *item
-)
+nss_ckcapi_GetAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ NSSItem *item)
{
- CK_ULONG i;
-
- for (i=0; i < templateSize; i++) {
- if (template[i].type == type) {
- item->data = template[i].pValue;
- item->size = template[i].ulValueLen;
- return CKR_OK;
+ CK_ULONG i;
+
+ for (i = 0; i < templateSize; i++) {
+ if (template[i].type == type) {
+ item->data = template[i].pValue;
+ item->size = template[i].ulValueLen;
+ return CKR_OK;
+ }
}
- }
- return CKR_TEMPLATE_INCOMPLETE;
+ return CKR_TEMPLATE_INCOMPLETE;
}
/*
* get an attribute which is type CK_ULONG.
*/
CK_ULONG
-nss_ckcapi_GetULongAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-)
+nss_ckcapi_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
{
- NSSItem item;
-
- *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != *pError) {
- return (CK_ULONG) 0;
- }
- if (item.size != sizeof(CK_ULONG)) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (CK_ULONG) 0;
- }
- return *(CK_ULONG *)item.data;
+ NSSItem item;
+
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+ if (item.size != sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_ULONG)0;
+ }
+ return *(CK_ULONG *)item.data;
}
/*
* get an attribute which is type CK_BBOOL.
*/
CK_BBOOL
-nss_ckcapi_GetBoolAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-)
+nss_ckcapi_GetBoolAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
{
- NSSItem item;
-
- *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != *pError) {
- return (CK_BBOOL) 0;
- }
- if (item.size != sizeof(CK_BBOOL)) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (CK_BBOOL) 0;
- }
- return *(CK_BBOOL *)item.data;
+ NSSItem item;
+
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_BBOOL)0;
+ }
+ if (item.size != sizeof(CK_BBOOL)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_BBOOL)0;
+ }
+ return *(CK_BBOOL *)item.data;
}
/*
* get an attribute which is type CK_BBOOL.
*/
char *
-nss_ckcapi_GetStringAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-)
+nss_ckcapi_GetStringAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
{
- NSSItem item;
- char *str;
-
- /* get the attribute */
- *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != *pError) {
- return (char *)NULL;
- }
- /* make sure it is null terminated */
- str = nss_ZNEWARRAY(NULL, char, item.size+1);
- if ((char *)NULL == str) {
- *pError = CKR_HOST_MEMORY;
- return (char *)NULL;
- }
-
- nsslibc_memcpy(str, item.data, item.size);
- str[item.size] = 0;
-
- return str;
+ NSSItem item;
+ char *str;
+
+ /* get the attribute */
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (char *)NULL;
+ }
+ /* make sure it is null terminated */
+ str = nss_ZNEWARRAY(NULL, char, item.size + 1);
+ if ((char *)NULL == str) {
+ *pError = CKR_HOST_MEMORY;
+ return (char *)NULL;
+ }
+
+ nsslibc_memcpy(str, item.data, item.size);
+ str[item.size] = 0;
+
+ return str;
}
/*
@@ -327,104 +321,95 @@ nss_ckcapi_GetStringAttribute
* character
*/
int
-nss_ckcapi_WideSize
-(
- LPCWSTR wide
-)
+nss_ckcapi_WideSize(
+ LPCWSTR wide)
{
- DWORD size;
+ DWORD size;
- if ((LPWSTR)NULL == wide) {
- return 0;
- }
- size = wcslen(wide)+1;
- return size*sizeof(WCHAR);
+ if ((LPWSTR)NULL == wide) {
+ return 0;
+ }
+ size = wcslen(wide) + 1;
+ return size * sizeof(WCHAR);
}
/*
* Covert a Unicode wide character string to a UTF8 string
*/
char *
-nss_ckcapi_WideToUTF8
-(
- LPCWSTR wide
-)
+nss_ckcapi_WideToUTF8(
+ LPCWSTR wide)
{
- DWORD size;
- char *buf;
-
- if ((LPWSTR)NULL == wide) {
- return (char *)NULL;
- }
-
- size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, NULL, 0, NULL, 0);
- if (size == 0) {
- return (char *)NULL;
- }
- buf = nss_ZNEWARRAY(NULL, char, size);
- size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, buf, size, NULL, 0);
- if (size == 0) {
- nss_ZFreeIf(buf);
- return (char *)NULL;
- }
- return buf;
+ DWORD size;
+ char *buf;
+
+ if ((LPWSTR)NULL == wide) {
+ return (char *)NULL;
+ }
+
+ size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, NULL, 0, NULL, 0);
+ if (size == 0) {
+ return (char *)NULL;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, size);
+ size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, buf, size, NULL, 0);
+ if (size == 0) {
+ nss_ZFreeIf(buf);
+ return (char *)NULL;
+ }
+ return buf;
}
/*
* Return a Wide String duplicated with nss allocated memory.
*/
LPWSTR
-nss_ckcapi_WideDup
-(
- LPCWSTR wide
-)
+nss_ckcapi_WideDup(
+ LPCWSTR wide)
{
- DWORD len;
- LPWSTR buf;
+ DWORD len;
+ LPWSTR buf;
- if ((LPWSTR)NULL == wide) {
- return (LPWSTR)NULL;
- }
+ if ((LPWSTR)NULL == wide) {
+ return (LPWSTR)NULL;
+ }
- len = wcslen(wide)+1;
+ len = wcslen(wide) + 1;
- buf = nss_ZNEWARRAY(NULL, WCHAR, len);
- if ((LPWSTR) NULL == buf) {
+ buf = nss_ZNEWARRAY(NULL, WCHAR, len);
+ if ((LPWSTR)NULL == buf) {
+ return buf;
+ }
+ nsslibc_memcpy(buf, wide, len * sizeof(WCHAR));
return buf;
- }
- nsslibc_memcpy(buf, wide, len*sizeof(WCHAR));
- return buf;
}
/*
* Covert a UTF8 string to Unicode wide character
*/
LPWSTR
-nss_ckcapi_UTF8ToWide
-(
- char *buf
-)
+nss_ckcapi_UTF8ToWide(
+ char *buf)
{
- DWORD size;
- LPWSTR wide;
-
- if ((char *)NULL == buf) {
- return (LPWSTR) NULL;
- }
-
- size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, NULL, 0);
- if (size == 0) {
- return (LPWSTR) NULL;
- }
- wide = nss_ZNEWARRAY(NULL, WCHAR, size);
- size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, wide, size);
- if (size == 0) {
- nss_ZFreeIf(wide);
- return (LPWSTR) NULL;
- }
- return wide;
-}
+ DWORD size;
+ LPWSTR wide;
+
+ if ((char *)NULL == buf) {
+ return (LPWSTR)NULL;
+ }
+ size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, NULL, 0);
+ if (size == 0) {
+ return (LPWSTR)NULL;
+ }
+ wide = nss_ZNEWARRAY(NULL, WCHAR, size);
+ size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, wide, size);
+ if (size == 0) {
+ nss_ZFreeIf(wide);
+ return (LPWSTR)NULL;
+ }
+ return wide;
+}
/*
* keep all the knowlege of how the internalObject is laid out in this function
@@ -436,281 +421,274 @@ nss_ckcapi_UTF8ToWide
* this function fails with CKR_KEY_TYPE_INCONSISTENT
*/
NSS_EXTERN CK_RV
-nss_ckcapi_FetchKeyContainer
-(
- ckcapiInternalObject *iKey,
- HCRYPTPROV *hProv,
- DWORD *keySpec,
- HCRYPTKEY *hKey
-)
+nss_ckcapi_FetchKeyContainer(
+ ckcapiInternalObject *iKey,
+ HCRYPTPROV *hProv,
+ DWORD *keySpec,
+ HCRYPTKEY *hKey)
{
- ckcapiCertObject *co;
- ckcapiKeyObject *ko;
- BOOL rc, dummy;
- DWORD msError;
-
-
- switch (iKey->type) {
- default:
- case ckcapiRaw:
- /* can't have raw private keys */
- return CKR_KEY_TYPE_INCONSISTENT;
- case ckcapiCert:
- if (iKey->objClass != CKO_PRIVATE_KEY) {
- /* Only private keys have private key provider handles */
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- co = &iKey->u.cert;
-
- /* OK, get the Provider */
- rc = CryptAcquireCertificatePrivateKey(co->certContext,
- CRYPT_ACQUIRE_CACHE_FLAG|CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, hProv,
- keySpec, &dummy);
+ ckcapiCertObject *co;
+ ckcapiKeyObject *ko;
+ BOOL rc, dummy;
+ DWORD msError;
+
+ switch (iKey->type) {
+ default:
+ case ckcapiRaw:
+ /* can't have raw private keys */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ case ckcapiCert:
+ if (iKey->objClass != CKO_PRIVATE_KEY) {
+ /* Only private keys have private key provider handles */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ co = &iKey->u.cert;
+
+ /* OK, get the Provider */
+ rc = CryptAcquireCertificatePrivateKey(co->certContext,
+ CRYPT_ACQUIRE_CACHE_FLAG |
+ CRYPT_ACQUIRE_COMPARE_KEY_FLAG,
+ NULL, hProv,
+ keySpec, &dummy);
+ if (!rc) {
+ goto loser;
+ }
+ break;
+ case ckcapiBareKey:
+ if (iKey->objClass != CKO_PRIVATE_KEY) {
+ /* Only private keys have private key provider handles */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ ko = &iKey->u.key;
+
+ /* OK, get the Provider */
+ if (0 == ko->hProv) {
+ rc =
+ CryptAcquireContext(hProv,
+ ko->containerName,
+ ko->provName,
+ ko->provInfo.dwProvType, 0);
+ if (!rc) {
+ goto loser;
+ }
+ }
+ else {
+ *hProv =
+ ko->hProv;
+ }
+ *keySpec = ko->provInfo.dwKeySpec;
+ break;
+ }
+
+ /* and get the crypto handle */
+ rc = CryptGetUserKey(*hProv, *keySpec, hKey);
if (!rc) {
- goto loser;
- }
- break;
- case ckcapiBareKey:
- if (iKey->objClass != CKO_PRIVATE_KEY) {
- /* Only private keys have private key provider handles */
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- ko = &iKey->u.key;
-
- /* OK, get the Provider */
- if (0 == ko->hProv) {
- rc = CryptAcquireContext(hProv,
- ko->containerName,
- ko->provName,
- ko->provInfo.dwProvType , 0);
- if (!rc) {
goto loser;
- }
- } else {
- *hProv = ko->hProv;
- }
- *keySpec = ko->provInfo.dwKeySpec;
- break;
- }
-
- /* and get the crypto handle */
- rc = CryptGetUserKey(*hProv, *keySpec, hKey);
- if (!rc) {
- goto loser;
- }
- return CKR_OK;
+ }
+ return CKR_OK;
loser:
- /* map the microsoft error before leaving */
- msError = GetLastError();
- switch (msError) {
- case ERROR_INVALID_HANDLE:
- case ERROR_INVALID_PARAMETER:
- case NTE_BAD_KEY:
- case NTE_NO_KEY:
- case NTE_BAD_PUBLIC_KEY:
- case NTE_BAD_KEYSET:
- case NTE_KEYSET_NOT_DEF:
- return CKR_KEY_TYPE_INCONSISTENT;
- case NTE_BAD_UID:
- case NTE_KEYSET_ENTRY_BAD:
- return CKR_DEVICE_ERROR;
- }
- return CKR_GENERAL_ERROR;
+ /* map the microsoft error before leaving */
+ msError = GetLastError();
+ switch (msError) {
+ case ERROR_INVALID_HANDLE:
+ case ERROR_INVALID_PARAMETER:
+ case NTE_BAD_KEY:
+ case NTE_NO_KEY:
+ case NTE_BAD_PUBLIC_KEY:
+ case NTE_BAD_KEYSET:
+ case NTE_KEYSET_NOT_DEF:
+ return CKR_KEY_TYPE_INCONSISTENT;
+ case NTE_BAD_UID:
+ case NTE_KEYSET_ENTRY_BAD:
+ return CKR_DEVICE_ERROR;
+ }
+ return CKR_GENERAL_ERROR;
}
-
/*
* take a DER PUBLIC Key block and return the modulus and exponent
*/
static void
-ckcapi_CertPopulateModulusExponent
-(
- ckcapiInternalObject *io
-)
+ckcapi_CertPopulateModulusExponent(
+ ckcapiInternalObject *io)
{
- ckcapiKeyParams *kp = &io->u.cert.key;
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- unsigned char *pkData =
- certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData;
- unsigned int size=
- certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData;
- unsigned int newSize;
- unsigned char *ptr, *newptr;
-
- /* find the start of the modulus -- this will not give good results if
- * the key isn't an rsa key! */
- ptr = nss_ckcapi_DERUnwrap(pkData, size, &newSize, NULL);
- kp->modulus.data = nss_ckcapi_DERUnwrap(ptr, newSize,
- &kp->modulus.size, &newptr);
- /* changed from signed to unsigned int */
- if (0 == *(char *)kp->modulus.data) {
- kp->modulus.data = ((char *)kp->modulus.data)+1;
- kp->modulus.size = kp->modulus.size - 1;
- }
- /* changed from signed to unsigned int */
- kp->exponent.data = nss_ckcapi_DERUnwrap(newptr, (newptr-ptr)+newSize,
- &kp->exponent.size, NULL);
- if (0 == *(char *)kp->exponent.data) {
- kp->exponent.data = ((char *)kp->exponent.data)+1;
- kp->exponent.size = kp->exponent.size - 1;
- }
- return;
+ ckcapiKeyParams *kp = &io->u.cert.key;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ unsigned char *pkData =
+ certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData;
+ unsigned int size =
+ certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData;
+ unsigned int newSize;
+ unsigned char *ptr, *newptr;
+
+ /* find the start of the modulus -- this will not give good results if
+ * the key isn't an rsa key! */
+ ptr = nss_ckcapi_DERUnwrap(pkData, size, &newSize, NULL);
+ kp->modulus.data = nss_ckcapi_DERUnwrap(ptr, newSize,
+ &kp->modulus.size, &newptr);
+ /* changed from signed to unsigned int */
+ if (0 == *(char *)kp->modulus.data) {
+ kp->modulus.data = ((char *)kp->modulus.data) + 1;
+ kp->modulus.size = kp->modulus.size - 1;
+ }
+ /* changed from signed to unsigned int */
+ kp->exponent.data = nss_ckcapi_DERUnwrap(newptr, (newptr - ptr) + newSize,
+ &kp->exponent.size, NULL);
+ if (0 == *(char *)kp->exponent.data) {
+ kp->exponent.data = ((char *)kp->exponent.data) + 1;
+ kp->exponent.size = kp->exponent.size - 1;
+ }
+ return;
}
typedef struct _CAPI_RSA_KEY_BLOB {
- PUBLICKEYSTRUC header;
- RSAPUBKEY rsa;
- char data[1];
+ PUBLICKEYSTRUC header;
+ RSAPUBKEY rsa;
+ char data[1];
} CAPI_RSA_KEY_BLOB;
-#define CAPI_MODULUS_OFFSET(modSize) 0
-#define CAPI_PRIME_1_OFFSET(modSize) (modSize)
-#define CAPI_PRIME_2_OFFSET(modSize) ((modSize)+(modSize)/2)
-#define CAPI_EXPONENT_1_OFFSET(modSize) ((modSize)*2)
-#define CAPI_EXPONENT_2_OFFSET(modSize) ((modSize)*2+(modSize)/2)
+#define CAPI_MODULUS_OFFSET(modSize) 0
+#define CAPI_PRIME_1_OFFSET(modSize) (modSize)
+#define CAPI_PRIME_2_OFFSET(modSize) ((modSize) + (modSize) / 2)
+#define CAPI_EXPONENT_1_OFFSET(modSize) ((modSize)*2)
+#define CAPI_EXPONENT_2_OFFSET(modSize) ((modSize)*2 + (modSize) / 2)
#define CAPI_COEFFICIENT_OFFSET(modSize) ((modSize)*3)
-#define CAPI_PRIVATE_EXP_OFFSET(modSize) ((modSize)*3+(modSize)/2)
+#define CAPI_PRIVATE_EXP_OFFSET(modSize) ((modSize)*3 + (modSize) / 2)
void
-ckcapi_FetchPublicKey
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchPublicKey(
+ ckcapiInternalObject *io)
{
- ckcapiKeyParams *kp;
- HCRYPTPROV hProv;
- DWORD keySpec;
- HCRYPTKEY hKey = 0;
- CK_RV error;
- DWORD bufLen;
- BOOL rc;
- unsigned long modulus;
- char *buf = NULL;
- CAPI_RSA_KEY_BLOB *blob;
-
- error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
- if (CKR_OK != error) {
- goto loser;
- }
- kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
-
- rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
- if (!rc) {
- goto loser;
- }
- buf = nss_ZNEWARRAY(NULL, char, bufLen);
- rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
- if (!rc) {
- goto loser;
- }
- /* validate the blob */
- blob = (CAPI_RSA_KEY_BLOB *)buf;
- if ((PUBLICKEYBLOB != blob->header.bType) ||
- (0x02 != blob->header.bVersion) ||
- (0x31415352 != blob->rsa.magic)) {
- goto loser;
- }
- modulus = blob->rsa.bitlen/8;
- kp->pubKey = buf;
- buf = NULL;
-
- kp->modulus.data = &blob->data[CAPI_MODULUS_OFFSET(modulus)];
- kp->modulus.size = modulus;
- ckcapi_ReverseData(&kp->modulus);
- nss_ckcapi_IntToData(blob->rsa.pubexp, &kp->exponent,
- kp->publicExponentData, &error);
+ ckcapiKeyParams *kp;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey = 0;
+ CK_RV error;
+ DWORD bufLen;
+ BOOL rc;
+ unsigned long modulus;
+ char *buf = NULL;
+ CAPI_RSA_KEY_BLOB *blob;
+
+ error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
+
+ rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, bufLen);
+ rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ /* validate the blob */
+ blob = (CAPI_RSA_KEY_BLOB *)buf;
+ if ((PUBLICKEYBLOB != blob->header.bType) ||
+ (0x02 != blob->header.bVersion) ||
+ (0x31415352 != blob->rsa.magic)) {
+ goto loser;
+ }
+ modulus = blob->rsa.bitlen / 8;
+ kp->pubKey = buf;
+ buf = NULL;
+
+ kp->modulus.data = &blob->data[CAPI_MODULUS_OFFSET(modulus)];
+ kp->modulus.size = modulus;
+ ckcapi_ReverseData(&kp->modulus);
+ nss_ckcapi_IntToData(blob->rsa.pubexp, &kp->exponent,
+ kp->publicExponentData, &error);
loser:
- nss_ZFreeIf(buf);
- if (0 != hKey) {
- CryptDestroyKey(hKey);
- }
- return;
+ nss_ZFreeIf(buf);
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return;
}
void
-ckcapi_FetchPrivateKey
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchPrivateKey(
+ ckcapiInternalObject *io)
{
- ckcapiKeyParams *kp;
- HCRYPTPROV hProv;
- DWORD keySpec;
- HCRYPTKEY hKey = 0;
- CK_RV error;
- DWORD bufLen;
- BOOL rc;
- unsigned long modulus;
- char *buf = NULL;
- CAPI_RSA_KEY_BLOB *blob;
-
- error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
- if (CKR_OK != error) {
- goto loser;
- }
- kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
-
- rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
- if (!rc) {
- goto loser;
- }
- buf = nss_ZNEWARRAY(NULL, char, bufLen);
- rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
- if (!rc) {
- goto loser;
- }
- /* validate the blob */
- blob = (CAPI_RSA_KEY_BLOB *)buf;
- if ((PRIVATEKEYBLOB != blob->header.bType) ||
- (0x02 != blob->header.bVersion) ||
- (0x32415352 != blob->rsa.magic)) {
- goto loser;
- }
- modulus = blob->rsa.bitlen/8;
- kp->privateKey = buf;
- buf = NULL;
-
- kp->privateExponent.data = &blob->data[CAPI_PRIVATE_EXP_OFFSET(modulus)];
- kp->privateExponent.size = modulus;
- ckcapi_ReverseData(&kp->privateExponent);
- kp->prime1.data = &blob->data[CAPI_PRIME_1_OFFSET(modulus)];
- kp->prime1.size = modulus/2;
- ckcapi_ReverseData(&kp->prime1);
- kp->prime2.data = &blob->data[CAPI_PRIME_2_OFFSET(modulus)];
- kp->prime2.size = modulus/2;
- ckcapi_ReverseData(&kp->prime2);
- kp->exponent1.data = &blob->data[CAPI_EXPONENT_1_OFFSET(modulus)];
- kp->exponent1.size = modulus/2;
- ckcapi_ReverseData(&kp->exponent1);
- kp->exponent2.data = &blob->data[CAPI_EXPONENT_2_OFFSET(modulus)];
- kp->exponent2.size = modulus/2;
- ckcapi_ReverseData(&kp->exponent2);
- kp->coefficient.data = &blob->data[CAPI_COEFFICIENT_OFFSET(modulus)];
- kp->coefficient.size = modulus/2;
- ckcapi_ReverseData(&kp->coefficient);
+ ckcapiKeyParams *kp;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey = 0;
+ CK_RV error;
+ DWORD bufLen;
+ BOOL rc;
+ unsigned long modulus;
+ char *buf = NULL;
+ CAPI_RSA_KEY_BLOB *blob;
+
+ error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
+
+ rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, bufLen);
+ rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ /* validate the blob */
+ blob = (CAPI_RSA_KEY_BLOB *)buf;
+ if ((PRIVATEKEYBLOB != blob->header.bType) ||
+ (0x02 != blob->header.bVersion) ||
+ (0x32415352 != blob->rsa.magic)) {
+ goto loser;
+ }
+ modulus = blob->rsa.bitlen / 8;
+ kp->privateKey = buf;
+ buf = NULL;
+
+ kp->privateExponent.data = &blob->data[CAPI_PRIVATE_EXP_OFFSET(modulus)];
+ kp->privateExponent.size = modulus;
+ ckcapi_ReverseData(&kp->privateExponent);
+ kp->prime1.data = &blob->data[CAPI_PRIME_1_OFFSET(modulus)];
+ kp->prime1.size = modulus / 2;
+ ckcapi_ReverseData(&kp->prime1);
+ kp->prime2.data = &blob->data[CAPI_PRIME_2_OFFSET(modulus)];
+ kp->prime2.size = modulus / 2;
+ ckcapi_ReverseData(&kp->prime2);
+ kp->exponent1.data = &blob->data[CAPI_EXPONENT_1_OFFSET(modulus)];
+ kp->exponent1.size = modulus / 2;
+ ckcapi_ReverseData(&kp->exponent1);
+ kp->exponent2.data = &blob->data[CAPI_EXPONENT_2_OFFSET(modulus)];
+ kp->exponent2.size = modulus / 2;
+ ckcapi_ReverseData(&kp->exponent2);
+ kp->coefficient.data = &blob->data[CAPI_COEFFICIENT_OFFSET(modulus)];
+ kp->coefficient.size = modulus / 2;
+ ckcapi_ReverseData(&kp->coefficient);
loser:
- nss_ZFreeIf(buf);
- if (0 != hKey) {
- CryptDestroyKey(hKey);
- }
- return;
+ nss_ZFreeIf(buf);
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return;
}
-
void
-ckcapi_PopulateModulusExponent
-(
- ckcapiInternalObject *io
-)
+ckcapi_PopulateModulusExponent(
+ ckcapiInternalObject *io)
{
- if (ckcapiCert == io->type) {
- ckcapi_CertPopulateModulusExponent(io);
- } else {
- ckcapi_FetchPublicKey(io);
- }
- return;
+ if (ckcapiCert == io->type) {
+ ckcapi_CertPopulateModulusExponent(io);
+ }
+ else {
+ ckcapi_FetchPublicKey(io);
+ }
+ return;
}
/*
@@ -718,442 +696,435 @@ ckcapi_PopulateModulusExponent
* can only be called with ckcapiCert type objects!
*/
void
-ckcapi_FetchLabel
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchLabel(
+ ckcapiInternalObject *io)
{
- ckcapiCertObject *co = &io->u.cert;
- char *label;
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- char labelDataUTF16[128];
- DWORD size = sizeof(labelDataUTF16);
- DWORD size8 = sizeof(co->labelData);
- BOOL rv;
-
- rv = CertGetCertificateContextProperty(certContext,
- CERT_FRIENDLY_NAME_PROP_ID, labelDataUTF16, &size);
- if (rv) {
- co->labelData = nss_ckcapi_WideToUTF8((LPCWSTR)labelDataUTF16);
- if ((CHAR *)NULL == co->labelData) {
- rv = 0;
- } else {
- size = strlen(co->labelData);
- }
- }
- label = co->labelData;
- /* we are presuming a user cert, make sure it has a nickname, even if
- * Microsoft never gave it one */
- if (!rv && co->hasID) {
- DWORD mserror = GetLastError();
+ ckcapiCertObject *co = &io->u.cert;
+ char *label;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ char labelDataUTF16[128];
+ DWORD size = sizeof(labelDataUTF16);
+ DWORD size8 = sizeof(co->labelData);
+ BOOL rv;
+
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_FRIENDLY_NAME_PROP_ID, labelDataUTF16, &size);
+ if (rv) {
+ co->labelData = nss_ckcapi_WideToUTF8((LPCWSTR)labelDataUTF16);
+ if ((CHAR *)NULL == co->labelData) {
+ rv = 0;
+ }
+ else {
+ size = strlen(co->labelData);
+ }
+ }
+ label = co->labelData;
+ /* we are presuming a user cert, make sure it has a nickname, even if
+ * Microsoft never gave it one */
+ if (!rv && co->hasID) {
+ DWORD mserror = GetLastError();
#define DEFAULT_NICKNAME "no Microsoft nickname"
- label = DEFAULT_NICKNAME;
- size = sizeof(DEFAULT_NICKNAME);
- rv = 1;
- }
-
- if (rv) {
- co->label.data = label;
- co->label.size = size;
- }
- return;
+ label = DEFAULT_NICKNAME;
+ size = sizeof(DEFAULT_NICKNAME);
+ rv = 1;
+ }
+
+ if (rv) {
+ co->label.data = label;
+ co->label.size = size;
+ }
+ return;
}
void
-ckcapi_FetchSerial
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchSerial(
+ ckcapiInternalObject *io)
{
- ckcapiCertObject *co = &io->u.cert;
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- DWORD size = sizeof(co->derSerial);
-
- BOOL rc = CryptEncodeObject(X509_ASN_ENCODING,
- X509_MULTI_BYTE_INTEGER,
- &certContext->pCertInfo->SerialNumber,
- co->derSerial,
- &size);
- if (rc) {
- co->serial.data = co->derSerial;
- co->serial.size = size;
- }
- return;
+ ckcapiCertObject *co = &io->u.cert;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = sizeof(co->derSerial);
+
+ BOOL rc = CryptEncodeObject(X509_ASN_ENCODING,
+ X509_MULTI_BYTE_INTEGER,
+ &certContext->pCertInfo->SerialNumber,
+ co->derSerial,
+ &size);
+ if (rc) {
+ co->serial.data = co->derSerial;
+ co->serial.size = size;
+ }
+ return;
}
/*
* fetch the key ID.
*/
void
-ckcapi_FetchID
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchID(
+ ckcapiInternalObject *io)
{
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- DWORD size = 0;
- BOOL rc;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = 0;
+ BOOL rc;
- rc = CertGetCertificateContextProperty(certContext,
- CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
- if (!rc) {
- return;
- }
- io->idData = nss_ZNEWARRAY(NULL, char, size);
- if (io->idData == NULL) {
- return;
- }
+ rc = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
+ if (!rc) {
+ return;
+ }
+ io->idData = nss_ZNEWARRAY(NULL, char, size);
+ if (io->idData == NULL) {
+ return;
+ }
- rc = CertGetCertificateContextProperty(certContext,
- CERT_KEY_IDENTIFIER_PROP_ID, io->idData, &size);
- if (!rc) {
- nss_ZFreeIf(io->idData);
- io->idData = NULL;
+ rc = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID, io->idData, &size);
+ if (!rc) {
+ nss_ZFreeIf(io->idData);
+ io->idData = NULL;
+ return;
+ }
+ io->id.data = io->idData;
+ io->id.size = size;
return;
- }
- io->id.data = io->idData;
- io->id.size = size;
- return;
}
/*
* fetch the hash key.
*/
void
-ckcapi_CertFetchHashKey
-(
- ckcapiInternalObject *io
-)
+ckcapi_CertFetchHashKey(
+ ckcapiInternalObject *io)
{
- ckcapiCertObject *co = &io->u.cert;
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- DWORD size = certContext->cbCertEncoded;
- DWORD max = sizeof(io->hashKeyData)-1;
- DWORD offset = 0;
-
- /* make sure we don't over flow. NOTE: cutting the top of a cert is
- * not a big issue because the signature for will be unique for the cert */
- if (size > max) {
- offset = size - max;
- size = max;
- }
-
- nsslibc_memcpy(io->hashKeyData,certContext->pbCertEncoded+offset, size);
- io->hashKeyData[size] = (char)(io->objClass & 0xff);
-
- io->hashKey.data = io->hashKeyData;
- io->hashKey.size = size+1;
- return;
+ ckcapiCertObject *co = &io->u.cert;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = certContext->cbCertEncoded;
+ DWORD max = sizeof(io->hashKeyData) - 1;
+ DWORD offset = 0;
+
+ /* make sure we don't over flow. NOTE: cutting the top of a cert is
+ * not a big issue because the signature for will be unique for the cert */
+ if (size > max) {
+ offset = size - max;
+ size = max;
+ }
+
+ nsslibc_memcpy(io->hashKeyData, certContext->pbCertEncoded + offset, size);
+ io->hashKeyData[size] = (char)(io->objClass & 0xff);
+
+ io->hashKey.data = io->hashKeyData;
+ io->hashKey.size = size + 1;
+ return;
}
/*
* fetch the hash key.
*/
void
-ckcapi_KeyFetchHashKey
-(
- ckcapiInternalObject *io
-)
+ckcapi_KeyFetchHashKey(
+ ckcapiInternalObject *io)
{
- ckcapiKeyObject *ko = &io->u.key;
- DWORD size;
- DWORD max = sizeof(io->hashKeyData)-2;
- DWORD offset = 0;
- DWORD provLen = strlen(ko->provName);
- DWORD containerLen = strlen(ko->containerName);
-
-
- size = provLen + containerLen;
-
- /* make sure we don't overflow, try to keep things unique */
- if (size > max) {
- DWORD diff = ((size - max)+1)/2;
- provLen -= diff;
- containerLen -= diff;
- size = provLen+containerLen;
- }
-
- nsslibc_memcpy(io->hashKeyData, ko->provName, provLen);
- nsslibc_memcpy(&io->hashKeyData[provLen],
- ko->containerName,
- containerLen);
- io->hashKeyData[size] = (char)(io->objClass & 0xff);
- io->hashKeyData[size+1] = (char)(ko->provInfo.dwKeySpec & 0xff);
-
- io->hashKey.data = io->hashKeyData;
- io->hashKey.size = size+2;
- return;
+ ckcapiKeyObject *ko = &io->u.key;
+ DWORD size;
+ DWORD max = sizeof(io->hashKeyData) - 2;
+ DWORD offset = 0;
+ DWORD provLen = strlen(ko->provName);
+ DWORD containerLen = strlen(ko->containerName);
+
+ size = provLen + containerLen;
+
+ /* make sure we don't overflow, try to keep things unique */
+ if (size > max) {
+ DWORD diff = ((size - max) + 1) / 2;
+ provLen -= diff;
+ containerLen -= diff;
+ size = provLen + containerLen;
+ }
+
+ nsslibc_memcpy(io->hashKeyData, ko->provName, provLen);
+ nsslibc_memcpy(&io->hashKeyData[provLen],
+ ko->containerName,
+ containerLen);
+ io->hashKeyData[size] = (char)(io->objClass & 0xff);
+ io->hashKeyData[size + 1] = (char)(ko->provInfo.dwKeySpec & 0xff);
+
+ io->hashKey.data = io->hashKeyData;
+ io->hashKey.size = size + 2;
+ return;
}
/*
* fetch the hash key.
*/
void
-ckcapi_FetchHashKey
-(
- ckcapiInternalObject *io
-)
+ckcapi_FetchHashKey(
+ ckcapiInternalObject *io)
{
- if (ckcapiCert == io->type) {
- ckcapi_CertFetchHashKey(io);
- } else {
- ckcapi_KeyFetchHashKey(io);
- }
- return;
+ if (ckcapiCert == io->type) {
+ ckcapi_CertFetchHashKey(io);
+ }
+ else {
+ ckcapi_KeyFetchHashKey(io);
+ }
+ return;
}
-
+
const NSSItem *
-ckcapi_FetchCertAttribute
-(
- ckcapiInternalObject *io,
- CK_ATTRIBUTE_TYPE type
-)
+ckcapi_FetchCertAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
{
- PCCERT_CONTEXT certContext = io->u.cert.certContext;
- switch(type) {
- case CKA_CLASS:
- return &ckcapi_certClassItem;
- case CKA_TOKEN:
- return &ckcapi_trueItem;
- case CKA_MODIFIABLE:
- case CKA_PRIVATE:
- return &ckcapi_falseItem;
- case CKA_CERTIFICATE_TYPE:
- return &ckcapi_x509Item;
- case CKA_LABEL:
- if (0 == io->u.cert.label.size) {
- ckcapi_FetchLabel(io);
- }
- return &io->u.cert.label;
- case CKA_SUBJECT:
- if (0 == io->u.cert.subject.size) {
- io->u.cert.subject.data = certContext->pCertInfo->Subject.pbData;
- io->u.cert.subject.size = certContext->pCertInfo->Subject.cbData;
- }
- return &io->u.cert.subject;
- case CKA_ISSUER:
- if (0 == io->u.cert.issuer.size) {
- io->u.cert.issuer.data = certContext->pCertInfo->Issuer.pbData;
- io->u.cert.issuer.size = certContext->pCertInfo->Issuer.cbData;
- }
- return &io->u.cert.issuer;
- case CKA_SERIAL_NUMBER:
- if (0 == io->u.cert.serial.size) {
- /* not exactly right. This should be the encoded serial number, but
- * it's the decoded serial number! */
- ckcapi_FetchSerial(io);
- }
- return &io->u.cert.serial;
- case CKA_VALUE:
- if (0 == io->u.cert.derCert.size) {
- io->u.cert.derCert.data = io->u.cert.certContext->pbCertEncoded;
- io->u.cert.derCert.size = io->u.cert.certContext->cbCertEncoded;
- }
- return &io->u.cert.derCert;
- case CKA_ID:
- if (!io->u.cert.hasID) {
- return NULL;
- }
- if (0 == io->id.size) {
- ckcapi_FetchID(io);
- }
- return &io->id;
- default:
- break;
- }
- return NULL;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_certClassItem;
+ case CKA_TOKEN:
+ return &ckcapi_trueItem;
+ case CKA_MODIFIABLE:
+ case CKA_PRIVATE:
+ return &ckcapi_falseItem;
+ case CKA_CERTIFICATE_TYPE:
+ return &ckcapi_x509Item;
+ case CKA_LABEL:
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (0 == io->u.cert.subject.size) {
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_ISSUER:
+ if (0 == io->u.cert.issuer.size) {
+ io->u.cert.issuer.data =
+ certContext->pCertInfo->Issuer.pbData;
+ io->u.cert.issuer.size =
+ certContext->pCertInfo->Issuer.cbData;
+ }
+ return &io->u.cert.issuer;
+ case CKA_SERIAL_NUMBER:
+ if (0 == io->u.cert.serial.size) {
+ /* not exactly right. This should be the encoded serial number, but
+ * it's the decoded serial number! */
+ ckcapi_FetchSerial(io);
+ }
+ return &io->u.cert.serial;
+ case CKA_VALUE:
+ if (0 == io->u.cert.derCert.size) {
+ io->u.cert.derCert.data =
+ io->u.cert.certContext->pbCertEncoded;
+ io->u.cert.derCert.size =
+ io->u.cert.certContext->cbCertEncoded;
+ }
+ return &io->u.cert.derCert;
+ case CKA_ID:
+ if (!io->u.cert.hasID) {
+ return NULL;
+ }
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ break;
+ }
+ return NULL;
}
const NSSItem *
-ckcapi_FetchPubKeyAttribute
-(
- ckcapiInternalObject *io,
- CK_ATTRIBUTE_TYPE type
-)
+ckcapi_FetchPubKeyAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
{
- PRBool isCertType = (ckcapiCert == io->type);
- ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
-
- switch(type) {
- case CKA_CLASS:
- return &ckcapi_pubKeyClassItem;
- case CKA_TOKEN:
- case CKA_LOCAL:
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- return &ckcapi_trueItem;
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- case CKA_DERIVE:
- case CKA_WRAP:
- return &ckcapi_falseItem;
- case CKA_KEY_TYPE:
- return &ckcapi_rsaItem;
- case CKA_LABEL:
- if (!isCertType) {
- return &ckcapi_emptyItem;
- }
- if (0 == io->u.cert.label.size) {
- ckcapi_FetchLabel(io);
- }
- return &io->u.cert.label;
- case CKA_SUBJECT:
- if (!isCertType) {
- return &ckcapi_emptyItem;
- }
- if (0 == io->u.cert.subject.size) {
- PCCERT_CONTEXT certContext= io->u.cert.certContext;
- io->u.cert.subject.data = certContext->pCertInfo->Subject.pbData;
- io->u.cert.subject.size = certContext->pCertInfo->Subject.cbData;
- }
- return &io->u.cert.subject;
- case CKA_MODULUS:
- if (0 == kp->modulus.size) {
- ckcapi_PopulateModulusExponent(io);
- }
- return &kp->modulus;
- case CKA_PUBLIC_EXPONENT:
- if (0 == kp->modulus.size) {
- ckcapi_PopulateModulusExponent(io);
- }
- return &kp->exponent;
- case CKA_ID:
- if (0 == io->id.size) {
- ckcapi_FetchID(io);
- }
- return &io->id;
- default:
- break;
- }
- return NULL;
+ PRBool isCertType = (ckcapiCert == io->type);
+ ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_pubKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ case CKA_ENCRYPT:
+ case CKA_VERIFY:
+ case CKA_VERIFY_RECOVER:
+ return &ckcapi_trueItem;
+ case CKA_PRIVATE:
+ case CKA_MODIFIABLE:
+ case CKA_DERIVE:
+ case CKA_WRAP:
+ return &ckcapi_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckcapi_rsaItem;
+ case CKA_LABEL:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.subject.size) {
+ PCCERT_CONTEXT certContext =
+ io->u.cert.certContext;
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_MODULUS:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->exponent;
+ case CKA_ID:
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ break;
+ }
+ return NULL;
}
const NSSItem *
-ckcapi_FetchPrivKeyAttribute
-(
- ckcapiInternalObject *io,
- CK_ATTRIBUTE_TYPE type
-)
+ckcapi_FetchPrivKeyAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
{
- PRBool isCertType = (ckcapiCert == io->type);
- ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
-
- switch(type) {
- case CKA_CLASS:
- return &ckcapi_privKeyClassItem;
- case CKA_TOKEN:
- case CKA_LOCAL:
- case CKA_SIGN:
- case CKA_DECRYPT:
- case CKA_SIGN_RECOVER:
- return &ckcapi_trueItem;
- case CKA_SENSITIVE:
- case CKA_PRIVATE: /* should move in the future */
- case CKA_MODIFIABLE:
- case CKA_DERIVE:
- case CKA_UNWRAP:
- case CKA_EXTRACTABLE: /* will probably move in the future */
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- return &ckcapi_falseItem;
- case CKA_KEY_TYPE:
- return &ckcapi_rsaItem;
- case CKA_LABEL:
- if (!isCertType) {
- return &ckcapi_emptyItem;
- }
- if (0 == io->u.cert.label.size) {
- ckcapi_FetchLabel(io);
- }
- return &io->u.cert.label;
- case CKA_SUBJECT:
- if (!isCertType) {
- return &ckcapi_emptyItem;
- }
- if (0 == io->u.cert.subject.size) {
- PCCERT_CONTEXT certContext= io->u.cert.certContext;
- io->u.cert.subject.data = certContext->pCertInfo->Subject.pbData;
- io->u.cert.subject.size = certContext->pCertInfo->Subject.cbData;
- }
- return &io->u.cert.subject;
- case CKA_MODULUS:
- if (0 == kp->modulus.size) {
- ckcapi_PopulateModulusExponent(io);
- }
- return &kp->modulus;
- case CKA_PUBLIC_EXPONENT:
- if (0 == kp->modulus.size) {
- ckcapi_PopulateModulusExponent(io);
- }
- return &kp->exponent;
- case CKA_PRIVATE_EXPONENT:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->privateExponent;
- case CKA_PRIME_1:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->prime1;
- case CKA_PRIME_2:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->prime2;
- case CKA_EXPONENT_1:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->exponent1;
- case CKA_EXPONENT_2:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->exponent2;
- case CKA_COEFFICIENT:
- if (0 == kp->privateExponent.size) {
- ckcapi_FetchPrivateKey(io);
- }
- return &kp->coefficient;
- case CKA_ID:
- if (0 == io->id.size) {
- ckcapi_FetchID(io);
- }
- return &io->id;
- default:
- return NULL;
- }
+ PRBool isCertType = (ckcapiCert == io->type);
+ ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_privKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ case CKA_SIGN:
+ case CKA_DECRYPT:
+ case CKA_SIGN_RECOVER:
+ return &ckcapi_trueItem;
+ case CKA_SENSITIVE:
+ case CKA_PRIVATE: /* should move in the future */
+ case CKA_MODIFIABLE:
+ case CKA_DERIVE:
+ case CKA_UNWRAP:
+ case CKA_EXTRACTABLE: /* will probably move in the future */
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ return &ckcapi_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckcapi_rsaItem;
+ case CKA_LABEL:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.subject.size) {
+ PCCERT_CONTEXT certContext =
+ io->u.cert.certContext;
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_MODULUS:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->exponent;
+ case CKA_PRIVATE_EXPONENT:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->privateExponent;
+ case CKA_PRIME_1:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->prime1;
+ case CKA_PRIME_2:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->prime2;
+ case CKA_EXPONENT_1:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->exponent1;
+ case CKA_EXPONENT_2:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->exponent2;
+ case CKA_COEFFICIENT:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->coefficient;
+ case CKA_ID:
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ return NULL;
+ }
}
const NSSItem *
-nss_ckcapi_FetchAttribute
-(
- ckcapiInternalObject *io,
- CK_ATTRIBUTE_TYPE type
-)
+nss_ckcapi_FetchAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
{
- CK_ULONG i;
-
- if (io->type == ckcapiRaw) {
- for( i = 0; i < io->u.raw.n; i++ ) {
- if( type == io->u.raw.types[i] ) {
- return &io->u.raw.items[i];
- }
+ CK_ULONG i;
+
+ if (io->type == ckcapiRaw) {
+ for (i = 0; i < io->u.raw.n; i++) {
+ if (type == io->u.raw.types[i]) {
+ return &io->u.raw.items[i];
+ }
+ }
+ return NULL;
+ }
+ /* deal with the common attributes */
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return ckcapi_FetchCertAttribute(io, type);
+ case CKO_PRIVATE_KEY:
+ return ckcapi_FetchPrivKeyAttribute(io, type);
+ case CKO_PUBLIC_KEY:
+ return ckcapi_FetchPubKeyAttribute(io, type);
}
return NULL;
- }
- /* deal with the common attributes */
- switch (io->objClass) {
- case CKO_CERTIFICATE:
- return ckcapi_FetchCertAttribute(io, type);
- case CKO_PRIVATE_KEY:
- return ckcapi_FetchPrivKeyAttribute(io, type);
- case CKO_PUBLIC_KEY:
- return ckcapi_FetchPubKeyAttribute(io, type);
- }
- return NULL;
}
/*
@@ -1161,173 +1132,160 @@ nss_ckcapi_FetchAttribute
*/
static PRBool
ckcapi_cert_exists(
- NSSItem *value,
- ckcapiInternalObject **io
-)
+ NSSItem *value,
+ ckcapiInternalObject **io)
{
- int count,i;
- PRUint32 size = 0;
- ckcapiInternalObject **listp = NULL;
- CK_ATTRIBUTE myTemplate[2];
- CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
- CK_ULONG templateCount = 2;
- CK_RV error;
- PRBool found = PR_FALSE;
-
- myTemplate[0].type = CKA_CLASS;
- myTemplate[0].pValue = &cert_class;
- myTemplate[0].ulValueLen = sizeof(cert_class);
- myTemplate[1].type = CKA_VALUE;
- myTemplate[1].pValue = value->data;
- myTemplate[1].ulValueLen = value->size;
-
- count = nss_ckcapi_collect_all_certs(myTemplate, templateCount, &listp,
- &size, 0, &error);
-
- /* free them */
- if (count > 1) {
- *io = listp[0];
- found = PR_TRUE;
- }
-
- for (i=1; i < count; i++) {
- nss_ckcapi_DestroyInternalObject(listp[i]);
- }
- nss_ZFreeIf(listp);
- return found;
+ int count, i;
+ PRUint32 size = 0;
+ ckcapiInternalObject **listp = NULL;
+ CK_ATTRIBUTE myTemplate[2];
+ CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
+ CK_ULONG templateCount = 2;
+ CK_RV error;
+ PRBool found = PR_FALSE;
+
+ myTemplate[0].type = CKA_CLASS;
+ myTemplate[0].pValue = &cert_class;
+ myTemplate[0].ulValueLen = sizeof(cert_class);
+ myTemplate[1].type = CKA_VALUE;
+ myTemplate[1].pValue = value->data;
+ myTemplate[1].ulValueLen = value->size;
+
+ count = nss_ckcapi_collect_all_certs(myTemplate, templateCount, &listp,
+ &size, 0, &error);
+
+ /* free them */
+ if (count > 1) {
+ *io = listp[0];
+ found = PR_TRUE;
+ }
+
+ for (i = 1; i < count; i++) {
+ nss_ckcapi_DestroyInternalObject(listp[i]);
+ }
+ nss_ZFreeIf(listp);
+ return found;
}
static PRBool
-ckcapi_cert_hasEmail
-(
- PCCERT_CONTEXT certContext
-)
+ckcapi_cert_hasEmail(
+ PCCERT_CONTEXT certContext)
{
- int count;
+ int count;
- count = CertGetNameString(certContext, CERT_NAME_EMAIL_TYPE,
- 0, NULL, NULL, 0);
+ count = CertGetNameString(certContext, CERT_NAME_EMAIL_TYPE,
+ 0, NULL, NULL, 0);
- return count > 1 ? PR_TRUE : PR_FALSE;
+ return count > 1 ? PR_TRUE : PR_FALSE;
}
static PRBool
-ckcapi_cert_isRoot
-(
- PCCERT_CONTEXT certContext
-)
+ckcapi_cert_isRoot(
+ PCCERT_CONTEXT certContext)
{
- return CertCompareCertificateName(certContext->dwCertEncodingType,
- &certContext->pCertInfo->Issuer, &certContext->pCertInfo->Subject);
+ return CertCompareCertificateName(certContext->dwCertEncodingType,
+ &certContext->pCertInfo->Issuer, &certContext->pCertInfo->Subject);
}
static PRBool
-ckcapi_cert_isCA
-(
- PCCERT_CONTEXT certContext
-)
+ckcapi_cert_isCA(
+ PCCERT_CONTEXT certContext)
{
- PCERT_EXTENSION extension;
- CERT_BASIC_CONSTRAINTS2_INFO basicInfo;
- DWORD size = sizeof(basicInfo);
- BOOL rc;
-
- extension = CertFindExtension (szOID_BASIC_CONSTRAINTS,
- certContext->pCertInfo->cExtension,
- certContext->pCertInfo->rgExtension);
- if ((PCERT_EXTENSION) NULL == extension ) {
- return PR_FALSE;
- }
- rc = CryptDecodeObject(X509_ASN_ENCODING, szOID_BASIC_CONSTRAINTS2,
- extension->Value.pbData, extension->Value.cbData,
- 0, &basicInfo, &size);
- if (!rc) {
- return PR_FALSE;
- }
- return (PRBool) basicInfo.fCA;
+ PCERT_EXTENSION extension;
+ CERT_BASIC_CONSTRAINTS2_INFO basicInfo;
+ DWORD size = sizeof(basicInfo);
+ BOOL rc;
+
+ extension = CertFindExtension(szOID_BASIC_CONSTRAINTS,
+ certContext->pCertInfo->cExtension,
+ certContext->pCertInfo->rgExtension);
+ if ((PCERT_EXTENSION)NULL == extension) {
+ return PR_FALSE;
+ }
+ rc = CryptDecodeObject(X509_ASN_ENCODING, szOID_BASIC_CONSTRAINTS2,
+ extension->Value.pbData, extension->Value.cbData,
+ 0, &basicInfo, &size);
+ if (!rc) {
+ return PR_FALSE;
+ }
+ return (PRBool)basicInfo.fCA;
}
static CRYPT_KEY_PROV_INFO *
-ckcapi_cert_getPrivateKeyInfo
-(
- PCCERT_CONTEXT certContext,
- NSSItem *keyID
-)
+ckcapi_cert_getPrivateKeyInfo(
+ PCCERT_CONTEXT certContext,
+ NSSItem *keyID)
{
- BOOL rc;
- CRYPT_HASH_BLOB msKeyID;
- DWORD size = 0;
- CRYPT_KEY_PROV_INFO *prov = NULL;
-
- msKeyID.cbData = keyID->size;
- msKeyID.pbData = keyID->data;
-
- rc = CryptGetKeyIdentifierProperty(
- &msKeyID,
- CERT_KEY_PROV_INFO_PROP_ID,
- 0, NULL, NULL, NULL, &size);
- if (!rc) {
- return (CRYPT_KEY_PROV_INFO *)NULL;
- }
- prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
- if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
- return (CRYPT_KEY_PROV_INFO *) NULL;
- }
- rc = CryptGetKeyIdentifierProperty(
- &msKeyID,
- CERT_KEY_PROV_INFO_PROP_ID,
- 0, NULL, NULL, prov, &size);
- if (!rc) {
- nss_ZFreeIf(prov);
- return (CRYPT_KEY_PROV_INFO *)NULL;
- }
-
- return prov;
+ BOOL rc;
+ CRYPT_HASH_BLOB msKeyID;
+ DWORD size = 0;
+ CRYPT_KEY_PROV_INFO *prov = NULL;
+
+ msKeyID.cbData = keyID->size;
+ msKeyID.pbData = keyID->data;
+
+ rc = CryptGetKeyIdentifierProperty(
+ &msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, NULL, &size);
+ if (!rc) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ rc = CryptGetKeyIdentifierProperty(
+ &msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, prov, &size);
+ if (!rc) {
+ nss_ZFreeIf(prov);
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+
+ return prov;
}
static CRYPT_KEY_PROV_INFO *
-ckcapi_cert_getProvInfo
-(
- ckcapiInternalObject *io
-)
+ckcapi_cert_getProvInfo(
+ ckcapiInternalObject *io)
{
- BOOL rc;
- DWORD size = 0;
- CRYPT_KEY_PROV_INFO *prov = NULL;
-
- rc = CertGetCertificateContextProperty(
- io->u.cert.certContext,
- CERT_KEY_PROV_INFO_PROP_ID,
- NULL, &size);
- if (!rc) {
- return (CRYPT_KEY_PROV_INFO *)NULL;
- }
- prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
- if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
- return (CRYPT_KEY_PROV_INFO *) NULL;
- }
- rc = CertGetCertificateContextProperty(
- io->u.cert.certContext,
- CERT_KEY_PROV_INFO_PROP_ID,
- prov, &size);
- if (!rc) {
- nss_ZFreeIf(prov);
- return (CRYPT_KEY_PROV_INFO *)NULL;
- }
-
- return prov;
+ BOOL rc;
+ DWORD size = 0;
+ CRYPT_KEY_PROV_INFO *prov = NULL;
+
+ rc = CertGetCertificateContextProperty(
+ io->u.cert.certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ NULL, &size);
+ if (!rc) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ rc = CertGetCertificateContextProperty(
+ io->u.cert.certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ prov, &size);
+ if (!rc) {
+ nss_ZFreeIf(prov);
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+
+ return prov;
}
-
+
/* forward declaration */
static void
-ckcapi_removeObjectFromHash
-(
- ckcapiInternalObject *io
-);
+ckcapi_removeObjectFromHash(
+ ckcapiInternalObject *io);
/*
* Finalize - unneeded
- * Destroy
+ * Destroy
* IsTokenObject - CK_TRUE
* GetAttributeCount
* GetAttributeTypes
@@ -1338,968 +1296,944 @@ ckcapi_removeObjectFromHash
*/
static CK_RV
-ckcapi_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
- CK_OBJECT_CLASS objClass;
- BOOL rc;
- DWORD provType;
- DWORD msError;
- PRBool isCertType = (PRBool)(ckcapiCert == io->type);
- HCERTSTORE hStore = 0;
-
- if (ckcapiRaw == io->type) {
- /* there is not 'object write protected' error, use the next best thing */
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- objClass = io->objClass;
- if (CKO_CERTIFICATE == objClass) {
- PCCERT_CONTEXT certContext;
-
- /* get the store */
- hStore = CertOpenSystemStore(0, io->u.cert.certStore);
- if (0 == hStore) {
- rc = 0;
- goto loser;
- }
- certContext = CertFindCertificateInStore(hStore, X509_ASN_ENCODING, 0,
- CERT_FIND_EXISTING, io->u.cert.certContext, NULL);
- if ((PCCERT_CONTEXT)NULL == certContext) {
- rc = 0;
- goto loser;
- }
- rc = CertDeleteCertificateFromStore(certContext);
- } else {
- char *provName = NULL;
- char *containerName = NULL;
- HCRYPTPROV hProv;
- CRYPT_HASH_BLOB msKeyID;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_OBJECT_CLASS objClass;
+ BOOL rc;
+ DWORD provType;
+ DWORD msError;
+ PRBool isCertType = (PRBool)(ckcapiCert == io->type);
+ HCERTSTORE hStore = 0;
+
+ if (ckcapiRaw == io->type) {
+ /* there is not 'object write protected' error, use the next best thing */
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
- if (0 == io->id.size) {
- ckcapi_FetchID(io);
- }
-
- if (isCertType) {
- CRYPT_KEY_PROV_INFO * provInfo = ckcapi_cert_getProvInfo(io);
- provName = nss_ckcapi_WideToUTF8(provInfo->pwszProvName);
- containerName = nss_ckcapi_WideToUTF8(provInfo->pwszContainerName);
- provType = provInfo->dwProvType;
- nss_ZFreeIf(provInfo);
- } else {
- provName = io->u.key.provName;
- containerName = io->u.key.containerName;
- provType = io->u.key.provInfo.dwProvType;
- io->u.key.provName = NULL;
- io->u.key.containerName = NULL;
- }
- /* first remove the key id pointer */
- msKeyID.cbData = io->id.size;
- msKeyID.pbData = io->id.data;
- rc = CryptSetKeyIdentifierProperty(&msKeyID,
- CERT_KEY_PROV_INFO_PROP_ID, CRYPT_KEYID_DELETE_FLAG, NULL, NULL, NULL);
- if (rc) {
- rc = CryptAcquireContext(&hProv, containerName, provName, provType,
- CRYPT_DELETEKEYSET);
+ objClass = io->objClass;
+ if (CKO_CERTIFICATE == objClass) {
+ PCCERT_CONTEXT certContext;
+
+ /* get the store */
+ hStore = CertOpenSystemStore(0, io->u.cert.certStore);
+ if (0 == hStore) {
+ rc = 0;
+ goto loser;
+ }
+ certContext = CertFindCertificateInStore(hStore, X509_ASN_ENCODING, 0,
+ CERT_FIND_EXISTING, io->u.cert.certContext, NULL);
+ if ((PCCERT_CONTEXT)NULL == certContext) {
+ rc = 0;
+ goto loser;
+ }
+ rc = CertDeleteCertificateFromStore(certContext);
+ }
+ else {
+ char *provName = NULL;
+ char *containerName = NULL;
+ HCRYPTPROV hProv;
+ CRYPT_HASH_BLOB msKeyID;
+
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+
+ if (isCertType) {
+ CRYPT_KEY_PROV_INFO *provInfo = ckcapi_cert_getProvInfo(io);
+ provName = nss_ckcapi_WideToUTF8(provInfo->pwszProvName);
+ containerName = nss_ckcapi_WideToUTF8(provInfo->pwszContainerName);
+ provType = provInfo->dwProvType;
+ nss_ZFreeIf(provInfo);
+ }
+ else {
+ provName = io->u.key.provName;
+ containerName = io->u.key.containerName;
+ provType = io->u.key.provInfo.dwProvType;
+ io->u.key.provName = NULL;
+ io->u.key.containerName = NULL;
+ }
+ /* first remove the key id pointer */
+ msKeyID.cbData = io->id.size;
+ msKeyID.pbData = io->id.data;
+ rc = CryptSetKeyIdentifierProperty(&msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID, CRYPT_KEYID_DELETE_FLAG, NULL, NULL, NULL);
+ if (rc) {
+ rc = CryptAcquireContext(&hProv, containerName, provName, provType,
+ CRYPT_DELETEKEYSET);
+ }
+ nss_ZFreeIf(provName);
+ nss_ZFreeIf(containerName);
}
- nss_ZFreeIf(provName);
- nss_ZFreeIf(containerName);
- }
loser:
- if (hStore) {
- CertCloseStore(hStore, 0);
- }
- if (!rc) {
- msError = GetLastError();
- return CKR_GENERAL_ERROR;
- }
+ if (hStore) {
+ CertCloseStore(hStore, 0);
+ }
+ if (!rc) {
+ msError = GetLastError();
+ return CKR_GENERAL_ERROR;
+ }
- /* remove it from the hash */
- ckcapi_removeObjectFromHash(io);
+ /* remove it from the hash */
+ ckcapi_removeObjectFromHash(io);
- /* free the puppy.. */
- nss_ckcapi_DestroyInternalObject(io);
- return CKR_OK;
+ /* free the puppy.. */
+ nss_ckcapi_DestroyInternalObject(io);
+ return CKR_OK;
}
static CK_BBOOL
-ckcapi_mdObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_ULONG
-ckcapi_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
-
- if (ckcapiRaw == io->type) {
- return io->u.raw.n;
- }
- switch (io->objClass) {
- case CKO_CERTIFICATE:
- return certAttrsCount;
- case CKO_PUBLIC_KEY:
- return pubKeyAttrsCount;
- case CKO_PRIVATE_KEY:
- return privKeyAttrsCount;
- default:
- break;
- }
- return 0;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+
+ if (ckcapiRaw == io->type) {
+ return io->u.raw.n;
+ }
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return certAttrsCount;
+ case CKO_PUBLIC_KEY:
+ return pubKeyAttrsCount;
+ case CKO_PRIVATE_KEY:
+ return privKeyAttrsCount;
+ default:
+ break;
+ }
+ return 0;
}
static CK_RV
-ckcapi_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+ckcapi_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
- CK_ULONG i;
- CK_RV error = CKR_OK;
- const CK_ATTRIBUTE_TYPE *attrs = NULL;
- CK_ULONG size = ckcapi_mdObject_GetAttributeCount(
- mdObject, fwObject, mdSession, fwSession,
- mdToken, fwToken, mdInstance, fwInstance, &error);
-
- if( size != ulCount ) {
- return CKR_BUFFER_TOO_SMALL;
- }
- if (io->type == ckcapiRaw) {
- attrs = io->u.raw.types;
- } else switch(io->objClass) {
- case CKO_CERTIFICATE:
- attrs = certAttrs;
- break;
- case CKO_PUBLIC_KEY:
- attrs = pubKeyAttrs;
- break;
- case CKO_PRIVATE_KEY:
- attrs = privKeyAttrs;
- break;
- default:
- return CKR_OK;
- }
-
- for( i = 0; i < size; i++) {
- typeArray[i] = attrs[i];
- }
-
- return CKR_OK;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_RV error = CKR_OK;
+ const CK_ATTRIBUTE_TYPE *attrs = NULL;
+ CK_ULONG size = ckcapi_mdObject_GetAttributeCount(
+ mdObject, fwObject, mdSession, fwSession,
+ mdToken, fwToken, mdInstance, fwInstance, &error);
+
+ if (size != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ if (io->type == ckcapiRaw) {
+ attrs = io->u.raw.types;
+ }
+ else
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ attrs =
+ certAttrs;
+ break;
+ case CKO_PUBLIC_KEY:
+ attrs =
+ pubKeyAttrs;
+ break;
+ case CKO_PRIVATE_KEY:
+ attrs =
+ privKeyAttrs;
+ break;
+ default:
+ return CKR_OK;
+ }
+
+ for (i = 0; i < size; i++) {
+ typeArray[i] = attrs[i];
+ }
+
+ return CKR_OK;
}
static CK_ULONG
-ckcapi_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+ckcapi_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
- const NSSItem *b;
+ const NSSItem *b;
- b = nss_ckcapi_FetchAttribute(io, attribute);
+ b = nss_ckcapi_FetchAttribute(io, attribute);
- if ((const NSSItem *)NULL == b) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
- }
- return b->size;
+ if ((const NSSItem *)NULL == b) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
+ }
+ return b->size;
}
static CK_RV
-ckcapi_mdObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
+ckcapi_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
{
- return CKR_OK;
+ return CKR_OK;
}
static NSSCKFWItem
-ckcapi_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+ckcapi_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- NSSCKFWItem mdItem;
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ NSSCKFWItem mdItem;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
- mdItem.needsFreeing = PR_FALSE;
- mdItem.item = (NSSItem*)nss_ckcapi_FetchAttribute(io, attribute);
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)nss_ckcapi_FetchAttribute(io, attribute);
- if ((NSSItem *)NULL == mdItem.item) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- }
+ if ((NSSItem *)NULL == mdItem.item) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ }
- return mdItem;
+ return mdItem;
}
static CK_ULONG
-ckcapi_mdObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
- CK_ULONG rv = 1;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_ULONG rv = 1;
- /* size is irrelevant to this token */
- return rv;
+ /* size is irrelevant to this token */
+ return rv;
}
static const NSSCKMDObject
-ckcapi_prototype_mdObject = {
- (void *)NULL, /* etc */
- NULL, /* Finalize */
- ckcapi_mdObject_Destroy,
- ckcapi_mdObject_IsTokenObject,
- ckcapi_mdObject_GetAttributeCount,
- ckcapi_mdObject_GetAttributeTypes,
- ckcapi_mdObject_GetAttributeSize,
- ckcapi_mdObject_GetAttribute,
- NULL, /* FreeAttribute */
- ckcapi_mdObject_SetAttribute,
- ckcapi_mdObject_GetObjectSize,
- (void *)NULL /* null terminator */
-};
+ ckcapi_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ ckcapi_mdObject_Destroy,
+ ckcapi_mdObject_IsTokenObject,
+ ckcapi_mdObject_GetAttributeCount,
+ ckcapi_mdObject_GetAttributeTypes,
+ ckcapi_mdObject_GetAttributeSize,
+ ckcapi_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ ckcapi_mdObject_SetAttribute,
+ ckcapi_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
static nssHash *ckcapiInternalObjectHash = NULL;
NSS_IMPLEMENT NSSCKMDObject *
-nss_ckcapi_CreateMDObject
-(
- NSSArena *arena,
- ckcapiInternalObject *io,
- CK_RV *pError
-)
+nss_ckcapi_CreateMDObject(
+ NSSArena *arena,
+ ckcapiInternalObject *io,
+ CK_RV *pError)
{
- if ((nssHash *)NULL == ckcapiInternalObjectHash) {
- ckcapiInternalObjectHash = nssHash_CreateItem(NULL, 10);
- }
- if (ckcapiCert == io->type) {
- /* the hash key, not a cryptographic key */
- NSSItem *key = &io->hashKey;
- ckcapiInternalObject *old_o = NULL;
+ if ((nssHash *)NULL == ckcapiInternalObjectHash) {
+ ckcapiInternalObjectHash = nssHash_CreateItem(NULL, 10);
+ }
+ if (ckcapiCert == io->type) {
+ /* the hash key, not a cryptographic key */
+ NSSItem *key = &io->hashKey;
+ ckcapiInternalObject *old_o = NULL;
+
+ if (key->size == 0) {
+ ckcapi_FetchHashKey(io);
+ }
+ old_o = (ckcapiInternalObject *)
+ nssHash_Lookup(ckcapiInternalObjectHash, key);
+ if (!old_o) {
+ nssHash_Add(ckcapiInternalObjectHash, key, io);
+ }
+ else if (old_o != io) {
+ nss_ckcapi_DestroyInternalObject(io);
+ io = old_o;
+ }
+ }
- if (key->size == 0) {
- ckcapi_FetchHashKey(io);
- }
- old_o = (ckcapiInternalObject *)
- nssHash_Lookup(ckcapiInternalObjectHash, key);
- if (!old_o) {
- nssHash_Add(ckcapiInternalObjectHash, key, io);
- } else if (old_o != io) {
- nss_ckcapi_DestroyInternalObject(io);
- io = old_o;
- }
- }
-
- if ( (void*)NULL == io->mdObject.etc) {
- (void) nsslibc_memcpy(&io->mdObject,&ckcapi_prototype_mdObject,
- sizeof(ckcapi_prototype_mdObject));
- io->mdObject.etc = (void *)io;
- }
- return &io->mdObject;
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &ckcapi_prototype_mdObject,
+ sizeof(ckcapi_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
+ return &io->mdObject;
}
static void
-ckcapi_removeObjectFromHash
-(
- ckcapiInternalObject *io
-)
+ckcapi_removeObjectFromHash(
+ ckcapiInternalObject *io)
{
- NSSItem *key = &io->hashKey;
+ NSSItem *key = &io->hashKey;
- if ((nssHash *)NULL == ckcapiInternalObjectHash) {
+ if ((nssHash *)NULL == ckcapiInternalObjectHash) {
+ return;
+ }
+ if (key->size == 0) {
+ ckcapi_FetchHashKey(io);
+ }
+ nssHash_Remove(ckcapiInternalObjectHash, key);
return;
- }
- if (key->size == 0) {
- ckcapi_FetchHashKey(io);
- }
- nssHash_Remove(ckcapiInternalObjectHash, key);
- return;
}
void
-nss_ckcapi_DestroyInternalObject
-(
- ckcapiInternalObject *io
-)
+nss_ckcapi_DestroyInternalObject(
+ ckcapiInternalObject *io)
{
- switch (io->type) {
- case ckcapiRaw:
+ switch (io->type) {
+ case ckcapiRaw:
+ return;
+ case ckcapiCert:
+ CertFreeCertificateContext(io->u.cert.certContext);
+ nss_ZFreeIf(io->u.cert.labelData);
+ nss_ZFreeIf(io->u.cert.key.privateKey);
+ nss_ZFreeIf(io->u.cert.key.pubKey);
+ nss_ZFreeIf(io->idData);
+ break;
+ case ckcapiBareKey:
+ nss_ZFreeIf(io->u.key.provInfo.pwszContainerName);
+ nss_ZFreeIf(io->u.key.provInfo.pwszProvName);
+ nss_ZFreeIf(io->u.key.provName);
+ nss_ZFreeIf(io->u.key.containerName);
+ nss_ZFreeIf(io->u.key.key.privateKey);
+ nss_ZFreeIf(io->u.key.key.pubKey);
+ if (0 != io->u.key.hProv) {
+ CryptReleaseContext(io->u.key.hProv, 0);
+ }
+ nss_ZFreeIf(io->idData);
+ break;
+ }
+ nss_ZFreeIf(io);
return;
- case ckcapiCert:
- CertFreeCertificateContext(io->u.cert.certContext);
- nss_ZFreeIf(io->u.cert.labelData);
- nss_ZFreeIf(io->u.cert.key.privateKey);
- nss_ZFreeIf(io->u.cert.key.pubKey);
- nss_ZFreeIf(io->idData);
- break;
- case ckcapiBareKey:
- nss_ZFreeIf(io->u.key.provInfo.pwszContainerName);
- nss_ZFreeIf(io->u.key.provInfo.pwszProvName);
- nss_ZFreeIf(io->u.key.provName);
- nss_ZFreeIf(io->u.key.containerName);
- nss_ZFreeIf(io->u.key.key.privateKey);
- nss_ZFreeIf(io->u.key.key.pubKey);
- if (0 != io->u.key.hProv) {
- CryptReleaseContext(io->u.key.hProv, 0);
- }
- nss_ZFreeIf(io->idData);
- break;
- }
- nss_ZFreeIf(io);
- return;
}
static ckcapiInternalObject *
-nss_ckcapi_CreateCertificate
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckcapi_CreateCertificate(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSItem value;
- NSSItem keyID;
- char *storeStr;
- ckcapiInternalObject *io = NULL;
- PCCERT_CONTEXT certContext = NULL;
- PCCERT_CONTEXT storedCertContext = NULL;
- CRYPT_KEY_PROV_INFO *prov_info = NULL;
- char *nickname = NULL;
- HCERTSTORE hStore = 0;
- DWORD msError = 0;
- PRBool hasID;
- CK_RV dummy;
- BOOL rc;
-
- *pError = nss_ckcapi_GetAttribute(CKA_VALUE, pTemplate,
- ulAttributeCount, &value);
-
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
+ NSSItem value;
+ NSSItem keyID;
+ char *storeStr;
+ ckcapiInternalObject *io = NULL;
+ PCCERT_CONTEXT certContext = NULL;
+ PCCERT_CONTEXT storedCertContext = NULL;
+ CRYPT_KEY_PROV_INFO *prov_info = NULL;
+ char *nickname = NULL;
+ HCERTSTORE hStore = 0;
+ DWORD msError = 0;
+ PRBool hasID;
+ CK_RV dummy;
+ BOOL rc;
+
+ *pError = nss_ckcapi_GetAttribute(CKA_VALUE, pTemplate,
+ ulAttributeCount, &value);
+
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
- *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
- ulAttributeCount, &keyID);
+ *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
- if (ckcapi_cert_exists(&value, &io)) {
- return io;
- }
+ if (ckcapi_cert_exists(&value, &io)) {
+ return io;
+ }
- /* OK, we are creating a new one, figure out what store it belongs to..
+ /* OK, we are creating a new one, figure out what store it belongs to..
* first get a certContext handle.. */
- certContext = CertCreateCertificateContext(X509_ASN_ENCODING,
- value.data, value.size);
- if ((PCCERT_CONTEXT) NULL == certContext) {
- msError = GetLastError();
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
-
- /* do we have a private key laying around... */
- prov_info = ckcapi_cert_getPrivateKeyInfo(certContext, &keyID);
- if (prov_info) {
- CRYPT_DATA_BLOB msKeyID;
- storeStr = "My";
- hasID = PR_TRUE;
- rc = CertSetCertificateContextProperty(certContext,
- CERT_KEY_PROV_INFO_PROP_ID,
- 0, prov_info);
- nss_ZFreeIf(prov_info);
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
+ certContext = CertCreateCertificateContext(X509_ASN_ENCODING,
+ value.data, value.size);
+ if ((PCCERT_CONTEXT)NULL == certContext) {
+ msError = GetLastError();
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
}
- msKeyID.cbData = keyID.size;
- msKeyID.pbData = keyID.data;
- rc = CertSetCertificateContextProperty(certContext,
- CERT_KEY_IDENTIFIER_PROP_ID,
- 0, &msKeyID);
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- /* does it look like a CA */
- } else if (ckcapi_cert_isCA(certContext)) {
- storeStr = ckcapi_cert_isRoot(certContext) ? "CA" : "Root";
- /* does it look like an S/MIME cert */
- } else if (ckcapi_cert_hasEmail(certContext)) {
- storeStr = "AddressBook";
- } else {
- /* just pick a store */
- storeStr = "CA";
- }
-
- /* get the nickname, not an error if we can't find it */
- nickname = nss_ckcapi_GetStringAttribute(CKA_LABEL, pTemplate,
- ulAttributeCount, &dummy);
- if (nickname) {
- LPWSTR nicknameUTF16 = NULL;
- CRYPT_DATA_BLOB nicknameBlob;
-
- nicknameUTF16 = nss_ckcapi_UTF8ToWide(nickname);
- nss_ZFreeIf(nickname);
- nickname = NULL;
- if ((LPWSTR)NULL == nicknameUTF16) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- nicknameBlob.cbData = nss_ckcapi_WideSize(nicknameUTF16);
- nicknameBlob.pbData = (BYTE *)nicknameUTF16;
- rc = CertSetCertificateContextProperty(certContext,
- CERT_FRIENDLY_NAME_PROP_ID, 0, &nicknameBlob);
- nss_ZFreeIf(nicknameUTF16);
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
+
+ /* do we have a private key laying around... */
+ prov_info = ckcapi_cert_getPrivateKeyInfo(certContext, &keyID);
+ if (prov_info) {
+ CRYPT_DATA_BLOB msKeyID;
+ storeStr = "My";
+ hasID = PR_TRUE;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, prov_info);
+ nss_ZFreeIf(prov_info);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ msKeyID.cbData = keyID.size;
+ msKeyID.pbData = keyID.data;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID,
+ 0, &msKeyID);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ /* does it look like a CA */
+ }
+ else if (ckcapi_cert_isCA(certContext)) {
+ storeStr = ckcapi_cert_isRoot(certContext) ? "CA" : "Root";
+ /* does it look like an S/MIME cert */
+ }
+ else if (ckcapi_cert_hasEmail(certContext)) {
+ storeStr = "AddressBook";
+ }
+ else {
+ /* just pick a store */
+ storeStr = "CA";
}
- }
- hStore = CertOpenSystemStore((HCRYPTPROV) NULL, storeStr);
- if (0 == hStore) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- rc = CertAddCertificateContextToStore(hStore, certContext,
- CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES, &storedCertContext);
- CertFreeCertificateContext(certContext);
- certContext = NULL;
- CertCloseStore(hStore, 0);
- hStore = 0;
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- io = nss_ZNEW(NULL, ckcapiInternalObject);
- if ((ckcapiInternalObject *)NULL == io) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- io->type = ckcapiCert;
- io->objClass = CKO_CERTIFICATE;
- io->u.cert.certContext = storedCertContext;
- io->u.cert.hasID = hasID;
- return io;
+ /* get the nickname, not an error if we can't find it */
+ nickname = nss_ckcapi_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &dummy);
+ if (nickname) {
+ LPWSTR nicknameUTF16 = NULL;
+ CRYPT_DATA_BLOB nicknameBlob;
+
+ nicknameUTF16 = nss_ckcapi_UTF8ToWide(nickname);
+ nss_ZFreeIf(nickname);
+ nickname = NULL;
+ if ((LPWSTR)NULL == nicknameUTF16) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nicknameBlob.cbData = nss_ckcapi_WideSize(nicknameUTF16);
+ nicknameBlob.pbData = (BYTE *)nicknameUTF16;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_FRIENDLY_NAME_PROP_ID, 0, &nicknameBlob);
+ nss_ZFreeIf(nicknameUTF16);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ }
-loser:
- if (certContext) {
+ hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
+ if (0 == hStore) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ rc = CertAddCertificateContextToStore(hStore, certContext,
+ CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES, &storedCertContext);
CertFreeCertificateContext(certContext);
certContext = NULL;
- }
- if (storedCertContext) {
- CertFreeCertificateContext(storedCertContext);
- storedCertContext = NULL;
- }
- if (0 != hStore) {
CertCloseStore(hStore, 0);
- }
- return (ckcapiInternalObject *)NULL;
+ hStore = 0;
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ io->type = ckcapiCert;
+ io->objClass = CKO_CERTIFICATE;
+ io->u.cert.certContext = storedCertContext;
+ io->u.cert.hasID = hasID;
+ return io;
+
+loser:
+ if (certContext) {
+ CertFreeCertificateContext(certContext);
+ certContext = NULL;
+ }
+ if (storedCertContext) {
+ CertFreeCertificateContext(storedCertContext);
+ storedCertContext = NULL;
+ }
+ if (0 != hStore) {
+ CertCloseStore(hStore, 0);
+ }
+ return (ckcapiInternalObject *)NULL;
}
static char *
-ckcapi_getDefaultProvider
-(
- CK_RV *pError
-)
+ckcapi_getDefaultProvider(
+ CK_RV *pError)
{
- char *name = NULL;
- BOOL rc;
- DWORD nameLength = 0;
-
- rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, NULL,
- &nameLength);
- if (!rc) {
- return (char *)NULL;
- }
-
- name = nss_ZNEWARRAY(NULL, char, nameLength);
- if ((char *)NULL == name ) {
- return (char *)NULL;
- }
- rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, name,
- &nameLength);
- if (!rc) {
- nss_ZFreeIf(name);
- return (char *)NULL;
- }
-
- return name;
+ char *name = NULL;
+ BOOL rc;
+ DWORD nameLength = 0;
+
+ rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, NULL,
+ &nameLength);
+ if (!rc) {
+ return (char *)NULL;
+ }
+
+ name = nss_ZNEWARRAY(NULL, char, nameLength);
+ if ((char *)NULL == name) {
+ return (char *)NULL;
+ }
+ rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, name,
+ &nameLength);
+ if (!rc) {
+ nss_ZFreeIf(name);
+ return (char *)NULL;
+ }
+
+ return name;
}
static char *
-ckcapi_getContainer
-(
- CK_RV *pError,
- NSSItem *id
-)
+ckcapi_getContainer(
+ CK_RV *pError,
+ NSSItem *id)
{
- RPC_STATUS rstat;
- UUID uuid;
- char *uuidStr;
- char *container;
-
- rstat = UuidCreate(&uuid);
- rstat = UuidToString(&uuid, &uuidStr);
-
- /* convert it from rcp memory to our own */
- container = nssUTF8_Duplicate(uuidStr, NULL);
- RpcStringFree(&uuidStr);
-
- return container;
+ RPC_STATUS rstat;
+ UUID uuid;
+ char *uuidStr;
+ char *container;
+
+ rstat = UuidCreate(&uuid);
+ rstat = UuidToString(&uuid, &uuidStr);
+
+ /* convert it from rcp memory to our own */
+ container = nssUTF8_Duplicate(uuidStr, NULL);
+ RpcStringFree(&uuidStr);
+
+ return container;
}
static CK_RV
-ckcapi_buildPrivateKeyBlob
-(
- NSSItem *keyBlob,
- NSSItem *modulus,
- NSSItem *publicExponent,
- NSSItem *privateExponent,
- NSSItem *prime1,
- NSSItem *prime2,
- NSSItem *exponent1,
- NSSItem *exponent2,
- NSSItem *coefficient,
- PRBool isKeyExchange
-)
+ckcapi_buildPrivateKeyBlob(
+ NSSItem *keyBlob,
+ NSSItem *modulus,
+ NSSItem *publicExponent,
+ NSSItem *privateExponent,
+ NSSItem *prime1,
+ NSSItem *prime2,
+ NSSItem *exponent1,
+ NSSItem *exponent2,
+ NSSItem *coefficient,
+ PRBool isKeyExchange)
{
- CAPI_RSA_KEY_BLOB *keyBlobData = NULL;
- unsigned char *target;
- unsigned long modSize = modulus->size;
- unsigned long dataSize;
- CK_RV error = CKR_OK;
-
- /* validate extras */
- if (privateExponent->size != modSize) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- if (prime1->size != modSize/2) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- if (prime2->size != modSize/2) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- if (exponent1->size != modSize/2) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- if (exponent2->size != modSize/2) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- if (coefficient->size != modSize/2) {
- error = CKR_ATTRIBUTE_VALUE_INVALID;
- goto loser;
- }
- dataSize = (modSize*4)+(modSize/2) + sizeof(CAPI_RSA_KEY_BLOB);
- keyBlobData = (CAPI_RSA_KEY_BLOB *)nss_ZAlloc(NULL, dataSize);
- if ((CAPI_RSA_KEY_BLOB *)NULL == keyBlobData) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
-
- keyBlobData->header.bType = PRIVATEKEYBLOB;
- keyBlobData->header.bVersion = 0x02;
- keyBlobData->header.reserved = 0x00;
- keyBlobData->header.aiKeyAlg = isKeyExchange ? CALG_RSA_KEYX:CALG_RSA_SIGN;
- keyBlobData->rsa.magic = 0x32415352;
- keyBlobData->rsa.bitlen = modSize * 8;
- keyBlobData->rsa.pubexp = nss_ckcapi_DataToInt(publicExponent,&error);
- if (CKR_OK != error) {
- goto loser;
- }
-
- target = &keyBlobData->data[CAPI_MODULUS_OFFSET(modSize)];
- nsslibc_memcpy(target, modulus->data, modulus->size);
- modulus->data = target;
- ckcapi_ReverseData(modulus);
-
- target = &keyBlobData->data[CAPI_PRIVATE_EXP_OFFSET(modSize)];
- nsslibc_memcpy(target, privateExponent->data, privateExponent->size);
- privateExponent->data = target;
- ckcapi_ReverseData(privateExponent);
-
- target = &keyBlobData->data[CAPI_PRIME_1_OFFSET(modSize)];
- nsslibc_memcpy(target, prime1->data, prime1->size);
- prime1->data = target;
- ckcapi_ReverseData(prime1);
-
- target = &keyBlobData->data[CAPI_PRIME_2_OFFSET(modSize)];
- nsslibc_memcpy(target, prime2->data, prime2->size);
- prime2->data = target;
- ckcapi_ReverseData(prime2);
-
- target = &keyBlobData->data[CAPI_EXPONENT_1_OFFSET(modSize)];
- nsslibc_memcpy(target, exponent1->data, exponent1->size);
- exponent1->data = target;
- ckcapi_ReverseData(exponent1);
-
- target = &keyBlobData->data[CAPI_EXPONENT_2_OFFSET(modSize)];
- nsslibc_memcpy(target, exponent2->data, exponent2->size);
- exponent2->data = target;
- ckcapi_ReverseData(exponent2);
-
- target = &keyBlobData->data[CAPI_COEFFICIENT_OFFSET(modSize)];
- nsslibc_memcpy(target, coefficient->data, coefficient->size);
- coefficient->data = target;
- ckcapi_ReverseData(coefficient);
-
- keyBlob->data = keyBlobData;
- keyBlob->size = dataSize;
-
- return CKR_OK;
+ CAPI_RSA_KEY_BLOB *keyBlobData = NULL;
+ unsigned char *target;
+ unsigned long modSize = modulus->size;
+ unsigned long dataSize;
+ CK_RV error = CKR_OK;
+
+ /* validate extras */
+ if (privateExponent->size != modSize) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (prime1->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (prime2->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (exponent1->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (exponent2->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (coefficient->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ dataSize = (modSize * 4) + (modSize / 2) + sizeof(CAPI_RSA_KEY_BLOB);
+ keyBlobData = (CAPI_RSA_KEY_BLOB *)nss_ZAlloc(NULL, dataSize);
+ if ((CAPI_RSA_KEY_BLOB *)NULL == keyBlobData) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ keyBlobData->header.bType = PRIVATEKEYBLOB;
+ keyBlobData->header.bVersion = 0x02;
+ keyBlobData->header.reserved = 0x00;
+ keyBlobData->header.aiKeyAlg = isKeyExchange ? CALG_RSA_KEYX : CALG_RSA_SIGN;
+ keyBlobData->rsa.magic = 0x32415352;
+ keyBlobData->rsa.bitlen = modSize * 8;
+ keyBlobData->rsa.pubexp = nss_ckcapi_DataToInt(publicExponent, &error);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ target = &keyBlobData->data[CAPI_MODULUS_OFFSET(modSize)];
+ nsslibc_memcpy(target, modulus->data, modulus->size);
+ modulus->data = target;
+ ckcapi_ReverseData(modulus);
+
+ target = &keyBlobData->data[CAPI_PRIVATE_EXP_OFFSET(modSize)];
+ nsslibc_memcpy(target, privateExponent->data, privateExponent->size);
+ privateExponent->data = target;
+ ckcapi_ReverseData(privateExponent);
+
+ target = &keyBlobData->data[CAPI_PRIME_1_OFFSET(modSize)];
+ nsslibc_memcpy(target, prime1->data, prime1->size);
+ prime1->data = target;
+ ckcapi_ReverseData(prime1);
+
+ target = &keyBlobData->data[CAPI_PRIME_2_OFFSET(modSize)];
+ nsslibc_memcpy(target, prime2->data, prime2->size);
+ prime2->data = target;
+ ckcapi_ReverseData(prime2);
+
+ target = &keyBlobData->data[CAPI_EXPONENT_1_OFFSET(modSize)];
+ nsslibc_memcpy(target, exponent1->data, exponent1->size);
+ exponent1->data = target;
+ ckcapi_ReverseData(exponent1);
+
+ target = &keyBlobData->data[CAPI_EXPONENT_2_OFFSET(modSize)];
+ nsslibc_memcpy(target, exponent2->data, exponent2->size);
+ exponent2->data = target;
+ ckcapi_ReverseData(exponent2);
+
+ target = &keyBlobData->data[CAPI_COEFFICIENT_OFFSET(modSize)];
+ nsslibc_memcpy(target, coefficient->data, coefficient->size);
+ coefficient->data = target;
+ ckcapi_ReverseData(coefficient);
+
+ keyBlob->data = keyBlobData;
+ keyBlob->size = dataSize;
+
+ return CKR_OK;
loser:
- nss_ZFreeIf(keyBlobData);
- return error;
+ nss_ZFreeIf(keyBlobData);
+ return error;
}
static ckcapiInternalObject *
-nss_ckcapi_CreatePrivateKey
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckcapi_CreatePrivateKey(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSItem modulus;
- NSSItem publicExponent;
- NSSItem privateExponent;
- NSSItem exponent1;
- NSSItem exponent2;
- NSSItem prime1;
- NSSItem prime2;
- NSSItem coefficient;
- NSSItem keyID;
- NSSItem keyBlob;
- ckcapiInternalObject *io = NULL;
- char *providerName = NULL;
- char *containerName = NULL;
- char *idData = NULL;
- CRYPT_KEY_PROV_INFO provInfo;
- CRYPT_HASH_BLOB msKeyID;
- CK_KEY_TYPE keyType;
- HCRYPTPROV hProv = 0;
- HCRYPTKEY hKey = 0;
- PRBool decrypt;
- DWORD keySpec;
- DWORD msError;
- BOOL rc;
-
- keyType = nss_ckcapi_GetULongAttribute
- (CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- if (CKK_RSA != keyType) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (ckcapiInternalObject *)NULL;
- }
-
- decrypt = nss_ckcapi_GetBoolAttribute(CKA_DECRYPT,
- pTemplate, ulAttributeCount, pError);
- if (CKR_TEMPLATE_INCOMPLETE == *pError) {
- decrypt = PR_TRUE; /* default to true */
- }
- decrypt = decrypt || nss_ckcapi_GetBoolAttribute(CKA_UNWRAP,
- pTemplate, ulAttributeCount, pError);
- if (CKR_TEMPLATE_INCOMPLETE == *pError) {
- decrypt = PR_TRUE; /* default to true */
- }
- keySpec = decrypt ? AT_KEYEXCHANGE : AT_SIGNATURE;
-
- *pError = nss_ckcapi_GetAttribute(CKA_MODULUS, pTemplate,
- ulAttributeCount, &modulus);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
- ulAttributeCount, &publicExponent);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
- ulAttributeCount, &privateExponent);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_PRIME_1, pTemplate,
- ulAttributeCount, &prime1);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_PRIME_2, pTemplate,
- ulAttributeCount, &prime2);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_1, pTemplate,
- ulAttributeCount, &exponent1);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_2, pTemplate,
- ulAttributeCount, &exponent2);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_COEFFICIENT, pTemplate,
- ulAttributeCount, &coefficient);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
- ulAttributeCount, &keyID);
- if (CKR_OK != *pError) {
- return (ckcapiInternalObject *)NULL;
- }
- providerName = ckcapi_getDefaultProvider(pError);
- if ((char *)NULL == providerName ) {
- return (ckcapiInternalObject *)NULL;
- }
- containerName = ckcapi_getContainer(pError, &keyID);
- if ((char *)NULL == containerName) {
- goto loser;
- }
- rc = CryptAcquireContext(&hProv, containerName, providerName,
- PROV_RSA_FULL, CRYPT_NEWKEYSET);
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- *pError = ckcapi_buildPrivateKeyBlob(
- &keyBlob,
- &modulus,
- &publicExponent,
- &privateExponent,
- &prime1,
- &prime2,
- &exponent1,
- &exponent2,
- &coefficient,
- decrypt);
- if (CKR_OK != *pError) {
- goto loser;
- }
-
- rc = CryptImportKey(hProv, keyBlob.data, keyBlob.size,
- 0, CRYPT_EXPORTABLE, &hKey);
- if (!rc) {
- msError = GetLastError();
- *pError = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- idData = nss_ZNEWARRAY(NULL, char, keyID.size);
- if ((void *)NULL == idData) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- nsslibc_memcpy(idData, keyID.data, keyID.size);
-
- provInfo.pwszContainerName = nss_ckcapi_UTF8ToWide(containerName);
- provInfo.pwszProvName = nss_ckcapi_UTF8ToWide(providerName);
- provInfo.dwProvType = PROV_RSA_FULL;
- provInfo.dwFlags = 0;
- provInfo.cProvParam = 0;
- provInfo.rgProvParam = NULL;
- provInfo.dwKeySpec = keySpec;
-
- msKeyID.cbData = keyID.size;
- msKeyID.pbData = keyID.data;
-
- rc = CryptSetKeyIdentifierProperty(&msKeyID, CERT_KEY_PROV_INFO_PROP_ID,
- 0, NULL, NULL, &provInfo);
- if (!rc) {
- goto loser;
- }
-
- /* handle error here */
- io = nss_ZNEW(NULL, ckcapiInternalObject);
- if ((ckcapiInternalObject *)NULL == io) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- io->type = ckcapiBareKey;
- io->objClass = CKO_PRIVATE_KEY;
- io->u.key.provInfo = provInfo;
- io->u.key.provName = providerName;
- io->u.key.containerName = containerName;
- io->u.key.hProv = hProv; /* save the handle */
- io->idData = idData;
- io->id.data = idData;
- io->id.size = keyID.size;
- /* done with the key handle */
- CryptDestroyKey(hKey);
- return io;
+ NSSItem modulus;
+ NSSItem publicExponent;
+ NSSItem privateExponent;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem coefficient;
+ NSSItem keyID;
+ NSSItem keyBlob;
+ ckcapiInternalObject *io = NULL;
+ char *providerName = NULL;
+ char *containerName = NULL;
+ char *idData = NULL;
+ CRYPT_KEY_PROV_INFO provInfo;
+ CRYPT_HASH_BLOB msKeyID;
+ CK_KEY_TYPE keyType;
+ HCRYPTPROV hProv = 0;
+ HCRYPTKEY hKey = 0;
+ PRBool decrypt;
+ DWORD keySpec;
+ DWORD msError;
+ BOOL rc;
+
+ keyType = nss_ckcapi_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ if (CKK_RSA != keyType) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (ckcapiInternalObject *)NULL;
+ }
-loser:
- nss_ZFreeIf(containerName);
- nss_ZFreeIf(providerName);
- nss_ZFreeIf(idData);
- if (0 != hProv) {
- CryptReleaseContext(hProv, 0);
- }
- if (0 != hKey) {
+ decrypt = nss_ckcapi_GetBoolAttribute(CKA_DECRYPT,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_TEMPLATE_INCOMPLETE == *pError) {
+ decrypt = PR_TRUE; /* default to true */
+ }
+ decrypt = decrypt || nss_ckcapi_GetBoolAttribute(CKA_UNWRAP,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_TEMPLATE_INCOMPLETE == *pError) {
+ decrypt = PR_TRUE; /* default to true */
+ }
+ keySpec = decrypt ? AT_KEYEXCHANGE : AT_SIGNATURE;
+
+ *pError = nss_ckcapi_GetAttribute(CKA_MODULUS, pTemplate,
+ ulAttributeCount, &modulus);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
+ ulAttributeCount, &publicExponent);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
+ ulAttributeCount, &privateExponent);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIME_1, pTemplate,
+ ulAttributeCount, &prime1);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIME_2, pTemplate,
+ ulAttributeCount, &prime2);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_1, pTemplate,
+ ulAttributeCount, &exponent1);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_2, pTemplate,
+ ulAttributeCount, &exponent2);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_COEFFICIENT, pTemplate,
+ ulAttributeCount, &coefficient);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ providerName = ckcapi_getDefaultProvider(pError);
+ if ((char *)NULL == providerName) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ containerName = ckcapi_getContainer(pError, &keyID);
+ if ((char *)NULL == containerName) {
+ goto loser;
+ }
+ rc = CryptAcquireContext(&hProv, containerName, providerName,
+ PROV_RSA_FULL, CRYPT_NEWKEYSET);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ *pError = ckcapi_buildPrivateKeyBlob(
+ &keyBlob,
+ &modulus,
+ &publicExponent,
+ &privateExponent,
+ &prime1,
+ &prime2,
+ &exponent1,
+ &exponent2,
+ &coefficient,
+ decrypt);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ rc = CryptImportKey(hProv, keyBlob.data, keyBlob.size,
+ 0, CRYPT_EXPORTABLE, &hKey);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ idData = nss_ZNEWARRAY(NULL, char, keyID.size);
+ if ((void *)NULL == idData) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(idData, keyID.data, keyID.size);
+
+ provInfo.pwszContainerName = nss_ckcapi_UTF8ToWide(containerName);
+ provInfo.pwszProvName = nss_ckcapi_UTF8ToWide(providerName);
+ provInfo.dwProvType = PROV_RSA_FULL;
+ provInfo.dwFlags = 0;
+ provInfo.cProvParam = 0;
+ provInfo.rgProvParam = NULL;
+ provInfo.dwKeySpec = keySpec;
+
+ msKeyID.cbData = keyID.size;
+ msKeyID.pbData = keyID.data;
+
+ rc = CryptSetKeyIdentifierProperty(&msKeyID, CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, &provInfo);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* handle error here */
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ io->type = ckcapiBareKey;
+ io->objClass = CKO_PRIVATE_KEY;
+ io->u.key.provInfo = provInfo;
+ io->u.key.provName = providerName;
+ io->u.key.containerName = containerName;
+ io->u.key.hProv = hProv; /* save the handle */
+ io->idData = idData;
+ io->id.data = idData;
+ io->id.size = keyID.size;
+ /* done with the key handle */
CryptDestroyKey(hKey);
- }
- return (ckcapiInternalObject *)NULL;
-}
+ return io;
+loser:
+ nss_ZFreeIf(containerName);
+ nss_ZFreeIf(providerName);
+ nss_ZFreeIf(idData);
+ if (0 != hProv) {
+ CryptReleaseContext(hProv, 0);
+ }
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return (ckcapiInternalObject *)NULL;
+}
NSS_EXTERN NSSCKMDObject *
-nss_ckcapi_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckcapi_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- CK_OBJECT_CLASS objClass;
- ckcapiInternalObject *io = NULL;
- CK_BBOOL isToken;
-
- /*
- * only create token objects
- */
- isToken = nss_ckcapi_GetBoolAttribute(CKA_TOKEN, pTemplate,
- ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- return (NSSCKMDObject *) NULL;
- }
- if (!isToken) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (NSSCKMDObject *) NULL;
- }
-
- /*
- * only create keys and certs.
- */
- objClass = nss_ckcapi_GetULongAttribute(CKA_CLASS, pTemplate,
- ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- return (NSSCKMDObject *) NULL;
- }
+ CK_OBJECT_CLASS objClass;
+ ckcapiInternalObject *io = NULL;
+ CK_BBOOL isToken;
+
+ /*
+ * only create token objects
+ */
+ isToken = nss_ckcapi_GetBoolAttribute(CKA_TOKEN, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+ if (!isToken) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ /*
+ * only create keys and certs.
+ */
+ objClass = nss_ckcapi_GetULongAttribute(CKA_CLASS, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
#ifdef notdef
- if (objClass == CKO_PUBLIC_KEY) {
- return CKR_OK; /* fake public key creation, happens as a side effect of
- * private key creation */
- }
+ if (objClass == CKO_PUBLIC_KEY) {
+ return CKR_OK; /* fake public key creation, happens as a side effect of
+ * private key creation */
+ }
#endif
- if (objClass == CKO_CERTIFICATE) {
- io = nss_ckcapi_CreateCertificate(fwSession, pTemplate,
- ulAttributeCount, pError);
- } else if (objClass == CKO_PRIVATE_KEY) {
- io = nss_ckcapi_CreatePrivateKey(fwSession, pTemplate,
- ulAttributeCount, pError);
- } else {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- if ((ckcapiInternalObject *)NULL == io) {
- return (NSSCKMDObject *) NULL;
- }
- return nss_ckcapi_CreateMDObject(NULL, io, pError);
+ if (objClass == CKO_CERTIFICATE) {
+ io = nss_ckcapi_CreateCertificate(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ }
+ else if (objClass == CKO_PRIVATE_KEY) {
+ io = nss_ckcapi_CreatePrivateKey(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ }
+ else {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if ((ckcapiInternalObject *)NULL == io) {
+ return (NSSCKMDObject *)NULL;
+ }
+ return nss_ckcapi_CreateMDObject(NULL, io, pError);
}
diff --git a/lib/ckfw/capi/constants.c b/lib/ckfw/capi/constants.c
index 9b919aa6d..0d4b70110 100644
--- a/lib/ckfw/capi/constants.c
+++ b/lib/ckfw/capi/constants.c
@@ -21,40 +21,43 @@
#endif /* NSSCAPI_H */
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckcapi_CryptokiVersion = {
- NSS_CKCAPI_CRYPTOKI_VERSION_MAJOR,
- NSS_CKCAPI_CRYPTOKI_VERSION_MINOR };
+ nss_ckcapi_CryptokiVersion = {
+ NSS_CKCAPI_CRYPTOKI_VERSION_MAJOR,
+ NSS_CKCAPI_CRYPTOKI_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_ManufacturerID = (NSSUTF8 *) "Mozilla Foundation";
+ nss_ckcapi_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_LibraryDescription = (NSSUTF8 *) "NSS Access to Microsoft Certificate Store";
+ nss_ckcapi_LibraryDescription = (NSSUTF8 *)"NSS Access to Microsoft Certificate Store";
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckcapi_LibraryVersion = {
- NSS_CKCAPI_LIBRARY_VERSION_MAJOR,
- NSS_CKCAPI_LIBRARY_VERSION_MINOR};
+ nss_ckcapi_LibraryVersion = {
+ NSS_CKCAPI_LIBRARY_VERSION_MAJOR,
+ NSS_CKCAPI_LIBRARY_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_SlotDescription = (NSSUTF8 *) "Microsoft Certificate Store";
+ nss_ckcapi_SlotDescription = (NSSUTF8 *)"Microsoft Certificate Store";
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckcapi_HardwareVersion = {
- NSS_CKCAPI_HARDWARE_VERSION_MAJOR,
- NSS_CKCAPI_HARDWARE_VERSION_MINOR };
+ nss_ckcapi_HardwareVersion = {
+ NSS_CKCAPI_HARDWARE_VERSION_MAJOR,
+ NSS_CKCAPI_HARDWARE_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckcapi_FirmwareVersion = {
- NSS_CKCAPI_FIRMWARE_VERSION_MAJOR,
- NSS_CKCAPI_FIRMWARE_VERSION_MINOR };
+ nss_ckcapi_FirmwareVersion = {
+ NSS_CKCAPI_FIRMWARE_VERSION_MAJOR,
+ NSS_CKCAPI_FIRMWARE_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_TokenLabel = (NSSUTF8 *) "Microsoft Certificate Store";
+ nss_ckcapi_TokenLabel = (NSSUTF8 *)"Microsoft Certificate Store";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_TokenModel = (NSSUTF8 *) "1";
+ nss_ckcapi_TokenModel = (NSSUTF8 *)"1";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckcapi_TokenSerialNumber = (NSSUTF8 *) "1";
-
+ nss_ckcapi_TokenSerialNumber = (NSSUTF8 *)"1";
diff --git a/lib/ckfw/capi/crsa.c b/lib/ckfw/capi/crsa.c
index 9acc7e780..62f90acb6 100644
--- a/lib/ckfw/capi/crsa.c
+++ b/lib/ckfw/capi/crsa.c
@@ -5,7 +5,7 @@
#include "ckcapi.h"
#include "secdert.h"
-#define SSL3_SHAMD5_HASH_SIZE 36 /* LEN_MD5 (16) + LEN_SHA1 (20) */
+#define SSL3_SHAMD5_HASH_SIZE 36 /* LEN_MD5 (16) + LEN_SHA1 (20) */
/*
* ckcapi/crsa.c
@@ -21,115 +21,109 @@
static char *
putDecimalString(char *cstr, unsigned long value)
{
- unsigned long tenpower;
- int first = 1;
-
- for (tenpower=10000000; tenpower; tenpower /= 10) {
- unsigned char digit = (unsigned char )(value/tenpower);
- value = value % tenpower;
-
- /* drop leading zeros */
- if (first && (0 == digit)) {
- continue;
- }
- first = 0;
- *cstr++ = digit + '0';
- }
-
- /* if value was zero, put one of them out */
- if (first) {
- *cstr++ = '0';
- }
- return cstr;
-}
+ unsigned long tenpower;
+ int first = 1;
+
+ for (tenpower = 10000000; tenpower; tenpower /= 10) {
+ unsigned char digit = (unsigned char)(value / tenpower);
+ value = value % tenpower;
+
+ /* drop leading zeros */
+ if (first && (0 == digit)) {
+ continue;
+ }
+ first = 0;
+ *cstr++ = digit + '0';
+ }
+ /* if value was zero, put one of them out */
+ if (first) {
+ *cstr++ = '0';
+ }
+ return cstr;
+}
/*
* Create a Capi OID string value from a DER OID
*/
static char *
-nss_ckcapi_GetOidString
-(
- unsigned char *oidTag,
- unsigned int oidTagSize,
- CK_RV *pError
-)
+nss_ckcapi_GetOidString(
+ unsigned char *oidTag,
+ unsigned int oidTagSize,
+ CK_RV *pError)
{
- unsigned char *oid;
- char *oidStr;
- char *cstr;
- unsigned long value;
- unsigned int oidSize;
-
- if (DER_OBJECT_ID != *oidTag) {
- /* wasn't an oid */
- *pError = CKR_DATA_INVALID;
- return NULL;
- }
- oid = nss_ckcapi_DERUnwrap(oidTag, oidTagSize, &oidSize, NULL);
-
- if (oidSize < 2) {
- *pError = CKR_DATA_INVALID;
- return NULL;
- }
-
- oidStr = nss_ZNEWARRAY( NULL, char, oidSize*4 );
- if ((char *)NULL == oidStr) {
- *pError = CKR_HOST_MEMORY;
- return NULL;
- }
- cstr = oidStr;
- cstr = putDecimalString(cstr, (*oid) / 40);
- *cstr++ = '.';
- cstr = putDecimalString(cstr, (*oid) % 40);
- oidSize--;
-
- value = 0;
- while (oidSize--) {
- oid++;
- value = (value << 7) + (*oid & 0x7f);
- if (0 == (*oid & 0x80)) {
- *cstr++ = '.';
- cstr = putDecimalString(cstr, value);
- value = 0;
- }
- }
-
- *cstr = 0; /* NULL terminate */
-
- if (value != 0) {
- nss_ZFreeIf(oidStr);
- *pError = CKR_DATA_INVALID;
- return NULL;
- }
- return oidStr;
-}
+ unsigned char *oid;
+ char *oidStr;
+ char *cstr;
+ unsigned long value;
+ unsigned int oidSize;
+
+ if (DER_OBJECT_ID != *oidTag) {
+ /* wasn't an oid */
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+ oid = nss_ckcapi_DERUnwrap(oidTag, oidTagSize, &oidSize, NULL);
+
+ if (oidSize < 2) {
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+
+ oidStr = nss_ZNEWARRAY(NULL, char, oidSize * 4);
+ if ((char *)NULL == oidStr) {
+ *pError = CKR_HOST_MEMORY;
+ return NULL;
+ }
+ cstr = oidStr;
+ cstr = putDecimalString(cstr, (*oid) / 40);
+ *cstr++ = '.';
+ cstr = putDecimalString(cstr, (*oid) % 40);
+ oidSize--;
+
+ value = 0;
+ while (oidSize--) {
+ oid++;
+ value = (value << 7) + (*oid & 0x7f);
+ if (0 == (*oid & 0x80)) {
+ *cstr++ = '.';
+ cstr = putDecimalString(cstr, value);
+ value = 0;
+ }
+ }
+
+ *cstr = 0; /* NULL terminate */
+ if (value != 0) {
+ nss_ZFreeIf(oidStr);
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+ return oidStr;
+}
/*
- * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
- * which includes the hash OID. CAPI expects to take a Hash Context. While
- * CAPI does have the capability of setting a raw hash value, it does not
+ * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
+ * which includes the hash OID. CAPI expects to take a Hash Context. While
+ * CAPI does have the capability of setting a raw hash value, it does not
* have the ability to sign an arbitrary value. This function tries to
* reduce the passed in data into something that CAPI could actually sign.
*/
static CK_RV
-ckcapi_GetRawHash
-(
- const NSSItem *input,
- NSSItem *hash,
- ALG_ID *hashAlg
-)
+ckcapi_GetRawHash(
+ const NSSItem *input,
+ NSSItem *hash,
+ ALG_ID *hashAlg)
{
- unsigned char *current;
- unsigned char *algid;
- unsigned char *oid;
- unsigned char *hashData;
- char *oidStr;
- CK_RV error;
- unsigned int oidSize;
- unsigned int size;
- /*
+ unsigned char *current;
+ unsigned char *algid;
+ unsigned char *oid;
+ unsigned char *hashData;
+ char *oidStr;
+ CK_RV error;
+ unsigned int oidSize;
+ unsigned int size;
+ /*
* there are 2 types of hashes NSS typically tries to sign, regular
* RSA signature format (with encoded DER_OIDS), and SSL3 Signed hashes.
* CAPI knows not to add any oids to SSL3_Signed hashes, so if we have any
@@ -138,73 +132,73 @@ ckcapi_GetRawHash
* is really a combined hash or some other arbitrary data, so it's safe to
* handle this case first.
*/
- if (SSL3_SHAMD5_HASH_SIZE == input->size) {
- hash->data = input->data;
- hash->size = input->size;
- *hashAlg = CALG_SSL3_SHAMD5;
- return CKR_OK;
- }
-
- current = (unsigned char *)input->data;
-
- /* make sure we have a sequence tag */
- if ((DER_SEQUENCE|DER_CONSTRUCTED) != *current) {
- return CKR_DATA_INVALID;
- }
-
- /* parse the input block to get 1) the hash oid, and 2) the raw hash value.
- * unfortunatly CAPI doesn't have a builtin function to do this work, so
- * we go ahead and do it by hand here.
- *
- * format is:
- * SEQUENCE {
- * SECQUENCE { // algid
- * OID {} // oid
- * ANY {} // optional params
- * }
- * OCTECT {} // hash
- */
-
- /* unwrap */
- algid = nss_ckcapi_DERUnwrap(current,input->size, &size, NULL);
-
- if (algid+size != current+input->size) {
- /* make sure there is not extra data at the end */
- return CKR_DATA_INVALID;
- }
-
- if ((DER_SEQUENCE|DER_CONSTRUCTED) != *algid) {
- /* wasn't an algid */
- return CKR_DATA_INVALID;
- }
- oid = nss_ckcapi_DERUnwrap(algid, size, &oidSize, &hashData);
-
- if (DER_OCTET_STRING != *hashData) {
- /* wasn't a hash */
- return CKR_DATA_INVALID;
- }
-
- /* get the real hash */
- current = hashData;
- size = size - (hashData-algid);
- hash->data = nss_ckcapi_DERUnwrap(current, size, &hash->size, NULL);
-
- /* get the real oid as a string. Again, Microsoft does not
- * export anything that does this for us */
- oidStr = nss_ckcapi_GetOidString(oid, oidSize, &error);
- if ((char *)NULL == oidStr ) {
- return error;
- }
+ if (SSL3_SHAMD5_HASH_SIZE == input->size) {
+ hash->data = input->data;
+ hash->size = input->size;
+ *hashAlg = CALG_SSL3_SHAMD5;
+ return CKR_OK;
+ }
+
+ current = (unsigned char *)input->data;
+
+ /* make sure we have a sequence tag */
+ if ((DER_SEQUENCE | DER_CONSTRUCTED) != *current) {
+ return CKR_DATA_INVALID;
+ }
+
+ /* parse the input block to get 1) the hash oid, and 2) the raw hash value.
+ * unfortunatly CAPI doesn't have a builtin function to do this work, so
+ * we go ahead and do it by hand here.
+ *
+ * format is:
+ * SEQUENCE {
+ * SECQUENCE { // algid
+ * OID {} // oid
+ * ANY {} // optional params
+ * }
+ * OCTECT {} // hash
+ */
+
+ /* unwrap */
+ algid = nss_ckcapi_DERUnwrap(current, input->size, &size, NULL);
+
+ if (algid + size != current + input->size) {
+ /* make sure there is not extra data at the end */
+ return CKR_DATA_INVALID;
+ }
+
+ if ((DER_SEQUENCE | DER_CONSTRUCTED) != *algid) {
+ /* wasn't an algid */
+ return CKR_DATA_INVALID;
+ }
+ oid = nss_ckcapi_DERUnwrap(algid, size, &oidSize, &hashData);
+
+ if (DER_OCTET_STRING != *hashData) {
+ /* wasn't a hash */
+ return CKR_DATA_INVALID;
+ }
+
+ /* get the real hash */
+ current = hashData;
+ size = size - (hashData - algid);
+ hash->data = nss_ckcapi_DERUnwrap(current, size, &hash->size, NULL);
+
+ /* get the real oid as a string. Again, Microsoft does not
+ * export anything that does this for us */
+ oidStr = nss_ckcapi_GetOidString(oid, oidSize, &error);
+ if ((char *)NULL == oidStr) {
+ return error;
+ }
- /* look up the hash alg from the oid (fortunately CAPI does to this) */
- *hashAlg = CertOIDToAlgId(oidStr);
- nss_ZFreeIf(oidStr);
- if (0 == *hashAlg) {
- return CKR_HOST_MEMORY;
- }
+ /* look up the hash alg from the oid (fortunately CAPI does to this) */
+ *hashAlg = CertOIDToAlgId(oidStr);
+ nss_ZFreeIf(oidStr);
+ if (0 == *hashAlg) {
+ return CKR_HOST_MEMORY;
+ }
- /* hash looks reasonably consistent, we should be able to sign it now */
- return CKR_OK;
+ /* hash looks reasonably consistent, we should be able to sign it now */
+ return CKR_OK;
}
/*
@@ -214,133 +208,125 @@ ckcapi_GetRawHash
void
ckcapi_ReverseData(NSSItem *item)
{
- int end = (item->size)-1;
- int middle = (item->size)/2;
- unsigned char *buf = item->data;
- int i;
-
- for (i=0; i < middle; i++) {
- unsigned char tmp = buf[i];
- buf[i] = buf[end-i];
- buf[end-i] = tmp;
- }
- return;
+ int end = (item->size) - 1;
+ int middle = (item->size) / 2;
+ unsigned char *buf = item->data;
+ int i;
+
+ for (i = 0; i < middle; i++) {
+ unsigned char tmp = buf[i];
+ buf[i] = buf[end - i];
+ buf[end - i] = tmp;
+ }
+ return;
}
-typedef struct ckcapiInternalCryptoOperationRSAPrivStr
- ckcapiInternalCryptoOperationRSAPriv;
-struct ckcapiInternalCryptoOperationRSAPrivStr
-{
- NSSCKMDCryptoOperation mdOperation;
- NSSCKMDMechanism *mdMechanism;
- ckcapiInternalObject *iKey;
- HCRYPTPROV hProv;
- DWORD keySpec;
- HCRYPTKEY hKey;
- NSSItem *buffer;
+typedef struct ckcapiInternalCryptoOperationRSAPrivStr
+ ckcapiInternalCryptoOperationRSAPriv;
+struct ckcapiInternalCryptoOperationRSAPrivStr {
+ NSSCKMDCryptoOperation mdOperation;
+ NSSCKMDMechanism *mdMechanism;
+ ckcapiInternalObject *iKey;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey;
+ NSSItem *buffer;
};
/*
* ckcapi_mdCryptoOperationRSAPriv_Create
*/
static NSSCKMDCryptoOperation *
-ckcapi_mdCryptoOperationRSAPriv_Create
-(
- const NSSCKMDCryptoOperation *proto,
- NSSCKMDMechanism *mdMechanism,
- NSSCKMDObject *mdKey,
- CK_RV *pError
-)
+ckcapi_mdCryptoOperationRSAPriv_Create(
+ const NSSCKMDCryptoOperation *proto,
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDObject *mdKey,
+ CK_RV *pError)
{
- ckcapiInternalObject *iKey = (ckcapiInternalObject *)mdKey->etc;
- const NSSItem *classItem = nss_ckcapi_FetchAttribute(iKey, CKA_CLASS);
- const NSSItem *keyType = nss_ckcapi_FetchAttribute(iKey, CKA_KEY_TYPE);
- ckcapiInternalCryptoOperationRSAPriv *iOperation;
- CK_RV error;
- HCRYPTPROV hProv;
- DWORD keySpec;
- HCRYPTKEY hKey;
-
- /* make sure we have the right objects */
- if (((const NSSItem *)NULL == classItem) ||
- (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
- (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
- ((const NSSItem *)NULL == keyType) ||
- (sizeof(CK_KEY_TYPE) != keyType->size) ||
- (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
- *pError = CKR_KEY_TYPE_INCONSISTENT;
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- error = nss_ckcapi_FetchKeyContainer(iKey, &hProv, &keySpec, &hKey);
- if (error != CKR_OK) {
- *pError = error;
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- iOperation = nss_ZNEW(NULL, ckcapiInternalCryptoOperationRSAPriv);
- if ((ckcapiInternalCryptoOperationRSAPriv *)NULL == iOperation) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDCryptoOperation *)NULL;
- }
- iOperation->mdMechanism = mdMechanism;
- iOperation->iKey = iKey;
- iOperation->hProv = hProv;
- iOperation->keySpec = keySpec;
- iOperation->hKey = hKey;
-
- nsslibc_memcpy(&iOperation->mdOperation,
- proto, sizeof(NSSCKMDCryptoOperation));
- iOperation->mdOperation.etc = iOperation;
-
- return &iOperation->mdOperation;
+ ckcapiInternalObject *iKey = (ckcapiInternalObject *)mdKey->etc;
+ const NSSItem *classItem = nss_ckcapi_FetchAttribute(iKey, CKA_CLASS);
+ const NSSItem *keyType = nss_ckcapi_FetchAttribute(iKey, CKA_KEY_TYPE);
+ ckcapiInternalCryptoOperationRSAPriv *iOperation;
+ CK_RV error;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey;
+
+ /* make sure we have the right objects */
+ if (((const NSSItem *)NULL == classItem) ||
+ (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
+ (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
+ ((const NSSItem *)NULL == keyType) ||
+ (sizeof(CK_KEY_TYPE) != keyType->size) ||
+ (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
+ *pError = CKR_KEY_TYPE_INCONSISTENT;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ error = nss_ckcapi_FetchKeyContainer(iKey, &hProv, &keySpec, &hKey);
+ if (error != CKR_OK) {
+ *pError = error;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ iOperation = nss_ZNEW(NULL, ckcapiInternalCryptoOperationRSAPriv);
+ if ((ckcapiInternalCryptoOperationRSAPriv *)NULL == iOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ iOperation->mdMechanism = mdMechanism;
+ iOperation->iKey = iKey;
+ iOperation->hProv = hProv;
+ iOperation->keySpec = keySpec;
+ iOperation->hKey = hKey;
+
+ nsslibc_memcpy(&iOperation->mdOperation,
+ proto, sizeof(NSSCKMDCryptoOperation));
+ iOperation->mdOperation.etc = iOperation;
+
+ return &iOperation->mdOperation;
}
static CK_RV
-ckcapi_mdCryptoOperationRSAPriv_Destroy
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdCryptoOperationRSAPriv_Destroy(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- ckcapiInternalCryptoOperationRSAPriv *iOperation =
- (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
-
- if (iOperation->hKey) {
- CryptDestroyKey(iOperation->hKey);
- }
- if (iOperation->buffer) {
- nssItem_Destroy(iOperation->buffer);
- }
- nss_ZFreeIf(iOperation);
- return CKR_OK;
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+
+ if (iOperation->hKey) {
+ CryptDestroyKey(iOperation->hKey);
+ }
+ if (iOperation->buffer) {
+ nssItem_Destroy(iOperation->buffer);
+ }
+ nss_ZFreeIf(iOperation);
+ return CKR_OK;
}
static CK_ULONG
-ckcapi_mdCryptoOperationRSA_GetFinalLength
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdCryptoOperationRSA_GetFinalLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- ckcapiInternalCryptoOperationRSAPriv *iOperation =
- (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
- const NSSItem *modulus =
- nss_ckcapi_FetchAttribute(iOperation->iKey, CKA_MODULUS);
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ const NSSItem *modulus =
+ nss_ckcapi_FetchAttribute(iOperation->iKey, CKA_MODULUS);
- return modulus->size;
+ return modulus->size;
}
-
/*
* ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength
* we won't know the length until we actually decrypt the
@@ -348,86 +334,85 @@ ckcapi_mdCryptoOperationRSA_GetFinalLength
* the block, we'll save if for when the block is asked for
*/
static CK_ULONG
-ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- CK_RV *pError
-)
+ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ CK_RV *pError)
{
- ckcapiInternalCryptoOperationRSAPriv *iOperation =
- (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
- BOOL rc;
-
- /* Microsoft's Decrypt operation works in place. Since we don't want
- * to trash our input buffer, we make a copy of it */
- iOperation->buffer = nssItem_Duplicate((NSSItem *)input, NULL, NULL);
- if ((NSSItem *) NULL == iOperation->buffer) {
- *pError = CKR_HOST_MEMORY;
- return 0;
- }
- /* Sigh, reverse it */
- ckcapi_ReverseData(iOperation->buffer);
-
- rc = CryptDecrypt(iOperation->hKey, 0, TRUE, 0,
- iOperation->buffer->data, &iOperation->buffer->size);
- if (!rc) {
- DWORD msError = GetLastError();
- switch (msError) {
- case NTE_BAD_DATA:
- *pError = CKR_ENCRYPTED_DATA_INVALID;
- break;
- case NTE_FAIL:
- case NTE_BAD_UID:
- *pError = CKR_DEVICE_ERROR;
- break;
- default:
- *pError = CKR_GENERAL_ERROR;
- }
- return 0;
- }
-
- return iOperation->buffer->size;
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ BOOL rc;
+
+ /* Microsoft's Decrypt operation works in place. Since we don't want
+ * to trash our input buffer, we make a copy of it */
+ iOperation->buffer = nssItem_Duplicate((NSSItem *)input, NULL, NULL);
+ if ((NSSItem *)NULL == iOperation->buffer) {
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+ /* Sigh, reverse it */
+ ckcapi_ReverseData(iOperation->buffer);
+
+ rc = CryptDecrypt(iOperation->hKey, 0, TRUE, 0,
+ iOperation->buffer->data, &iOperation->buffer->size);
+ if (!rc) {
+ DWORD msError = GetLastError();
+ switch (msError) {
+ case NTE_BAD_DATA:
+ *pError =
+ CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ case NTE_FAIL:
+ case NTE_BAD_UID:
+ *pError =
+ CKR_DEVICE_ERROR;
+ break;
+ default:
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return 0;
+ }
+
+ return iOperation->buffer->size;
}
/*
* ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal
*
- * NOTE: ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
+ * NOTE: ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
* have been called previously.
*/
static CK_RV
-ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- NSSItem *output
-)
+ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
{
- ckcapiInternalCryptoOperationRSAPriv *iOperation =
- (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
- NSSItem *buffer = iOperation->buffer;
-
- if ((NSSItem *)NULL == buffer) {
- return CKR_GENERAL_ERROR;
- }
- nsslibc_memcpy(output->data, buffer->data, buffer->size);
- output->size = buffer->size;
- return CKR_OK;
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ NSSItem *buffer = iOperation->buffer;
+
+ if ((NSSItem *)NULL == buffer) {
+ return CKR_GENERAL_ERROR;
+ }
+ nsslibc_memcpy(output->data, buffer->data, buffer->size);
+ output->size = buffer->size;
+ return CKR_OK;
}
/*
@@ -435,277 +420,268 @@ ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal
*
*/
static CK_RV
-ckcapi_mdCryptoOperationRSASign_UpdateFinal
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- NSSItem *output
-)
+ckcapi_mdCryptoOperationRSASign_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
{
- ckcapiInternalCryptoOperationRSAPriv *iOperation =
- (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
- CK_RV error = CKR_OK;
- DWORD msError;
- NSSItem hash;
- HCRYPTHASH hHash = 0;
- ALG_ID hashAlg;
- DWORD hashSize;
- DWORD len; /* temp length value we throw away */
- BOOL rc;
-
- /*
- * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
- * which includes the hash OID. CAPI expects to take a Hash Context. While
- * CAPI does have the capability of setting a raw hash value, it does not
- * have the ability to sign an arbitrary value. This function tries to
- * reduce the passed in data into something that CAPI could actually sign.
- */
- error = ckcapi_GetRawHash(input, &hash, &hashAlg);
- if (CKR_OK != error) {
- goto loser;
- }
-
- rc = CryptCreateHash(iOperation->hProv, hashAlg, 0, 0, &hHash);
- if (!rc) {
- goto loser;
- }
-
- /* make sure the hash lens match before we set it */
- len = sizeof(DWORD);
- rc = CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE *)&hashSize, &len, 0);
- if (!rc) {
- goto loser;
- }
-
- if (hash.size != hashSize) {
- /* The input must have been bad for this to happen */
- error = CKR_DATA_INVALID;
- goto loser;
- }
-
- /* we have an explicit hash, set it, note that the length is
- * implicit by the hashAlg used in create */
- rc = CryptSetHashParam(hHash, HP_HASHVAL, hash.data, 0);
- if (!rc) {
- goto loser;
- }
-
- /* OK, we have the data in a hash structure, sign it! */
- rc = CryptSignHash(hHash, iOperation->keySpec, NULL, 0,
- output->data, &output->size);
- if (!rc) {
- goto loser;
- }
-
- /* Don't return a signature that might have been broken because of a cosmic
- * ray, or a broken processor, verify that it is valid... */
- rc = CryptVerifySignature(hHash, output->data, output->size,
- iOperation->hKey, NULL, 0);
- if (!rc) {
- goto loser;
- }
-
- /* OK, Microsoft likes to do things completely differently than anyone
- * else. We need to reverse the data we received here */
- ckcapi_ReverseData(output);
- CryptDestroyHash(hHash);
- return CKR_OK;
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CK_RV error = CKR_OK;
+ DWORD msError;
+ NSSItem hash;
+ HCRYPTHASH hHash = 0;
+ ALG_ID hashAlg;
+ DWORD hashSize;
+ DWORD len; /* temp length value we throw away */
+ BOOL rc;
+
+ /*
+ * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
+ * which includes the hash OID. CAPI expects to take a Hash Context. While
+ * CAPI does have the capability of setting a raw hash value, it does not
+ * have the ability to sign an arbitrary value. This function tries to
+ * reduce the passed in data into something that CAPI could actually sign.
+ */
+ error = ckcapi_GetRawHash(input, &hash, &hashAlg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
-loser:
- /* map the microsoft error */
- if (CKR_OK == error) {
- msError = GetLastError();
- switch (msError) {
- case ERROR_NOT_ENOUGH_MEMORY:
- error = CKR_HOST_MEMORY;
- break;
- case NTE_NO_MEMORY:
- error = CKR_DEVICE_MEMORY;
- break;
- case ERROR_MORE_DATA:
- return CKR_BUFFER_TOO_SMALL;
- case ERROR_INVALID_PARAMETER: /* these params were derived from the */
- case ERROR_INVALID_HANDLE: /* inputs, so if they are bad, the input */
- case NTE_BAD_ALGID: /* data is bad */
- case NTE_BAD_HASH:
- error = CKR_DATA_INVALID;
- break;
- case ERROR_BUSY:
- case NTE_FAIL:
- case NTE_BAD_UID:
- error = CKR_DEVICE_ERROR;
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
- }
- if (hHash) {
+ rc = CryptCreateHash(iOperation->hProv, hashAlg, 0, 0, &hHash);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* make sure the hash lens match before we set it */
+ len = sizeof(DWORD);
+ rc = CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE *)&hashSize, &len, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ if (hash.size != hashSize) {
+ /* The input must have been bad for this to happen */
+ error = CKR_DATA_INVALID;
+ goto loser;
+ }
+
+ /* we have an explicit hash, set it, note that the length is
+ * implicit by the hashAlg used in create */
+ rc = CryptSetHashParam(hHash, HP_HASHVAL, hash.data, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* OK, we have the data in a hash structure, sign it! */
+ rc = CryptSignHash(hHash, iOperation->keySpec, NULL, 0,
+ output->data, &output->size);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* Don't return a signature that might have been broken because of a cosmic
+ * ray, or a broken processor, verify that it is valid... */
+ rc = CryptVerifySignature(hHash, output->data, output->size,
+ iOperation->hKey, NULL, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* OK, Microsoft likes to do things completely differently than anyone
+ * else. We need to reverse the data we received here */
+ ckcapi_ReverseData(output);
CryptDestroyHash(hHash);
- }
- return error;
+ return CKR_OK;
+
+loser:
+ /* map the microsoft error */
+ if (CKR_OK == error) {
+ msError = GetLastError();
+ switch (msError) {
+ case ERROR_NOT_ENOUGH_MEMORY:
+ error =
+ CKR_HOST_MEMORY;
+ break;
+ case NTE_NO_MEMORY:
+ error =
+ CKR_DEVICE_MEMORY;
+ break;
+ case ERROR_MORE_DATA:
+ return CKR_BUFFER_TOO_SMALL;
+ case ERROR_INVALID_PARAMETER: /* these params were derived from the */
+ case ERROR_INVALID_HANDLE: /* inputs, so if they are bad, the input */
+ case NTE_BAD_ALGID: /* data is bad */
+ case NTE_BAD_HASH:
+ error =
+ CKR_DATA_INVALID;
+ break;
+ case ERROR_BUSY:
+ case NTE_FAIL:
+ case NTE_BAD_UID:
+ error =
+ CKR_DEVICE_ERROR;
+ break;
+ default:
+ error =
+ CKR_GENERAL_ERROR;
+ break;
+ }
+ }
+ if (hHash) {
+ CryptDestroyHash(hHash);
+ }
+ return error;
}
-
NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
-ckcapi_mdCryptoOperationRSADecrypt_proto = {
- NULL, /* etc */
- ckcapi_mdCryptoOperationRSAPriv_Destroy,
- NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
- ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength,
- NULL, /* Final - not needed for one shot operation */
- NULL, /* Update - not needed for one shot operation */
- NULL, /* DigetUpdate - not needed for one shot operation */
- ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal,
- NULL, /* UpdateCombo - not needed for one shot operation */
- NULL, /* DigetKey - not needed for one shot operation */
- (void *)NULL /* null terminator */
-};
+ ckcapi_mdCryptoOperationRSADecrypt_proto = {
+ NULL, /* etc */
+ ckcapi_mdCryptoOperationRSAPriv_Destroy,
+ NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
+ ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength,
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
-ckcapi_mdCryptoOperationRSASign_proto = {
- NULL, /* etc */
- ckcapi_mdCryptoOperationRSAPriv_Destroy,
- ckcapi_mdCryptoOperationRSA_GetFinalLength,
- NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
- NULL, /* Final - not needed for one shot operation */
- NULL, /* Update - not needed for one shot operation */
- NULL, /* DigetUpdate - not needed for one shot operation */
- ckcapi_mdCryptoOperationRSASign_UpdateFinal,
- NULL, /* UpdateCombo - not needed for one shot operation */
- NULL, /* DigetKey - not needed for one shot operation */
- (void *)NULL /* null terminator */
-};
+ ckcapi_mdCryptoOperationRSASign_proto = {
+ NULL, /* etc */
+ ckcapi_mdCryptoOperationRSAPriv_Destroy,
+ ckcapi_mdCryptoOperationRSA_GetFinalLength,
+ NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckcapi_mdCryptoOperationRSASign_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
/********** NSSCKMDMechansim functions ***********************/
/*
* ckcapi_mdMechanismRSA_Destroy
*/
static void
-ckcapi_mdMechanismRSA_Destroy
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdMechanismRSA_Destroy(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_ZFreeIf(fwMechanism);
+ nss_ZFreeIf(fwMechanism);
}
/*
* ckcapi_mdMechanismRSA_GetMinKeySize
*/
static CK_ULONG
-ckcapi_mdMechanismRSA_GetMinKeySize
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdMechanismRSA_GetMinKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return 384;
+ return 384;
}
/*
* ckcapi_mdMechanismRSA_GetMaxKeySize
*/
static CK_ULONG
-ckcapi_mdMechanismRSA_GetMaxKeySize
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdMechanismRSA_GetMaxKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return 16384;
+ return 16384;
}
/*
* ckcapi_mdMechanismRSA_DecryptInit
*/
-static NSSCKMDCryptoOperation *
-ckcapi_mdMechanismRSA_DecryptInit
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
-)
+static NSSCKMDCryptoOperation *
+ckcapi_mdMechanismRSA_DecryptInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
{
- return ckcapi_mdCryptoOperationRSAPriv_Create(
- &ckcapi_mdCryptoOperationRSADecrypt_proto,
- mdMechanism, mdKey, pError);
+ return ckcapi_mdCryptoOperationRSAPriv_Create(
+ &ckcapi_mdCryptoOperationRSADecrypt_proto,
+ mdMechanism, mdKey, pError);
}
/*
* ckcapi_mdMechanismRSA_SignInit
*/
-static NSSCKMDCryptoOperation *
-ckcapi_mdMechanismRSA_SignInit
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
-)
+static NSSCKMDCryptoOperation *
+ckcapi_mdMechanismRSA_SignInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
{
- return ckcapi_mdCryptoOperationRSAPriv_Create(
- &ckcapi_mdCryptoOperationRSASign_proto,
- mdMechanism, mdKey, pError);
+ return ckcapi_mdCryptoOperationRSAPriv_Create(
+ &ckcapi_mdCryptoOperationRSASign_proto,
+ mdMechanism, mdKey, pError);
}
-
NSS_IMPLEMENT_DATA const NSSCKMDMechanism
-nss_ckcapi_mdMechanismRSA = {
- (void *)NULL, /* etc */
- ckcapi_mdMechanismRSA_Destroy,
- ckcapi_mdMechanismRSA_GetMinKeySize,
- ckcapi_mdMechanismRSA_GetMaxKeySize,
- NULL, /* GetInHardware - default false */
- NULL, /* EncryptInit - default errs */
- ckcapi_mdMechanismRSA_DecryptInit,
- NULL, /* DigestInit - default errs*/
- ckcapi_mdMechanismRSA_SignInit,
- NULL, /* VerifyInit - default errs */
- ckcapi_mdMechanismRSA_SignInit, /* SignRecoverInit */
- NULL, /* VerifyRecoverInit - default errs */
- NULL, /* GenerateKey - default errs */
- NULL, /* GenerateKeyPair - default errs */
- NULL, /* GetWrapKeyLength - default errs */
- NULL, /* WrapKey - default errs */
- NULL, /* UnwrapKey - default errs */
- NULL, /* DeriveKey - default errs */
- (void *)NULL /* null terminator */
-};
+ nss_ckcapi_mdMechanismRSA = {
+ (void *)NULL, /* etc */
+ ckcapi_mdMechanismRSA_Destroy,
+ ckcapi_mdMechanismRSA_GetMinKeySize,
+ ckcapi_mdMechanismRSA_GetMaxKeySize,
+ NULL, /* GetInHardware - default false */
+ NULL, /* EncryptInit - default errs */
+ ckcapi_mdMechanismRSA_DecryptInit,
+ NULL, /* DigestInit - default errs*/
+ ckcapi_mdMechanismRSA_SignInit,
+ NULL, /* VerifyInit - default errs */
+ ckcapi_mdMechanismRSA_SignInit, /* SignRecoverInit */
+ NULL, /* VerifyRecoverInit - default errs */
+ NULL, /* GenerateKey - default errs */
+ NULL, /* GenerateKeyPair - default errs */
+ NULL, /* GetWrapKeyLength - default errs */
+ NULL, /* WrapKey - default errs */
+ NULL, /* UnwrapKey - default errs */
+ NULL, /* DeriveKey - default errs */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/capi/csession.c b/lib/ckfw/capi/csession.c
index 4c253541d..5b268ead1 100644
--- a/lib/ckfw/capi/csession.c
+++ b/lib/ckfw/capi/csession.c
@@ -7,87 +7,81 @@
/*
* ckcapi/csession.c
*
- * This file implements the NSSCKMDSession object for the
+ * This file implements the NSSCKMDSession object for the
* "nss to capi" cryptoki module.
*/
static NSSCKMDFindObjects *
-ckcapi_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+ckcapi_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- return nss_ckcapi_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+ return nss_ckcapi_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
}
static NSSCKMDObject *
-ckcapi_mdSession_CreateObject
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+ckcapi_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- return nss_ckcapi_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
+ return nss_ckcapi_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
}
NSS_IMPLEMENT NSSCKMDSession *
-nss_ckcapi_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nss_ckcapi_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
- NSSArena *arena;
- NSSCKMDSession *rv;
+ NSSArena *arena;
+ NSSCKMDSession *rv;
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- return (NSSCKMDSession *)NULL;
- }
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
- /*
- * rv was zeroed when allocated, so we only
- * need to set the non-zero members.
- */
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
- rv->etc = (void *)fwSession;
- /* rv->Close */
- /* rv->GetDeviceError */
- /* rv->Login */
- /* rv->Logout */
- /* rv->InitPIN */
- /* rv->SetPIN */
- /* rv->GetOperationStateLen */
- /* rv->GetOperationState */
- /* rv->SetOperationState */
- rv->CreateObject = ckcapi_mdSession_CreateObject;
- /* rv->CopyObject */
- rv->FindObjectsInit = ckcapi_mdSession_FindObjectsInit;
- /* rv->SeedRandom */
- /* rv->GetRandom */
- /* rv->null */
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ rv->CreateObject = ckcapi_mdSession_CreateObject;
+ /* rv->CopyObject */
+ rv->FindObjectsInit = ckcapi_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/capi/cslot.c b/lib/ckfw/capi/cslot.c
index 779161fc5..8a39b7888 100644
--- a/lib/ckfw/capi/cslot.c
+++ b/lib/ckfw/capi/cslot.c
@@ -12,80 +12,70 @@
*/
static NSSUTF8 *
-ckcapi_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_SlotDescription;
+ return (NSSUTF8 *)nss_ckcapi_SlotDescription;
}
static NSSUTF8 *
-ckcapi_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
}
static CK_VERSION
-ckcapi_mdSlot_GetHardwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_HardwareVersion;
+ return nss_ckcapi_HardwareVersion;
}
static CK_VERSION
-ckcapi_mdSlot_GetFirmwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_FirmwareVersion;
+ return nss_ckcapi_FirmwareVersion;
}
static NSSCKMDToken *
-ckcapi_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSCKMDToken *)&nss_ckcapi_mdToken;
+ return (NSSCKMDToken *)&nss_ckcapi_mdToken;
}
NSS_IMPLEMENT_DATA const NSSCKMDSlot
-nss_ckcapi_mdSlot = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Destroy */
- ckcapi_mdSlot_GetSlotDescription,
- ckcapi_mdSlot_GetManufacturerID,
- NULL, /* GetTokenPresent -- defaults to true */
- NULL, /* GetRemovableDevice -- defaults to false */
- NULL, /* GetHardwareSlot -- defaults to false */
- ckcapi_mdSlot_GetHardwareVersion,
- ckcapi_mdSlot_GetFirmwareVersion,
- ckcapi_mdSlot_GetToken,
- (void *)NULL /* null terminator */
-};
+ nss_ckcapi_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ ckcapi_mdSlot_GetSlotDescription,
+ ckcapi_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ ckcapi_mdSlot_GetHardwareVersion,
+ ckcapi_mdSlot_GetFirmwareVersion,
+ ckcapi_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/capi/ctoken.c b/lib/ckfw/capi/ctoken.c
index 7f0e633ea..cc95c17b6 100644
--- a/lib/ckfw/capi/ctoken.c
+++ b/lib/ckfw/capi/ctoken.c
@@ -12,197 +12,173 @@
*/
static NSSUTF8 *
-ckcapi_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_TokenLabel;
+ return (NSSUTF8 *)nss_ckcapi_TokenLabel;
}
static NSSUTF8 *
-ckcapi_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
}
static NSSUTF8 *
-ckcapi_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_TokenModel;
+ return (NSSUTF8 *)nss_ckcapi_TokenModel;
}
static NSSUTF8 *
-ckcapi_mdToken_GetSerialNumber
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckcapi_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckcapi_TokenSerialNumber;
+ return (NSSUTF8 *)nss_ckcapi_TokenSerialNumber;
}
static CK_BBOOL
-ckcapi_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_FALSE;
+ return CK_FALSE;
}
/* fake out Mozilla so we don't try to initialize the token */
static CK_BBOOL
-ckcapi_mdToken_GetUserPinInitialized
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdToken_GetUserPinInitialized(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_VERSION
-ckcapi_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_HardwareVersion;
+ return nss_ckcapi_HardwareVersion;
}
static CK_VERSION
-ckcapi_mdToken_GetFirmwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckcapi_FirmwareVersion;
+ return nss_ckcapi_FirmwareVersion;
}
static NSSCKMDSession *
-ckcapi_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
+ckcapi_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
{
- return nss_ckcapi_CreateSession(fwSession, pError);
+ return nss_ckcapi_CreateSession(fwSession, pError);
}
static CK_ULONG
-ckcapi_mdToken_GetMechanismCount
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckcapi_mdToken_GetMechanismCount(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return (CK_ULONG)1;
+ return (CK_ULONG)1;
}
static CK_RV
-ckcapi_mdToken_GetMechanismTypes
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE types[]
-)
+ckcapi_mdToken_GetMechanismTypes(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[])
{
- types[0] = CKM_RSA_PKCS;
- return CKR_OK;
+ types[0] = CKM_RSA_PKCS;
+ return CKR_OK;
}
static NSSCKMDMechanism *
-ckcapi_mdToken_GetMechanism
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-)
+ckcapi_mdToken_GetMechanism(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
{
- if (which != CKM_RSA_PKCS) {
- *pError = CKR_MECHANISM_INVALID;
- return (NSSCKMDMechanism *)NULL;
- }
- return (NSSCKMDMechanism *)&nss_ckcapi_mdMechanismRSA;
+ if (which != CKM_RSA_PKCS) {
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKMDMechanism *)NULL;
+ }
+ return (NSSCKMDMechanism *)&nss_ckcapi_mdMechanismRSA;
}
NSS_IMPLEMENT_DATA const NSSCKMDToken
-nss_ckcapi_mdToken = {
- (void *)NULL, /* etc */
- NULL, /* Setup */
- NULL, /* Invalidate */
- NULL, /* InitToken -- default errs */
- ckcapi_mdToken_GetLabel,
- ckcapi_mdToken_GetManufacturerID,
- ckcapi_mdToken_GetModel,
- ckcapi_mdToken_GetSerialNumber,
- NULL, /* GetHasRNG -- default is false */
- ckcapi_mdToken_GetIsWriteProtected,
- NULL, /* GetLoginRequired -- default is false */
- ckcapi_mdToken_GetUserPinInitialized,
- NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
- NULL, /* GetHasClockOnToken -- default is false */
- NULL, /* GetHasProtectedAuthenticationPath -- default is false */
- NULL, /* GetSupportsDualCryptoOperations -- default is false */
- NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxPinLen -- irrelevant */
- NULL, /* GetMinPinLen -- irrelevant */
- NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- ckcapi_mdToken_GetHardwareVersion,
- ckcapi_mdToken_GetFirmwareVersion,
- NULL, /* GetUTCTime -- no clock */
- ckcapi_mdToken_OpenSession,
- ckcapi_mdToken_GetMechanismCount,
- ckcapi_mdToken_GetMechanismTypes,
- ckcapi_mdToken_GetMechanism,
- (void *)NULL /* null terminator */
-};
+ nss_ckcapi_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ ckcapi_mdToken_GetLabel,
+ ckcapi_mdToken_GetManufacturerID,
+ ckcapi_mdToken_GetModel,
+ ckcapi_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ ckcapi_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ ckcapi_mdToken_GetUserPinInitialized,
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ ckcapi_mdToken_GetHardwareVersion,
+ ckcapi_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ ckcapi_mdToken_OpenSession,
+ ckcapi_mdToken_GetMechanismCount,
+ ckcapi_mdToken_GetMechanismTypes,
+ ckcapi_mdToken_GetMechanism,
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/capi/nsscapi.h b/lib/ckfw/capi/nsscapi.h
index d98312031..78bf38b28 100644
--- a/lib/ckfw/capi/nsscapi.h
+++ b/lib/ckfw/capi/nsscapi.h
@@ -18,7 +18,7 @@
#define NSS_CKCAPI_CRYPTOKI_VERSION_MAJOR 2
#define NSS_CKCAPI_CRYPTOKI_VERSION_MINOR 20
-/* These version numbers detail the changes
+/* These version numbers detail the changes
* to the list of trusted certificates.
*
* NSS_CKCAPI_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
@@ -33,7 +33,7 @@
#define NSS_CKCAPI_HARDWARE_VERSION_MAJOR 1
#define NSS_CKCAPI_HARDWARE_VERSION_MINOR 0
-/* These version numbers detail the semantic changes to ckbi itself
+/* These version numbers detail the semantic changes to ckbi itself
* (new PKCS #11 objects), etc. */
#define NSS_CKCAPI_FIRMWARE_VERSION_MAJOR 1
#define NSS_CKCAPI_FIRMWARE_VERSION_MINOR 0
diff --git a/lib/ckfw/capi/staticobj.c b/lib/ckfw/capi/staticobj.c
index c14c8121b..2d67a34b3 100644
--- a/lib/ckfw/capi/staticobj.c
+++ b/lib/ckfw/capi/staticobj.c
@@ -17,22 +17,23 @@ static const CK_BBOOL ck_false = CK_FALSE;
static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
/* example of a static object */
-static const CK_ATTRIBUTE_TYPE nss_ckcapi_types_1 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
+static const CK_ATTRIBUTE_TYPE nss_ckcapi_types_1[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
};
-static const NSSItem nss_ckcapi_items_1 [] = {
- { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Mozilla CAPI Access", (PRUint32)20 }
+static const NSSItem nss_ckcapi_items_1[] = {
+ { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Mozilla CAPI Access", (PRUint32)20 }
};
ckcapiInternalObject nss_ckcapi_data[] = {
- { ckcapiRaw,
- { 5, nss_ckcapi_types_1, nss_ckcapi_items_1} ,
- },
+ {
+ ckcapiRaw,
+ { 5, nss_ckcapi_types_1, nss_ckcapi_items_1 },
+ },
};
diff --git a/lib/ckfw/ckfw.h b/lib/ckfw/ckfw.h
index e5d2e1bff..d4a2ead99 100644
--- a/lib/ckfw/ckfw.h
+++ b/lib/ckfw/ckfw.h
@@ -40,7 +40,7 @@
* nssCKFWInstance_MayCreatePthreads
* nssCKFWInstance_CreateMutex
* nssCKFWInstance_GetConfigurationData
- * nssCKFWInstance_GetInitArgs
+ * nssCKFWInstance_GetInitArgs
*
* -- private accessors --
* nssCKFWInstance_CreateSessionHandle
@@ -72,295 +72,240 @@
*
*/
NSS_EXTERN NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- CryptokiLockingState LockingState,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-);
+nssCKFWInstance_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSCKMDInstance *mdInstance,
+ CK_RV *pError);
/*
* nssCKFWInstance_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_Destroy(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetMDInstance
*
*/
NSS_EXTERN NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetArena
*
*/
NSS_EXTERN NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nssCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* nssCKFWInstance_MayCreatePthreads
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_CreateMutex
*
*/
NSS_EXTERN NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
+nssCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
/*
* nssCKFWInstance_GetConfigurationData
*
*/
NSS_EXTERN NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetInitArgs
*
*/
NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
-nssCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_CreateSessionHandle
*
*/
NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nssCKFWInstance_CreateSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
/*
* nssCKFWInstance_ResolveSessionHandle
*
*/
NSS_EXTERN NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+nssCKFWInstance_ResolveSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* nssCKFWInstance_DestroySessionHandle
*
*/
NSS_EXTERN void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+nssCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* nssCKFWInstance_FindSessionHandle
*
*/
NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-);
+nssCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession);
/*
* nssCKFWInstance_CreateObjectHandle
*
*/
NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+nssCKFWInstance_CreateObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* nssCKFWInstance_ResolveObjectHandle
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
+nssCKFWInstance_ResolveObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject);
/*
* nssCKFWInstance_ReassignObjectHandle
*
*/
NSS_EXTERN CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-);
+nssCKFWInstance_ReassignObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWInstance_DestroyObjectHandle
*
*/
NSS_EXTERN void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
+nssCKFWInstance_DestroyObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject);
/*
* nssCKFWInstance_FindObjectHandle
*
*/
NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-);
+nssCKFWInstance_FindObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWInstance_GetNSlots
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nssCKFWInstance_GetNSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* nssCKFWInstance_GetCryptokiVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetCryptokiVersion(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetManufacturerID
*
*/
NSS_EXTERN CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-);
+nssCKFWInstance_GetManufacturerID(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR manufacturerID[32]);
/*
* nssCKFWInstance_GetFlags
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetFlags(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetLibraryDescription
*
*/
NSS_EXTERN CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-);
+nssCKFWInstance_GetLibraryDescription(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR libraryDescription[32]);
/*
* nssCKFWInstance_GetLibraryVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetLibraryVersion(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetModuleHandlesSessionObjects
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-);
+nssCKFWInstance_GetModuleHandlesSessionObjects(
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWInstance_GetSlots
*
*/
NSS_EXTERN NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nssCKFWInstance_GetSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* nssCKFWInstance_WaitForSlotEvent
*
*/
NSS_EXTERN NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-);
+nssCKFWInstance_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError);
/*
* nssCKFWInstance_verifyPointer
*
*/
NSS_EXTERN CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-);
-
+nssCKFWInstance_verifyPointer(
+ const NSSCKFWInstance *fwInstance);
/*
* NSSCKFWSlot
@@ -393,33 +338,27 @@ nssCKFWInstance_verifyPointer
*
*/
NSS_EXTERN NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-);
+nssCKFWSlot_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *mdSlot,
+ CK_SLOT_ID slotID,
+ CK_RV *pError);
/*
* nssCKFWSlot_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_Destroy(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetMDSlot
*
*/
NSS_EXTERN NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetFWInstance
@@ -427,10 +366,8 @@ nssCKFWSlot_GetMDSlot
*/
NSS_EXTERN NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetMDInstance
@@ -438,113 +375,91 @@ nssCKFWSlot_GetFWInstance
*/
NSS_EXTERN NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetSlotID
*
*/
NSS_EXTERN CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetSlotDescription
*
*/
NSS_EXTERN CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-);
+nssCKFWSlot_GetSlotDescription(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR slotDescription[64]);
/*
* nssCKFWSlot_GetManufacturerID
*
*/
NSS_EXTERN CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-);
+nssCKFWSlot_GetManufacturerID(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR manufacturerID[32]);
/*
* nssCKFWSlot_GetTokenPresent
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetTokenPresent(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetRemovableDevice
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetRemovableDevice(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetHardwareSlot
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetHardwareSlot(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetHardwareVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetHardwareVersion(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetFirmwareVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_GetFirmwareVersion(
+ NSSCKFWSlot *fwSlot);
/*
* nssCKFWSlot_GetToken
- *
+ *
*/
NSS_EXTERN NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-);
+nssCKFWSlot_GetToken(
+ NSSCKFWSlot *fwSlot,
+ CK_RV *pError);
/*
* nssCKFWSlot_ClearToken
*
*/
NSS_EXTERN void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-);
+nssCKFWSlot_ClearToken(
+ NSSCKFWSlot *fwSlot);
/*
* NSSCKFWToken
@@ -606,459 +521,371 @@ nssCKFWSlot_ClearToken
*
*/
NSS_EXTERN NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-);
+nssCKFWToken_Create(
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDToken *mdToken,
+ CK_RV *pError);
/*
* nssCKFWToken_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_Destroy(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMDToken
*
*/
NSS_EXTERN NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetArena
*
*/
NSS_EXTERN NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
+nssCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError);
/*
* nssCKFWToken_GetFWSlot
*
*/
NSS_EXTERN NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMDSlot
*
*/
NSS_EXTERN NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetSessionState
*
*/
NSS_EXTERN CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_InitToken
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-);
+nssCKFWToken_InitToken(
+ NSSCKFWToken *fwToken,
+ NSSItem *pin,
+ NSSUTF8 *label);
/*
* nssCKFWToken_GetLabel
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-);
+nssCKFWToken_GetLabel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR label[32]);
/*
* nssCKFWToken_GetManufacturerID
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-);
+nssCKFWToken_GetManufacturerID(
+ NSSCKFWToken *fwToken,
+ CK_CHAR manufacturerID[32]);
/*
* nssCKFWToken_GetModel
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-);
+nssCKFWToken_GetModel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR model[16]);
/*
* nssCKFWToken_GetSerialNumber
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-);
+nssCKFWToken_GetSerialNumber(
+ NSSCKFWToken *fwToken,
+ CK_CHAR serialNumber[16]);
/*
* nssCKFWToken_GetHasRNG
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetHasRNG(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetIsWriteProtected
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetIsWriteProtected(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetLoginRequired
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetLoginRequired(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetUserPinInitialized
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetUserPinInitialized(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetRestoreKeyNotNeeded
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetRestoreKeyNotNeeded(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetHasClockOnToken
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetHasClockOnToken(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetHasProtectedAuthenticationPath
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetHasProtectedAuthenticationPath(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetSupportsDualCryptoOperations
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetSupportsDualCryptoOperations(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMaxSessionCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMaxSessionCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMaxRwSessionCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMaxRwSessionCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMaxPinLen
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMaxPinLen(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMinPinLen
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMinPinLen(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetTotalPublicMemory
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetTotalPublicMemory(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetFreePublicMemory
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetFreePublicMemory(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetTotalPrivateMemory
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetTotalPrivateMemory(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetFreePrivateMemory
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetFreePrivateMemory(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetHardwareVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetHardwareVersion(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetFirmwareVersion
*
*/
NSS_EXTERN CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetFirmwareVersion(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetUTCTime
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-);
+nssCKFWToken_GetUTCTime(
+ NSSCKFWToken *fwToken,
+ CK_CHAR utcTime[16]);
/*
* nssCKFWToken_OpenSession
*
*/
NSS_EXTERN NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
+nssCKFWToken_OpenSession(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError);
/*
* nssCKFWToken_GetMechanismCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMechanismCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMechanismTypes
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-);
+nssCKFWToken_GetMechanismTypes(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE types[]);
/*
* nssCKFWToken_GetMechanism
*
*/
NSS_EXTERN NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-);
+nssCKFWToken_GetMechanism(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError);
/*
* nssCKFWToken_SetSessionState
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-);
+nssCKFWToken_SetSessionState(
+ NSSCKFWToken *fwToken,
+ CK_STATE newState);
/*
* nssCKFWToken_RemoveSession
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-);
+nssCKFWToken_RemoveSession(
+ NSSCKFWToken *fwToken,
+ NSSCKFWSession *fwSession);
/*
* nssCKFWToken_CloseAllSessions
*
*/
NSS_EXTERN CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_CloseAllSessions(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetSessionCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetSessionCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetRwSessionCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetRwSessionCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetRoSessionCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetRoSessionCount(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetSessionObjectHash
*
*/
NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetSessionObjectHash(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetMDObjectHash
*
*/
NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetMDObjectHash(
+ NSSCKFWToken *fwToken);
/*
* nssCKFWToken_GetObjectHandleHash
*
*/
NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-);
+nssCKFWToken_GetObjectHandleHash(
+ NSSCKFWToken *fwToken);
/*
* NSSCKFWMechanism
@@ -1107,24 +934,20 @@ nssCKFWToken_GetObjectHandleHash
*
*/
NSS_EXTERN NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
+nssCKFWMechanism_Create(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
/*
* nssCKFWMechanism_Destroy
*
*/
NSS_EXTERN void
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-);
+nssCKFWMechanism_Destroy(
+ NSSCKFWMechanism *fwMechanism);
/*
* nssCKFWMechanism_GetMDMechanism
@@ -1132,43 +955,35 @@ nssCKFWMechanism_Destroy
*/
NSS_EXTERN NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
+nssCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism);
/*
* nssCKFWMechanism_GetMinKeySize
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetMinKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetMaxKeySize
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetMaxKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetInHardware
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetInHardware(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* the following are determined automatically by which of the cryptographic
@@ -1179,305 +994,255 @@ nssCKFWMechanism_GetInHardware
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanEncrypt
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanEncrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanDecrypt
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDecrypt
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanDecrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanDigest
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDigest
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanDigest(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanSign
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanSign
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanSign(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanSignRecover
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanSignRecover
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanSignRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanVerify
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanVerify
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanVerify(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanVerifyRecover
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanVerifyRecover
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanVerifyRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanGenerate
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanGenerate
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanGenerate(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanGenerateKeyPair
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanGenerateKeyPair
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanGenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanWrap
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanWrap
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanWrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanUnwrap
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanUnwrap
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanUnwrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GetCanDerive
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDerive
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-);
+nssCKFWMechanism_GetCanDerive(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
/*
* nssCKFWMechanism_EncryptInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_EncryptInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_EncryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_DecryptInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_DecryptInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_DecryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_DigestInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_DigestInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession
-);
+nssCKFWMechanism_DigestInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession);
/*
* nssCKFWMechanism_SignInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_SignInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_SignInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_SignRecoverInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_SignRecoverInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_SignRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_VerifyInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_VerifyInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_VerifyInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_VerifyRecoverInit
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_VerifyRecoverInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWMechanism_VerifyRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWMechanism_GenerateKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_GenerateKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nssCKFWMechanism_GenerateKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* nssCKFWMechanism_GenerateKeyPair
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_GenerateKeyPair
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- NSSCKFWObject **fwPublicKeyObject,
- NSSCKFWObject **fwPrivateKeyObject
-);
+nssCKFWMechanism_GenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKFWObject **fwPublicKeyObject,
+ NSSCKFWObject **fwPrivateKeyObject);
/*
* nssCKFWMechanism_GetWrapKeyLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetWrapKeyLength
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+nssCKFWMechanism_GetWrapKeyLength(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* nssCKFWMechanism_WrapKey
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_WrapKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSCKFWObject *fwObject,
- NSSItem *wrappedKey
-);
+nssCKFWMechanism_WrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwObject,
+ NSSItem *wrappedKey);
/*
* nssCKFWMechanism_UnwrapKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_UnwrapKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSItem *wrappedKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
+nssCKFWMechanism_UnwrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
* nssCKFWMechanism_DeriveKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_DeriveKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwBaseKeyObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nssCKFWMechanism_DeriveKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwBaseKeyObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* NSSCKFWCryptoOperation
@@ -1506,130 +1271,106 @@ nssCKFWMechanism_DeriveKey
* nssCKFWCrytoOperation_Create
*/
NSS_EXTERN NSSCKFWCryptoOperation *
-nssCKFWCryptoOperation_Create
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWCryptoOperationType type,
- CK_RV *pError
-);
+nssCKFWCryptoOperation_Create(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWCryptoOperationType type,
+ CK_RV *pError);
/*
* nssCKFWCryptoOperation_Destroy
*/
NSS_EXTERN void
-nssCKFWCryptoOperation_Destroy
-(
- NSSCKFWCryptoOperation *fwOperation
-);
+nssCKFWCryptoOperation_Destroy(
+ NSSCKFWCryptoOperation *fwOperation);
/*
* nssCKFWCryptoOperation_GetMDCryptoOperation
*/
NSS_EXTERN NSSCKMDCryptoOperation *
-nssCKFWCryptoOperation_GetMDCryptoOperation
-(
- NSSCKFWCryptoOperation *fwOperation
-);
+nssCKFWCryptoOperation_GetMDCryptoOperation(
+ NSSCKFWCryptoOperation *fwOperation);
/*
* nssCKFWCryptoOperation_GetType
*/
NSS_EXTERN NSSCKFWCryptoOperationType
-nssCKFWCryptoOperation_GetType
-(
- NSSCKFWCryptoOperation *fwOperation
-);
+nssCKFWCryptoOperation_GetType(
+ NSSCKFWCryptoOperation *fwOperation);
/*
* nssCKFWCryptoOperation_GetFinalLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWCryptoOperation_GetFinalLength
-(
- NSSCKFWCryptoOperation *fwOperation,
- CK_RV *pError
-);
+nssCKFWCryptoOperation_GetFinalLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ CK_RV *pError);
/*
* nssCKFWCryptoOperation_GetOperationLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWCryptoOperation_GetOperationLength
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- CK_RV *pError
-);
+nssCKFWCryptoOperation_GetOperationLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ CK_RV *pError);
/*
* nssCKFWCryptoOperation_Final
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_Final
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *outputBuffer
-);
+nssCKFWCryptoOperation_Final(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *outputBuffer);
/*
* nssCKFWCryptoOperation_Update
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_Update
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-);
+nssCKFWCryptoOperation_Update(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
/*
* nssCKFWCryptoOperation_DigestUpdate
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_DigestUpdate
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer
-);
+nssCKFWCryptoOperation_DigestUpdate(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer);
/*
* nssCKFWCryptoOperation_DigestKey
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_DigestKey
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKFWObject *fwKey
-);
+nssCKFWCryptoOperation_DigestKey(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWObject *fwKey);
/*
* nssCKFWCryptoOperation_UpdateFinal
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_UpdateFinal
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-);
+nssCKFWCryptoOperation_UpdateFinal(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
/*
* nssCKFWCryptoOperation_UpdateCombo
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_UpdateCombo
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKFWCryptoOperation *fwPeerOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-);
+nssCKFWCryptoOperation_UpdateCombo(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperation *fwPeerOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
/*
* NSSCKFWSession
@@ -1685,434 +1426,360 @@ nssCKFWCryptoOperation_UpdateCombo
*
*/
NSS_EXTERN NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
+nssCKFWSession_Create(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError);
/*
* nssCKFWSession_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-);
+nssCKFWSession_Destroy(
+ NSSCKFWSession *fwSession,
+ CK_BBOOL removeFromTokenHash);
/*
* nssCKFWSession_GetMDSession
*
*/
NSS_EXTERN NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_GetArena
*
*/
NSS_EXTERN NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nssCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
/*
* nssCKFWSession_CallNotification
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
+nssCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event);
/*
* nssCKFWSession_IsRWSession
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_IsSO
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_IsSO(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_GetFWSlot
*
*/
NSS_EXTERN NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession);
/*
* nssCFKWSession_GetSessionState
*
*/
NSS_EXTERN CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_GetSessionState(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_SetFWFindObjects
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-);
+nssCKFWSession_SetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ NSSCKFWFindObjects *fwFindObjects);
/*
* nssCKFWSession_GetFWFindObjects
*
*/
NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSesssion,
- CK_RV *pError
-);
+nssCKFWSession_GetFWFindObjects(
+ NSSCKFWSession *fwSesssion,
+ CK_RV *pError);
/*
* nssCKFWSession_SetMDSession
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-);
+nssCKFWSession_SetMDSession(
+ NSSCKFWSession *fwSession,
+ NSSCKMDSession *mdSession);
/*
* nssCKFWSession_SetHandle
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-);
+nssCKFWSession_SetHandle(
+ NSSCKFWSession *fwSession,
+ CK_SESSION_HANDLE hSession);
/*
* nssCKFWSession_GetHandle
*
*/
NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_GetHandle(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_RegisterSessionObject
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWSession_RegisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWSession_DeregisterSessionObject
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
+nssCKFWSession_DeregisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
/*
* nssCKFWSession_GetDeviceError
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_GetDeviceError(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_Login
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-);
+nssCKFWSession_Login(
+ NSSCKFWSession *fwSession,
+ CK_USER_TYPE userType,
+ NSSItem *pin);
/*
* nssCKFWSession_Logout
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-);
+nssCKFWSession_Logout(
+ NSSCKFWSession *fwSession);
/*
* nssCKFWSession_InitPIN
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-);
+nssCKFWSession_InitPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *pin);
/*
* nssCKFWSession_SetPIN
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin
-);
+nssCKFWSession_SetPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *newPin,
+ NSSItem *oldPin);
/*
* nssCKFWSession_GetOperationStateLen
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nssCKFWSession_GetOperationStateLen(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
/*
* nssCKFWSession_GetOperationState
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
+nssCKFWSession_GetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer);
/*
* nssCKFWSession_SetOperationState
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-);
+nssCKFWSession_SetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *state,
+ NSSCKFWObject *encryptionKey,
+ NSSCKFWObject *authenticationKey);
/*
* nssCKFWSession_CreateObject
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nssCKFWSession_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* nssCKFWSession_CopyObject
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *object,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nssCKFWSession_CopyObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *object,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* nssCKFWSession_FindObjectsInit
*
*/
NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nssCKFWSession_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* nssCKFWSession_SetCurrentCryptoOperation
*/
NSS_IMPLEMENT void
-nssCKFWSession_SetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperation * fwOperation,
- NSSCKFWCryptoOperationState state
-);
+nssCKFWSession_SetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperationState state);
/*
* nssCKFWSession_GetCurrentCryptoOperation
*/
NSS_IMPLEMENT NSSCKFWCryptoOperation *
-nssCKFWSession_GetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationState state
-);
+nssCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state);
/*
* nssCKFWSession_Final
* (terminate a cryptographic operation and get the result)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Final
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-);
+nssCKFWSession_Final(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
/*
* nssCKFWSession_Update
* (get the next step of an encrypt/decrypt operation)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Update
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-);
+nssCKFWSession_Update(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
/*
* nssCKFWSession_DigestUpdate
* (do the next step of an digest/sign/verify operation)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_DigestUpdate
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen
-);
+nssCKFWSession_DigestUpdate(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen);
/*
* nssCKFWSession_DigestKey
* (do the next step of an digest/sign/verify operation)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_DigestKey
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwKey
-);
+nssCKFWSession_DigestKey(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwKey);
/*
* nssCKFWSession_UpdateFinal
* (do a single-step of a cryptographic operation and get the result)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_UpdateFinal
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-);
+nssCKFWSession_UpdateFinal(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
/*
* nssCKFWSession_UpdateCombo
* (do a combination encrypt/decrypt and sign/digest/verify operation)
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_UpdateCombo
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType encryptType,
- NSSCKFWCryptoOperationType digestType,
- NSSCKFWCryptoOperationState digestState,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-);
+nssCKFWSession_UpdateCombo(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType encryptType,
+ NSSCKFWCryptoOperationType digestType,
+ NSSCKFWCryptoOperationState digestState,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
/*
* nssCKFWSession_SeedRandom
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-);
+nssCKFWSession_SeedRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *seed);
/*
* nssCKFWSession_GetRandom
*
*/
NSS_EXTERN CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
+nssCKFWSession_GetRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer);
/*
* NSSCKFWObject
@@ -2145,123 +1812,101 @@ nssCKFWSession_GetRandom
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nssCKFWObject_Create(
+ NSSArena *arena,
+ NSSCKMDObject *mdObject,
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* nssCKFWObject_Finalize
*
*/
NSS_EXTERN void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject,
- PRBool removeFromHash
-);
+nssCKFWObject_Finalize(
+ NSSCKFWObject *fwObject,
+ PRBool removeFromHash);
/*
* nssCKFWObject_Destroy
*
*/
NSS_EXTERN void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-);
+nssCKFWObject_Destroy(
+ NSSCKFWObject *fwObject);
/*
* nssCKFWObject_GetMDObject
*
*/
NSS_EXTERN NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
+nssCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject);
/*
* nssCKFWObject_GetArena
*
*/
NSS_EXTERN NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+nssCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* nssCKFWObject_SetHandle
*
*/
NSS_EXTERN CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-);
+nssCKFWObject_SetHandle(
+ NSSCKFWObject *fwObject,
+ CK_OBJECT_HANDLE hObject);
/*
* nssCKFWObject_GetHandle
*
*/
NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-);
+nssCKFWObject_GetHandle(
+ NSSCKFWObject *fwObject);
/*
* nssCKFWObject_IsTokenObject
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
+nssCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject);
/*
* nssCKFWObject_GetAttributeCount
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+nssCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* nssCKFWObject_GetAttributeTypes
*
*/
NSS_EXTERN CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
+nssCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
/*
* nssCKFWObject_GetAttributeSize
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
+nssCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
/*
* nssCKFWObject_GetAttribute
@@ -2274,38 +1919,32 @@ nssCKFWObject_GetAttributeSize
* specified.
*/
NSS_EXTERN NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
+nssCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
/*
* nssCKFWObject_SetAttribute
*
*/
NSS_EXTERN CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
+nssCKFWObject_SetAttribute(
+ NSSCKFWObject *fwObject,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
/*
* nssCKFWObject_GetObjectSize
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+nssCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* NSSCKFWFindObjects
@@ -2328,47 +1967,39 @@ nssCKFWObject_GetObjectSize
*
*/
NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-);
+nssCKFWFindObjects_Create(
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDFindObjects *mdFindObjects1,
+ NSSCKMDFindObjects *mdFindObjects2,
+ CK_RV *pError);
/*
* nssCKFWFindObjects_Destroy
*
*/
NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-);
+nssCKFWFindObjects_Destroy(
+ NSSCKFWFindObjects *fwFindObjects);
/*
* nssCKFWFindObjects_GetMDFindObjects
*
*/
NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-);
+nssCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects);
/*
* nssCKFWFindObjects_Next
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
+nssCKFWFindObjects_Next(
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
/*
* NSSCKFWMutex
@@ -2385,42 +2016,34 @@ nssCKFWFindObjects_Next
*
*/
NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- CryptokiLockingState LockingState,
- NSSArena *arena,
- CK_RV *pError
-);
+nssCKFWMutex_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSArena *arena,
+ CK_RV *pError);
/*
* nssCKFWMutex_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
+nssCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex);
/*
* nssCKFWMutex_Lock
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
+nssCKFWMutex_Lock(
+ NSSCKFWMutex *mutex);
/*
* nssCKFWMutex_Unlock
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
+nssCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex);
#endif /* CKFW_H */
diff --git a/lib/ckfw/ckfwm.h b/lib/ckfw/ckfwm.h
index ed0aec313..7b14d209e 100644
--- a/lib/ckfw/ckfwm.h
+++ b/lib/ckfw/ckfwm.h
@@ -41,88 +41,72 @@
*
*/
NSS_EXTERN nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
+nssCKFWHash_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
/*
* nssCKFWHash_Destroy
*
*/
NSS_EXTERN void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-);
+nssCKFWHash_Destroy(
+ nssCKFWHash *hash);
/*
* nssCKFWHash_Add
*
*/
NSS_EXTERN CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-);
+nssCKFWHash_Add(
+ nssCKFWHash *hash,
+ const void *key,
+ const void *value);
/*
* nssCKFWHash_Remove
*
*/
NSS_EXTERN void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-);
+nssCKFWHash_Remove(
+ nssCKFWHash *hash,
+ const void *it);
/*
* nssCKFWHash_Count
*
*/
NSS_EXTERN CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-);
+nssCKFWHash_Count(
+ nssCKFWHash *hash);
/*
* nssCKFWHash_Exists
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-);
+nssCKFWHash_Exists(
+ nssCKFWHash *hash,
+ const void *it);
/*
* nssCKFWHash_Lookup
*
*/
NSS_EXTERN void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-);
+nssCKFWHash_Lookup(
+ nssCKFWHash *hash,
+ const void *it);
/*
* nssCKFWHash_Iterate
*
*/
NSS_EXTERN void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-);
+nssCKFWHash_Iterate(
+ nssCKFWHash *hash,
+ nssCKFWHashIterator fcn,
+ void *closure);
#endif /* CKFWM_H */
diff --git a/lib/ckfw/ckfwtm.h b/lib/ckfw/ckfwtm.h
index ac8f55080..670298463 100644
--- a/lib/ckfw/ckfwtm.h
+++ b/lib/ckfw/ckfwtm.h
@@ -18,6 +18,6 @@
struct nssCKFWHashStr;
typedef struct nssCKFWHashStr nssCKFWHash;
-typedef void (PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
+typedef void(PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
#endif /* CKFWTM_H */
diff --git a/lib/ckfw/ckmd.h b/lib/ckfw/ckmd.h
index 0a6dc9070..820cf9021 100644
--- a/lib/ckfw/ckmd.h
+++ b/lib/ckfw/ckmd.h
@@ -11,22 +11,18 @@
*/
NSS_EXTERN NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-);
+nssCKMDSessionObject_Create(
+ NSSCKFWToken *fwToken,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR attributes,
+ CK_ULONG ulCount,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-);
+nssCKMDFindSessionObjects_Create(
+ NSSCKFWToken *fwToken,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_RV *pError);
#endif /* CKMD_H */
diff --git a/lib/ckfw/crypto.c b/lib/ckfw/crypto.c
index d97cf6c3a..66afb773a 100644
--- a/lib/ckfw/crypto.c
+++ b/lib/ckfw/crypto.c
@@ -35,15 +35,15 @@
*/
struct NSSCKFWCryptoOperationStr {
- /* NSSArena *arena; */
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKFWSession *fwSession;
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
- NSSCKMDInstance *mdInstance;
- NSSCKFWInstance *fwInstance;
- NSSCKFWCryptoOperationType type;
+ /* NSSArena *arena; */
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKFWSession *fwSession;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
+ NSSCKFWCryptoOperationType type;
};
/*
@@ -51,290 +51,268 @@ struct NSSCKFWCryptoOperationStr {
*/
NSS_EXTERN NSSCKFWCryptoOperation *
nssCKFWCryptoOperation_Create(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWCryptoOperationType type,
- CK_RV *pError
-)
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWCryptoOperationType type,
+ CK_RV *pError)
{
- NSSCKFWCryptoOperation *fwOperation;
- fwOperation = nss_ZNEW(NULL, NSSCKFWCryptoOperation);
- if (!fwOperation) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWCryptoOperation *)NULL;
- }
- fwOperation->mdOperation = mdOperation;
- fwOperation->mdSession = mdSession;
- fwOperation->fwSession = fwSession;
- fwOperation->mdToken = mdToken;
- fwOperation->fwToken = fwToken;
- fwOperation->mdInstance = mdInstance;
- fwOperation->fwInstance = fwInstance;
- fwOperation->type = type;
- return fwOperation;
+ NSSCKFWCryptoOperation *fwOperation;
+ fwOperation = nss_ZNEW(NULL, NSSCKFWCryptoOperation);
+ if (!fwOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+ fwOperation->mdOperation = mdOperation;
+ fwOperation->mdSession = mdSession;
+ fwOperation->fwSession = fwSession;
+ fwOperation->mdToken = mdToken;
+ fwOperation->fwToken = fwToken;
+ fwOperation->mdInstance = mdInstance;
+ fwOperation->fwInstance = fwInstance;
+ fwOperation->type = type;
+ return fwOperation;
}
/*
* nssCKFWCryptoOperation_Destroy
*/
NSS_EXTERN void
-nssCKFWCryptoOperation_Destroy
-(
- NSSCKFWCryptoOperation *fwOperation
-)
+nssCKFWCryptoOperation_Destroy(
+ NSSCKFWCryptoOperation *fwOperation)
{
- if ((NSSCKMDCryptoOperation *) NULL != fwOperation->mdOperation) {
- if (fwOperation->mdOperation->Destroy) {
- fwOperation->mdOperation->Destroy(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdInstance,
- fwOperation->fwInstance);
+ if ((NSSCKMDCryptoOperation *)NULL != fwOperation->mdOperation) {
+ if (fwOperation->mdOperation->Destroy) {
+ fwOperation->mdOperation->Destroy(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance);
+ }
}
- }
- nss_ZFreeIf(fwOperation);
+ nss_ZFreeIf(fwOperation);
}
/*
* nssCKFWCryptoOperation_GetMDCryptoOperation
*/
NSS_EXTERN NSSCKMDCryptoOperation *
-nssCKFWCryptoOperation_GetMDCryptoOperation
-(
- NSSCKFWCryptoOperation *fwOperation
-)
+nssCKFWCryptoOperation_GetMDCryptoOperation(
+ NSSCKFWCryptoOperation *fwOperation)
{
- return fwOperation->mdOperation;
+ return fwOperation->mdOperation;
}
/*
* nssCKFWCryptoOperation_GetType
*/
NSS_EXTERN NSSCKFWCryptoOperationType
-nssCKFWCryptoOperation_GetType
-(
- NSSCKFWCryptoOperation *fwOperation
-)
+nssCKFWCryptoOperation_GetType(
+ NSSCKFWCryptoOperation *fwOperation)
{
- return fwOperation->type;
+ return fwOperation->type;
}
/*
* nssCKFWCryptoOperation_GetFinalLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWCryptoOperation_GetFinalLength
-(
- NSSCKFWCryptoOperation *fwOperation,
- CK_RV *pError
-)
+nssCKFWCryptoOperation_GetFinalLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ CK_RV *pError)
{
- if (!fwOperation->mdOperation->GetFinalLength) {
- *pError = CKR_FUNCTION_FAILED;
- return 0;
- }
- return fwOperation->mdOperation->GetFinalLength(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- pError);
+ if (!fwOperation->mdOperation->GetFinalLength) {
+ *pError = CKR_FUNCTION_FAILED;
+ return 0;
+ }
+ return fwOperation->mdOperation->GetFinalLength(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ pError);
}
/*
* nssCKFWCryptoOperation_GetOperationLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWCryptoOperation_GetOperationLength
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- CK_RV *pError
-)
+nssCKFWCryptoOperation_GetOperationLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ CK_RV *pError)
{
- if (!fwOperation->mdOperation->GetOperationLength) {
- *pError = CKR_FUNCTION_FAILED;
- return 0;
- }
- return fwOperation->mdOperation->GetOperationLength(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- inputBuffer,
- pError);
+ if (!fwOperation->mdOperation->GetOperationLength) {
+ *pError = CKR_FUNCTION_FAILED;
+ return 0;
+ }
+ return fwOperation->mdOperation->GetOperationLength(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ pError);
}
/*
* nssCKFWCryptoOperation_Final
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_Final
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *outputBuffer
-)
+nssCKFWCryptoOperation_Final(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *outputBuffer)
{
- if (!fwOperation->mdOperation->Final) {
- return CKR_FUNCTION_FAILED;
- }
- return fwOperation->mdOperation->Final(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- outputBuffer);
+ if (!fwOperation->mdOperation->Final) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->Final(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ outputBuffer);
}
/*
* nssCKFWCryptoOperation_Update
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_Update
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-)
+nssCKFWCryptoOperation_Update(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
{
- if (!fwOperation->mdOperation->Update) {
- return CKR_FUNCTION_FAILED;
- }
- return fwOperation->mdOperation->Update(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- inputBuffer,
- outputBuffer);
+ if (!fwOperation->mdOperation->Update) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->Update(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
}
/*
* nssCKFWCryptoOperation_DigestUpdate
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_DigestUpdate
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer
-)
+nssCKFWCryptoOperation_DigestUpdate(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer)
{
- if (!fwOperation->mdOperation->DigestUpdate) {
- return CKR_FUNCTION_FAILED;
- }
- return fwOperation->mdOperation->DigestUpdate(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- inputBuffer);
+ if (!fwOperation->mdOperation->DigestUpdate) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->DigestUpdate(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer);
}
/*
* nssCKFWCryptoOperation_DigestKey
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_DigestKey
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKFWObject *fwObject /* Key */
-)
+nssCKFWCryptoOperation_DigestKey(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWObject *fwObject /* Key */
+ )
{
- NSSCKMDObject *mdObject;
+ NSSCKMDObject *mdObject;
- if (!fwOperation->mdOperation->DigestKey) {
- return CKR_FUNCTION_FAILED;
- }
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- return fwOperation->mdOperation->DigestKey(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- mdObject,
- fwObject);
+ if (!fwOperation->mdOperation->DigestKey) {
+ return CKR_FUNCTION_FAILED;
+ }
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ return fwOperation->mdOperation->DigestKey(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ mdObject,
+ fwObject);
}
/*
* nssCKFWCryptoOperation_UpdateFinal
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_UpdateFinal
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-)
+nssCKFWCryptoOperation_UpdateFinal(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
{
- if (!fwOperation->mdOperation->UpdateFinal) {
- return CKR_FUNCTION_FAILED;
- }
- return fwOperation->mdOperation->UpdateFinal(
- fwOperation->mdOperation,
- fwOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- inputBuffer,
- outputBuffer);
+ if (!fwOperation->mdOperation->UpdateFinal) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->UpdateFinal(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
}
/*
* nssCKFWCryptoOperation_UpdateCombo
*/
NSS_EXTERN CK_RV
-nssCKFWCryptoOperation_UpdateCombo
-(
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKFWCryptoOperation *fwPeerOperation,
- NSSItem *inputBuffer,
- NSSItem *outputBuffer
-)
+nssCKFWCryptoOperation_UpdateCombo(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperation *fwPeerOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
{
- if (!fwOperation->mdOperation->UpdateCombo) {
- return CKR_FUNCTION_FAILED;
- }
- return fwOperation->mdOperation->UpdateCombo(
- fwOperation->mdOperation,
- fwOperation,
- fwPeerOperation->mdOperation,
- fwPeerOperation,
- fwOperation->mdSession,
- fwOperation->fwSession,
- fwOperation->mdToken,
- fwOperation->fwToken,
- fwOperation->mdInstance,
- fwOperation->fwInstance,
- inputBuffer,
- outputBuffer);
+ if (!fwOperation->mdOperation->UpdateCombo) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->UpdateCombo(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwPeerOperation->mdOperation,
+ fwPeerOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
}
diff --git a/lib/ckfw/dbm/anchor.c b/lib/ckfw/dbm/anchor.c
index f004b1e84..2ac7e9643 100644
--- a/lib/ckfw/dbm/anchor.c
+++ b/lib/ckfw/dbm/anchor.c
@@ -6,12 +6,12 @@
* dbm/anchor.c
*
* This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
+ * shared library, which is required for dynamic loading. See the
* comments in nssck.api for more information.
*/
#include "ckdbm.h"
#define MODULE_NAME dbm
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_dbm_mdInstance
+#define INSTANCE_NAME (NSSCKMDInstance *) & nss_dbm_mdInstance
#include "nssck.api"
diff --git a/lib/ckfw/dbm/ckdbm.h b/lib/ckfw/dbm/ckdbm.h
index 4f9df9343..8c2607cb3 100644
--- a/lib/ckfw/dbm/ckdbm.h
+++ b/lib/ckfw/dbm/ckdbm.h
@@ -29,220 +29,182 @@ NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
typedef struct nss_dbm_db_struct nss_dbm_db_t;
struct nss_dbm_db_struct {
- DB *db;
- NSSCKFWMutex *crustylock;
+ DB *db;
+ NSSCKFWMutex *crustylock;
};
typedef struct nss_dbm_dbt_struct nss_dbm_dbt_t;
struct nss_dbm_dbt_struct {
- DBT dbt;
- nss_dbm_db_t *my_db;
+ DBT dbt;
+ nss_dbm_db_t *my_db;
};
typedef struct nss_dbm_instance_struct nss_dbm_instance_t;
struct nss_dbm_instance_struct {
- NSSArena *arena;
- CK_ULONG nSlots;
- char **filenames;
- int *flags; /* e.g. O_RDONLY, O_RDWR */
+ NSSArena *arena;
+ CK_ULONG nSlots;
+ char **filenames;
+ int *flags; /* e.g. O_RDONLY, O_RDWR */
};
typedef struct nss_dbm_slot_struct nss_dbm_slot_t;
struct nss_dbm_slot_struct {
- nss_dbm_instance_t *instance;
- char *filename;
- int flags;
- nss_dbm_db_t *token_db;
+ nss_dbm_instance_t *instance;
+ char *filename;
+ int flags;
+ nss_dbm_db_t *token_db;
};
typedef struct nss_dbm_token_struct nss_dbm_token_t;
struct nss_dbm_token_struct {
- NSSArena *arena;
- nss_dbm_slot_t *slot;
- nss_dbm_db_t *session_db;
- NSSUTF8 *label;
+ NSSArena *arena;
+ nss_dbm_slot_t *slot;
+ nss_dbm_db_t *session_db;
+ NSSUTF8 *label;
};
struct nss_dbm_dbt_node {
- struct nss_dbm_dbt_node *next;
- nss_dbm_dbt_t *dbt;
+ struct nss_dbm_dbt_node *next;
+ nss_dbm_dbt_t *dbt;
};
typedef struct nss_dbm_session_struct nss_dbm_session_t;
struct nss_dbm_session_struct {
- NSSArena *arena;
- nss_dbm_token_t *token;
- CK_ULONG deviceError;
- struct nss_dbm_dbt_node *session_objects;
- NSSCKFWMutex *list_lock;
+ NSSArena *arena;
+ nss_dbm_token_t *token;
+ CK_ULONG deviceError;
+ struct nss_dbm_dbt_node *session_objects;
+ NSSCKFWMutex *list_lock;
};
typedef struct nss_dbm_object_struct nss_dbm_object_t;
struct nss_dbm_object_struct {
- NSSArena *arena; /* token or session */
- nss_dbm_dbt_t *handle;
+ NSSArena *arena; /* token or session */
+ nss_dbm_dbt_t *handle;
};
typedef struct nss_dbm_find_struct nss_dbm_find_t;
struct nss_dbm_find_struct {
- NSSArena *arena;
- struct nss_dbm_dbt_node *found;
- NSSCKFWMutex *list_lock;
+ NSSArena *arena;
+ struct nss_dbm_dbt_node *found;
+ NSSCKFWMutex *list_lock;
};
NSS_EXTERN NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-);
+nss_dbm_mdSlot_factory(
+ nss_dbm_instance_t *instance,
+ char *filename,
+ int flags,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-);
+nss_dbm_mdToken_factory(
+ nss_dbm_slot_t *slot,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-);
+nss_dbm_mdSession_factory(
+ nss_dbm_token_t *token,
+ NSSCKFWSession *fwSession,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL rw,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-);
+nss_dbm_mdObject_factory(
+ nss_dbm_object_t *object,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-);
+nss_dbm_mdFindObjects_factory(
+ nss_dbm_find_t *find,
+ CK_RV *pError);
NSS_EXTERN nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-);
+nss_dbm_db_open(
+ NSSArena *arena,
+ NSSCKFWInstance *fwInstance,
+ char *filename,
+ int flags,
+ CK_RV *pError);
NSS_EXTERN void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-);
+nss_dbm_db_close(
+ nss_dbm_db_t *db);
NSS_EXTERN CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-);
+nss_dbm_db_get_format_version(
+ nss_dbm_db_t *db);
NSS_EXTERN CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-);
+nss_dbm_db_set_label(
+ nss_dbm_db_t *db,
+ NSSUTF8 *label);
NSS_EXTERN NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-);
+nss_dbm_db_get_label(
+ nss_dbm_db_t *db,
+ NSSArena *arena,
+ CK_RV *pError);
NSS_EXTERN CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-);
+nss_dbm_db_delete_object(
+ nss_dbm_dbt_t *dbt);
NSS_EXTERN nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_create_object(
+ NSSArena *arena,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
NSS_EXTERN CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_find_objects(
+ nss_dbm_find_t *find,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_ULONG *pdbrv);
NSS_EXTERN CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-);
+nss_dbm_db_object_still_exists(
+ nss_dbm_dbt_t *dbt);
NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_get_object_attribute_count(
+ nss_dbm_dbt_t *dbt,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
NSS_EXTERN CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_get_object_attribute_types(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount,
+ CK_ULONG *pdbrv);
NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_get_object_attribute_size(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
NSS_EXTERN NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_get_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ NSSArena *arena,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
NSS_EXTERN CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-);
+nss_dbm_db_set_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ NSSItem *value,
+ CK_ULONG *pdbrv);
#endif /* CKDBM_H */
diff --git a/lib/ckfw/dbm/db.c b/lib/ckfw/dbm/db.c
index 8d0a6cba8..44b47e7f3 100644
--- a/lib/ckfw/dbm/db.c
+++ b/lib/ckfw/dbm/db.c
@@ -5,303 +5,294 @@
#include "ckdbm.h"
#define PREFIX_METADATA "0000"
-#define PREFIX_OBJECT "0001"
-#define PREFIX_INDEX "0002"
+#define PREFIX_OBJECT "0001"
+#define PREFIX_INDEX "0002"
static CK_VERSION nss_dbm_db_format_version = { 1, 0 };
struct handle {
- char prefix[4];
- CK_ULONG id;
+ char prefix[4];
+ CK_ULONG id;
};
NSS_IMPLEMENT nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-)
+nss_dbm_db_open(
+ NSSArena *arena,
+ NSSCKFWInstance *fwInstance,
+ char *filename,
+ int flags,
+ CK_RV *pError)
{
- nss_dbm_db_t *rv;
- CK_VERSION db_version;
-
- rv = nss_ZNEW(arena, nss_dbm_db_t);
- if( (nss_dbm_db_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
- if( (DB *)NULL == rv->db ) {
- *pError = CKR_TOKEN_NOT_PRESENT;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == rv->crustylock ) {
- return (nss_dbm_db_t *)NULL;
- }
-
- db_version = nss_dbm_db_get_format_version(rv);
- if( db_version.major != nss_dbm_db_format_version.major ) {
- nss_dbm_db_close(rv);
- *pError = CKR_TOKEN_NOT_RECOGNIZED;
- return (nss_dbm_db_t *)NULL;
- }
-
- return rv;
+ nss_dbm_db_t *rv;
+ CK_VERSION db_version;
+
+ rv = nss_ZNEW(arena, nss_dbm_db_t);
+ if ((nss_dbm_db_t *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
+ if ((DB *)NULL == rv->db) {
+ *pError = CKR_TOKEN_NOT_PRESENT;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == rv->crustylock) {
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ db_version = nss_dbm_db_get_format_version(rv);
+ if (db_version.major != nss_dbm_db_format_version.major) {
+ nss_dbm_db_close(rv);
+ *pError = CKR_TOKEN_NOT_RECOGNIZED;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ return rv;
}
NSS_IMPLEMENT void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-)
+nss_dbm_db_close(
+ nss_dbm_db_t *db)
{
- if( (NSSCKFWMutex *)NULL != db->crustylock ) {
- (void)NSSCKFWMutex_Destroy(db->crustylock);
- }
+ if ((NSSCKFWMutex *)NULL != db->crustylock) {
+ (void)NSSCKFWMutex_Destroy(db->crustylock);
+ }
- if( (DB *)NULL != db->db ) {
- (void)db->db->close(db->db);
- }
+ if ((DB *)NULL != db->db) {
+ (void)db->db->close(db->db);
+ }
- nss_ZFreeIf(db);
+ nss_ZFreeIf(db);
}
NSS_IMPLEMENT CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-)
+nss_dbm_db_get_format_version(
+ nss_dbm_db_t *db)
{
- CK_VERSION rv;
- DBT k, v;
- int dbrv;
- char buffer[64];
+ CK_VERSION rv;
+ DBT k, v;
+ int dbrv;
+ char buffer[64];
- rv.major = rv.minor = 0;
+ rv.major = rv.minor = 0;
- k.data = PREFIX_METADATA "FormatVersion";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
+ k.data = PREFIX_METADATA "FormatVersion";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ (void)memset(&v, 0, sizeof(v));
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
+ /* Locked region */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(db->crustylock)) {
+ return rv;
+ }
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( dbrv == 0 ) {
- CK_ULONG major = 0, minor = 0;
- (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
- rv.major = major;
- rv.minor = minor;
- } else if( dbrv > 0 ) {
- (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
- nss_dbm_db_format_version.minor);
- v.data = buffer;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
- dbrv = db->db->put(db->db, &k, &v, 0);
- (void)db->db->sync(db->db, 0);
- rv = nss_dbm_db_format_version;
- } else {
- /* No error return.. */
- ;
- }
+ dbrv = db->db->get(db->db, &k, &v, 0);
+ if (dbrv == 0) {
+ CK_ULONG major = 0, minor = 0;
+ (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
+ rv.major = major;
+ rv.minor = minor;
+ }
+ else if (dbrv > 0) {
+ (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
+ nss_dbm_db_format_version.minor);
+ v.data = buffer;
+ v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
+ dbrv = db->db->put(db->db, &k, &v, 0);
+ (void)db->db->sync(db->db, 0);
+ rv = nss_dbm_db_format_version;
+ }
+ else {
+ /* No error return.. */
+ ;
+ }
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-)
+nss_dbm_db_set_label(
+ nss_dbm_db_t *db,
+ NSSUTF8 *label)
{
- CK_RV rv;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- v.data = label;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv;
+ DBT k, v;
+ int dbrv;
- dbrv = db->db->put(db->db, &k, &v, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
+ k.data = PREFIX_METADATA "Label";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ v.data = label;
+ v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
- dbrv = db->db->sync(db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+
+ dbrv = db->db->put(db->db, &k, &v, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ }
+
+ dbrv = db->db->sync(db->db, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ }
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-)
+nss_dbm_db_get_label(
+ nss_dbm_db_t *db,
+ NSSArena *arena,
+ CK_RV *pError)
{
- NSSUTF8 *rv = (NSSUTF8 *)NULL;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ NSSUTF8 *rv = (NSSUTF8 *)NULL;
+ DBT k, v;
+ int dbrv;
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
+ k.data = PREFIX_METADATA "Label";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( 0 == dbrv ) {
- rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
- if( (NSSUTF8 *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- }
- } else if( dbrv > 0 ) {
- /* Just return null */
- ;
- } else {
- *pError = CKR_DEVICE_ERROR;
- ;
- }
+ /* Locked region */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(db->crustylock)) {
+ return rv;
+ }
+ dbrv = db->db->get(db->db, &k, &v, 0);
+ if (0 == dbrv) {
+ rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
+ if ((NSSUTF8 *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ }
+ else if (dbrv > 0) {
+ /* Just return null */
+ ;
+ }
+ else {
+ *pError = CKR_DEVICE_ERROR;
+ ;
+ }
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-)
+nss_dbm_db_delete_object(
+ nss_dbm_dbt_t *dbt)
{
- CK_RV rv;
- int dbrv;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv;
+ int dbrv;
- dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
- dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- return rv;
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
}
static CK_ULONG
-nss_dbm_db_new_handle
-(
- nss_dbm_db_t *db,
- DBT *dbt, /* pre-allocated */
- CK_RV *pError
-)
+nss_dbm_db_new_handle(
+ nss_dbm_db_t *db,
+ DBT *dbt, /* pre-allocated */
+ CK_RV *pError)
{
- CK_ULONG rv;
- DBT k, v;
- CK_ULONG align = 0, id, myid;
- struct handle *hp;
-
- if( sizeof(struct handle) != dbt->size ) {
- return EINVAL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- return EINVAL;
+ CK_ULONG rv;
+ DBT k, v;
+ CK_ULONG align = 0, id, myid;
+ struct handle *hp;
+
+ if (sizeof(struct handle) != dbt->size) {
+ return EINVAL;
}
- k.data = PREFIX_METADATA "LastID";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != *pError) {
+ return EINVAL;
+ }
- rv = db->db->get(db->db, &k, &v, 0);
- if( 0 == rv ) {
- (void)memcpy(&align, v.data, sizeof(CK_ULONG));
- id = ntohl(align);
- } else if( rv > 0 ) {
- id = 0;
- } else {
- goto done;
- }
+ k.data = PREFIX_METADATA "LastID";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ (void)memset(&v, 0, sizeof(v));
- myid = id;
- id++;
- align = htonl(id);
- v.data = &align;
- v.size = sizeof(CK_ULONG);
+ rv = db->db->get(db->db, &k, &v, 0);
+ if (0 == rv) {
+ (void)memcpy(&align, v.data, sizeof(CK_ULONG));
+ id = ntohl(align);
+ }
+ else if (rv > 0) {
+ id = 0;
+ }
+ else {
+ goto done;
+ }
- rv = db->db->put(db->db, &k, &v, 0);
- if( 0 != rv ) {
- goto done;
- }
+ myid = id;
+ id++;
+ align = htonl(id);
+ v.data = &align;
+ v.size = sizeof(CK_ULONG);
- rv = db->db->sync(db->db, 0);
- if( 0 != rv ) {
- goto done;
- }
+ rv = db->db->put(db->db, &k, &v, 0);
+ if (0 != rv) {
+ goto done;
+ }
- done:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
+ rv = db->db->sync(db->db, 0);
+ if (0 != rv) {
+ goto done;
+ }
- if( 0 != rv ) {
- return rv;
- }
+ done:
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ if (0 != rv) {
+ return rv;
+ }
- hp = (struct handle *)dbt->data;
- (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
- hp->id = myid;
+ hp = (struct handle *)dbt->data;
+ (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
+ hp->id = myid;
- return 0;
+ return 0;
}
/*
@@ -311,723 +302,786 @@ nss_dbm_db_new_handle
* will have to be augmentable or overridable by a Module.
*/
-enum swap_type { type_byte, type_short, type_long, type_opaque };
+enum swap_type { type_byte,
+ type_short,
+ type_long,
+ type_opaque };
static enum swap_type
-nss_dbm_db_swap_type
-(
- CK_ATTRIBUTE_TYPE type
-)
+nss_dbm_db_swap_type(
+ CK_ATTRIBUTE_TYPE type)
{
- switch( type ) {
- case CKA_CLASS: return type_long;
- case CKA_TOKEN: return type_byte;
- case CKA_PRIVATE: return type_byte;
- case CKA_LABEL: return type_opaque;
- case CKA_APPLICATION: return type_opaque;
- case CKA_VALUE: return type_opaque;
- case CKA_CERTIFICATE_TYPE: return type_long;
- case CKA_ISSUER: return type_opaque;
- case CKA_SERIAL_NUMBER: return type_opaque;
- case CKA_KEY_TYPE: return type_long;
- case CKA_SUBJECT: return type_opaque;
- case CKA_ID: return type_opaque;
- case CKA_SENSITIVE: return type_byte;
- case CKA_ENCRYPT: return type_byte;
- case CKA_DECRYPT: return type_byte;
- case CKA_WRAP: return type_byte;
- case CKA_UNWRAP: return type_byte;
- case CKA_SIGN: return type_byte;
- case CKA_SIGN_RECOVER: return type_byte;
- case CKA_VERIFY: return type_byte;
- case CKA_VERIFY_RECOVER: return type_byte;
- case CKA_DERIVE: return type_byte;
- case CKA_START_DATE: return type_opaque;
- case CKA_END_DATE: return type_opaque;
- case CKA_MODULUS: return type_opaque;
- case CKA_MODULUS_BITS: return type_long;
- case CKA_PUBLIC_EXPONENT: return type_opaque;
- case CKA_PRIVATE_EXPONENT: return type_opaque;
- case CKA_PRIME_1: return type_opaque;
- case CKA_PRIME_2: return type_opaque;
- case CKA_EXPONENT_1: return type_opaque;
- case CKA_EXPONENT_2: return type_opaque;
- case CKA_COEFFICIENT: return type_opaque;
- case CKA_PRIME: return type_opaque;
- case CKA_SUBPRIME: return type_opaque;
- case CKA_BASE: return type_opaque;
- case CKA_VALUE_BITS: return type_long;
- case CKA_VALUE_LEN: return type_long;
- case CKA_EXTRACTABLE: return type_byte;
- case CKA_LOCAL: return type_byte;
- case CKA_NEVER_EXTRACTABLE: return type_byte;
- case CKA_ALWAYS_SENSITIVE: return type_byte;
- case CKA_MODIFIABLE: return type_byte;
- case CKA_NETSCAPE_URL: return type_opaque;
- case CKA_NETSCAPE_EMAIL: return type_opaque;
- case CKA_NETSCAPE_SMIME_INFO: return type_opaque;
- case CKA_NETSCAPE_SMIME_TIMESTAMP: return type_opaque;
- case CKA_NETSCAPE_PKCS8_SALT: return type_opaque;
- case CKA_NETSCAPE_PASSWORD_CHECK: return type_opaque;
- case CKA_NETSCAPE_EXPIRES: return type_opaque;
- case CKA_TRUST_DIGITAL_SIGNATURE: return type_long;
- case CKA_TRUST_NON_REPUDIATION: return type_long;
- case CKA_TRUST_KEY_ENCIPHERMENT: return type_long;
- case CKA_TRUST_DATA_ENCIPHERMENT: return type_long;
- case CKA_TRUST_KEY_AGREEMENT: return type_long;
- case CKA_TRUST_KEY_CERT_SIGN: return type_long;
- case CKA_TRUST_CRL_SIGN: return type_long;
- case CKA_TRUST_SERVER_AUTH: return type_long;
- case CKA_TRUST_CLIENT_AUTH: return type_long;
- case CKA_TRUST_CODE_SIGNING: return type_long;
- case CKA_TRUST_EMAIL_PROTECTION: return type_long;
- case CKA_TRUST_IPSEC_END_SYSTEM: return type_long;
- case CKA_TRUST_IPSEC_TUNNEL: return type_long;
- case CKA_TRUST_IPSEC_USER: return type_long;
- case CKA_TRUST_TIME_STAMPING: return type_long;
- case CKA_NETSCAPE_DB: return type_opaque;
- case CKA_NETSCAPE_TRUST: return type_opaque;
- default: return type_opaque;
- }
+ switch (type) {
+ case CKA_CLASS:
+ return type_long;
+ case CKA_TOKEN:
+ return type_byte;
+ case CKA_PRIVATE:
+ return type_byte;
+ case CKA_LABEL:
+ return type_opaque;
+ case CKA_APPLICATION:
+ return type_opaque;
+ case CKA_VALUE:
+ return type_opaque;
+ case CKA_CERTIFICATE_TYPE:
+ return type_long;
+ case CKA_ISSUER:
+ return type_opaque;
+ case CKA_SERIAL_NUMBER:
+ return type_opaque;
+ case CKA_KEY_TYPE:
+ return type_long;
+ case CKA_SUBJECT:
+ return type_opaque;
+ case CKA_ID:
+ return type_opaque;
+ case CKA_SENSITIVE:
+ return type_byte;
+ case CKA_ENCRYPT:
+ return type_byte;
+ case CKA_DECRYPT:
+ return type_byte;
+ case CKA_WRAP:
+ return type_byte;
+ case CKA_UNWRAP:
+ return type_byte;
+ case CKA_SIGN:
+ return type_byte;
+ case CKA_SIGN_RECOVER:
+ return type_byte;
+ case CKA_VERIFY:
+ return type_byte;
+ case CKA_VERIFY_RECOVER:
+ return type_byte;
+ case CKA_DERIVE:
+ return type_byte;
+ case CKA_START_DATE:
+ return type_opaque;
+ case CKA_END_DATE:
+ return type_opaque;
+ case CKA_MODULUS:
+ return type_opaque;
+ case CKA_MODULUS_BITS:
+ return type_long;
+ case CKA_PUBLIC_EXPONENT:
+ return type_opaque;
+ case CKA_PRIVATE_EXPONENT:
+ return type_opaque;
+ case CKA_PRIME_1:
+ return type_opaque;
+ case CKA_PRIME_2:
+ return type_opaque;
+ case CKA_EXPONENT_1:
+ return type_opaque;
+ case CKA_EXPONENT_2:
+ return type_opaque;
+ case CKA_COEFFICIENT:
+ return type_opaque;
+ case CKA_PRIME:
+ return type_opaque;
+ case CKA_SUBPRIME:
+ return type_opaque;
+ case CKA_BASE:
+ return type_opaque;
+ case CKA_VALUE_BITS:
+ return type_long;
+ case CKA_VALUE_LEN:
+ return type_long;
+ case CKA_EXTRACTABLE:
+ return type_byte;
+ case CKA_LOCAL:
+ return type_byte;
+ case CKA_NEVER_EXTRACTABLE:
+ return type_byte;
+ case CKA_ALWAYS_SENSITIVE:
+ return type_byte;
+ case CKA_MODIFIABLE:
+ return type_byte;
+ case CKA_NETSCAPE_URL:
+ return type_opaque;
+ case CKA_NETSCAPE_EMAIL:
+ return type_opaque;
+ case CKA_NETSCAPE_SMIME_INFO:
+ return type_opaque;
+ case CKA_NETSCAPE_SMIME_TIMESTAMP:
+ return type_opaque;
+ case CKA_NETSCAPE_PKCS8_SALT:
+ return type_opaque;
+ case CKA_NETSCAPE_PASSWORD_CHECK:
+ return type_opaque;
+ case CKA_NETSCAPE_EXPIRES:
+ return type_opaque;
+ case CKA_TRUST_DIGITAL_SIGNATURE:
+ return type_long;
+ case CKA_TRUST_NON_REPUDIATION:
+ return type_long;
+ case CKA_TRUST_KEY_ENCIPHERMENT:
+ return type_long;
+ case CKA_TRUST_DATA_ENCIPHERMENT:
+ return type_long;
+ case CKA_TRUST_KEY_AGREEMENT:
+ return type_long;
+ case CKA_TRUST_KEY_CERT_SIGN:
+ return type_long;
+ case CKA_TRUST_CRL_SIGN:
+ return type_long;
+ case CKA_TRUST_SERVER_AUTH:
+ return type_long;
+ case CKA_TRUST_CLIENT_AUTH:
+ return type_long;
+ case CKA_TRUST_CODE_SIGNING:
+ return type_long;
+ case CKA_TRUST_EMAIL_PROTECTION:
+ return type_long;
+ case CKA_TRUST_IPSEC_END_SYSTEM:
+ return type_long;
+ case CKA_TRUST_IPSEC_TUNNEL:
+ return type_long;
+ case CKA_TRUST_IPSEC_USER:
+ return type_long;
+ case CKA_TRUST_TIME_STAMPING:
+ return type_long;
+ case CKA_NETSCAPE_DB:
+ return type_opaque;
+ case CKA_NETSCAPE_TRUST:
+ return type_opaque;
+ default:
+ return type_opaque;
+ }
}
static void
-nss_dbm_db_swap_copy
-(
- CK_ATTRIBUTE_TYPE type,
- void *dest,
- void *src,
- CK_ULONG len
-)
+nss_dbm_db_swap_copy(
+ CK_ATTRIBUTE_TYPE type,
+ void *dest,
+ void *src,
+ CK_ULONG len)
{
- switch( nss_dbm_db_swap_type(type) ) {
- case type_byte:
- case type_opaque:
- (void)memcpy(dest, src, len);
- break;
- case type_short:
- {
- CK_USHORT s, d;
- (void)memcpy(&s, src, sizeof(CK_USHORT));
- d = htons(s);
- (void)memcpy(dest, &d, sizeof(CK_USHORT));
- break;
- }
- case type_long:
- {
- CK_ULONG s, d;
- (void)memcpy(&s, src, sizeof(CK_ULONG));
- d = htonl(s);
- (void)memcpy(dest, &d, sizeof(CK_ULONG));
- break;
+ switch (nss_dbm_db_swap_type(type)) {
+ case type_byte:
+ case type_opaque:
+ (void)memcpy(dest, src, len);
+ break;
+ case type_short: {
+ CK_USHORT s, d;
+ (void)memcpy(&s, src, sizeof(CK_USHORT));
+ d = htons(s);
+ (void)memcpy(dest, &d, sizeof(CK_USHORT));
+ break;
+ }
+ case type_long: {
+ CK_ULONG s, d;
+ (void)memcpy(&s, src, sizeof(CK_ULONG));
+ d = htonl(s);
+ (void)memcpy(dest, &d, sizeof(CK_ULONG));
+ break;
+ }
}
- }
}
static CK_RV
-nss_dbm_db_wrap_object
-(
- NSSArena *arena,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- DBT *object
-)
+nss_dbm_db_wrap_object(
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ DBT *object)
{
- CK_ULONG object_size;
- CK_ULONG i;
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG offset;
-
- object_size = (1 + ulAttributeCount*3) * sizeof(CK_ULONG);
- offset = object_size;
- for( i = 0; i < ulAttributeCount; i++ ) {
- object_size += pTemplate[i].ulValueLen;
- }
-
- object->size = object_size;
- object->data = nss_ZAlloc(arena, object_size);
- if( (void *)NULL == object->data ) {
- return CKR_HOST_MEMORY;
- }
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- pulData[0] = htonl(ulAttributeCount);
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG len = pTemplate[i].ulValueLen;
- pulData[1 + i*3] = htonl(pTemplate[i].type);
- pulData[2 + i*3] = htonl(len);
- pulData[3 + i*3] = htonl(offset);
- nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
- offset += len;
- }
-
- return CKR_OK;
+ CK_ULONG object_size;
+ CK_ULONG i;
+ CK_ULONG *pulData;
+ char *pcData;
+ CK_ULONG offset;
+
+ object_size = (1 + ulAttributeCount * 3) * sizeof(CK_ULONG);
+ offset = object_size;
+ for (i = 0; i < ulAttributeCount; i++) {
+ object_size += pTemplate[i].ulValueLen;
+ }
+
+ object->size = object_size;
+ object->data = nss_ZAlloc(arena, object_size);
+ if ((void *)NULL == object->data) {
+ return CKR_HOST_MEMORY;
+ }
+
+ pulData = (CK_ULONG *)object->data;
+ pcData = (char *)object->data;
+
+ pulData[0] = htonl(ulAttributeCount);
+ for (i = 0; i < ulAttributeCount; i++) {
+ CK_ULONG len = pTemplate[i].ulValueLen;
+ pulData[1 + i * 3] = htonl(pTemplate[i].type);
+ pulData[2 + i * 3] = htonl(len);
+ pulData[3 + i * 3] = htonl(offset);
+ nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
+ offset += len;
+ }
+
+ return CKR_OK;
}
static CK_RV
-nss_dbm_db_unwrap_object
-(
- NSSArena *arena,
- DBT *object,
- CK_ATTRIBUTE_PTR *ppTemplate,
- CK_ULONG *pulAttributeCount
-)
+nss_dbm_db_unwrap_object(
+ NSSArena *arena,
+ DBT *object,
+ CK_ATTRIBUTE_PTR *ppTemplate,
+ CK_ULONG *pulAttributeCount)
{
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG n, i;
- CK_ATTRIBUTE_PTR pTemplate;
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- n = ntohl(pulData[0]);
- *pulAttributeCount = n;
- pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- return CKR_HOST_MEMORY;
- }
-
- for( i = 0; i < n; i++ ) {
- CK_ULONG len;
- CK_ULONG offset;
- void *p;
-
- pTemplate[i].type = ntohl(pulData[1 + i*3]);
- len = ntohl(pulData[2 + i*3]);
- offset = ntohl(pulData[3 + i*3]);
-
- p = nss_ZAlloc(arena, len);
- if( (void *)NULL == p ) {
- return CKR_HOST_MEMORY;
+ CK_ULONG *pulData;
+ char *pcData;
+ CK_ULONG n, i;
+ CK_ATTRIBUTE_PTR pTemplate;
+
+ pulData = (CK_ULONG *)object->data;
+ pcData = (char *)object->data;
+
+ n = ntohl(pulData[0]);
+ *pulAttributeCount = n;
+ pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ return CKR_HOST_MEMORY;
+ }
+
+ for (i = 0; i < n; i++) {
+ CK_ULONG len;
+ CK_ULONG offset;
+ void *p;
+
+ pTemplate[i].type = ntohl(pulData[1 + i * 3]);
+ len = ntohl(pulData[2 + i * 3]);
+ offset = ntohl(pulData[3 + i * 3]);
+
+ p = nss_ZAlloc(arena, len);
+ if ((void *)NULL == p) {
+ return CKR_HOST_MEMORY;
+ }
+
+ nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
+ pTemplate[i].ulValueLen = len;
+ pTemplate[i].pValue = p;
}
-
- nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
- pTemplate[i].ulValueLen = len;
- pTemplate[i].pValue = p;
- }
-
- *ppTemplate = pTemplate;
- return CKR_OK;
-}
+ *ppTemplate = pTemplate;
+ return CKR_OK;
+}
NSS_IMPLEMENT nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_create_object(
+ NSSArena *arena,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
{
- NSSArena *tmparena = (NSSArena *)NULL;
- nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
- DBT object;
-
- rv = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- rv->my_db = db;
- rv->dbt.size = sizeof(struct handle);
- rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
- if( (void *)NULL == rv->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
- if( 0 != *pdbrv ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- tmparena = NSSArena_Create();
- if( (NSSArena *)NULL == tmparena ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != *pError ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
+ NSSArena *tmparena = (NSSArena *)NULL;
+ nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
+ DBT object;
+
+ rv = nss_ZNEW(arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
}
- *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- *pError = CKR_DEVICE_ERROR;
+ rv->my_db = db;
+ rv->dbt.size = sizeof(struct handle);
+ rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
+ if ((void *)NULL == rv->dbt.data) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
}
- (void)db->db->sync(db->db, 0);
+ *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
+ if (0 != *pdbrv) {
+ return (nss_dbm_dbt_t *)NULL;
+ }
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
+ tmparena = NSSArena_Create();
+ if ((NSSArena *)NULL == tmparena) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
+ }
- loser:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
+ *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
+ if (CKR_OK != *pError) {
+ return (nss_dbm_dbt_t *)NULL;
+ }
- return rv;
-}
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
+ if (0 != *pdbrv) {
+ *pError = CKR_DEVICE_ERROR;
+ }
+
+ (void)db->db->sync(db->db, 0);
+
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+loser:
+ if ((NSSArena *)NULL != tmparena) {
+ (void)NSSArena_Destroy(tmparena);
+ }
+
+ return rv;
+}
NSS_IMPLEMENT CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_find_objects(
+ nss_dbm_find_t *find,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_ULONG *pdbrv)
{
- CK_RV rv = CKR_OK;
+ CK_RV rv = CKR_OK;
- if( (nss_dbm_db_t *)NULL != db ) {
- DBT k, v;
+ if ((nss_dbm_db_t *)NULL != db) {
+ DBT k, v;
- rv = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
+ rv = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
- *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
- while( 0 == *pdbrv ) {
- CK_ULONG i, j;
- NSSArena *tmparena = (NSSArena *)NULL;
- CK_ULONG ulac;
- CK_ATTRIBUTE_PTR pt;
-
- if( (k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4)) ) {
- goto nomatch;
- }
-
- tmparena = NSSArena_Create();
-
- rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
- if( CKR_OK != rv ) {
- goto loser;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < ulac; j++ ) {
- if( pTemplate[i].type == pt[j].type ) {
- if( pTemplate[i].ulValueLen != pt[j].ulValueLen ) {
- goto nomatch;
+ *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
+ while (0 == *pdbrv) {
+ CK_ULONG i, j;
+ NSSArena *tmparena = (NSSArena *)NULL;
+ CK_ULONG ulac;
+ CK_ATTRIBUTE_PTR pt;
+
+ if ((k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4))) {
+ goto nomatch;
}
- if( 0 != memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen) ) {
- goto nomatch;
+
+ tmparena = NSSArena_Create();
+
+ rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
+ if (CKR_OK != rv) {
+ goto loser;
}
- break;
- }
- }
- if( j == ulac ) {
- goto nomatch;
- }
- }
- /* entire template matches */
- {
- struct nss_dbm_dbt_node *node;
+ for (i = 0; i < ulAttributeCount; i++) {
+ for (j = 0; j < ulac; j++) {
+ if (pTemplate[i].type ==
+ pt[j].type) {
+ if (pTemplate[i].ulValueLen !=
+ pt[j].ulValueLen) {
+ goto nomatch;
+ }
+ if (0 !=
+ memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen)) {
+ goto nomatch;
+ }
+ break;
+ }
+ }
+ if (j == ulac) {
+ goto nomatch;
+ }
+ }
- node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
+ /* entire template matches */
+ {
+ struct nss_dbm_dbt_node *node;
+
+ node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == node->dbt) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ node->dbt->dbt.size = k.size;
+ node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
+ if ((void *)NULL == node->dbt->dbt.data) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)memcpy(node->dbt->dbt.data, k.data, k.size);
+
+ node->dbt->my_db = db;
+
+ node->next = find->found;
+ find->found = node;
+ }
- node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == node->dbt ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
+ nomatch:
+ if ((NSSArena *)NULL != tmparena) {
+ (void)NSSArena_Destroy(tmparena);
+ }
+ *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
}
-
- node->dbt->dbt.size = k.size;
- node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
- if( (void *)NULL == node->dbt->dbt.data ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
+
+ if (*pdbrv < 0) {
+ rv = CKR_DEVICE_ERROR;
+ goto loser;
}
- (void)memcpy(node->dbt->dbt.data, k.data, k.size);
+ rv = CKR_OK;
- node->dbt->my_db = db;
+ loser:
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
- node->next = find->found;
- find->found = node;
- }
+ return rv;
+}
- nomatch:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
- *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
+NSS_IMPLEMENT CK_BBOOL
+nss_dbm_db_object_still_exists(
+ nss_dbm_dbt_t *dbt)
+{
+ CK_BBOOL rv;
+ CK_RV ckrv;
+ int dbrv;
+ DBT object;
+
+ ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != ckrv) {
+ return CK_FALSE;
}
- if( *pdbrv < 0 ) {
- rv = CKR_DEVICE_ERROR;
- goto loser;
+ dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == dbrv) {
+ rv = CK_TRUE;
+ }
+ else {
+ rv = CK_FALSE;
}
- rv = CKR_OK;
-
- loser:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-NSS_IMPLEMENT CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-)
-{
- CK_BBOOL rv;
- CK_RV ckrv;
- int dbrv;
- DBT object;
-
- ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != ckrv ) {
- return CK_FALSE;
- }
-
- dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == dbrv ) {
- rv = CK_TRUE;
- } else {
- rv = CK_FALSE;
- }
-
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-
- return rv;
+ return rv;
}
NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_get_object_attribute_count(
+ nss_dbm_dbt_t *dbt,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
+ CK_ULONG rv = 0;
+ DBT object;
+ CK_ULONG *pulData;
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ return rv;
+ }
- pulData = (CK_ULONG *)object.data;
- rv = ntohl(pulData[0]);
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ }
+ else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ pulData = (CK_ULONG *)object.data;
+ rv = ntohl(pulData[0]);
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_get_object_attribute_types(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount,
+ CK_ULONG *pdbrv)
{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv = CKR_OK;
+ DBT object;
+ CK_ULONG *pulData;
+ CK_ULONG n, i;
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ }
+ else if (*pdbrv > 0) {
+ rv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ else {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- if( ulCount < n ) {
- rv = CKR_BUFFER_TOO_SMALL;
- goto done;
- }
+ pulData = (CK_ULONG *)object.data;
+ n = ntohl(pulData[0]);
- for( i = 0; i < n; i++ ) {
- typeArray[i] = ntohl(pulData[1 + i*3]);
- }
+ if (ulCount < n) {
+ rv = CKR_BUFFER_TOO_SMALL;
+ goto done;
+ }
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ for (i = 0; i < n; i++) {
+ typeArray[i] = ntohl(pulData[1 + i * 3]);
+ }
- return rv;
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
}
NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_get_object_attribute_size(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
+ CK_ULONG rv = 0;
+ DBT object;
+ CK_ULONG *pulData;
+ CK_ULONG n, i;
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ return rv;
+ }
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ }
+ else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
- for( i = 0; i < n; i++ ) {
- if( type == ntohl(pulData[1 + i*3]) ) {
- rv = ntohl(pulData[2 + i*3]);
- }
- }
+ pulData = (CK_ULONG *)object.data;
+ n = ntohl(pulData[0]);
- if( i == n ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
+ for (i = 0; i < n; i++) {
+ if (type == ntohl(pulData[1 + i * 3])) {
+ rv = ntohl(pulData[2 + i *
+ 3]);
+ }
+ }
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ if (i == n) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto done;
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_get_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ NSSArena *arena,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
{
- NSSItem *rv = (NSSItem *)NULL;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
- }
+ NSSItem *rv = (NSSItem *)NULL;
+ DBT object;
+ CK_ULONG i;
+ NSSArena *tmp = NSSArena_Create();
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ }
+ else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
- *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != *pError ) {
- goto done;
- }
+ *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
+ if (CKR_OK != *pError) {
+ goto done;
+ }
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- rv = nss_ZNEW(arena, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (type == pTemplate[i].type) {
+ rv = nss_ZNEW(arena, NSSItem);
+ if ((NSSItem *)NULL == rv) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto done;
+ }
+ rv->size = pTemplate[i].ulValueLen;
+ rv->data = nss_ZAlloc(arena, rv->size);
+ if ((void *)NULL == rv->data) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto done;
+ }
+ (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
+ break;
+ }
}
- rv->size = pTemplate[i].ulValueLen;
- rv->data = nss_ZAlloc(arena, rv->size);
- if( (void *)NULL == rv->data ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
+ if (ulAttributeCount == i) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto done;
}
- (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
- break;
- }
- }
- if( ulAttributeCount == i ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
+loser:
+ if ((NSSArena *)NULL != tmp) {
+ NSSArena_Destroy(tmp);
+ }
- return rv;
+ return rv;
}
NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-)
+nss_dbm_db_set_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ NSSItem *value,
+ CK_ULONG *pdbrv)
{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- goto loser;
- }
+ CK_RV rv = CKR_OK;
+ DBT object;
+ CK_ULONG i;
+ NSSArena *tmp = NSSArena_Create();
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ goto loser;
+ }
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ }
+ else if (*pdbrv > 0) {
+ rv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ else {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != rv ) {
- goto done;
- }
+ rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
+ if (CKR_OK != rv) {
+ goto done;
+ }
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- /* Replacing an existing attribute */
- pTemplate[i].ulValueLen = value->size;
- pTemplate[i].pValue = value->data;
- break;
- }
- }
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (type == pTemplate[i].type) {
+ /* Replacing an existing attribute */
+ pTemplate[i].ulValueLen = value->size;
+ pTemplate[i].pValue = value->data;
+ break;
+ }
+ }
- if( i == ulAttributeCount ) {
- /* Adding a new attribute */
- CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount+1);
- if( (CK_ATTRIBUTE_PTR)NULL == npt ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ if (i == ulAttributeCount) {
+ /* Adding a new attribute */
+ CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount + 1);
+ if ((CK_ATTRIBUTE_PTR)NULL == npt) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- for( i = 0; i < ulAttributeCount; i++ ) {
- npt[i] = pTemplate[i];
- }
+ for (i = 0; i < ulAttributeCount; i++) {
+ npt[i] = pTemplate[i];
+ }
- npt[ulAttributeCount].type = type;
- npt[ulAttributeCount].ulValueLen = value->size;
- npt[ulAttributeCount].pValue = value->data;
+ npt[ulAttributeCount].type = type;
+ npt[ulAttributeCount].ulValueLen = value->size;
+ npt[ulAttributeCount].pValue = value->data;
- pTemplate = npt;
- ulAttributeCount++;
- }
+ pTemplate = npt;
+ ulAttributeCount++;
+ }
- rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != rv ) {
- goto done;
- }
+ rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
+ if (CKR_OK != rv) {
+ goto done;
+ }
- *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
+ *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 != *pdbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
- (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
+ (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
+loser:
+ if ((NSSArena *)NULL != tmp) {
+ NSSArena_Destroy(tmp);
+ }
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/dbm/find.c b/lib/ckfw/dbm/find.c
index 575c0ad5a..8a03855c3 100644
--- a/lib/ckfw/dbm/find.c
+++ b/lib/ckfw/dbm/find.c
@@ -5,129 +5,122 @@
#include "ckdbm.h"
static void
-nss_dbm_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
+ nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
- /* Locks might have system resources associated */
- (void)NSSCKFWMutex_Destroy(find->list_lock);
- (void)NSSArena_Destroy(find->arena);
+ /* Locks might have system resources associated */
+ (void)NSSCKFWMutex_Destroy(find->list_lock);
+ (void)NSSArena_Destroy(find->arena);
}
-
static NSSCKMDObject *
-nss_dbm_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+nss_dbm_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
- struct nss_dbm_dbt_node *node;
- nss_dbm_object_t *object;
- NSSCKMDObject *rv;
-
- while(1) {
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(find->list_lock);
- if( CKR_OK != *pError ) {
+ nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
+ struct nss_dbm_dbt_node *node;
+ nss_dbm_object_t *object;
+ NSSCKMDObject *rv;
+
+ while (1) {
+ /* Lock */
+ {
+ *pError = NSSCKFWMutex_Lock(find->list_lock);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ node = find->found;
+ if ((struct nss_dbm_dbt_node *)NULL != node) {
+ find->found = node->next;
+ }
+
+ *pError = NSSCKFWMutex_Unlock(find->list_lock);
+ if (CKR_OK != *pError) {
+ /* screwed now */
+ return (NSSCKMDObject *)NULL;
+ }
+ }
+
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ break;
+ }
+
+ if (nss_dbm_db_object_still_exists(node->dbt)) {
+ break;
+ }
+ }
+
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ *pError = CKR_OK;
return (NSSCKMDObject *)NULL;
- }
-
- node = find->found;
- if( (struct nss_dbm_dbt_node *)NULL != node ) {
- find->found = node->next;
- }
-
- *pError = NSSCKFWMutex_Unlock(find->list_lock);
- if( CKR_OK != *pError ) {
- /* screwed now */
+ }
+
+ object = nss_ZNEW(arena, nss_dbm_object_t);
+ if ((nss_dbm_object_t *)NULL == object) {
+ *pError = CKR_HOST_MEMORY;
return (NSSCKMDObject *)NULL;
- }
}
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- break;
+ object->arena = arena;
+ object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == object->handle) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
}
- if( nss_dbm_db_object_still_exists(node->dbt) ) {
- break;
+ object->handle->my_db = node->dbt->my_db;
+ object->handle->dbt.size = node->dbt->dbt.size;
+ object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
+ if ((void *)NULL == object->handle->dbt.data) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
}
- }
-
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- object = nss_ZNEW(arena, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = arena;
- object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->handle->my_db = node->dbt->my_db;
- object->handle->dbt.size = node->dbt->dbt.size;
- object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
- if( (void *)NULL == object->handle->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
-
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- return rv;
+
+ (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
+
+ rv = nss_dbm_mdObject_factory(object, pError);
+ if ((NSSCKMDObject *)NULL == rv) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ return rv;
}
NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-)
+nss_dbm_mdFindObjects_factory(
+ nss_dbm_find_t *find,
+ CK_RV *pError)
{
- NSSCKMDFindObjects *rv;
+ NSSCKMDFindObjects *rv;
- rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
+ rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDFindObjects *)NULL;
+ }
- rv->etc = (void *)find;
- rv->Final = nss_dbm_mdFindObjects_Final;
- rv->Next = nss_dbm_mdFindObjects_Next;
+ rv->etc = (void *)find;
+ rv->Final = nss_dbm_mdFindObjects_Final;
+ rv->Next = nss_dbm_mdFindObjects_Next;
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/dbm/instance.c b/lib/ckfw/dbm/instance.c
index 14f7af827..fbb11722d 100644
--- a/lib/ckfw/dbm/instance.c
+++ b/lib/ckfw/dbm/instance.c
@@ -5,159 +5,143 @@
#include "ckdbm.h"
static CK_RV
-nss_dbm_mdInstance_Initialize
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
-)
+nss_dbm_mdInstance_Initialize(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSUTF8 *configurationData)
{
- CK_RV rv = CKR_OK;
- NSSArena *arena;
- nss_dbm_instance_t *instance;
+ CK_RV rv = CKR_OK;
+ NSSArena *arena;
+ nss_dbm_instance_t *instance;
- arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
- if( ((NSSArena *)NULL == arena) && (CKR_OK != rv) ) {
- return rv;
- }
-
- instance = nss_ZNEW(arena, nss_dbm_instance_t);
- if( (nss_dbm_instance_t *)NULL == instance ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->arena = arena;
-
- /*
- * This should parse the configuration data for information on
- * number and locations of databases, modes (e.g. readonly), etc.
- * But for now, we'll have one slot with a creatable read-write
- * database called "cert8.db."
- */
-
- instance->nSlots = 1;
- instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
- if( (char **)NULL == instance->filenames ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
- if( (int *)NULL == instance->flags ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->filenames[0] = "cert8.db";
- instance->flags[0] = O_RDWR|O_CREAT;
-
- mdInstance->etc = (void *)instance;
- return CKR_OK;
+ arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
+ if (((NSSArena *)NULL == arena) && (CKR_OK != rv)) {
+ return rv;
+ }
+
+ instance = nss_ZNEW(arena, nss_dbm_instance_t);
+ if ((nss_dbm_instance_t *)NULL == instance) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->arena = arena;
+
+ /*
+ * This should parse the configuration data for information on
+ * number and locations of databases, modes (e.g. readonly), etc.
+ * But for now, we'll have one slot with a creatable read-write
+ * database called "cert8.db."
+ */
+
+ instance->nSlots = 1;
+ instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
+ if ((char **)NULL == instance->filenames) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
+ if ((int *)NULL == instance->flags) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->filenames[0] = "cert8.db";
+ instance->flags[0] = O_RDWR | O_CREAT;
+
+ mdInstance->etc = (void *)instance;
+ return CKR_OK;
}
/* nss_dbm_mdInstance_Finalize is not required */
static CK_ULONG
-nss_dbm_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- return instance->nSlots;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ return instance->nSlots;
}
static CK_VERSION
-nss_dbm_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- static CK_VERSION rv = { 2, 1 };
- return rv;
+ static CK_VERSION rv = { 2, 1 };
+ return rv;
}
static NSSUTF8 *
-nss_dbm_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "Mozilla Foundation";
+ return "Mozilla Foundation";
}
static NSSUTF8 *
-nss_dbm_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "Berkeley Database Module";
+ return "Berkeley Database Module";
}
static CK_VERSION
-nss_dbm_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- static CK_VERSION rv = { 1, 0 }; /* My own version number */
- return rv;
+ static CK_VERSION rv = { 1, 0 }; /* My own version number */
+ return rv;
}
static CK_BBOOL
-nss_dbm_mdInstance_ModuleHandlesSessionObjects
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_RV
-nss_dbm_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
+nss_dbm_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_ULONG i;
- CK_RV rv = CKR_OK;
-
- for( i = 0; i < instance->nSlots; i++ ) {
- slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i],
- instance->flags[i], &rv);
- if( (NSSCKMDSlot *)NULL == slots[i] ) {
- return rv;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_ULONG i;
+ CK_RV rv = CKR_OK;
+
+ for (i = 0; i < instance->nSlots; i++) {
+ slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i],
+ instance->flags[i], &rv);
+ if ((NSSCKMDSlot *)NULL == slots[i]) {
+ return rv;
+ }
}
- }
- return rv;
+ return rv;
}
/* nss_dbm_mdInstance_WaitForSlotEvent is not relevant */
-NSS_IMPLEMENT_DATA NSSCKMDInstance
-nss_dbm_mdInstance = {
- NULL, /* etc; filled in later */
- nss_dbm_mdInstance_Initialize,
- NULL, /* nss_dbm_mdInstance_Finalize */
- nss_dbm_mdInstance_GetNSlots,
- nss_dbm_mdInstance_GetCryptokiVersion,
- nss_dbm_mdInstance_GetManufacturerID,
- nss_dbm_mdInstance_GetLibraryDescription,
- nss_dbm_mdInstance_GetLibraryVersion,
- nss_dbm_mdInstance_ModuleHandlesSessionObjects,
- nss_dbm_mdInstance_GetSlots,
- NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
- NULL /* terminator */
-};
+NSS_IMPLEMENT_DATA NSSCKMDInstance
+ nss_dbm_mdInstance = {
+ NULL, /* etc; filled in later */
+ nss_dbm_mdInstance_Initialize,
+ NULL, /* nss_dbm_mdInstance_Finalize */
+ nss_dbm_mdInstance_GetNSlots,
+ nss_dbm_mdInstance_GetCryptokiVersion,
+ nss_dbm_mdInstance_GetManufacturerID,
+ nss_dbm_mdInstance_GetLibraryDescription,
+ nss_dbm_mdInstance_GetLibraryVersion,
+ nss_dbm_mdInstance_ModuleHandlesSessionObjects,
+ nss_dbm_mdInstance_GetSlots,
+ NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
+ NULL /* terminator */
+ };
diff --git a/lib/ckfw/dbm/object.c b/lib/ckfw/dbm/object.c
index 0649d40c0..4f6e4d409 100644
--- a/lib/ckfw/dbm/object.c
+++ b/lib/ckfw/dbm/object.c
@@ -5,167 +5,151 @@
#include "ckdbm.h"
static void
-nss_dbm_mdObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- ;
+ ;
}
static CK_RV
-nss_dbm_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- return nss_dbm_db_delete_object(object->handle);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ return nss_dbm_db_delete_object(object->handle);
}
static CK_ULONG
-nss_dbm_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_count(object->handle, pError,
- &session->deviceError);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_count(object->handle, pError,
+ &session->deviceError);
}
static CK_RV
-nss_dbm_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+nss_dbm_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
- ulCount, &session->deviceError);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
+ ulCount, &session->deviceError);
}
static CK_ULONG
-nss_dbm_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+nss_dbm_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError,
- &session->deviceError);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError,
+ &session->deviceError);
}
static NSSItem *
-nss_dbm_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+nss_dbm_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
- pError, &session->deviceError);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
+ pError, &session->deviceError);
}
static CK_RV
-nss_dbm_mdObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
+nss_dbm_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
- &session->deviceError);
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
+ &session->deviceError);
}
NSS_IMPLEMENT NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-)
+nss_dbm_mdObject_factory(
+ nss_dbm_object_t *object,
+ CK_RV *pError)
{
- NSSCKMDObject *rv;
+ NSSCKMDObject *rv;
- rv = nss_ZNEW(object->arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
+ rv = nss_ZNEW(object->arena, NSSCKMDObject);
+ if ((NSSCKMDObject *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
- rv->etc = (void *)object;
- rv->Finalize = nss_dbm_mdObject_Finalize;
- rv->Destroy = nss_dbm_mdObject_Destroy;
- /* IsTokenObject can be deferred */
- rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
- rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
- rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
- rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
- rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
- /* GetObjectSize can be deferred */
+ rv->etc = (void *)object;
+ rv->Finalize = nss_dbm_mdObject_Finalize;
+ rv->Destroy = nss_dbm_mdObject_Destroy;
+ /* IsTokenObject can be deferred */
+ rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
+ rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
+ rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
+ rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
+ rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
+ /* GetObjectSize can be deferred */
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/dbm/session.c b/lib/ckfw/dbm/session.c
index 6101c06a7..a1c2ee5fa 100644
--- a/lib/ckfw/dbm/session.c
+++ b/lib/ckfw/dbm/session.c
@@ -5,50 +5,46 @@
#include "ckdbm.h"
static void
-nss_dbm_mdSession_Close
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSession_Close(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- struct nss_dbm_dbt_node *w;
+ struct nss_dbm_dbt_node *w;
- /* Lock */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(session->list_lock) ) {
- return;
- }
+ /* Lock */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(session->list_lock)) {
+ return;
+ }
- w = session->session_objects;
- session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
-
- (void)NSSCKFWMutex_Unlock(session->list_lock);
- }
+ w = session->session_objects;
+ session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
+
+ (void)NSSCKFWMutex_Unlock(session->list_lock);
+ }
- for( ; (struct nss_dbm_dbt_node *)NULL != w; w = w->next ) {
- (void)nss_dbm_db_delete_object(w->dbt);
- }
+ for (; (struct nss_dbm_dbt_node *)NULL != w; w = w->next) {
+ (void)nss_dbm_db_delete_object(w->dbt);
+ }
}
static CK_ULONG
-nss_dbm_mdSession_GetDeviceError
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSession_GetDeviceError(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return session->deviceError;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return session->deviceError;
}
/* Login isn't needed */
@@ -60,206 +56,200 @@ nss_dbm_mdSession_GetDeviceError
/* SetOperationState is irrelevant */
static NSSCKMDObject *
-nss_dbm_mdSession_CreateObject
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_dbm_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_ULONG i;
- CK_BBOOL isToken = CK_FALSE; /* defaults to false */
- NSSCKMDObject *rv;
- struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
- nss_dbm_object_t *object;
- nss_dbm_db_t *which_db;
-
- /* This framework should really pass this to me */
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- isToken = *(CK_BBOOL *)pTemplate[i].pValue;
- break;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ CK_ULONG i;
+ CK_BBOOL isToken = CK_FALSE; /* defaults to false */
+ NSSCKMDObject *rv;
+ struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
+ nss_dbm_object_t *object;
+ nss_dbm_db_t *which_db;
+
+ /* This framework should really pass this to me */
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ isToken = *(CK_BBOOL *)pTemplate[i].pValue;
+ break;
+ }
}
- }
-
- object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = handyArenaPointer;
- which_db = isToken ? token->slot->token_db : token->session_db;
-
- /* Do this before the actual database call; it's easier to recover from */
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- if( CK_FALSE == isToken ) {
- node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
+
+ object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
+ if ((nss_dbm_object_t *)NULL == object) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
}
- }
- object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db,
- pTemplate, ulAttributeCount,
- pError, &session->deviceError);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- return (NSSCKMDObject *)NULL;
- }
+ object->arena = handyArenaPointer;
+ which_db = isToken ? token->slot->token_db : token->session_db;
- if( CK_FALSE == isToken ) {
- node->dbt = object->handle;
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(session->list_lock);
- if( CKR_OK != *pError ) {
- (void)nss_dbm_db_delete_object(object->handle);
+ /* Do this before the actual database call; it's easier to recover from */
+ rv = nss_dbm_mdObject_factory(object, pError);
+ if ((NSSCKMDObject *)NULL == rv) {
return (NSSCKMDObject *)NULL;
- }
-
- node->next = session->session_objects;
- session->session_objects = node;
-
- *pError = NSSCKFWMutex_Unlock(session->list_lock);
}
- }
- return rv;
+ if (CK_FALSE == isToken) {
+ node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+ }
+
+ object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db,
+ pTemplate, ulAttributeCount,
+ pError, &session->deviceError);
+ if ((nss_dbm_dbt_t *)NULL == object->handle) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ if (CK_FALSE == isToken) {
+ node->dbt = object->handle;
+ /* Lock */
+ {
+ *pError = NSSCKFWMutex_Lock(session->list_lock);
+ if (CKR_OK != *pError) {
+ (void)nss_dbm_db_delete_object(object->handle);
+ return (NSSCKMDObject *)NULL;
+ }
+
+ node->next = session->session_objects;
+ session->session_objects = node;
+
+ *pError = NSSCKFWMutex_Unlock(session->list_lock);
+ }
+ }
+
+ return rv;
}
/* CopyObject isn't needed; the framework will use CreateObject */
static NSSCKMDFindObjects *
-nss_dbm_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_dbm_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- NSSArena *arena;
- nss_dbm_find_t *find;
- NSSCKMDFindObjects *rv;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find = nss_ZNEW(arena, nss_dbm_find_t);
- if( (nss_dbm_find_t *)NULL == find ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find->arena = arena;
- find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == find->list_lock ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- rv = nss_dbm_mdFindObjects_factory(find, pError);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- if( (NSSArena *)NULL != arena ) {
- (void)NSSArena_Destroy(arena);
- }
-
- return (NSSCKMDFindObjects *)NULL;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ NSSArena *arena;
+ nss_dbm_find_t *find;
+ NSSCKMDFindObjects *rv;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ find = nss_ZNEW(arena, nss_dbm_find_t);
+ if ((nss_dbm_find_t *)NULL == find) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ find->arena = arena;
+ find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == find->list_lock) {
+ goto loser;
+ }
+
+ *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate,
+ ulAttributeCount, &session->deviceError);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate,
+ ulAttributeCount, &session->deviceError);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ rv = nss_dbm_mdFindObjects_factory(find, pError);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ goto loser;
+ }
+
+ return rv;
+
+loser:
+ if ((NSSArena *)NULL != arena) {
+ (void)NSSArena_Destroy(arena);
+ }
+
+ return (NSSCKMDFindObjects *)NULL;
}
/* SeedRandom is irrelevant */
/* GetRandom is irrelevant */
NSS_IMPLEMENT NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-)
+nss_dbm_mdSession_factory(
+ nss_dbm_token_t *token,
+ NSSCKFWSession *fwSession,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL rw,
+ CK_RV *pError)
{
- NSSArena *arena;
- nss_dbm_session_t *session;
- NSSCKMDSession *rv;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
-
- session = nss_ZNEW(arena, nss_dbm_session_t);
- if( (nss_dbm_session_t *)NULL == session ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- session->arena = arena;
- session->token = token;
- session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == session->list_lock ) {
- return (NSSCKMDSession *)NULL;
- }
-
- rv->etc = (void *)session;
- rv->Close = nss_dbm_mdSession_Close;
- rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
- /* Login isn't needed */
- /* Logout isn't needed */
- /* InitPIN is irrelevant */
- /* SetPIN is irrelevant */
- /* GetOperationStateLen is irrelevant */
- /* GetOperationState is irrelevant */
- /* SetOperationState is irrelevant */
- rv->CreateObject = nss_dbm_mdSession_CreateObject;
- /* CopyObject isn't needed; the framework will use CreateObject */
- rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
- rv->null = NULL;
-
- return rv;
+ NSSArena *arena;
+ nss_dbm_session_t *session;
+ NSSCKMDSession *rv;
+
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+
+ session = nss_ZNEW(arena, nss_dbm_session_t);
+ if ((nss_dbm_session_t *)NULL == session) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ session->arena = arena;
+ session->token = token;
+ session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == session->list_lock) {
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv->etc = (void *)session;
+ rv->Close = nss_dbm_mdSession_Close;
+ rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
+ /* Login isn't needed */
+ /* Logout isn't needed */
+ /* InitPIN is irrelevant */
+ /* SetPIN is irrelevant */
+ /* GetOperationStateLen is irrelevant */
+ /* GetOperationState is irrelevant */
+ /* SetOperationState is irrelevant */
+ rv->CreateObject = nss_dbm_mdSession_CreateObject;
+ /* CopyObject isn't needed; the framework will use CreateObject */
+ rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
+ rv->null = NULL;
+
+ return rv;
}
diff --git a/lib/ckfw/dbm/slot.c b/lib/ckfw/dbm/slot.c
index 0b7e645df..827b4ca8a 100644
--- a/lib/ckfw/dbm/slot.c
+++ b/lib/ckfw/dbm/slot.c
@@ -5,113 +5,102 @@
#include "ckdbm.h"
static CK_RV
-nss_dbm_mdSlot_Initialize
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSlot_Initialize(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv = CKR_OK;
-
- slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename,
- slot->flags, &rv);
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- if( CKR_TOKEN_NOT_PRESENT == rv ) {
- /* This is not an error-- just means "the token isn't there" */
- rv = CKR_OK;
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_RV rv = CKR_OK;
+
+ slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename,
+ slot->flags, &rv);
+ if ((nss_dbm_db_t *)NULL == slot->token_db) {
+ if (CKR_TOKEN_NOT_PRESENT == rv) {
+ /* This is not an error-- just means "the token isn't there" */
+ rv = CKR_OK;
+ }
}
- }
- return rv;
+ return rv;
}
static void
-nss_dbm_mdSlot_Destroy
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSlot_Destroy(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- if( (nss_dbm_db_t *)NULL != slot->token_db ) {
- nss_dbm_db_close(slot->token_db);
- slot->token_db = (nss_dbm_db_t *)NULL;
- }
+ if ((nss_dbm_db_t *)NULL != slot->token_db) {
+ nss_dbm_db_close(slot->token_db);
+ slot->token_db = (nss_dbm_db_t *)NULL;
+ }
}
static NSSUTF8 *
-nss_dbm_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "Database";
+ return "Database";
}
static NSSUTF8 *
-nss_dbm_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "Berkeley";
+ return "Berkeley";
}
static CK_BBOOL
-nss_dbm_mdSlot_GetTokenPresent
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSlot_GetTokenPresent(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
+ if ((nss_dbm_db_t *)NULL == slot->token_db) {
+ return CK_FALSE;
+ }
+ else {
+ return CK_TRUE;
+ }
}
static CK_BBOOL
-nss_dbm_mdSlot_GetRemovableDevice
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdSlot_GetRemovableDevice(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- /*
- * Well, this supports "tokens" (databases) that aren't there, so in
- * that sense they're removable. It'd be nice to handle databases
- * that suddenly disappear (NFS-mounted home directories and network
- * errors, for instance) but that's a harder problem. We'll say
- * we support removable devices, badly.
- */
-
- return CK_TRUE;
+ /*
+ * Well, this supports "tokens" (databases) that aren't there, so in
+ * that sense they're removable. It'd be nice to handle databases
+ * that suddenly disappear (NFS-mounted home directories and network
+ * errors, for instance) but that's a harder problem. We'll say
+ * we support removable devices, badly.
+ */
+
+ return CK_TRUE;
}
/* nss_dbm_mdSlot_GetHardwareSlot defaults to CK_FALSE */
-/*
+/*
* nss_dbm_mdSlot_GetHardwareVersion
* nss_dbm_mdSlot_GetFirmwareVersion
*
@@ -122,60 +111,56 @@ nss_dbm_mdSlot_GetRemovableDevice
*/
static NSSCKMDToken *
-nss_dbm_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- return nss_dbm_mdToken_factory(slot, pError);
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ return nss_dbm_mdToken_factory(slot, pError);
}
NSS_IMPLEMENT NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-)
+nss_dbm_mdSlot_factory(
+ nss_dbm_instance_t *instance,
+ char *filename,
+ int flags,
+ CK_RV *pError)
{
- nss_dbm_slot_t *slot;
- NSSCKMDSlot *rv;
-
- slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
- if( (nss_dbm_slot_t *)NULL == slot ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- slot->instance = instance;
- slot->filename = filename;
- slot->flags = flags;
- slot->token_db = (nss_dbm_db_t *)NULL;
-
- rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
- if( (NSSCKMDSlot *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- rv->etc = (void *)slot;
- rv->Initialize = nss_dbm_mdSlot_Initialize;
- rv->Destroy = nss_dbm_mdSlot_Destroy;
- rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
- rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
- rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
- rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
- /* GetHardwareSlot */
- /* GetHardwareVersion */
- /* GetFirmwareVersion */
- rv->GetToken = nss_dbm_mdSlot_GetToken;
- rv->null = (void *)NULL;
-
- return rv;
+ nss_dbm_slot_t *slot;
+ NSSCKMDSlot *rv;
+
+ slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
+ if ((nss_dbm_slot_t *)NULL == slot) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSlot *)NULL;
+ }
+
+ slot->instance = instance;
+ slot->filename = filename;
+ slot->flags = flags;
+ slot->token_db = (nss_dbm_db_t *)NULL;
+
+ rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
+ if ((NSSCKMDSlot *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSlot *)NULL;
+ }
+
+ rv->etc = (void *)slot;
+ rv->Initialize = nss_dbm_mdSlot_Initialize;
+ rv->Destroy = nss_dbm_mdSlot_Destroy;
+ rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
+ rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
+ rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
+ rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
+ /* GetHardwareSlot */
+ /* GetHardwareVersion */
+ /* GetFirmwareVersion */
+ rv->GetToken = nss_dbm_mdSlot_GetToken;
+ rv->null = (void *)NULL;
+
+ return rv;
}
diff --git a/lib/ckfw/dbm/token.c b/lib/ckfw/dbm/token.c
index e033e1504..4648b8bef 100644
--- a/lib/ckfw/dbm/token.c
+++ b/lib/ckfw/dbm/token.c
@@ -5,168 +5,155 @@
#include "ckdbm.h"
static CK_RV
-nss_dbm_mdToken_Setup
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdToken_Setup(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_RV rv = CKR_OK;
-
- token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ CK_RV rv = CKR_OK;
+
+ token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
+ token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
+ O_RDWR | O_CREAT, &rv);
+ if ((nss_dbm_db_t *)NULL == token->session_db) {
+ return rv;
+ }
- /* Add a label record if there isn't one? */
+ /* Add a label record if there isn't one? */
- return CKR_OK;
+ return CKR_OK;
}
static void
-nss_dbm_mdToken_Invalidate
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdToken_Invalidate(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- token->session_db = (nss_dbm_db_t *)NULL;
- }
+ if ((nss_dbm_db_t *)NULL != token->session_db) {
+ nss_dbm_db_close(token->session_db);
+ token->session_db = (nss_dbm_db_t *)NULL;
+ }
}
static CK_RV
-nss_dbm_mdToken_InitToken
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
-)
+nss_dbm_mdToken_InitToken(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin,
+ NSSUTF8 *label)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv;
-
- /* Wipe the session object data */
-
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- }
-
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_RV rv;
- /* Wipe the token object data */
+ /* Wipe the session object data */
- if( token->slot->flags & O_RDWR ) {
- if( (nss_dbm_db_t *)NULL != token->slot->token_db ) {
- nss_dbm_db_close(token->slot->token_db);
+ if ((nss_dbm_db_t *)NULL != token->session_db) {
+ nss_dbm_db_close(token->session_db);
}
- token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance,
- token->slot->filename,
- token->slot->flags | O_CREAT | O_TRUNC,
- &rv);
- if( (nss_dbm_db_t *)NULL == token->slot->token_db ) {
- return rv;
+ token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
+ O_RDWR | O_CREAT, &rv);
+ if ((nss_dbm_db_t *)NULL == token->session_db) {
+ return rv;
}
- /* PIN is irrelevant */
+ /* Wipe the token object data */
- rv = nss_dbm_db_set_label(token->slot->token_db, label);
- if( CKR_OK != rv ) {
- return rv;
+ if (token->slot->flags & O_RDWR) {
+ if ((nss_dbm_db_t *)NULL != token->slot->token_db) {
+ nss_dbm_db_close(token->slot->token_db);
+ }
+
+ token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance,
+ token->slot->filename,
+ token->slot->flags | O_CREAT | O_TRUNC,
+ &rv);
+ if ((nss_dbm_db_t *)NULL == token->slot->token_db) {
+ return rv;
+ }
+
+ /* PIN is irrelevant */
+
+ rv = nss_dbm_db_set_label(token->slot->token_db, label);
+ if (CKR_OK != rv) {
+ return rv;
+ }
}
- }
- return CKR_OK;
+ return CKR_OK;
}
static NSSUTF8 *
-nss_dbm_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- if( (NSSUTF8 *)NULL == token->label ) {
- token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
- }
+ if ((NSSUTF8 *)NULL == token->label) {
+ token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
+ }
- /* If no label has been set, return *something* */
- if( (NSSUTF8 *)NULL == token->label ) {
- return token->slot->filename;
- }
+ /* If no label has been set, return *something* */
+ if ((NSSUTF8 *)NULL == token->label) {
+ return token->slot->filename;
+ }
- return token->label;
+ return token->label;
}
static NSSUTF8 *
-nss_dbm_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "mozilla.org NSS";
+ return "mozilla.org NSS";
}
static NSSUTF8 *
-nss_dbm_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_dbm_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return "dbm";
+ return "dbm";
}
/* GetSerialNumber is irrelevant */
/* GetHasRNG defaults to CK_FALSE */
static CK_BBOOL
-nss_dbm_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- if( token->slot->flags & O_RDWR ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
+ if (token->slot->flags & O_RDWR) {
+ return CK_FALSE;
+ }
+ else {
+ return CK_TRUE;
+ }
}
/* GetLoginRequired defaults to CK_FALSE */
@@ -177,47 +164,41 @@ nss_dbm_mdToken_GetIsWriteProtected
/* GetSupportsDualCryptoOperations is irrelevant */
static CK_ULONG
-nss_dbm_mdToken_effectively_infinite
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdToken_effectively_infinite(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_EFFECTIVELY_INFINITE;
+ return CK_EFFECTIVELY_INFINITE;
}
static CK_VERSION
-nss_dbm_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_dbm_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_db_get_format_version(token->slot->token_db);
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ return nss_dbm_db_get_format_version(token->slot->token_db);
}
/* GetFirmwareVersion is irrelevant */
/* GetUTCTime is irrelevant */
static NSSCKMDSession *
-nss_dbm_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
+nss_dbm_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
}
/* GetMechanismCount defaults to zero */
@@ -225,58 +206,56 @@ nss_dbm_mdToken_OpenSession
/* GetMechanism is irrelevant */
NSS_IMPLEMENT NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-)
+nss_dbm_mdToken_factory(
+ nss_dbm_slot_t *slot,
+ CK_RV *pError)
{
- nss_dbm_token_t *token;
- NSSCKMDToken *rv;
-
- token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
- if( (nss_dbm_token_t *)NULL == token ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
- if( (NSSCKMDToken *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- token->slot = slot;
-
- rv->etc = (void *)token;
- rv->Setup = nss_dbm_mdToken_Setup;
- rv->Invalidate = nss_dbm_mdToken_Invalidate;
- rv->InitToken = nss_dbm_mdToken_InitToken;
- rv->GetLabel = nss_dbm_mdToken_GetLabel;
- rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
- rv->GetModel = nss_dbm_mdToken_GetModel;
- /* GetSerialNumber is irrelevant */
- /* GetHasRNG defaults to CK_FALSE */
- rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
- /* GetLoginRequired defaults to CK_FALSE */
- /* GetUserPinInitialized defaults to CK_FALSE */
- /* GetRestoreKeyNotNeeded is irrelevant */
- /* GetHasClockOnToken defaults to CK_FALSE */
- /* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
- /* GetSupportsDualCryptoOperations is irrelevant */
- rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
- rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
- /* GetMaxPinLen is irrelevant */
- /* GetMinPinLen is irrelevant */
- /* GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
- /* GetFirmwareVersion is irrelevant */
- /* GetUTCTime is irrelevant */
- rv->OpenSession = nss_dbm_mdToken_OpenSession;
- rv->null = NULL;
-
- return rv;
+ nss_dbm_token_t *token;
+ NSSCKMDToken *rv;
+
+ token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
+ if ((nss_dbm_token_t *)NULL == token) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDToken *)NULL;
+ }
+
+ rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
+ if ((NSSCKMDToken *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDToken *)NULL;
+ }
+
+ token->slot = slot;
+
+ rv->etc = (void *)token;
+ rv->Setup = nss_dbm_mdToken_Setup;
+ rv->Invalidate = nss_dbm_mdToken_Invalidate;
+ rv->InitToken = nss_dbm_mdToken_InitToken;
+ rv->GetLabel = nss_dbm_mdToken_GetLabel;
+ rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
+ rv->GetModel = nss_dbm_mdToken_GetModel;
+ /* GetSerialNumber is irrelevant */
+ /* GetHasRNG defaults to CK_FALSE */
+ rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
+ /* GetLoginRequired defaults to CK_FALSE */
+ /* GetUserPinInitialized defaults to CK_FALSE */
+ /* GetRestoreKeyNotNeeded is irrelevant */
+ /* GetHasClockOnToken defaults to CK_FALSE */
+ /* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
+ /* GetSupportsDualCryptoOperations is irrelevant */
+ rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
+ rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
+ /* GetMaxPinLen is irrelevant */
+ /* GetMinPinLen is irrelevant */
+ /* GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
+ /* GetFirmwareVersion is irrelevant */
+ /* GetUTCTime is irrelevant */
+ rv->OpenSession = nss_dbm_mdToken_OpenSession;
+ rv->null = NULL;
+
+ return rv;
}
diff --git a/lib/ckfw/find.c b/lib/ckfw/find.c
index 8a8a5415d..798a20b2f 100644
--- a/lib/ckfw/find.c
+++ b/lib/ckfw/find.c
@@ -21,7 +21,7 @@
*
* -- public accessors --
* NSSCKFWFindObjects_GetMDFindObjects
- *
+ *
* -- implement public accessors --
* nssCKFWFindObjects_GetMDFindObjects
*
@@ -32,17 +32,17 @@
*/
struct NSSCKFWFindObjectsStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSCKMDFindObjects *mdfo1;
- NSSCKMDFindObjects *mdfo2;
- NSSCKFWSession *fwSession;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- NSSCKMDFindObjects *mdFindObjects; /* varies */
+ NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
+ NSSCKMDFindObjects *mdfo1;
+ NSSCKMDFindObjects *mdfo2;
+ NSSCKFWSession *fwSession;
+ NSSCKMDSession *mdSession;
+ NSSCKFWToken *fwToken;
+ NSSCKMDToken *mdToken;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+
+ NSSCKMDFindObjects *mdFindObjects; /* varies */
};
#ifdef DEBUG
@@ -58,30 +58,24 @@ struct NSSCKFWFindObjectsStr {
*/
static CK_RV
-findObjects_add_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
+findObjects_add_pointer(
+ const NSSCKFWFindObjects *fwFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-findObjects_remove_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
+findObjects_remove_pointer(
+ const NSSCKFWFindObjects *fwFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWFindObjects_verifyPointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
+nssCKFWFindObjects_verifyPointer(
+ const NSSCKFWFindObjects *fwFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -91,128 +85,123 @@ nssCKFWFindObjects_verifyPointer
*
*/
NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-)
+nssCKFWFindObjects_Create(
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDFindObjects *mdFindObjects1,
+ NSSCKMDFindObjects *mdFindObjects2,
+ CK_RV *pError)
{
- NSSCKFWFindObjects *fwFindObjects = NULL;
- NSSCKMDSession *mdSession;
- NSSCKMDToken *mdToken;
- NSSCKMDInstance *mdInstance;
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdToken = nssCKFWToken_GetMDToken(fwToken);
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-
- fwFindObjects = nss_ZNEW(NULL, NSSCKFWFindObjects);
- if (!fwFindObjects) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwFindObjects->mdfo1 = mdFindObjects1;
- fwFindObjects->mdfo2 = mdFindObjects2;
- fwFindObjects->fwSession = fwSession;
- fwFindObjects->mdSession = mdSession;
- fwFindObjects->fwToken = fwToken;
- fwFindObjects->mdToken = mdToken;
- fwFindObjects->fwInstance = fwInstance;
- fwFindObjects->mdInstance = mdInstance;
-
- fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, NULL, pError);
- if (!fwFindObjects->mutex) {
- goto loser;
- }
+ NSSCKFWFindObjects *fwFindObjects = NULL;
+ NSSCKMDSession *mdSession;
+ NSSCKMDToken *mdToken;
+ NSSCKMDInstance *mdInstance;
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdToken = nssCKFWToken_GetMDToken(fwToken);
+ mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+
+ fwFindObjects = nss_ZNEW(NULL, NSSCKFWFindObjects);
+ if (!fwFindObjects) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fwFindObjects->mdfo1 = mdFindObjects1;
+ fwFindObjects->mdfo2 = mdFindObjects2;
+ fwFindObjects->fwSession = fwSession;
+ fwFindObjects->mdSession = mdSession;
+ fwFindObjects->fwToken = fwToken;
+ fwFindObjects->mdToken = mdToken;
+ fwFindObjects->fwInstance = fwInstance;
+ fwFindObjects->mdInstance = mdInstance;
+
+ fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, NULL, pError);
+ if (!fwFindObjects->mutex) {
+ goto loser;
+ }
#ifdef DEBUG
- *pError = findObjects_add_pointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- goto loser;
- }
+ *pError = findObjects_add_pointer(fwFindObjects);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
#endif /* DEBUG */
- return fwFindObjects;
+ return fwFindObjects;
- loser:
- if( fwFindObjects ) {
- if( NULL != mdFindObjects1 ) {
- if( NULL != mdFindObjects1->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects1;
- mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
+loser:
+ if (fwFindObjects) {
+ if (NULL != mdFindObjects1) {
+ if (NULL != mdFindObjects1->Final) {
+ fwFindObjects->mdFindObjects = mdFindObjects1;
+ mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession,
+ fwSession, mdToken, fwToken, mdInstance, fwInstance);
+ }
+ }
- if( NULL != mdFindObjects2 ) {
- if( NULL != mdFindObjects2->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects2;
- mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
+ if (NULL != mdFindObjects2) {
+ if (NULL != mdFindObjects2->Final) {
+ fwFindObjects->mdFindObjects = mdFindObjects2;
+ mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession,
+ fwSession, mdToken, fwToken, mdInstance, fwInstance);
+ }
+ }
- nss_ZFreeIf(fwFindObjects);
- }
+ nss_ZFreeIf(fwFindObjects);
+ }
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
- return (NSSCKFWFindObjects *)NULL;
+ return (NSSCKFWFindObjects *)NULL;
}
-
/*
* nssCKFWFindObjects_Destroy
*
*/
NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-)
+nssCKFWFindObjects_Destroy(
+ NSSCKFWFindObjects *fwFindObjects)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return;
- }
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return;
+ }
#endif /* NSSDEBUG */
- (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
+ (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
- if (fwFindObjects->mdfo1) {
- if (fwFindObjects->mdfo1->Final) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ if (fwFindObjects->mdfo1) {
+ if (fwFindObjects->mdfo1->Final) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
+ fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ }
}
- }
-
- if (fwFindObjects->mdfo2) {
- if (fwFindObjects->mdfo2->Final) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+
+ if (fwFindObjects->mdfo2) {
+ if (fwFindObjects->mdfo2->Final) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
+ fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ }
}
- }
- nss_ZFreeIf(fwFindObjects);
+ nss_ZFreeIf(fwFindObjects);
#ifdef DEBUG
- (void)findObjects_remove_pointer(fwFindObjects);
+ (void)findObjects_remove_pointer(fwFindObjects);
#endif /* DEBUG */
- return;
+ return;
}
/*
@@ -220,18 +209,16 @@ nssCKFWFindObjects_Destroy
*
*/
NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
+nssCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwFindObjects->mdFindObjects;
+ return fwFindObjects->mdFindObjects;
}
/*
@@ -239,89 +226,89 @@ nssCKFWFindObjects_GetMDFindObjects
*
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
+nssCKFWFindObjects_Next(
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
{
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
- NSSArena *objArena;
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
+ NSSArena *objArena;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if (fwFindObjects->mdfo1) {
- if (fwFindObjects->mdfo1->Next) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if (!mdObject) {
- if( CKR_OK != *pError ) {
- goto done;
- }
+ *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
- /* All done. */
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
+ *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
}
- }
-
- if (fwFindObjects->mdfo2) {
- if (fwFindObjects->mdfo2->Next) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if (!mdObject) {
- if( CKR_OK != *pError ) {
- goto done;
+
+ if (fwFindObjects->mdfo1) {
+ if (fwFindObjects->mdfo1->Next) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
+ mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
+ fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance,
+ arenaOpt, pError);
+ if (!mdObject) {
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ /* All done. */
+ fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
+ }
+ else {
+ goto wrap;
+ }
}
+ }
- /* All done. */
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
+ if (fwFindObjects->mdfo2) {
+ if (fwFindObjects->mdfo2->Next) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
+ mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
+ fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance,
+ arenaOpt, pError);
+ if (!mdObject) {
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ /* All done. */
+ fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
+ }
+ else {
+ goto wrap;
+ }
+ }
}
- }
-
- /* No more objects */
- *pError = CKR_OK;
- goto done;
-
- wrap:
- /*
+
+ /* No more objects */
+ *pError = CKR_OK;
+ goto done;
+
+wrap:
+ /*
* This seems is less than ideal-- we should determine if it's a token
* object or a session object, and use the appropriate arena.
* But that duplicates logic in nssCKFWObject_IsTokenObject.
@@ -336,26 +323,26 @@ nssCKFWFindObjects_Next
* exist in the cache from their initial creation). So this code is correct,
* but it depends on nssCKFWObject_Create caching all objects.
*/
- objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
- if (!objArena) {
- if( CKR_OK == *pError ) {
- *pError = CKR_HOST_MEMORY;
+ objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
+ if (!objArena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ goto done;
}
- goto done;
- }
-
- fwObject = nssCKFWObject_Create(objArena, mdObject,
- NULL, fwFindObjects->fwToken,
- fwFindObjects->fwInstance, pError);
- if (!fwObject) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+
+ fwObject = nssCKFWObject_Create(objArena, mdObject,
+ NULL, fwFindObjects->fwToken,
+ fwFindObjects->fwInstance, pError);
+ if (!fwObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
}
- }
- done:
- (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
- return fwObject;
+done:
+ (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
+ return fwObject;
}
/*
@@ -364,16 +351,14 @@ nssCKFWFindObjects_Next
*/
NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
+NSSCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
+ return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
}
diff --git a/lib/ckfw/hash.c b/lib/ckfw/hash.c
index 7d21084bd..eb0d4066b 100644
--- a/lib/ckfw/hash.c
+++ b/lib/ckfw/hash.c
@@ -31,24 +31,22 @@
*/
struct nssCKFWHashStr {
- NSSCKFWMutex *mutex;
+ NSSCKFWMutex *mutex;
- /*
- * The invariant that mutex protects is:
- * The count accurately reflects the hashtable state.
- */
+ /*
+ * The invariant that mutex protects is:
+ * The count accurately reflects the hashtable state.
+ */
- PLHashTable *plHashTable;
- CK_ULONG count;
+ PLHashTable *plHashTable;
+ CK_ULONG count;
};
static PLHashNumber
-nss_ckfw_identity_hash
-(
- const void *key
-)
+nss_ckfw_identity_hash(
+ const void *key)
{
- return (PLHashNumber)((char *)key - (char *)NULL);
+ return (PLHashNumber)((char *)key - (char *)NULL);
}
/*
@@ -56,53 +54,51 @@ nss_ckfw_identity_hash
*
*/
NSS_IMPLEMENT nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+nssCKFWHash_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- nssCKFWHash *rv;
+ nssCKFWHash *rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (nssCKFWHash *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (nssCKFWHash *)NULL;
- }
+ if (!pError) {
+ return (nssCKFWHash *)NULL;
+ }
+
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (nssCKFWHash *)NULL;
+ }
#endif /* NSSDEBUG */
- rv = nss_ZNEW(arena, nssCKFWHash);
- if (!rv) {
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
+ rv = nss_ZNEW(arena, nssCKFWHash);
+ if (!rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nssCKFWHash *)NULL;
+ }
- rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if (!rv->mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!rv->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ (void)nss_ZFreeIf(rv);
+ return (nssCKFWHash *)NULL;
}
- (void)nss_ZFreeIf(rv);
- return (nssCKFWHash *)NULL;
- }
-
- rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash,
- PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
- if (!rv->plHashTable) {
- (void)nssCKFWMutex_Destroy(rv->mutex);
- (void)nss_ZFreeIf(rv);
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
-
- rv->count = 0;
-
- return rv;
+
+ rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash,
+ PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
+ if (!rv->plHashTable) {
+ (void)nssCKFWMutex_Destroy(rv->mutex);
+ (void)nss_ZFreeIf(rv);
+ *pError = CKR_HOST_MEMORY;
+ return (nssCKFWHash *)NULL;
+ }
+
+ rv->count = 0;
+
+ return rv;
}
/*
@@ -110,14 +106,12 @@ nssCKFWHash_Create
*
*/
NSS_IMPLEMENT void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-)
+nssCKFWHash_Destroy(
+ nssCKFWHash *hash)
{
- (void)nssCKFWMutex_Destroy(hash->mutex);
- PL_HashTableDestroy(hash->plHashTable);
- (void)nss_ZFreeIf(hash);
+ (void)nssCKFWMutex_Destroy(hash->mutex);
+ PL_HashTableDestroy(hash->plHashTable);
+ (void)nss_ZFreeIf(hash);
}
/*
@@ -125,31 +119,30 @@ nssCKFWHash_Destroy
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-)
+nssCKFWHash_Add(
+ nssCKFWHash *hash,
+ const void *key,
+ const void *value)
{
- CK_RV error = CKR_OK;
- PLHashEntry *he;
+ CK_RV error = CKR_OK;
+ PLHashEntry *he;
+
+ error = nssCKFWMutex_Lock(hash->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
+ if (!he) {
+ error = CKR_HOST_MEMORY;
+ }
+ else {
+ hash->count++;
+ }
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
- error = nssCKFWMutex_Lock(hash->mutex);
- if( CKR_OK != error ) {
return error;
- }
-
- he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
- if (!he) {
- error = CKR_HOST_MEMORY;
- } else {
- hash->count++;
- }
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return error;
}
/*
@@ -157,25 +150,23 @@ nssCKFWHash_Add
*
*/
NSS_IMPLEMENT void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-)
+nssCKFWHash_Remove(
+ nssCKFWHash *hash,
+ const void *it)
{
- PRBool found;
+ PRBool found;
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return;
+ }
- found = PL_HashTableRemove(hash->plHashTable, it);
- if( found ) {
- hash->count--;
- }
+ found = PL_HashTableRemove(hash->plHashTable, it);
+ if (found) {
+ hash->count--;
+ }
- (void)nssCKFWMutex_Unlock(hash->mutex);
- return;
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+ return;
}
/*
@@ -183,22 +174,20 @@ nssCKFWHash_Remove
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-)
+nssCKFWHash_Count(
+ nssCKFWHash *hash)
{
- CK_ULONG count;
+ CK_ULONG count;
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return (CK_ULONG)0;
+ }
- count = hash->count;
+ count = hash->count;
- (void)nssCKFWMutex_Unlock(hash->mutex);
+ (void)nssCKFWMutex_Unlock(hash->mutex);
- return count;
+ return count;
}
/*
@@ -206,27 +195,26 @@ nssCKFWHash_Count
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-)
+nssCKFWHash_Exists(
+ nssCKFWHash *hash,
+ const void *it)
{
- void *value;
+ void *value;
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return CK_FALSE;
+ }
- value = PL_HashTableLookup(hash->plHashTable, it);
+ value = PL_HashTableLookup(hash->plHashTable, it);
- (void)nssCKFWMutex_Unlock(hash->mutex);
+ (void)nssCKFWMutex_Unlock(hash->mutex);
- if (!value) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
+ if (!value) {
+ return CK_FALSE;
+ }
+ else {
+ return CK_TRUE;
+ }
}
/*
@@ -234,41 +222,37 @@ nssCKFWHash_Exists
*
*/
NSS_IMPLEMENT void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-)
+nssCKFWHash_Lookup(
+ nssCKFWHash *hash,
+ const void *it)
{
- void *rv;
+ void *rv;
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (void *)NULL;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return (void *)NULL;
+ }
- rv = PL_HashTableLookup(hash->plHashTable, it);
+ rv = PL_HashTableLookup(hash->plHashTable, it);
- (void)nssCKFWMutex_Unlock(hash->mutex);
+ (void)nssCKFWMutex_Unlock(hash->mutex);
- return rv;
+ return rv;
}
struct arg_str {
- nssCKFWHashIterator fcn;
- void *closure;
+ nssCKFWHashIterator fcn;
+ void *closure;
};
static PRIntn
-nss_ckfwhash_enumerator
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
+nss_ckfwhash_enumerator(
+ PLHashEntry *he,
+ PRIntn index,
+ void *arg)
{
- struct arg_str *as = (struct arg_str *)arg;
- as->fcn(he->key, he->value, as->closure);
- return HT_ENUMERATE_NEXT;
+ struct arg_str *as = (struct arg_str *)arg;
+ as->fcn(he->key, he->value, as->closure);
+ return HT_ENUMERATE_NEXT;
}
/*
@@ -277,24 +261,22 @@ nss_ckfwhash_enumerator
* NOTE that the iteration function will be called with the hashtable locked.
*/
NSS_IMPLEMENT void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-)
+nssCKFWHash_Iterate(
+ nssCKFWHash *hash,
+ nssCKFWHashIterator fcn,
+ void *closure)
{
- struct arg_str as;
- as.fcn = fcn;
- as.closure = closure;
+ struct arg_str as;
+ as.fcn = fcn;
+ as.closure = closure;
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return;
+ }
- PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
+ PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
- (void)nssCKFWMutex_Unlock(hash->mutex);
+ (void)nssCKFWMutex_Unlock(hash->mutex);
- return;
+ return;
}
diff --git a/lib/ckfw/instance.c b/lib/ckfw/instance.c
index b8a5b25e1..3ef3fea15 100644
--- a/lib/ckfw/instance.c
+++ b/lib/ckfw/instance.c
@@ -33,7 +33,7 @@
* nssCKFWInstance_MayCreatePthreads
* nssCKFWInstance_CreateMutex
* nssCKFWInstance_GetConfigurationData
- * nssCKFWInstance_GetInitArgs
+ * nssCKFWInstance_GetInitArgs
*
* -- private accessors --
* nssCKFWInstance_CreateSessionHandle
@@ -60,52 +60,52 @@
*/
struct NSSCKFWInstanceStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDInstance *mdInstance;
- CK_C_INITIALIZE_ARGS_PTR pInitArgs;
- CK_C_INITIALIZE_ARGS initArgs;
- CryptokiLockingState LockingState;
- CK_BBOOL mayCreatePthreads;
- NSSUTF8 *configurationData;
- CK_ULONG nSlots;
- NSSCKFWSlot **fwSlotList;
- NSSCKMDSlot **mdSlotList;
- CK_BBOOL moduleHandlesSessionObjects;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session handle hashes and count are consistant
- *
- * 3) The object handle hashes and count are consistant.
- *
- * I could use multiple locks, but let's wait to see if that's
- * really necessary.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDInstance methods with the mutex locked. Those
- * methods may then call the public NSSCKFWInstance routines.
- * Those public routines only access the constant data above, so
- * there's no problem. But be careful if you add to this object;
- * mutexes are in general not reentrant, so don't create deadlock
- * situations.
- */
-
- CK_VERSION cryptokiVersion;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *libraryDescription;
- CK_VERSION libraryVersion;
-
- CK_ULONG lastSessionHandle;
- nssCKFWHash *sessionHandleHash;
-
- CK_ULONG lastObjectHandle;
- nssCKFWHash *objectHandleHash;
+ NSSCKFWMutex *mutex;
+ NSSArena *arena;
+ NSSCKMDInstance *mdInstance;
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs;
+ CK_C_INITIALIZE_ARGS initArgs;
+ CryptokiLockingState LockingState;
+ CK_BBOOL mayCreatePthreads;
+ NSSUTF8 *configurationData;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **fwSlotList;
+ NSSCKMDSlot **mdSlotList;
+ CK_BBOOL moduleHandlesSessionObjects;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The session handle hashes and count are consistant
+ *
+ * 3) The object handle hashes and count are consistant.
+ *
+ * I could use multiple locks, but let's wait to see if that's
+ * really necessary.
+ *
+ * Note that the calls accessing the cached descriptions will
+ * call the NSSCKMDInstance methods with the mutex locked. Those
+ * methods may then call the public NSSCKFWInstance routines.
+ * Those public routines only access the constant data above, so
+ * there's no problem. But be careful if you add to this object;
+ * mutexes are in general not reentrant, so don't create deadlock
+ * situations.
+ */
+
+ CK_VERSION cryptokiVersion;
+ NSSUTF8 *manufacturerID;
+ NSSUTF8 *libraryDescription;
+ CK_VERSION libraryVersion;
+
+ CK_ULONG lastSessionHandle;
+ nssCKFWHash *sessionHandleHash;
+
+ CK_ULONG lastObjectHandle;
+ nssCKFWHash *objectHandleHash;
};
#ifdef DEBUG
@@ -121,30 +121,24 @@ struct NSSCKFWInstanceStr {
*/
static CK_RV
-instance_add_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
+instance_add_pointer(
+ const NSSCKFWInstance *fwInstance)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-instance_remove_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
+instance_remove_pointer(
+ const NSSCKFWInstance *fwInstance)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_verifyPointer(
+ const NSSCKFWInstance *fwInstance)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -154,191 +148,192 @@ nssCKFWInstance_verifyPointer
*
*/
NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- CryptokiLockingState LockingState,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-)
+nssCKFWInstance_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSCKMDInstance *mdInstance,
+ CK_RV *pError)
{
- NSSCKFWInstance *fwInstance;
- NSSArena *arena = (NSSArena *)NULL;
- CK_ULONG i;
- CK_BBOOL called_Initialize = CK_FALSE;
+ NSSCKFWInstance *fwInstance;
+ NSSArena *arena = (NSSArena *)NULL;
+ CK_ULONG i;
+ CK_BBOOL called_Initialize = CK_FALSE;
#ifdef NSSDEBUG
- if( (CK_RV)NULL == pError ) {
- return (NSSCKFWInstance *)NULL;
- }
+ if ((CK_RV)NULL == pError) {
+ return (NSSCKFWInstance *)NULL;
+ }
- if (!mdInstance) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWInstance *)NULL;
- }
+ if (!mdInstance) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWInstance *)NULL;
+ }
#endif /* NSSDEBUG */
- arena = NSSArena_Create();
- if (!arena) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWInstance *)NULL;
- }
-
- fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
- if (!fwInstance) {
- goto nomem;
- }
-
- fwInstance->arena = arena;
- fwInstance->mdInstance = mdInstance;
-
- fwInstance->LockingState = LockingState;
- if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
- fwInstance->initArgs = *pInitArgs;
- fwInstance->pInitArgs = &fwInstance->initArgs;
- if( pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS ) {
- fwInstance->mayCreatePthreads = CK_FALSE;
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
- fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
-
- fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, LockingState, arena,
- pError);
- if (!fwInstance->mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if (mdInstance->Initialize) {
- *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- called_Initialize = CK_TRUE;
- }
-
- if (mdInstance->ModuleHandlesSessionObjects) {
- fwInstance->moduleHandlesSessionObjects =
- mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
- } else {
- fwInstance->moduleHandlesSessionObjects = CK_FALSE;
- }
-
- if (!mdInstance->GetNSlots) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
- if( (CK_ULONG)0 == fwInstance->nSlots ) {
- if( CKR_OK == *pError ) {
- /* Zero is not a legitimate answer */
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
- if( (NSSCKFWSlot **)NULL == fwInstance->fwSlotList ) {
- goto nomem;
- }
-
- fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
- if( (NSSCKMDSlot **)NULL == fwInstance->mdSlotList ) {
- goto nomem;
- }
-
- fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if (!fwInstance->sessionHandleHash) {
- goto loser;
- }
-
- fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if (!fwInstance->objectHandleHash) {
- goto loser;
- }
-
- if (!mdInstance->GetSlots) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWInstance *)NULL;
+ }
- if (!mdSlot) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
+ fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
+ if (!fwInstance) {
+ goto nomem;
}
- fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
- if( CKR_OK != *pError ) {
- CK_ULONG j;
+ fwInstance->arena = arena;
+ fwInstance->mdInstance = mdInstance;
- for( j = 0; j < i; j++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
- }
+ fwInstance->LockingState = LockingState;
+ if ((CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs) {
+ fwInstance->initArgs = *pInitArgs;
+ fwInstance->pInitArgs = &fwInstance->initArgs;
+ if (pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS) {
+ fwInstance->mayCreatePthreads = CK_FALSE;
+ }
+ else {
+ fwInstance->mayCreatePthreads = CK_TRUE;
+ }
+ fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
+ }
+ else {
+ fwInstance->mayCreatePthreads = CK_TRUE;
+ }
- for( j = i; j < fwInstance->nSlots; j++ ) {
- NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
- if (mds->Destroy) {
- mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
+ fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, LockingState, arena,
+ pError);
+ if (!fwInstance->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
}
- }
+ goto loser;
+ }
+
+ if (mdInstance->Initialize) {
+ *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ called_Initialize = CK_TRUE;
+ }
+
+ if (mdInstance->ModuleHandlesSessionObjects) {
+ fwInstance->moduleHandlesSessionObjects =
+ mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
+ }
+ else {
+ fwInstance->moduleHandlesSessionObjects = CK_FALSE;
+ }
+
+ if (!mdInstance->GetNSlots) {
+ /* That routine is required */
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
+ if ((CK_ULONG)0 == fwInstance->nSlots) {
+ if (CKR_OK == *pError) {
+ /* Zero is not a legitimate answer */
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
+ if ((NSSCKFWSlot **)NULL == fwInstance->fwSlotList) {
+ goto nomem;
+ }
- goto loser;
+ fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
+ if ((NSSCKMDSlot **)NULL == fwInstance->mdSlotList) {
+ goto nomem;
+ }
+
+ fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance,
+ fwInstance->arena, pError);
+ if (!fwInstance->sessionHandleHash) {
+ goto loser;
+ }
+
+ fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
+ fwInstance->arena, pError);
+ if (!fwInstance->objectHandleHash) {
+ goto loser;
+ }
+
+ if (!mdInstance->GetSlots) {
+ /* That routine is required */
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
+
+ if (!mdSlot) {
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
+ if (CKR_OK != *pError) {
+ CK_ULONG j;
+
+ for (j = 0; j < i; j++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
+ }
+
+ for (j = i; j < fwInstance->nSlots; j++) {
+ NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
+ if (mds->Destroy) {
+ mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
+ }
+ }
+
+ goto loser;
+ }
}
- }
#ifdef DEBUG
- *pError = instance_add_pointer(fwInstance);
- if( CKR_OK != *pError ) {
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
-
- goto loser;
- }
+ *pError = instance_add_pointer(fwInstance);
+ if (CKR_OK != *pError) {
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
+ }
+
+ goto loser;
+ }
#endif /* DEBUG */
- *pError = CKR_OK;
- return fwInstance;
+ *pError = CKR_OK;
+ return fwInstance;
- nomem:
- *pError = CKR_HOST_MEMORY;
- /*FALLTHROUGH*/
- loser:
+nomem:
+ *pError = CKR_HOST_MEMORY;
+ /*FALLTHROUGH*/
+loser:
- if( CK_TRUE == called_Initialize ) {
- if (mdInstance->Finalize) {
- mdInstance->Finalize(mdInstance, fwInstance);
+ if (CK_TRUE == called_Initialize) {
+ if (mdInstance->Finalize) {
+ mdInstance->Finalize(mdInstance, fwInstance);
+ }
}
- }
- if (fwInstance && fwInstance->mutex) {
- nssCKFWMutex_Destroy(fwInstance->mutex);
- }
+ if (fwInstance && fwInstance->mutex) {
+ nssCKFWMutex_Destroy(fwInstance->mutex);
+ }
- if (arena) {
- (void)NSSArena_Destroy(arena);
- }
- return (NSSCKFWInstance *)NULL;
+ if (arena) {
+ (void)NSSArena_Destroy(arena);
+ }
+ return (NSSCKFWInstance *)NULL;
}
/*
@@ -346,47 +341,45 @@ nssCKFWInstance_Create
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_Destroy(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
- CK_ULONG i;
+ CK_ULONG i;
#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- nssCKFWMutex_Destroy(fwInstance->mutex);
+ nssCKFWMutex_Destroy(fwInstance->mutex);
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
+ }
- if (fwInstance->mdInstance->Finalize) {
- fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
- }
+ if (fwInstance->mdInstance->Finalize) {
+ fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
+ }
- if (fwInstance->sessionHandleHash) {
- nssCKFWHash_Destroy(fwInstance->sessionHandleHash);
- }
+ if (fwInstance->sessionHandleHash) {
+ nssCKFWHash_Destroy(fwInstance->sessionHandleHash);
+ }
- if (fwInstance->objectHandleHash) {
- nssCKFWHash_Destroy(fwInstance->objectHandleHash);
- }
+ if (fwInstance->objectHandleHash) {
+ nssCKFWHash_Destroy(fwInstance->objectHandleHash);
+ }
#ifdef DEBUG
- (void)instance_remove_pointer(fwInstance);
+ (void)instance_remove_pointer(fwInstance);
#endif /* DEBUG */
- (void)NSSArena_Destroy(fwInstance->arena);
- return CKR_OK;
+ (void)NSSArena_Destroy(fwInstance->arena);
+ return CKR_OK;
}
/*
@@ -394,18 +387,16 @@ nssCKFWInstance_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKMDInstance *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwInstance->mdInstance;
+ return fwInstance->mdInstance;
}
/*
@@ -413,25 +404,23 @@ nssCKFWInstance_GetMDInstance
*
*/
NSS_IMPLEMENT NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nssCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* NSSDEBUG */
- *pError = CKR_OK;
- return fwInstance->arena;
+ *pError = CKR_OK;
+ return fwInstance->arena;
}
/*
@@ -439,18 +428,16 @@ nssCKFWInstance_GetArena
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- return fwInstance->mayCreatePthreads;
+ return fwInstance->mayCreatePthreads;
}
/*
@@ -458,37 +445,35 @@ nssCKFWInstance_MayCreatePthreads
*
*/
NSS_IMPLEMENT NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+nssCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- NSSCKFWMutex *mutex;
+ NSSCKFWMutex *mutex;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* NSSDEBUG */
+ if (!pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
- mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, fwInstance->LockingState,
- arena, pError);
- if (!mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWMutex *)NULL;
}
+#endif /* NSSDEBUG */
- return (NSSCKFWMutex *)NULL;
- }
+ mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, fwInstance->LockingState,
+ arena, pError);
+ if (!mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
- return mutex;
+ return (NSSCKFWMutex *)NULL;
+ }
+
+ return mutex;
}
/*
@@ -496,18 +481,16 @@ nssCKFWInstance_CreateMutex
*
*/
NSS_IMPLEMENT NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSUTF8 *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwInstance->configurationData;
+ return fwInstance->configurationData;
}
/*
@@ -515,15 +498,13 @@ nssCKFWInstance_GetConfigurationData
*
*/
CK_C_INITIALIZE_ARGS_PTR
-nssCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_C_INITIALIZE_ARGS_PTR)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_C_INITIALIZE_ARGS_PTR)NULL;
+ }
#endif /* NSSDEBUG */
return fwInstance->pInitArgs;
@@ -534,50 +515,48 @@ nssCKFWInstance_GetInitArgs
*
*/
NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nssCKFWInstance_CreateSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
- CK_SESSION_HANDLE hSession;
+ CK_SESSION_HANDLE hSession;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_SESSION_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
+ if (!pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
#endif /* NSSDEBUG */
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- hSession = ++(fwInstance->lastSessionHandle);
-
- /* Alan would say I should unlock for this call. */
-
- *pError = nssCKFWSession_SetHandle(fwSession, hSession);
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
- (const void *)hSession, (const void *)fwSession);
- if( CKR_OK != *pError ) {
- hSession = (CK_SESSION_HANDLE)0;
- goto done;
- }
-
- done:
- nssCKFWMutex_Unlock(fwInstance->mutex);
- return hSession;
+ *pError = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
+
+ hSession = ++(fwInstance->lastSessionHandle);
+
+ /* Alan would say I should unlock for this call. */
+
+ *pError = nssCKFWSession_SetHandle(fwSession, hSession);
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
+ (const void *)hSession, (const void *)fwSession);
+ if (CKR_OK != *pError) {
+ hSession = (CK_SESSION_HANDLE)0;
+ goto done;
+ }
+
+done:
+ nssCKFWMutex_Unlock(fwInstance->mutex);
+ return hSession;
}
/*
@@ -585,32 +564,30 @@ nssCKFWInstance_CreateSessionHandle
*
*/
NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+nssCKFWInstance_ResolveSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- NSSCKFWSession *fwSession;
+ NSSCKFWSession *fwSession;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWSession *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKFWSession *)NULL;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWSession *)NULL;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return (NSSCKFWSession *)NULL;
+ }
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
+ fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
+ fwInstance->sessionHandleHash, (const void *)hSession);
- /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
+ /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return fwSession;
+ return fwSession;
}
/*
@@ -618,34 +595,32 @@ nssCKFWInstance_ResolveSessionHandle
*
*/
NSS_IMPLEMENT void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+nssCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- NSSCKFWSession *fwSession;
+ NSSCKFWSession *fwSession;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return;
+ }
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
- if (fwSession) {
- nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
- nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
- }
+ fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
+ fwInstance->sessionHandleHash, (const void *)hSession);
+ if (fwSession) {
+ nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
+ nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
+ }
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return;
+ return;
}
/*
@@ -653,24 +628,22 @@ nssCKFWInstance_DestroySessionHandle
*
*/
NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-)
+nssCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_SESSION_HANDLE)0;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_SESSION_HANDLE)0;
+ }
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_SESSION_HANDLE)0;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (CK_SESSION_HANDLE)0;
+ }
#endif /* NSSDEBUG */
- return nssCKFWSession_GetHandle(fwSession);
- /* look it up and assert? */
+ return nssCKFWSession_GetHandle(fwSession);
+ /* look it up and assert? */
}
/*
@@ -678,49 +651,47 @@ nssCKFWInstance_FindSessionHandle
*
*/
NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+nssCKFWInstance_CreateObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
- CK_OBJECT_HANDLE hObject;
+ CK_OBJECT_HANDLE hObject;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
+ if (!pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
#endif /* NSSDEBUG */
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- hObject = ++(fwInstance->lastObjectHandle);
-
- *pError = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return hObject;
+ *pError = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+
+ hObject = ++(fwInstance->lastObjectHandle);
+
+ *pError = nssCKFWObject_SetHandle(fwObject, hObject);
+ if (CKR_OK != *pError) {
+ hObject = (CK_OBJECT_HANDLE)0;
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
+ (const void *)hObject, (const void *)fwObject);
+ if (CKR_OK != *pError) {
+ hObject = (CK_OBJECT_HANDLE)0;
+ goto done;
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return hObject;
}
/*
@@ -728,31 +699,29 @@ nssCKFWInstance_CreateObjectHandle
*
*/
NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
+nssCKFWInstance_ResolveObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject)
{
- NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwObject;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWObject *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKFWObject *)NULL;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWObject *)NULL;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return (NSSCKFWObject *)NULL;
+ }
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
+ fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
- /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
+ /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return fwObject;
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return fwObject;
}
/*
@@ -760,46 +729,44 @@ nssCKFWInstance_ResolveObjectHandle
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-)
+nssCKFWInstance_ReassignObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject,
+ NSSCKFWObject *fwObject)
{
- CK_RV error = CKR_OK;
- NSSCKFWObject *oldObject;
+ CK_RV error = CKR_OK;
+ NSSCKFWObject *oldObject;
#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
+ if (oldObject) {
+ /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
+ (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
+ nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
+ }
+
+ error = nssCKFWObject_SetHandle(fwObject, hObject);
+ if (CKR_OK != error) {
+ goto done;
+ }
+ error = nssCKFWHash_Add(fwInstance->objectHandleHash,
+ (const void *)hObject, (const void *)fwObject);
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
return error;
- }
-
- oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- if(oldObject) {
- /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
- (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
- }
-
- error = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != error ) {
- goto done;
- }
- error = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
}
/*
@@ -807,34 +774,32 @@ nssCKFWInstance_ReassignObjectHandle
*
*/
NSS_IMPLEMENT void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
+nssCKFWInstance_DestroyObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject)
{
- NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwObject;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return;
+ }
+
+ fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
+ if (fwObject) {
+ /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
+ nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
+ (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
+ }
+
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
return;
- }
-
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- if (fwObject) {
- /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
- (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
- }
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return;
}
/*
@@ -842,23 +807,21 @@ nssCKFWInstance_DestroyObjectHandle
*
*/
NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-)
+nssCKFWInstance_FindObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_OBJECT_HANDLE)0;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
#endif /* NSSDEBUG */
-
- return nssCKFWObject_GetHandle(fwObject);
+
+ return nssCKFWObject_GetHandle(fwObject);
}
/*
@@ -866,70 +829,67 @@ nssCKFWInstance_FindObjectHandle
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nssCKFWInstance_GetNSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- *pError = CKR_OK;
- return fwInstance->nSlots;
-}
+ *pError = CKR_OK;
+ return fwInstance->nSlots;
+}
/*
* nssCKFWInstance_GetCryptokiVersion
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetCryptokiVersion(
+ NSSCKFWInstance *fwInstance)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwInstance->cryptokiVersion.major) ||
+ (0 != fwInstance->cryptokiVersion.minor)) {
+ rv = fwInstance->cryptokiVersion;
+ goto done;
+ }
+
+ if (fwInstance->mdInstance->GetCryptokiVersion) {
+ fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
+ fwInstance->mdInstance, fwInstance);
+ }
+ else {
+ fwInstance->cryptokiVersion.major = 2;
+ fwInstance->cryptokiVersion.minor = 1;
+ }
- if( (0 != fwInstance->cryptokiVersion.major) ||
- (0 != fwInstance->cryptokiVersion.minor) ) {
rv = fwInstance->cryptokiVersion;
- goto done;
- }
-
- if (fwInstance->mdInstance->GetCryptokiVersion) {
- fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->cryptokiVersion.major = 2;
- fwInstance->cryptokiVersion.minor = 1;
- }
-
- rv = fwInstance->cryptokiVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return rv;
}
/*
@@ -937,48 +897,47 @@ nssCKFWInstance_GetCryptokiVersion
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-)
+nssCKFWInstance_GetManufacturerID(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR manufacturerID[32])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwInstance->manufacturerID) {
- if (fwInstance->mdInstance->GetManufacturerID) {
- fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
- fwInstance->mdInstance, fwInstance, &error);
- if ((!fwInstance->manufacturerID) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwInstance->manufacturerID = (NSSUTF8 *) "";
+ if (!fwInstance->manufacturerID) {
+ if (fwInstance->mdInstance->GetManufacturerID) {
+ fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
+ fwInstance->mdInstance, fwInstance, &error);
+ if ((!fwInstance->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwInstance->manufacturerID = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return error;
}
/*
@@ -986,19 +945,17 @@ nssCKFWInstance_GetManufacturerID
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetFlags(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- /* No "instance flags" are yet defined by Cryptoki. */
- return (CK_ULONG)0;
+ /* No "instance flags" are yet defined by Cryptoki. */
+ return (CK_ULONG)0;
}
/*
@@ -1006,48 +963,47 @@ nssCKFWInstance_GetFlags
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-)
+nssCKFWInstance_GetLibraryDescription(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR libraryDescription[32])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == libraryDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == libraryDescription) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwInstance->libraryDescription) {
- if (fwInstance->mdInstance->GetLibraryDescription) {
- fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
- fwInstance->mdInstance, fwInstance, &error);
- if ((!fwInstance->libraryDescription) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwInstance->libraryDescription = (NSSUTF8 *) "";
+ if (!fwInstance->libraryDescription) {
+ if (fwInstance->mdInstance->GetLibraryDescription) {
+ fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
+ fwInstance->mdInstance, fwInstance, &error);
+ if ((!fwInstance->libraryDescription) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwInstance->libraryDescription = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return error;
}
/*
@@ -1055,43 +1011,42 @@ nssCKFWInstance_GetLibraryDescription
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetLibraryVersion(
+ NSSCKFWInstance *fwInstance)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwInstance->libraryVersion.major) ||
+ (0 != fwInstance->libraryVersion.minor)) {
+ rv = fwInstance->libraryVersion;
+ goto done;
+ }
+
+ if (fwInstance->mdInstance->GetLibraryVersion) {
+ fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
+ fwInstance->mdInstance, fwInstance);
+ }
+ else {
+ fwInstance->libraryVersion.major = 0;
+ fwInstance->libraryVersion.minor = 3;
+ }
- if( (0 != fwInstance->libraryVersion.major) ||
- (0 != fwInstance->libraryVersion.minor) ) {
rv = fwInstance->libraryVersion;
- goto done;
- }
-
- if (fwInstance->mdInstance->GetLibraryVersion) {
- fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->libraryVersion.major = 0;
- fwInstance->libraryVersion.minor = 3;
- }
-
- rv = fwInstance->libraryVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return rv;
}
/*
@@ -1099,18 +1054,16 @@ nssCKFWInstance_GetLibraryVersion
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-)
+nssCKFWInstance_GetModuleHandlesSessionObjects(
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- return fwInstance->moduleHandlesSessionObjects;
+ return fwInstance->moduleHandlesSessionObjects;
}
/*
@@ -1118,24 +1071,22 @@ nssCKFWInstance_GetModuleHandlesSessionObjects
*
*/
NSS_IMPLEMENT NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nssCKFWInstance_GetSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWSlot **)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot **)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWSlot **)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot **)NULL;
+ }
#endif /* NSSDEBUG */
- return fwInstance->fwSlotList;
+ return fwInstance->fwSlotList;
}
/*
@@ -1143,72 +1094,69 @@ nssCKFWInstance_GetSlots
*
*/
NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-)
+nssCKFWInstance_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError)
{
- NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
- NSSCKMDSlot *mdSlot;
- CK_ULONG i, n;
+ NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
+ NSSCKMDSlot *mdSlot;
+ CK_ULONG i, n;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- switch( block ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSlot *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ switch (block) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWSlot *)NULL;
+ }
#endif /* NSSDEBUG */
- if (!fwInstance->mdInstance->WaitForSlotEvent) {
- *pError = CKR_NO_EVENT;
- return (NSSCKFWSlot *)NULL;
- }
-
- mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
- fwInstance->mdInstance,
- fwInstance,
- block,
- pError
- );
-
- if (!mdSlot) {
- return (NSSCKFWSlot *)NULL;
- }
-
- n = nssCKFWInstance_GetNSlots(fwInstance, pError);
- if( ((CK_ULONG)0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- for( i = 0; i < n; i++ ) {
- if( fwInstance->mdSlotList[i] == mdSlot ) {
- fwSlot = fwInstance->fwSlotList[i];
- break;
- }
- }
-
- if (!fwSlot) {
- /* Internal error */
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
-
- return fwSlot;
+ if (!fwInstance->mdInstance->WaitForSlotEvent) {
+ *pError = CKR_NO_EVENT;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
+ fwInstance->mdInstance,
+ fwInstance,
+ block,
+ pError);
+
+ if (!mdSlot) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ n = nssCKFWInstance_GetNSlots(fwInstance, pError);
+ if (((CK_ULONG)0 == n) && (CKR_OK != *pError)) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ for (i = 0; i < n; i++) {
+ if (fwInstance->mdSlotList[i] == mdSlot) {
+ fwSlot = fwInstance->fwSlotList[i];
+ break;
+ }
+ }
+
+ if (!fwSlot) {
+ /* Internal error */
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ return fwSlot;
}
/*
@@ -1216,18 +1164,16 @@ nssCKFWInstance_WaitForSlotEvent
*
*/
NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
+NSSCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKMDInstance *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_GetMDInstance(fwInstance);
+ return nssCKFWInstance_GetMDInstance(fwInstance);
}
/*
@@ -1235,24 +1181,22 @@ NSSCKFWInstance_GetMDInstance
*
*/
NSS_IMPLEMENT NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+NSSCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_GetArena(fwInstance, pError);
+ return nssCKFWInstance_GetArena(fwInstance, pError);
}
/*
@@ -1260,18 +1204,16 @@ NSSCKFWInstance_GetArena
*
*/
NSS_IMPLEMENT CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
+NSSCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_MayCreatePthreads(fwInstance);
+ return nssCKFWInstance_MayCreatePthreads(fwInstance);
}
/*
@@ -1279,25 +1221,23 @@ NSSCKFWInstance_MayCreatePthreads
*
*/
NSS_IMPLEMENT NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+NSSCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
}
/*
@@ -1305,18 +1245,16 @@ NSSCKFWInstance_CreateMutex
*
*/
NSS_IMPLEMENT NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
+NSSCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSUTF8 *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_GetConfigurationData(fwInstance);
+ return nssCKFWInstance_GetConfigurationData(fwInstance);
}
/*
@@ -1324,17 +1262,14 @@ NSSCKFWInstance_GetConfigurationData
*
*/
NSS_IMPLEMENT CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-)
+NSSCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_C_INITIALIZE_ARGS_PTR)NULL;
- }
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_C_INITIALIZE_ARGS_PTR)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWInstance_GetInitArgs(fwInstance);
+ return nssCKFWInstance_GetInitArgs(fwInstance);
}
-
diff --git a/lib/ckfw/mechanism.c b/lib/ckfw/mechanism.c
index 14baf02c5..47e5ac69f 100644
--- a/lib/ckfw/mechanism.c
+++ b/lib/ckfw/mechanism.c
@@ -55,13 +55,12 @@
* nssCKFWMechanism_DeriveKey
*/
-
struct NSSCKFWMechanismStr {
- NSSCKMDMechanism *mdMechanism;
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
- NSSCKMDInstance *mdInstance;
- NSSCKFWInstance *fwInstance;
+ NSSCKMDMechanism *mdMechanism;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
};
/*
@@ -69,28 +68,25 @@ struct NSSCKFWMechanismStr {
*
*/
NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nssCKFWMechanism_Create(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- NSSCKFWMechanism *fwMechanism;
-
-
- fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism);
- if (!fwMechanism) {
- return (NSSCKFWMechanism *)NULL;
- }
- fwMechanism->mdMechanism = mdMechanism;
- fwMechanism->mdToken = mdToken;
- fwMechanism->fwToken = fwToken;
- fwMechanism->mdInstance = mdInstance;
- fwMechanism->fwInstance = fwInstance;
- return fwMechanism;
+ NSSCKFWMechanism *fwMechanism;
+
+ fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism);
+ if (!fwMechanism) {
+ return (NSSCKFWMechanism *)NULL;
+ }
+ fwMechanism->mdMechanism = mdMechanism;
+ fwMechanism->mdToken = mdToken;
+ fwMechanism->fwToken = fwToken;
+ fwMechanism->mdInstance = mdInstance;
+ fwMechanism->fwInstance = fwInstance;
+ return fwMechanism;
}
/*
@@ -98,24 +94,22 @@ nssCKFWMechanism_Create
*
*/
NSS_IMPLEMENT void
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-)
+nssCKFWMechanism_Destroy(
+ NSSCKFWMechanism *fwMechanism)
{
- /* destroy any fw resources held by nssCKFWMechanism (currently none) */
-
- if (!fwMechanism->mdMechanism->Destroy) {
- /* destroys it's parent as well */
- fwMechanism->mdMechanism->Destroy(
- fwMechanism->mdMechanism,
- fwMechanism,
- fwMechanism->mdInstance,
- fwMechanism->fwInstance);
- }
- /* if the Destroy function wasn't supplied, then the mechanism is 'static',
- * and there is nothing to destroy */
- return;
+ /* destroy any fw resources held by nssCKFWMechanism (currently none) */
+
+ if (!fwMechanism->mdMechanism->Destroy) {
+ /* destroys it's parent as well */
+ fwMechanism->mdMechanism->Destroy(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance);
+ }
+ /* if the Destroy function wasn't supplied, then the mechanism is 'static',
+ * and there is nothing to destroy */
+ return;
}
/*
@@ -123,12 +117,10 @@ nssCKFWMechanism_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-)
+nssCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism)
{
- return fwMechanism->mdMechanism;
+ return fwMechanism->mdMechanism;
}
/*
@@ -136,19 +128,17 @@ nssCKFWMechanism_GetMDMechanism
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetMinKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->GetMinKeySize) {
- return 0;
- }
+ if (!fwMechanism->mdMechanism->GetMinKeySize) {
+ return 0;
+ }
- return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism,
- fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+ return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
}
/*
@@ -156,19 +146,17 @@ nssCKFWMechanism_GetMinKeySize
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetMaxKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->GetMaxKeySize) {
- return 0;
- }
+ if (!fwMechanism->mdMechanism->GetMaxKeySize) {
+ return 0;
+ }
- return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism,
- fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+ return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
}
/*
@@ -176,22 +164,19 @@ nssCKFWMechanism_GetMaxKeySize
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetInHardware(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->GetInHardware) {
- return CK_FALSE;
- }
+ if (!fwMechanism->mdMechanism->GetInHardware) {
+ return CK_FALSE;
+ }
- return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism,
- fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+ return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
}
-
/*
* the following are determined automatically by which of the cryptographic
* functions are defined for this mechanism.
@@ -201,16 +186,14 @@ nssCKFWMechanism_GetInHardware
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanEncrypt
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanEncrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->EncryptInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->EncryptInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -218,16 +201,14 @@ nssCKFWMechanism_GetCanEncrypt
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDecrypt
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanDecrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->DecryptInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->DecryptInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -235,16 +216,14 @@ nssCKFWMechanism_GetCanDecrypt
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDigest
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanDigest(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->DigestInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->DigestInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -252,16 +231,14 @@ nssCKFWMechanism_GetCanDigest
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanSign
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanSign(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->SignInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->SignInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -269,16 +246,14 @@ nssCKFWMechanism_GetCanSign
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanSignRecover
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanSignRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->SignRecoverInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->SignRecoverInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -286,16 +261,14 @@ nssCKFWMechanism_GetCanSignRecover
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanVerify
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanVerify(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->VerifyInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->VerifyInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -303,16 +276,14 @@ nssCKFWMechanism_GetCanVerify
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanVerifyRecover
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanVerifyRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -320,16 +291,14 @@ nssCKFWMechanism_GetCanVerifyRecover
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanGenerate
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanGenerate(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->GenerateKey) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->GenerateKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -337,16 +306,14 @@ nssCKFWMechanism_GetCanGenerate
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanGenerateKeyPair
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanGenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->GenerateKeyPair) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->GenerateKeyPair) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -354,16 +321,14 @@ nssCKFWMechanism_GetCanGenerateKeyPair
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanUnwrap
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanUnwrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->UnwrapKey) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->UnwrapKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -371,16 +336,14 @@ nssCKFWMechanism_GetCanUnwrap
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanWrap
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanWrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->WrapKey) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
@@ -388,55 +351,50 @@ nssCKFWMechanism_GetCanWrap
*
*/
NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetCanDerive
-(
- NSSCKFWMechanism *fwMechanism,
- CK_RV *pError
-)
+nssCKFWMechanism_GetCanDerive(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
{
- if (!fwMechanism->mdMechanism->DeriveKey) {
- return CK_FALSE;
- }
- return CK_TRUE;
+ if (!fwMechanism->mdMechanism->DeriveKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
}
/*
* These are the actual crypto operations
*/
-/*
+/*
* nssCKFWMechanism_EncryptInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_EncryptInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_EncryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_EncryptDecrypt);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->EncryptInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->EncryptInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->EncryptInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->EncryptInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -448,58 +406,54 @@ nssCKFWMechanism_EncryptInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_Encrypt, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_EncryptDecrypt);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Encrypt, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_DecryptInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_DecryptInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_DecryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_EncryptDecrypt);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->DecryptInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->DecryptInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->DecryptInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->DecryptInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -511,55 +465,51 @@ nssCKFWMechanism_DecryptInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_Decrypt, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_EncryptDecrypt);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Decrypt, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_DigestInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_DigestInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession
-)
+nssCKFWMechanism_DigestInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_Digest);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_Digest);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
- if (!fwMechanism->mdMechanism->DigestInit) {
- return CKR_FUNCTION_FAILED;
- }
+ if (!fwMechanism->mdMechanism->DigestInit) {
+ return CKR_FUNCTION_FAILED;
+ }
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdOperation = fwMechanism->mdMechanism->DigestInit(
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdOperation = fwMechanism->mdMechanism->DigestInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -569,58 +519,54 @@ nssCKFWMechanism_DigestInit
fwMechanism->fwToken,
fwMechanism->mdInstance,
fwMechanism->fwInstance,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_Digest, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_Digest);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Digest, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_Digest);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_SignInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_SignInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_SignInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_SignVerify);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->SignInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->SignInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->SignInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->SignInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -632,58 +578,54 @@ nssCKFWMechanism_SignInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_Sign, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_SignVerify);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Sign, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_VerifyInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_VerifyInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_VerifyInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_SignVerify);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->VerifyInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->VerifyInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->VerifyInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->VerifyInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -695,58 +637,54 @@ nssCKFWMechanism_VerifyInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_Verify, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_SignVerify);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Verify, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_SignRecoverInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_SignRecoverInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_SignRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_SignVerify);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->SignRecoverInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->SignRecoverInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->SignRecoverInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->SignRecoverInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -758,58 +696,54 @@ nssCKFWMechanism_SignRecoverInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_SignRecover, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_SignVerify);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_SignRecover, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
loser:
- return error;
+ return error;
}
-/*
+/*
* nssCKFWMechanism_VerifyRecoverInit
* Start an encryption session.
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_VerifyRecoverInit
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWMechanism_VerifyRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKMDCryptoOperation *mdOperation;
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- CK_RV error = CKR_OK;
-
-
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_SignVerify);
- if (fwOperation) {
- return CKR_OPERATION_ACTIVE;
- }
-
- if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = nssCKFWObject_GetMDObject(fwObject);
- mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit(
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -821,59 +755,56 @@ nssCKFWMechanism_VerifyRecoverInit
fwMechanism->fwInstance,
mdObject,
fwObject,
- &error
- );
- if (!mdOperation) {
- goto loser;
- }
-
- fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
- mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
- fwMechanism->mdInstance, fwMechanism->fwInstance,
- NSSCKFWCryptoOperationType_VerifyRecover, &error);
- if (fwOperation) {
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
- NSSCKFWCryptoOperationState_SignVerify);
- }
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_VerifyRecover, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
loser:
- return error;
+ return error;
}
/*
* nssCKFWMechanism_GenerateKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_GenerateKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWMechanism_GenerateKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject = NULL;
- NSSArena *arena;
-
- if (!fwMechanism->mdMechanism->GenerateKey) {
- *pError = CKR_FUNCTION_FAILED;
- return (NSSCKFWObject *)NULL;
- }
-
- arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
- if (!arena) {
- if (CKR_OK == *pError) {
- *pError = CKR_GENERAL_ERROR;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->GenerateKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
}
- return (NSSCKFWObject *)NULL;
- }
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdObject = fwMechanism->mdMechanism->GenerateKey(
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = fwMechanism->mdMechanism->GenerateKey(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -887,53 +818,51 @@ nssCKFWMechanism_GenerateKey
ulAttributeCount,
pError);
- if (!mdObject) {
- return (NSSCKFWObject *)NULL;
- }
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
- fwObject = nssCKFWObject_Create(arena, mdObject,
- fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
- return fwObject;
+ return fwObject;
}
/*
* nssCKFWMechanism_GenerateKeyPair
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_GenerateKeyPair
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- NSSCKFWObject **fwPublicKeyObject,
- NSSCKFWObject **fwPrivateKeyObject
-)
+nssCKFWMechanism_GenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKFWObject **fwPublicKeyObject,
+ NSSCKFWObject **fwPrivateKeyObject)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdPublicKeyObject;
- NSSCKMDObject *mdPrivateKeyObject;
- NSSArena *arena;
- CK_RV error = CKR_OK;
-
- if (!fwMechanism->mdMechanism->GenerateKeyPair) {
- return CKR_FUNCTION_FAILED;
- }
-
- arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error);
- if (!arena) {
- if (CKR_OK == error) {
- error = CKR_GENERAL_ERROR;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdPublicKeyObject;
+ NSSCKMDObject *mdPrivateKeyObject;
+ NSSArena *arena;
+ CK_RV error = CKR_OK;
+
+ if (!fwMechanism->mdMechanism->GenerateKeyPair) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error);
+ if (!arena) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ return error;
}
- return error;
- }
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- error = fwMechanism->mdMechanism->GenerateKeyPair(
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ error = fwMechanism->mdMechanism->GenerateKeyPair(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -950,48 +879,46 @@ nssCKFWMechanism_GenerateKeyPair
&mdPublicKeyObject,
&mdPrivateKeyObject);
- if (CKR_OK != error) {
- return error;
- }
+ if (CKR_OK != error) {
+ return error;
+ }
- *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject,
- fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
- if (!*fwPublicKeyObject) {
- return error;
- }
- *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject,
- fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
+ *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
+ if (!*fwPublicKeyObject) {
+ return error;
+ }
+ *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
- return error;
+ return error;
}
/*
* nssCKFWMechanism_GetWrapKeyLength
*/
NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetWrapKeyLength
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSCKFWObject *fwKeyObject,
- CK_RV *pError
-)
+nssCKFWMechanism_GetWrapKeyLength(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ CK_RV *pError)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdWrappingKeyObject;
- NSSCKMDObject *mdKeyObject;
-
- if (!fwMechanism->mdMechanism->WrapKey) {
- *pError = CKR_FUNCTION_FAILED;
- return (CK_ULONG) 0;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
- mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
- return fwMechanism->mdMechanism->GetWrapKeyLength(
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKMDObject *mdKeyObject;
+
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (CK_ULONG)0;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
+ return fwMechanism->mdMechanism->GetWrapKeyLength(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -1012,28 +939,26 @@ nssCKFWMechanism_GetWrapKeyLength
* nssCKFWMechanism_WrapKey
*/
NSS_EXTERN CK_RV
-nssCKFWMechanism_WrapKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSCKFWObject *fwKeyObject,
- NSSItem *wrappedKey
-)
+nssCKFWMechanism_WrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ NSSItem *wrappedKey)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdWrappingKeyObject;
- NSSCKMDObject *mdKeyObject;
-
- if (!fwMechanism->mdMechanism->WrapKey) {
- return CKR_FUNCTION_FAILED;
- }
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
- mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
- return fwMechanism->mdMechanism->WrapKey(
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKMDObject *mdKeyObject;
+
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
+ return fwMechanism->mdMechanism->WrapKey(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -1054,44 +979,42 @@ nssCKFWMechanism_WrapKey
* nssCKFWMechanism_UnwrapKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_UnwrapKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwWrappingKeyObject,
- NSSItem *wrappedKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWMechanism_UnwrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- NSSCKMDObject *mdWrappingKeyObject;
- NSSCKFWObject *fwObject = NULL;
- NSSArena *arena;
-
- if (!fwMechanism->mdMechanism->UnwrapKey) {
- /* we could simulate UnwrapKey using Decrypt and Create object, but
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->UnwrapKey) {
+ /* we could simulate UnwrapKey using Decrypt and Create object, but
* 1) it's not clear that would work well, and 2) the low level token
* may want to restrict unwrap key for a reason, so just fail it it
* can't be done */
- *pError = CKR_FUNCTION_FAILED;
- return (NSSCKFWObject *)NULL;
- }
-
- arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
- if (!arena) {
- if (CKR_OK == *pError) {
- *pError = CKR_GENERAL_ERROR;
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
}
- return (NSSCKFWObject *)NULL;
- }
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
- mdObject = fwMechanism->mdMechanism->UnwrapKey(
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdObject = fwMechanism->mdMechanism->UnwrapKey(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -1108,53 +1031,51 @@ nssCKFWMechanism_UnwrapKey
ulAttributeCount,
pError);
- if (!mdObject) {
- return (NSSCKFWObject *)NULL;
- }
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
- fwObject = nssCKFWObject_Create(arena, mdObject,
- fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
- return fwObject;
+ return fwObject;
}
-/*
+/*
* nssCKFWMechanism_DeriveKey
*/
NSS_EXTERN NSSCKFWObject *
-nssCKFWMechanism_DeriveKey
-(
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwBaseKeyObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWMechanism_DeriveKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwBaseKeyObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSCKMDSession *mdSession;
- NSSCKMDObject *mdObject;
- NSSCKMDObject *mdBaseKeyObject;
- NSSCKFWObject *fwObject = NULL;
- NSSArena *arena;
-
- if (!fwMechanism->mdMechanism->DeriveKey) {
- *pError = CKR_FUNCTION_FAILED;
- return (NSSCKFWObject *)NULL;
- }
-
- arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
- if (!arena) {
- if (CKR_OK == *pError) {
- *pError = CKR_GENERAL_ERROR;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKMDObject *mdBaseKeyObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->DeriveKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
}
- return (NSSCKFWObject *)NULL;
- }
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject);
- mdObject = fwMechanism->mdMechanism->DeriveKey(
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject);
+ mdObject = fwMechanism->mdMechanism->DeriveKey(
fwMechanism->mdMechanism,
fwMechanism,
pMechanism,
@@ -1170,13 +1091,12 @@ nssCKFWMechanism_DeriveKey
ulAttributeCount,
pError);
- if (!mdObject) {
- return (NSSCKFWObject *)NULL;
- }
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
- fwObject = nssCKFWObject_Create(arena, mdObject,
- fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
- return fwObject;
+ return fwObject;
}
-
diff --git a/lib/ckfw/mutex.c b/lib/ckfw/mutex.c
index 0d74cf133..be569e196 100644
--- a/lib/ckfw/mutex.c
+++ b/lib/ckfw/mutex.c
@@ -31,7 +31,7 @@
*/
struct NSSCKFWMutexStr {
- PRLock *lock;
+ PRLock *lock;
};
#ifdef DEBUG
@@ -47,30 +47,24 @@ struct NSSCKFWMutexStr {
*/
static CK_RV
-mutex_add_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
+mutex_add_pointer(
+ const NSSCKFWMutex *fwMutex)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-mutex_remove_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
+mutex_remove_pointer(
+ const NSSCKFWMutex *fwMutex)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWMutex_verifyPointer
-(
- const NSSCKFWMutex *fwMutex
-)
+nssCKFWMutex_verifyPointer(
+ const NSSCKFWMutex *fwMutex)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -80,78 +74,74 @@ nssCKFWMutex_verifyPointer
*
*/
NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- CryptokiLockingState LockingState,
- NSSArena *arena,
- CK_RV *pError
-)
+nssCKFWMutex_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSArena *arena,
+ CK_RV *pError)
{
- NSSCKFWMutex *mutex;
-
- mutex = nss_ZNEW(arena, NSSCKFWMutex);
- if (!mutex) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWMutex *)NULL;
- }
- *pError = CKR_OK;
- mutex->lock = NULL;
- if (LockingState == MultiThreaded) {
- mutex->lock = PR_NewLock();
- if (!mutex->lock) {
- *pError = CKR_HOST_MEMORY; /* we couldn't get the resource */
+ NSSCKFWMutex *mutex;
+
+ mutex = nss_ZNEW(arena, NSSCKFWMutex);
+ if (!mutex) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWMutex *)NULL;
+ }
+ *pError = CKR_OK;
+ mutex->lock = NULL;
+ if (LockingState == MultiThreaded) {
+ mutex->lock = PR_NewLock();
+ if (!mutex->lock) {
+ *pError = CKR_HOST_MEMORY; /* we couldn't get the resource */
+ }
+ }
+
+ if (CKR_OK != *pError) {
+ (void)nss_ZFreeIf(mutex);
+ return (NSSCKFWMutex *)NULL;
}
- }
-
- if( CKR_OK != *pError ) {
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
#ifdef DEBUG
- *pError = mutex_add_pointer(mutex);
- if( CKR_OK != *pError ) {
- if (mutex->lock) {
- PR_DestroyLock(mutex->lock);
+ *pError = mutex_add_pointer(mutex);
+ if (CKR_OK != *pError) {
+ if (mutex->lock) {
+ PR_DestroyLock(mutex->lock);
+ }
+ (void)nss_ZFreeIf(mutex);
+ return (NSSCKFWMutex *)NULL;
}
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
#endif /* DEBUG */
- return mutex;
-}
+ return mutex;
+}
/*
* nssCKFWMutex_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
+nssCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex)
{
- CK_RV rv = CKR_OK;
+ CK_RV rv = CKR_OK;
#ifdef NSSDEBUG
- rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* NSSDEBUG */
-
- if (mutex->lock) {
- PR_DestroyLock(mutex->lock);
- }
+
+ if (mutex->lock) {
+ PR_DestroyLock(mutex->lock);
+ }
#ifdef DEBUG
- (void)mutex_remove_pointer(mutex);
+ (void)mutex_remove_pointer(mutex);
#endif /* DEBUG */
- (void)nss_ZFreeIf(mutex);
- return rv;
+ (void)nss_ZFreeIf(mutex);
+ return rv;
}
/*
@@ -159,22 +149,20 @@ nssCKFWMutex_Destroy
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
+nssCKFWMutex_Lock(
+ NSSCKFWMutex *mutex)
{
#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* NSSDEBUG */
- if (mutex->lock) {
- PR_Lock(mutex->lock);
- }
-
- return CKR_OK;
+ if (mutex->lock) {
+ PR_Lock(mutex->lock);
+ }
+
+ return CKR_OK;
}
/*
@@ -182,29 +170,27 @@ nssCKFWMutex_Lock
*
*/
NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
+nssCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex)
{
- PRStatus nrv;
+ PRStatus nrv;
#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* NSSDEBUG */
- if (!mutex->lock)
- return CKR_OK;
+ if (!mutex->lock)
+ return CKR_OK;
- nrv = PR_Unlock(mutex->lock);
+ nrv = PR_Unlock(mutex->lock);
- /* if unlock fails, either we have a programming error, or we have
- * some sort of hardware failure... in either case return CKR_DEVICE_ERROR.
- */
- return nrv == PR_SUCCESS ? CKR_OK : CKR_DEVICE_ERROR;
+ /* if unlock fails, either we have a programming error, or we have
+ * some sort of hardware failure... in either case return CKR_DEVICE_ERROR.
+ */
+ return nrv == PR_SUCCESS ? CKR_OK : CKR_DEVICE_ERROR;
}
/*
@@ -212,19 +198,17 @@ nssCKFWMutex_Unlock
*
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
+NSSCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex)
{
#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* DEBUG */
-
- return nssCKFWMutex_Destroy(mutex);
+
+ return nssCKFWMutex_Destroy(mutex);
}
/*
@@ -232,19 +216,17 @@ NSSCKFWMutex_Destroy
*
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
+NSSCKFWMutex_Lock(
+ NSSCKFWMutex *mutex)
{
#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* DEBUG */
-
- return nssCKFWMutex_Lock(mutex);
+
+ return nssCKFWMutex_Lock(mutex);
}
/*
@@ -252,18 +234,15 @@ NSSCKFWMutex_Lock
*
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
+NSSCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex)
{
#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
#endif /* DEBUG */
- return nssCKFWMutex_Unlock(mutex);
+ return nssCKFWMutex_Unlock(mutex);
}
-
diff --git a/lib/ckfw/nssckfw.h b/lib/ckfw/nssckfw.h
index 4343eab6a..8807ac85d 100644
--- a/lib/ckfw/nssckfw.h
+++ b/lib/ckfw/nssckfw.h
@@ -8,7 +8,7 @@
/*
* nssckfw.h
*
- * This file prototypes the publicly available calls of the
+ * This file prototypes the publicly available calls of the
* NSS Cryptoki Framework.
*/
@@ -40,10 +40,8 @@
*/
NSS_EXTERN NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
+NSSCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance);
/*
* NSSCKFWInstance_GetArena
@@ -51,11 +49,9 @@ NSSCKFWInstance_GetMDInstance
*/
NSS_EXTERN NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+NSSCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* NSSCKFWInstance_MayCreatePthreads
@@ -63,10 +59,8 @@ NSSCKFWInstance_GetArena
*/
NSS_EXTERN CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
+NSSCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance);
/*
* NSSCKFWInstance_CreateMutex
@@ -74,12 +68,10 @@ NSSCKFWInstance_MayCreatePthreads
*/
NSS_EXTERN NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
+NSSCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
/*
* NSSCKFWInstance_GetConfigurationData
@@ -87,10 +79,8 @@ NSSCKFWInstance_CreateMutex
*/
NSS_EXTERN NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
+NSSCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance);
/*
* NSSCKFWInstance_GetInitArgs
@@ -98,10 +88,8 @@ NSSCKFWInstance_GetConfigurationData
*/
NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-);
+NSSCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance);
/*
* NSSCKFWSlot
@@ -118,10 +106,8 @@ NSSCKFWInstance_GetInitArgs
*/
NSS_EXTERN NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
+NSSCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot);
/*
* NSSCKFWSlot_GetFWInstance
@@ -129,10 +115,8 @@ NSSCKFWSlot_GetMDSlot
*/
NSS_EXTERN NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
+NSSCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot);
/*
* NSSCKFWSlot_GetMDInstance
@@ -140,10 +124,8 @@ NSSCKFWSlot_GetFWInstance
*/
NSS_EXTERN NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
+NSSCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot);
/*
* NSSCKFWToken
@@ -161,10 +143,8 @@ NSSCKFWSlot_GetMDInstance
*/
NSS_EXTERN NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
+NSSCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken);
/*
* NSSCKFWToken_GetArena
@@ -172,11 +152,9 @@ NSSCKFWToken_GetMDToken
*/
NSS_EXTERN NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
+NSSCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError);
/*
* NSSCKFWToken_GetFWSlot
@@ -184,10 +162,8 @@ NSSCKFWToken_GetArena
*/
NSS_EXTERN NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
+NSSCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken);
/*
* NSSCKFWToken_GetMDSlot
@@ -195,10 +171,8 @@ NSSCKFWToken_GetFWSlot
*/
NSS_EXTERN NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
+NSSCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken);
/*
* NSSCKFWToken_GetSessionState
@@ -206,10 +180,8 @@ NSSCKFWToken_GetMDSlot
*/
NSS_EXTERN CK_STATE
-NSSCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
+NSSCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken);
/*
* NSSCKFWMechanism
@@ -225,10 +197,8 @@ NSSCKFWToken_GetSessionState
*/
NSS_EXTERN NSSCKMDMechanism *
-NSSCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
+NSSCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism);
/*
* NSSCKFWMechanism_GetParameter
@@ -236,10 +206,8 @@ NSSCKFWMechanism_GetMDMechanism
*/
NSS_EXTERN NSSItem *
-NSSCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-);
+NSSCKFWMechanism_GetParameter(
+ NSSCKFWMechanism *fwMechanism);
/*
* NSSCKFWSession
@@ -259,10 +227,8 @@ NSSCKFWMechanism_GetParameter
*/
NSS_EXTERN NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
+NSSCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession);
/*
* NSSCKFWSession_GetArena
@@ -270,11 +236,9 @@ NSSCKFWSession_GetMDSession
*/
NSS_EXTERN NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+NSSCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
/*
* NSSCKFWSession_CallNotification
@@ -282,11 +246,9 @@ NSSCKFWSession_GetArena
*/
NSS_EXTERN CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
+NSSCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event);
/*
* NSSCKFWSession_IsRWSession
@@ -294,10 +256,8 @@ NSSCKFWSession_CallNotification
*/
NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
+NSSCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession);
/*
* NSSCKFWSession_IsSO
@@ -305,10 +265,8 @@ NSSCKFWSession_IsRWSession
*/
NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
+NSSCKFWSession_IsSO(
+ NSSCKFWSession *fwSession);
/*
* NSSCKFWSession_GetCurrentCryptoOperation
@@ -316,11 +274,9 @@ NSSCKFWSession_IsSO
*/
NSS_EXTERN NSSCKFWCryptoOperation *
-NSSCKFWSession_GetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationState state
-);
+NSSCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state);
/*
* NSSCKFWObject
@@ -340,91 +296,75 @@ NSSCKFWSession_GetCurrentCryptoOperation
*
*/
NSS_EXTERN NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
+NSSCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject);
/*
* NSSCKFWObject_GetArena
*
*/
NSS_EXTERN NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+NSSCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* NSSCKFWObject_IsTokenObject
*
*/
NSS_EXTERN CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
+NSSCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject);
/*
* NSSCKFWObject_GetAttributeCount
*
*/
NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+NSSCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* NSSCKFWObject_GetAttributeTypes
*
*/
NSS_EXTERN CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
+NSSCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
/*
* NSSCKFWObject_GetAttributeSize
*
*/
NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
+NSSCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
/*
* NSSCKFWObject_GetAttribute
*
*/
NSS_EXTERN NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
+NSSCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
/*
* NSSCKFWObject_GetObjectSize
*
*/
NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
+NSSCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
/*
* NSSCKFWFindObjects
@@ -439,10 +379,8 @@ NSSCKFWObject_GetObjectSize
*/
NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *
-);
+NSSCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *);
/*
* NSSCKFWMutex
@@ -459,10 +397,8 @@ NSSCKFWFindObjects_GetMDFindObjects
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
+NSSCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex);
/*
* NSSCKFWMutex_Lock
@@ -470,10 +406,8 @@ NSSCKFWMutex_Destroy
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
+NSSCKFWMutex_Lock(
+ NSSCKFWMutex *mutex);
/*
* NSSCKFWMutex_Unlock
@@ -481,10 +415,7 @@ NSSCKFWMutex_Lock
*/
NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
+NSSCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex);
#endif /* NSSCKFW_H */
-
diff --git a/lib/ckfw/nssckfwc.h b/lib/ckfw/nssckfwc.h
index 3c11e96c7..734a67cf8 100644
--- a/lib/ckfw/nssckfwc.h
+++ b/lib/ckfw/nssckfwc.h
@@ -8,7 +8,7 @@
/*
* nssckfwc.h
*
- * This file prototypes all of the NSS Cryptoki Framework "wrapper"
+ * This file prototypes all of the NSS Cryptoki Framework "wrapper"
* which implement the PKCS#11 API. Technically, these are public
* routines (with capital "NSS" prefixes), since they are called
* from (generated) code within a Module using the Framework.
@@ -104,34 +104,28 @@
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-);
+NSSCKFWC_Initialize(
+ NSSCKFWInstance **pFwInstance,
+ NSSCKMDInstance *mdInstance,
+ CK_VOID_PTR pInitArgs);
/*
* NSSCKFWC_Finalize
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-);
+NSSCKFWC_Finalize(
+ NSSCKFWInstance **pFwInstance);
/*
* NSSCKFWC_GetInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-);
-
+NSSCKFWC_GetInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_INFO_PTR pInfo);
+
/*
* C_GetFunctionList is implemented entirely in the Module's file which
* includes the Framework API insert file. It requires no "actual"
@@ -143,871 +137,743 @@ NSSCKFWC_GetInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-);
-
+NSSCKFWC_GetSlotList(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount);
+
/*
* NSSCKFWC_GetSlotInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-);
+NSSCKFWC_GetSlotInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo);
/*
* NSSCKFWC_GetTokenInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-);
+NSSCKFWC_GetTokenInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo);
/*
* NSSCKFWC_WaitForSlotEvent
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-);
+NSSCKFWC_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved);
/*
* NSSCKFWC_GetMechanismList
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-);
+NSSCKFWC_GetMechanismList(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount);
/*
* NSSCKFWC_GetMechanismInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-);
+NSSCKFWC_GetMechanismInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo);
/*
* NSSCKFWC_InitToken
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-);
+NSSCKFWC_InitToken(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel);
/*
* NSSCKFWC_InitPIN
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
+NSSCKFWC_InitPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen);
/*
* NSSCKFWC_SetPIN
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-);
+NSSCKFWC_SetPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen);
/*
* NSSCKFWC_OpenSession
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-);
+NSSCKFWC_OpenSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession);
/*
* NSSCKFWC_CloseSession
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+NSSCKFWC_CloseSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* NSSCKFWC_CloseAllSessions
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-);
+NSSCKFWC_CloseAllSessions(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID);
/*
* NSSCKFWC_GetSessionInfo
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-);
+NSSCKFWC_GetSessionInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo);
/*
* NSSCKFWC_GetOperationState
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-);
+NSSCKFWC_GetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen);
/*
* NSSCKFWC_SetOperationState
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-);
+NSSCKFWC_SetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey);
/*
* NSSCKFWC_Login
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
+NSSCKFWC_Login(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen);
/*
* NSSCKFWC_Logout
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+NSSCKFWC_Logout(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* NSSCKFWC_CreateObject
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-);
+NSSCKFWC_CreateObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject);
/*
* NSSCKFWC_CopyObject
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-);
+NSSCKFWC_CopyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject);
/*
* NSSCKFWC_DestroyObject
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-);
+NSSCKFWC_DestroyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject);
/*
* NSSCKFWC_GetObjectSize
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-);
+NSSCKFWC_GetObjectSize(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize);
/*
* NSSCKFWC_GetAttributeValue
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
+NSSCKFWC_GetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
+
/*
* NSSCKFWC_SetAttributeValue
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
+NSSCKFWC_SetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
/*
* NSSCKFWC_FindObjectsInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
+NSSCKFWC_FindObjectsInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
/*
* NSSCKFWC_FindObjects
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-);
+NSSCKFWC_FindObjects(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount);
/*
* NSSCKFWC_FindObjectsFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+NSSCKFWC_FindObjectsFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* NSSCKFWC_EncryptInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_EncryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_Encrypt
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-);
+NSSCKFWC_Encrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen);
/*
* NSSCKFWC_EncryptUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
+NSSCKFWC_EncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
/*
* NSSCKFWC_EncryptFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-);
+NSSCKFWC_EncryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen);
/*
* NSSCKFWC_DecryptInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_DecryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_Decrypt
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
+NSSCKFWC_Decrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen);
/*
* NSSCKFWC_DecryptUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
+NSSCKFWC_DecryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
/*
* NSSCKFWC_DecryptFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-);
+NSSCKFWC_DecryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen);
/*
* NSSCKFWC_DigestInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-);
+NSSCKFWC_DigestInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism);
/*
* NSSCKFWC_Digest
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
+NSSCKFWC_Digest(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen);
/*
* NSSCKFWC_DigestUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-);
+NSSCKFWC_DigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen);
/*
* NSSCKFWC_DigestKey
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_DigestKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_DigestFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
+NSSCKFWC_DigestFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen);
/*
* NSSCKFWC_SignInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_SignInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_Sign
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
+NSSCKFWC_Sign(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
/*
* NSSCKFWC_SignUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
+NSSCKFWC_SignUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen);
/*
* NSSCKFWC_SignFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
+NSSCKFWC_SignFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
/*
* NSSCKFWC_SignRecoverInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_SignRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_SignRecover
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
+NSSCKFWC_SignRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
/*
* NSSCKFWC_VerifyInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_VerifyInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_Verify
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
+NSSCKFWC_Verify(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen);
/*
* NSSCKFWC_VerifyUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
+NSSCKFWC_VerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen);
/*
* NSSCKFWC_VerifyFinal
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
+NSSCKFWC_VerifyFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen);
/*
* NSSCKFWC_VerifyRecoverInit
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
+NSSCKFWC_VerifyRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
/*
* NSSCKFWC_VerifyRecover
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
+NSSCKFWC_VerifyRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen);
/*
* NSSCKFWC_DigestEncryptUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
+NSSCKFWC_DigestEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
/*
* NSSCKFWC_DecryptDigestUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
+NSSCKFWC_DecryptDigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
/*
* NSSCKFWC_SignEncryptUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
+NSSCKFWC_SignEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
/*
* NSSCKFWC_DecryptVerifyUpdate
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
+NSSCKFWC_DecryptVerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
/*
* NSSCKFWC_GenerateKey
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
+NSSCKFWC_GenerateKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey);
/*
* NSSCKFWC_GenerateKeyPair
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-);
+NSSCKFWC_GenerateKeyPair(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey);
/*
* NSSCKFWC_WrapKey
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-);
+NSSCKFWC_WrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen);
/*
* NSSCKFWC_UnwrapKey
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
+NSSCKFWC_UnwrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey);
/*
* NSSCKFWC_DeriveKey
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
+NSSCKFWC_DeriveKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey);
/*
* NSSCKFWC_SeedRandom
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-);
+NSSCKFWC_SeedRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen);
/*
* NSSCKFWC_GenerateRandom
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-);
+NSSCKFWC_GenerateRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData,
+ CK_ULONG ulRandomLen);
/*
* NSSCKFWC_GetFunctionStatus
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+NSSCKFWC_GetFunctionStatus(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
/*
* NSSCKFWC_CancelFunction
*
*/
NSS_EXTERN CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
+NSSCKFWC_CancelFunction(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
#endif /* NSSCKFWC_H */
diff --git a/lib/ckfw/nssckfwt.h b/lib/ckfw/nssckfwt.h
index 4c4fad2d5..cd015d515 100644
--- a/lib/ckfw/nssckfwt.h
+++ b/lib/ckfw/nssckfwt.h
@@ -51,7 +51,6 @@ typedef struct NSSCKFWMechanismStr NSSCKFWMechanism;
struct NSSCKFWCryptoOperationStr;
typedef struct NSSCKFWCryptoOperationStr NSSCKFWCryptoOperation;
-
/*
* NSSCKFWSession
*
@@ -87,7 +86,7 @@ typedef struct NSSCKFWMutexStr NSSCKFWMutex;
typedef enum {
SingleThreaded,
MultiThreaded
-} CryptokiLockingState ;
+} CryptokiLockingState;
/* used as an index into an array, make sure it starts at '0' */
typedef enum {
diff --git a/lib/ckfw/nssckmdt.h b/lib/ckfw/nssckmdt.h
index 2c3aa2e2d..d98f9b02a 100644
--- a/lib/ckfw/nssckmdt.h
+++ b/lib/ckfw/nssckmdt.h
@@ -44,9 +44,9 @@ typedef struct NSSCKMDObjectStr NSSCKMDObject;
*/
typedef struct {
- PRBool needsFreeing;
- NSSItem* item;
-} NSSCKFWItem ;
+ PRBool needsFreeing;
+ NSSItem *item;
+} NSSCKFWItem;
/*
* NSSCKMDInstance
@@ -61,152 +61,147 @@ typedef struct {
*/
struct NSSCKMDInstanceStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to initialize
- * the Module. This routine is optional; if unimplemented,
- * it won't be called. If this routine returns an error,
- * then the initialization will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. It is the last thing called before
- * the NSSCKFWInstance's NSSArena is destroyed. This routine
- * is optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework to initialize
+ * the Module. This routine is optional; if unimplemented,
+ * it won't be called. If this routine returns an error,
+ * then the initialization will fail.
+ */
+ CK_RV(PR_CALLBACK *Initialize)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSUTF8 *configurationData);
+
+ /*
+ * This routine is called when the Framework is finalizing
+ * the PKCS#11 Module. It is the last thing called before
+ * the NSSCKFWInstance's NSSArena is destroyed. This routine
+ * is optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Finalize)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
* This routine gets the number of slots. This value must
- * never change, once the instance is initialized. This
+ * never change, once the instance is initialized. This
* routine must be implemented. It may return zero on error.
*/
- CK_ULONG (PR_CALLBACK *GetNSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of the Cryptoki standard
- * to which this Module conforms. This routine is optional;
- * if unimplemented, the Framework uses the version to which
- * ~it~ was implemented.
- */
- CK_VERSION (PR_CALLBACK *GetCryptokiVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing the manufacturer ID for this Module. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this Module library. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of this Module library.
- * This routine is optional; if unimplemented, the Framework
- * will assume a Module library version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetLibraryVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the Module wishes to
- * handle session objects. This routine is optional.
- * If this routine is NULL, or if it exists but returns
- * CK_FALSE, the Framework will assume responsibility
- * for managing session objects.
- */
- CK_BBOOL (PR_CALLBACK *ModuleHandlesSessionObjects)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs pointers to NSSCKMDSlot objects into
- * the specified array; one for each slot supported by this
- * instance. The Framework will determine the size needed
- * for the array by calling GetNSlots. This routine is
- * required.
- */
- CK_RV (PR_CALLBACK *GetSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
- );
-
- /*
- * This call returns a pointer to the slot in which an event
- * has occurred. If the block argument is CK_TRUE, the call
- * should block until a slot event occurs; if CK_FALSE, it
- * should check to see if an event has occurred, occurred,
- * but return NULL (and set *pError to CK_NO_EVENT) if one
- * hasn't. This routine is optional; if unimplemented, the
- * Framework will assume that no event has happened. This
- * routine may return NULL upon error.
- */
- NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ CK_ULONG(PR_CALLBACK *GetNSlots)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the version of the Cryptoki standard
+ * to which this Module conforms. This routine is optional;
+ * if unimplemented, the Framework uses the version to which
+ * ~it~ was implemented.
+ */
+ CK_VERSION(PR_CALLBACK *GetCryptokiVersion)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing the manufacturer ID for this Module. Only
+ * the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of this Module library. Only
+ * the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the version of this Module library.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a Module library version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetLibraryVersion)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the Module wishes to
+ * handle session objects. This routine is optional.
+ * If this routine is NULL, or if it exists but returns
+ * CK_FALSE, the Framework will assume responsibility
+ * for managing session objects.
+ */
+ CK_BBOOL(PR_CALLBACK *ModuleHandlesSessionObjects)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs pointers to NSSCKMDSlot objects into
+ * the specified array; one for each slot supported by this
+ * instance. The Framework will determine the size needed
+ * for the array by calling GetNSlots. This routine is
+ * required.
+ */
+ CK_RV(PR_CALLBACK *GetSlots)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[]);
+
+ /*
+ * This call returns a pointer to the slot in which an event
+ * has occurred. If the block argument is CK_TRUE, the call
+ * should block until a slot event occurs; if CK_FALSE, it
+ * should check to see if an event has occurred, occurred,
+ * but return NULL (and set *pError to CK_NO_EVENT) if one
+ * hasn't. This routine is optional; if unimplemented, the
+ * Framework will assume that no event has happened. This
+ * routine may return NULL upon error.
+ */
+ NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
-
/*
* NSSCKMDSlot
*
@@ -220,165 +215,161 @@ struct NSSCKMDInstanceStr {
*/
struct NSSCKMDSlotStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called during the Framework initialization
- * step, after the Framework Instance has obtained the list
- * of slots (by calling NSSCKMDInstance->GetSlots). Any slot-
- * specific initialization can be done here. This routine is
- * optional; if unimplemented, it won't be called. Note that
- * if this routine returns an error, the entire Framework
- * initialization for this Module will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. This call (for each of the slots)
- * is the last thing called before NSSCKMDInstance->Finalize.
- * This routine is optional; if unimplemented, it merely
- * won't be called. Note: In the rare circumstance that
- * the Framework initialization cannot complete (due to,
- * for example, memory limitations), this can be called with
- * a NULL value for fwSlot.
- */
- void (PR_CALLBACK *Destroy)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this slot. Only the characters
- * completely encoded in the first sixty-four bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of the manufacturer of this slot.
- * Only the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if a token is present in this
- * slot. This routine is optional; if unimplemented, CK_TRUE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetTokenPresent)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the slot supports removable
- * tokens. This routine is optional; if unimplemented, CK_FALSE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRemovableDevice)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this slot is a hardware
- * device, or CK_FALSE if this slot is a software device. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHardwareSlot)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's hardware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's firmware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine should return a pointer to an NSSCKMDToken
- * object corresponding to the token in the specified slot.
- * The NSSCKFWToken object passed in has an NSSArena
- * available which is dedicated for this token. This routine
- * must be implemented. This routine may return NULL upon
- * error.
- */
- NSSCKMDToken *(PR_CALLBACK *GetToken)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called during the Framework initialization
+ * step, after the Framework Instance has obtained the list
+ * of slots (by calling NSSCKMDInstance->GetSlots). Any slot-
+ * specific initialization can be done here. This routine is
+ * optional; if unimplemented, it won't be called. Note that
+ * if this routine returns an error, the entire Framework
+ * initialization for this Module will fail.
+ */
+ CK_RV(PR_CALLBACK *Initialize)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is called when the Framework is finalizing
+ * the PKCS#11 Module. This call (for each of the slots)
+ * is the last thing called before NSSCKMDInstance->Finalize.
+ * This routine is optional; if unimplemented, it merely
+ * won't be called. Note: In the rare circumstance that
+ * the Framework initialization cannot complete (due to,
+ * for example, memory limitations), this can be called with
+ * a NULL value for fwSlot.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of this slot. Only the characters
+ * completely encoded in the first sixty-four bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of the manufacturer of this slot.
+ * Only the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CK_TRUE if a token is present in this
+ * slot. This routine is optional; if unimplemented, CK_TRUE
+ * is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetTokenPresent)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the slot supports removable
+ * tokens. This routine is optional; if unimplemented, CK_FALSE
+ * is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetRemovableDevice)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this slot is a hardware
+ * device, or CK_FALSE if this slot is a software device. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHardwareSlot)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version of this slot's hardware.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a hardware version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetHardwareVersion)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version of this slot's firmware.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a hardware version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetFirmwareVersion)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine should return a pointer to an NSSCKMDToken
+ * object corresponding to the token in the specified slot.
+ * The NSSCKFWToken object passed in has an NSSArena
+ * available which is dedicated for this token. This routine
+ * must be implemented. This routine may return NULL upon
+ * error.
+ */
+ NSSCKMDToken *(PR_CALLBACK *GetToken)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -394,444 +385,437 @@ struct NSSCKMDSlotStr {
*/
struct NSSCKMDTokenStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is used to prepare a Module token object for
- * use. It is called after the NSSCKMDToken object is obtained
- * from NSSCKMDSlot->GetToken. It is named "Setup" here because
- * Cryptoki already defines "InitToken" to do the process of
- * wiping out any existing state on a token and preparing it for
- * a new use. This routine is optional; if unimplemented, it
- * merely won't be called.
- */
- CK_RV (PR_CALLBACK *Setup)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called by the Framework whenever it notices
- * that the token object is invalid. (Typically this is when a
- * routine indicates an error such as CKR_DEVICE_REMOVED). This
- * call is the last thing called before the NSSArena in the
- * corresponding NSSCKFWToken is destroyed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Invalidate)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine initialises the token in the specified slot.
- * This routine is optional; if unimplemented, the Framework
- * will fail this operation with an error of CKR_DEVICE_ERROR.
- */
-
- CK_RV (PR_CALLBACK *InitToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's label. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLabel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's manufacturer ID. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's model name. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetModel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's serial number. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * random number generator. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasRNG)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token is write-protected.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetIsWriteProtected)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token requires a login.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetLoginRequired)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the normal user's PIN on this
- * token has been initialised. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetUserPinInitialized)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if a successful save of a
- * session's cryptographic operations state ~always~ contains
- * all keys needed to restore the state of the session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRestoreKeyNotNeeded)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * hardware clock. This routine is optional; if unimplemented,
- * CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasClockOnToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has a protected
- * authentication path. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasProtectedAuthenticationPath)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token supports dual
- * cryptographic operations within a single session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetSupportsDualCryptoOperations)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * XXX fgmr-- should we have a call to return all the flags
- * at once, for folks who already know about Cryptoki?
- */
-
- /*
- * This routine returns the maximum number of sessions that
- * may be opened on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum number of read/write
- * sesisons that may be opened on this token. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed. XXX fgmr-- or
- * CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxRwSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum PIN code length that is
- * supported on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMaxPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the minimum PIN code length that is
- * supported on this token. This routine is optional; if
- * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or 0?
- */
- CK_ULONG (PR_CALLBACK *GetMinPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which public objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which public objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which private objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which private objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * hardware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * firmware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs the current UTC time, as obtained from
- * the token, into the sixteen-byte buffer in the form
- * YYYYMMDDhhmmss00. This routine need only be implemented
- * by token which indicate that they have a real-time clock.
- * XXX fgmr-- think about time formats.
- */
- CK_RV (PR_CALLBACK *GetUTCTime)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_CHAR utcTime[16]
- );
-
- /*
- * This routine creates a session on the token, and returns
- * the corresponding NSSCKMDSession object. The value of
- * rw will be CK_TRUE if the session is to be a read/write
- * session, or CK_FALSE otherwise. An NSSArena dedicated to
- * the new session is available from the specified NSSCKFWSession.
- * This routine may return NULL upon error.
- */
- NSSCKMDSession *(PR_CALLBACK *OpenSession)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
- );
-
- /*
- * This routine returns the number of PKCS#11 Mechanisms
- * supported by this token. This routine is optional; if
- * unimplemented, zero is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMechanismCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs into the specified array the types
- * of the mechanisms supported by this token. The Framework
- * determines the size of the array by calling GetMechanismCount.
- */
- CK_RV (PR_CALLBACK *GetMechanismTypes)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE types[]
- );
-
- /*
- * This routine returns a pointer to a Module mechanism
- * object corresponding to a specified type. This routine
- * need only exist for tokens implementing at least one
- * mechanism.
- */
- NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is used to prepare a Module token object for
+ * use. It is called after the NSSCKMDToken object is obtained
+ * from NSSCKMDSlot->GetToken. It is named "Setup" here because
+ * Cryptoki already defines "InitToken" to do the process of
+ * wiping out any existing state on a token and preparing it for
+ * a new use. This routine is optional; if unimplemented, it
+ * merely won't be called.
+ */
+ CK_RV(PR_CALLBACK *Setup)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is called by the Framework whenever it notices
+ * that the token object is invalid. (Typically this is when a
+ * routine indicates an error such as CKR_DEVICE_REMOVED). This
+ * call is the last thing called before the NSSArena in the
+ * corresponding NSSCKFWToken is destroyed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Invalidate)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine initialises the token in the specified slot.
+ * This routine is optional; if unimplemented, the Framework
+ * will fail this operation with an error of CKR_DEVICE_ERROR.
+ */
+
+ CK_RV(PR_CALLBACK *InitToken)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin,
+ NSSUTF8 *label);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's label. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetLabel)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's manufacturer ID. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's model name. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetModel)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's serial number. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CK_TRUE if the token has its own
+ * random number generator. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasRNG)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this token is write-protected.
+ * This routine is optional; if unimplemented, CK_FALSE is
+ * assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetIsWriteProtected)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this token requires a login.
+ * This routine is optional; if unimplemented, CK_FALSE is
+ * assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetLoginRequired)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the normal user's PIN on this
+ * token has been initialised. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetUserPinInitialized)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if a successful save of a
+ * session's cryptographic operations state ~always~ contains
+ * all keys needed to restore the state of the session. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetRestoreKeyNotNeeded)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token has its own
+ * hardware clock. This routine is optional; if unimplemented,
+ * CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasClockOnToken)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token has a protected
+ * authentication path. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasProtectedAuthenticationPath)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token supports dual
+ * cryptographic operations within a single session. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetSupportsDualCryptoOperations)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * XXX fgmr-- should we have a call to return all the flags
+ * at once, for folks who already know about Cryptoki?
+ */
+
+ /*
+ * This routine returns the maximum number of sessions that
+ * may be opened on this token. This routine is optional;
+ * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed. XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxSessionCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the maximum number of read/write
+ * sesisons that may be opened on this token. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed. XXX fgmr-- or
+ * CK_EFFECTIVELY_INFINITE?
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxRwSessionCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the maximum PIN code length that is
+ * supported on this token. This routine is optional;
+ * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxPinLen)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the minimum PIN code length that is
+ * supported on this token. This routine is optional; if
+ * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed. XXX fgmr-- or 0?
+ */
+ CK_ULONG(PR_CALLBACK *GetMinPinLen)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the total amount of memory on the token
+ * in which public objects may be stored. This routine is
+ * optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetTotalPublicMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the amount of unused memory on the
+ * token in which public objects may be stored. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetFreePublicMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the total amount of memory on the token
+ * in which private objects may be stored. This routine is
+ * optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetTotalPrivateMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the amount of unused memory on the
+ * token in which private objects may be stored. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetFreePrivateMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version number of this token's
+ * hardware. This routine is optional; if unimplemented,
+ * the value 0.1 is assumed.
+ */
+ CK_VERSION(PR_CALLBACK *GetHardwareVersion)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version number of this token's
+ * firmware. This routine is optional; if unimplemented,
+ * the value 0.1 is assumed.
+ */
+ CK_VERSION(PR_CALLBACK *GetFirmwareVersion)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs the current UTC time, as obtained from
+ * the token, into the sixteen-byte buffer in the form
+ * YYYYMMDDhhmmss00. This routine need only be implemented
+ * by token which indicate that they have a real-time clock.
+ * XXX fgmr-- think about time formats.
+ */
+ CK_RV(PR_CALLBACK *GetUTCTime)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR utcTime[16]);
+
+ /*
+ * This routine creates a session on the token, and returns
+ * the corresponding NSSCKMDSession object. The value of
+ * rw will be CK_TRUE if the session is to be a read/write
+ * session, or CK_FALSE otherwise. An NSSArena dedicated to
+ * the new session is available from the specified NSSCKFWSession.
+ * This routine may return NULL upon error.
+ */
+ NSSCKMDSession *(PR_CALLBACK *OpenSession)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the number of PKCS#11 Mechanisms
+ * supported by this token. This routine is optional; if
+ * unimplemented, zero is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetMechanismCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs into the specified array the types
+ * of the mechanisms supported by this token. The Framework
+ * determines the size of the array by calling GetMechanismCount.
+ */
+ CK_RV(PR_CALLBACK *GetMechanismTypes)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[]);
+
+ /*
+ * This routine returns a pointer to a Module mechanism
+ * object corresponding to a specified type. This routine
+ * need only exist for tokens implementing at least one
+ * mechanism.
+ */
+ NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -847,279 +831,275 @@ struct NSSCKMDTokenStr {
*/
struct NSSCKMDSessionStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when a session is
- * closed. This call is the last thing called before the
- * NSSArena in the correspoinding NSSCKFWSession is destroyed.
- * This routine is optional; if unimplemented, it merely won't
- * be called.
- */
- void (PR_CALLBACK *Close)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to get any device-specific error.
- * This routine is optional.
- */
- CK_ULONG (PR_CALLBACK *GetDeviceError)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to log in a user to the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Login)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_USER_TYPE userType,
- NSSItem *pin,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to log out a user from the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Logout)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to initialize the normal user's PIN or
- * password. This will only be called in the "read/write
- * security officer functions" state. If this token has a
- * protected authentication path, then the pin argument will
- * be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *InitPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin
- );
-
- /*
- * This routine is used to modify a user's PIN or password. This
- * routine will only be called in the "read/write security officer
- * functions" or "read/write user functions" state. If this token
- * has a protected authentication path, then the pin arguments
- * will be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *SetPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *oldPin,
- NSSItem *newPin
- );
-
- /*
- * This routine is used to find out how much space would be required
- * to save the current operational state. This routine is optional;
- * if unimplemented, the Framework will reject any attempts to save
- * the operational state with the error CKR_STATE_UNSAVEABLE. This
- * routine may return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetOperationStateLen)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is used to store the current operational state. This
- * routine is only required if GetOperationStateLen is implemented
- * and can return a nonzero value. The buffer in the specified item
- * will be pre-allocated, and the length will specify the amount of
- * space available (which may be more than GetOperationStateLen
- * asked for, but which will not be smaller).
- */
- CK_RV (PR_CALLBACK *GetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This routine is used to restore an operational state previously
- * obtained with GetOperationState. The Framework will take pains
- * to be sure that the state is (or was at one point) valid; if the
- * Module notices that the state is invalid, it should return an
- * error, but it is not required to be paranoid about the issue.
- * [XXX fgmr-- should (can?) the framework verify the keys match up?]
- * This routine is required only if GetOperationState is implemented.
- */
- CK_RV (PR_CALLBACK *SetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *state,
- NSSCKMDObject *mdEncryptionKey,
- NSSCKFWObject *fwEncryptionKey,
- NSSCKMDObject *mdAuthenticationKey,
- NSSCKFWObject *fwAuthenticationKey
- );
-
- /*
- * This routine is used to create an object. The specified template
- * will only specify a session object if the Module has indicated
- * that it wishes to handle its own session objects. This routine
- * is optional; if unimplemented, the Framework will reject the
- * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for
- * token objects should come from the NSSArena available from the
- * NSSCKFWToken object; space for session objects (if supported)
- * should come from the NSSArena available from the NSSCKFWSession
- * object. The appropriate NSSArena pointer will, as a convenience,
- * be passed as the handyArenaPointer argument. This routine may
- * return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CreateObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to make a copy of an object. It is entirely
- * optional; if unimplemented, the Framework will try to use
- * CreateObject instead. If the Module has indicated that it does
- * not wish to handle session objects, then this routine will only
- * be called to copy a token object to another token object.
- * Otherwise, either the original object or the new may be of
- * either the token or session variety. As with CreateObject, the
- * handyArenaPointer will point to the appropriate arena for the
- * new object. This routine may return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CopyObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdOldObject,
- NSSCKFWObject *fwOldObject,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to begin an object search. This routine may
- * be unimplemented only if the Module does not handle session
- * objects, and if none of its tokens have token objects. The
- * NSSCKFWFindObjects pointer has an NSSArena that may be used for
- * storage for the life of this "find" operation. This routine may
- * return NULL upon error. If the Module can determine immediately
- * that the search will not find any matching objects, it may return
- * NULL, and specify CKR_OK as the error.
- */
- NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine seeds the random-number generator. It is
- * optional, even if GetRandom is implemented. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
- */
- CK_RV (PR_CALLBACK *SeedRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *seed
- );
-
- /*
- * This routine gets random data. It is optional. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_NO_RNG.
- */
- CK_RV (PR_CALLBACK *GetRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework when a session is
+ * closed. This call is the last thing called before the
+ * NSSArena in the correspoinding NSSCKFWSession is destroyed.
+ * This routine is optional; if unimplemented, it merely won't
+ * be called.
+ */
+ void(PR_CALLBACK *Close)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to get any device-specific error.
+ * This routine is optional.
+ */
+ CK_ULONG(PR_CALLBACK *GetDeviceError)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to log in a user to the token. This
+ * routine is optional, since the Framework's NSSCKFWSession
+ * object keeps track of the login state.
+ */
+ CK_RV(PR_CALLBACK *Login)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_USER_TYPE userType,
+ NSSItem *pin,
+ CK_STATE oldState,
+ CK_STATE newState);
+
+ /*
+ * This routine is used to log out a user from the token. This
+ * routine is optional, since the Framework's NSSCKFWSession
+ * object keeps track of the login state.
+ */
+ CK_RV(PR_CALLBACK *Logout)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_STATE oldState,
+ CK_STATE newState);
+
+ /*
+ * This routine is used to initialize the normal user's PIN or
+ * password. This will only be called in the "read/write
+ * security officer functions" state. If this token has a
+ * protected authentication path, then the pin argument will
+ * be NULL. This routine is optional; if unimplemented, the
+ * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
+ */
+ CK_RV(PR_CALLBACK *InitPIN)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin);
+
+ /*
+ * This routine is used to modify a user's PIN or password. This
+ * routine will only be called in the "read/write security officer
+ * functions" or "read/write user functions" state. If this token
+ * has a protected authentication path, then the pin arguments
+ * will be NULL. This routine is optional; if unimplemented, the
+ * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
+ */
+ CK_RV(PR_CALLBACK *SetPIN)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *oldPin,
+ NSSItem *newPin);
+
+ /*
+ * This routine is used to find out how much space would be required
+ * to save the current operational state. This routine is optional;
+ * if unimplemented, the Framework will reject any attempts to save
+ * the operational state with the error CKR_STATE_UNSAVEABLE. This
+ * routine may return zero on error.
+ */
+ CK_ULONG(PR_CALLBACK *GetOperationStateLen)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to store the current operational state. This
+ * routine is only required if GetOperationStateLen is implemented
+ * and can return a nonzero value. The buffer in the specified item
+ * will be pre-allocated, and the length will specify the amount of
+ * space available (which may be more than GetOperationStateLen
+ * asked for, but which will not be smaller).
+ */
+ CK_RV(PR_CALLBACK *GetOperationState)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *buffer);
+
+ /*
+ * This routine is used to restore an operational state previously
+ * obtained with GetOperationState. The Framework will take pains
+ * to be sure that the state is (or was at one point) valid; if the
+ * Module notices that the state is invalid, it should return an
+ * error, but it is not required to be paranoid about the issue.
+ * [XXX fgmr-- should (can?) the framework verify the keys match up?]
+ * This routine is required only if GetOperationState is implemented.
+ */
+ CK_RV(PR_CALLBACK *SetOperationState)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *state,
+ NSSCKMDObject *mdEncryptionKey,
+ NSSCKFWObject *fwEncryptionKey,
+ NSSCKMDObject *mdAuthenticationKey,
+ NSSCKFWObject *fwAuthenticationKey);
+
+ /*
+ * This routine is used to create an object. The specified template
+ * will only specify a session object if the Module has indicated
+ * that it wishes to handle its own session objects. This routine
+ * is optional; if unimplemented, the Framework will reject the
+ * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for
+ * token objects should come from the NSSArena available from the
+ * NSSCKFWToken object; space for session objects (if supported)
+ * should come from the NSSArena available from the NSSCKFWSession
+ * object. The appropriate NSSArena pointer will, as a convenience,
+ * be passed as the handyArenaPointer argument. This routine may
+ * return NULL upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *CreateObject)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to make a copy of an object. It is entirely
+ * optional; if unimplemented, the Framework will try to use
+ * CreateObject instead. If the Module has indicated that it does
+ * not wish to handle session objects, then this routine will only
+ * be called to copy a token object to another token object.
+ * Otherwise, either the original object or the new may be of
+ * either the token or session variety. As with CreateObject, the
+ * handyArenaPointer will point to the appropriate arena for the
+ * new object. This routine may return NULL upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *CopyObject)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdOldObject,
+ NSSCKFWObject *fwOldObject,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to begin an object search. This routine may
+ * be unimplemented only if the Module does not handle session
+ * objects, and if none of its tokens have token objects. The
+ * NSSCKFWFindObjects pointer has an NSSArena that may be used for
+ * storage for the life of this "find" operation. This routine may
+ * return NULL upon error. If the Module can determine immediately
+ * that the search will not find any matching objects, it may return
+ * NULL, and specify CKR_OK as the error.
+ */
+ NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine seeds the random-number generator. It is
+ * optional, even if GetRandom is implemented. If unimplemented,
+ * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
+ */
+ CK_RV(PR_CALLBACK *SeedRandom)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *seed);
+
+ /*
+ * This routine gets random data. It is optional. If unimplemented,
+ * the Framework will issue the error CKR_RANDOM_NO_RNG.
+ */
+ CK_RV(PR_CALLBACK *GetRandom)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *buffer);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -1135,54 +1115,52 @@ struct NSSCKMDSessionStr {
*/
struct NSSCKMDFindObjectsStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to finish a
- * search operation. Note that the Framework may finish
- * a search before it has completed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Final)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to obtain another pointer to an
- * object matching the search criteria. This routine is
- * required. If no (more) objects match the search, it
- * should return NULL and set the error to CKR_OK.
- */
- NSSCKMDObject *(PR_CALLBACK *Next)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework to finish a
+ * search operation. Note that the Framework may finish
+ * a search before it has completed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Final)(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to obtain another pointer to an
+ * object matching the search criteria. This routine is
+ * required. If no (more) objects match the search, it
+ * should return NULL and set the error to CKR_OK.
+ */
+ NSSCKMDObject *(PR_CALLBACK *Next)(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -1199,182 +1177,179 @@ struct NSSCKMDFindObjectsStr {
*/
struct NSSCKMDCryptoOperationStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework clean up the mdCryptoOperation
- * structure.
- * This routine is optional; if unimplemented, it will be ignored.
- */
- void (PR_CALLBACK *Destroy)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
-
- /*
- * how many bytes do we need to finish this buffer?
- * must be implemented if Final is implemented.
- */
- CK_ULONG (PR_CALLBACK *GetFinalLength)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * how many bytes do we need to complete the next operation.
- * used in both Update and UpdateFinal.
- */
- CK_ULONG (PR_CALLBACK *GetOperationLength)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *inputBuffer,
- CK_RV *pError
- );
-
- /*
- * This routine is called by the Framework to finish a
- * search operation. Note that the Framework may finish
- * a search before it has completed. This routine is
- * optional; if unimplemented, it merely won't be called.
- * The respective final call with fail with CKR_FUNCTION_FAILED
- * Final should not free the mdCryptoOperation.
- */
- CK_RV(PR_CALLBACK *Final)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *outputBuffer
- );
-
-
- /*
- * This routine is called by the Framework to complete the
- * next step in an encryption/decryption operation.
- * This routine is optional; if unimplemented, the respective
- * update call with fail with CKR_FUNCTION_FAILED.
- * Update should not be implemented for signing/verification/digest
- * mechanisms.
- */
- CK_RV(PR_CALLBACK *Update)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *inputBuffer,
- NSSItem *outputBuffer
- );
-
- /*
- * This routine is called by the Framework to complete the
- * next step in a signing/verification/digest operation.
- * This routine is optional; if unimplemented, the respective
- * update call with fail with CKR_FUNCTION_FAILED
- * Update should not be implemented for encryption/decryption
- * mechanisms.
- */
- CK_RV(PR_CALLBACK *DigestUpdate)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *inputBuffer
- );
-
- /*
- * This routine is called by the Framework to complete a
- * single step operation. This routine is optional; if unimplemented,
- * the framework will use the Update and Final functions to complete
- * the operation.
- */
- CK_RV(PR_CALLBACK *UpdateFinal)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *inputBuffer,
- NSSItem *outputBuffer
- );
-
- /*
- * This routine is called by the Framework to complete next
- * step in a combined operation. The Decrypt/Encrypt mechanism
- * should define and drive the combo step.
- * This routine is optional; if unimplemented,
- * the framework will use the appropriate Update functions to complete
- * the operation.
- */
- CK_RV(PR_CALLBACK *UpdateCombo)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDCryptoOperation *mdPeerCryptoOperation,
- NSSCKFWCryptoOperation *fwPeerCryptoOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *inputBuffer,
- NSSItem *outputBuffer
- );
-
- /*
- * Hash a key directly into the digest
- */
- CK_RV(PR_CALLBACK *DigestKey)(
- NSSCKMDCryptoOperation *mdCryptoOperation,
- NSSCKFWCryptoOperation *fwCryptoOperation,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework clean up the mdCryptoOperation
+ * structure.
+ * This routine is optional; if unimplemented, it will be ignored.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * how many bytes do we need to finish this buffer?
+ * must be implemented if Final is implemented.
+ */
+ CK_ULONG(PR_CALLBACK *GetFinalLength)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * how many bytes do we need to complete the next operation.
+ * used in both Update and UpdateFinal.
+ */
+ CK_ULONG(PR_CALLBACK *GetOperationLength)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ CK_RV *pError);
+
+ /*
+ * This routine is called by the Framework to finish a
+ * search operation. Note that the Framework may finish
+ * a search before it has completed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ * The respective final call with fail with CKR_FUNCTION_FAILED
+ * Final should not free the mdCryptoOperation.
+ */
+ CK_RV(PR_CALLBACK *Final)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete the
+ * next step in an encryption/decryption operation.
+ * This routine is optional; if unimplemented, the respective
+ * update call with fail with CKR_FUNCTION_FAILED.
+ * Update should not be implemented for signing/verification/digest
+ * mechanisms.
+ */
+ CK_RV(PR_CALLBACK *Update)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete the
+ * next step in a signing/verification/digest operation.
+ * This routine is optional; if unimplemented, the respective
+ * update call with fail with CKR_FUNCTION_FAILED
+ * Update should not be implemented for encryption/decryption
+ * mechanisms.
+ */
+ CK_RV(PR_CALLBACK *DigestUpdate)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete a
+ * single step operation. This routine is optional; if unimplemented,
+ * the framework will use the Update and Final functions to complete
+ * the operation.
+ */
+ CK_RV(PR_CALLBACK *UpdateFinal)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete next
+ * step in a combined operation. The Decrypt/Encrypt mechanism
+ * should define and drive the combo step.
+ * This routine is optional; if unimplemented,
+ * the framework will use the appropriate Update functions to complete
+ * the operation.
+ */
+ CK_RV(PR_CALLBACK *UpdateCombo)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDCryptoOperation *mdPeerCryptoOperation,
+ NSSCKFWCryptoOperation *fwPeerCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * Hash a key directly into the digest
+ */
+ CK_RV(PR_CALLBACK *DigestKey)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -1383,365 +1358,352 @@ struct NSSCKMDCryptoOperationStr {
*/
struct NSSCKMDMechanismStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This also frees the fwMechanism if appropriate.
- * If it is not supplied, the Framework will assume that the Token
- * Manages a static list of mechanisms and the function will not be called.
- */
- void (PR_CALLBACK *Destroy)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
-
- /*
- * This routine returns the minimum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMinKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the maximum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMaxKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is called to determine if the mechanism is
- * implemented in hardware or software. It returns CK_TRUE
- * if it is done in hardware.
- */
- CK_BBOOL (PR_CALLBACK *GetInHardware)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * The crypto routines themselves. Most crypto operations may
- * be performed in two ways, streaming and single-part. The
- * streaming operations involve the use of (typically) three
- * calls-- an Init method to set up the operation, an Update
- * method to feed data to the operation, and a Final method to
- * obtain the final result. Single-part operations involve
- * one method, to perform the crypto operation all at once.
- *
- * The NSS Cryptoki Framework can implement the single-part
- * operations in terms of the streaming operations on behalf
- * of the Module. There are a few variances.
- *
- * Only the Init Functions are defined by the mechanism. Each
- * init function will return a NSSCKFWCryptoOperation which
- * can supply update, final, the single part updateFinal, and
- * the combo updateCombo functions.
- *
- * For simplicity, the routines are listed in summary here:
- *
- * EncryptInit,
- * DecryptInit,
- * DigestInit,
- * SignInit,
- * SignRecoverInit;
- * VerifyInit,
- * VerifyRecoverInit;
- *
- * The key-management routines are
- *
- * GenerateKey
- * GenerateKeyPair
- * WrapKey
- * UnwrapKey
- * DeriveKey
- *
- * All of these routines based on the Cryptoki API;
- * see PKCS#11 for further information.
- */
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *EncryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *DecryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *DigestInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *SignInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *VerifyInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *SignRecoverInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- */
- NSSCKMDCryptoOperation * (PR_CALLBACK *VerifyRecoverInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
- );
-
- /*
- * Key management operations.
- */
-
- /*
- * This routine generates a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine generates a key pair.
- */
- CK_RV (PR_CALLBACK *GenerateKeyPair)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- NSSCKMDObject **pPublicKey,
- NSSCKMDObject **pPrivateKey
- );
-
- /*
- * This routine wraps a key.
- */
- CK_ULONG (PR_CALLBACK *GetWrapKeyLength)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSCKMDObject *mdWrappedKey,
- NSSCKFWObject *fwWrappedKey,
- CK_RV *pError
- );
-
- /*
- * This routine wraps a key.
- */
- CK_RV (PR_CALLBACK *WrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSCKMDObject *mdKeyObject,
- NSSCKFWObject *fwKeyObject,
- NSSItem *wrappedKey
- );
-
- /*
- * This routine unwraps a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSItem *wrappedKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine derives a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_PTR pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdBaseKey,
- NSSCKFWObject *fwBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This also frees the fwMechanism if appropriate.
+ * If it is not supplied, the Framework will assume that the Token
+ * Manages a static list of mechanisms and the function will not be called.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the minimum key size allowed for
+ * this mechanism. This routine is optional; if unimplemented,
+ * zero will be assumed. This routine may return zero on
+ * error; if the error is CKR_OK, zero will be accepted as
+ * a valid response.
+ */
+ CK_ULONG(PR_CALLBACK *GetMinKeySize)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the maximum key size allowed for
+ * this mechanism. This routine is optional; if unimplemented,
+ * zero will be assumed. This routine may return zero on
+ * error; if the error is CKR_OK, zero will be accepted as
+ * a valid response.
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxKeySize)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine is called to determine if the mechanism is
+ * implemented in hardware or software. It returns CK_TRUE
+ * if it is done in hardware.
+ */
+ CK_BBOOL(PR_CALLBACK *GetInHardware)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * The crypto routines themselves. Most crypto operations may
+ * be performed in two ways, streaming and single-part. The
+ * streaming operations involve the use of (typically) three
+ * calls-- an Init method to set up the operation, an Update
+ * method to feed data to the operation, and a Final method to
+ * obtain the final result. Single-part operations involve
+ * one method, to perform the crypto operation all at once.
+ *
+ * The NSS Cryptoki Framework can implement the single-part
+ * operations in terms of the streaming operations on behalf
+ * of the Module. There are a few variances.
+ *
+ * Only the Init Functions are defined by the mechanism. Each
+ * init function will return a NSSCKFWCryptoOperation which
+ * can supply update, final, the single part updateFinal, and
+ * the combo updateCombo functions.
+ *
+ * For simplicity, the routines are listed in summary here:
+ *
+ * EncryptInit,
+ * DecryptInit,
+ * DigestInit,
+ * SignInit,
+ * SignRecoverInit;
+ * VerifyInit,
+ * VerifyRecoverInit;
+ *
+ * The key-management routines are
+ *
+ * GenerateKey
+ * GenerateKeyPair
+ * WrapKey
+ * UnwrapKey
+ * DeriveKey
+ *
+ * All of these routines based on the Cryptoki API;
+ * see PKCS#11 for further information.
+ */
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *EncryptInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *DecryptInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *DigestInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *SignInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *VerifyInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *SignRecoverInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *VerifyRecoverInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ * Key management operations.
+ */
+
+ /*
+ * This routine generates a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine generates a key pair.
+ */
+ CK_RV(PR_CALLBACK *GenerateKeyPair)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKMDObject **pPublicKey,
+ NSSCKMDObject **pPrivateKey);
+
+ /*
+ * This routine wraps a key.
+ */
+ CK_ULONG(PR_CALLBACK *GetWrapKeyLength)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSCKMDObject *mdWrappedKey,
+ NSSCKFWObject *fwWrappedKey,
+ CK_RV *pError);
+
+ /*
+ * This routine wraps a key.
+ */
+ CK_RV(PR_CALLBACK *WrapKey)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSCKMDObject *mdKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ NSSItem *wrappedKey);
+
+ /*
+ * This routine unwraps a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine derives a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdBaseKey,
+ NSSCKFWObject *fwBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
/*
@@ -1756,190 +1718,187 @@ struct NSSCKMDMechanismStr {
*/
struct NSSCKMDObjectStr {
- /*
- * The implementation my use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when it is letting
- * go of an object handle. It can be used by the Module to
- * free any resources tied up by an object "in use." It is
- * optional.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to completely destroy an object.
- * It is optional. The parameter fwObject might be NULL
- * if the framework runs out of memory at the wrong moment.
- */
- CK_RV (PR_CALLBACK *Destroy)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This helper routine is used by the Framework, and is especially
- * useful when it is managing session objects on behalf of the
- * Module. This routine is optional; if unimplemented, the
- * Framework will actually look up the CKA_TOKEN attribute. In the
- * event of an error, just make something up-- the Framework will
- * find out soon enough anyway.
- */
- CK_BBOOL (PR_CALLBACK *IsTokenObject)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the number of attributes of which this
- * object consists. It is mandatory. It can return zero on
- * error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeCount)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine stuffs the attribute types into the provided array.
- * The array size (as obtained from GetAttributeCount) is passed in
- * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
- * (either too big or too small).
- */
- CK_RV (PR_CALLBACK *GetAttributeTypes)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
- );
-
- /*
- * This routine returns the size (in bytes) of the specified
- * attribute. It can return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine returns an NSSCKFWItem structure.
- * The item pointer points to an NSSItem containing the attribute value.
- * The needsFreeing bit tells the framework whether to call the
- * FreeAttribute function . Upon error, an NSSCKFWItem structure
- * with a NULL NSSItem item pointer will be returned
- */
- NSSCKFWItem (PR_CALLBACK *GetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine returns CKR_OK if the attribute could be freed.
- */
- CK_RV (PR_CALLBACK *FreeAttribute)(
- NSSCKFWItem * item
- );
-
- /*
- * This routine changes the specified attribute. If unimplemented,
- * the object will be considered read-only.
- */
- CK_RV (PR_CALLBACK *SetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
- );
-
- /*
- * This routine returns the storage requirements of this object,
- * in bytes. Cryptoki doesn't strictly define the definition,
- * but it should relate to the values returned by the "Get Memory"
- * routines of the NSSCKMDToken. This routine is optional; if
- * unimplemented, the Framework will consider this information
- * sensitive. This routine may return zero on error. If the
- * specified error is CKR_OK, zero will be accepted as a valid
- * response.
- */
- CK_ULONG (PR_CALLBACK *GetObjectSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
+ /*
+ * The implementation my use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework when it is letting
+ * go of an object handle. It can be used by the Module to
+ * free any resources tied up by an object "in use." It is
+ * optional.
+ */
+ void(PR_CALLBACK *Finalize)(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to completely destroy an object.
+ * It is optional. The parameter fwObject might be NULL
+ * if the framework runs out of memory at the wrong moment.
+ */
+ CK_RV(PR_CALLBACK *Destroy)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This helper routine is used by the Framework, and is especially
+ * useful when it is managing session objects on behalf of the
+ * Module. This routine is optional; if unimplemented, the
+ * Framework will actually look up the CKA_TOKEN attribute. In the
+ * event of an error, just make something up-- the Framework will
+ * find out soon enough anyway.
+ */
+ CK_BBOOL(PR_CALLBACK *IsTokenObject)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the number of attributes of which this
+ * object consists. It is mandatory. It can return zero on
+ * error.
+ */
+ CK_ULONG(PR_CALLBACK *GetAttributeCount)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine stuffs the attribute types into the provided array.
+ * The array size (as obtained from GetAttributeCount) is passed in
+ * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
+ * (either too big or too small).
+ */
+ CK_RV(PR_CALLBACK *GetAttributeTypes)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
+
+ /*
+ * This routine returns the size (in bytes) of the specified
+ * attribute. It can return zero on error.
+ */
+ CK_ULONG(PR_CALLBACK *GetAttributeSize)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+ /*
+ * This routine returns an NSSCKFWItem structure.
+ * The item pointer points to an NSSItem containing the attribute value.
+ * The needsFreeing bit tells the framework whether to call the
+ * FreeAttribute function . Upon error, an NSSCKFWItem structure
+ * with a NULL NSSItem item pointer will be returned
+ */
+ NSSCKFWItem(PR_CALLBACK *GetAttribute)(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CKR_OK if the attribute could be freed.
+ */
+ CK_RV(PR_CALLBACK *FreeAttribute)
+ (
+ NSSCKFWItem *item);
+
+ /*
+ * This routine changes the specified attribute. If unimplemented,
+ * the object will be considered read-only.
+ */
+ CK_RV(PR_CALLBACK *SetAttribute)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
+
+ /*
+ * This routine returns the storage requirements of this object,
+ * in bytes. Cryptoki doesn't strictly define the definition,
+ * but it should relate to the values returned by the "Get Memory"
+ * routines of the NSSCKMDToken. This routine is optional; if
+ * unimplemented, the Framework will consider this information
+ * sensitive. This routine may return zero on error. If the
+ * specified error is CKR_OK, zero will be accepted as a valid
+ * response.
+ */
+ CK_ULONG(PR_CALLBACK *GetObjectSize)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
};
-
#endif /* NSSCKMDT_H */
diff --git a/lib/ckfw/nssckt.h b/lib/ckfw/nssckt.h
index 5ed534c25..b50a88f7b 100644
--- a/lib/ckfw/nssckt.h
+++ b/lib/ckfw/nssckt.h
@@ -10,4 +10,3 @@ typedef CK_ATTRIBUTE_TYPE CK_PTR CK_ATTRIBUTE_TYPE_PTR;
#define CK_ENTRY
#endif /* _NSSCKT_H_ */
-
diff --git a/lib/ckfw/nssmkey/ckmk.h b/lib/ckfw/nssmkey/ckmk.h
index 9d8202f6a..4f3ab82d7 100644
--- a/lib/ckfw/nssmkey/ckmk.h
+++ b/lib/ckfw/nssmkey/ckmk.h
@@ -36,9 +36,9 @@
* to this PKCS #11 module.
*/
struct ckmkRawObjectStr {
- CK_ULONG n;
- const CK_ATTRIBUTE_TYPE *types;
- const NSSItem *items;
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
};
typedef struct ckmkRawObjectStr ckmkRawObject;
@@ -46,40 +46,40 @@ typedef struct ckmkRawObjectStr ckmkRawObject;
* Key/Cert Items
*/
struct ckmkItemObjectStr {
- SecKeychainItemRef itemRef;
- SecItemClass itemClass;
- PRBool hasID;
- NSSItem modify;
- NSSItem private;
- NSSItem encrypt;
- NSSItem decrypt;
- NSSItem derive;
- NSSItem sign;
- NSSItem signRecover;
- NSSItem verify;
- NSSItem verifyRecover;
- NSSItem wrap;
- NSSItem unwrap;
- NSSItem label;
- NSSItem subject;
- NSSItem issuer;
- NSSItem serial;
- NSSItem derCert;
- NSSItem id;
- NSSItem modulus;
- NSSItem exponent;
- NSSItem privateExponent;
- NSSItem prime1;
- NSSItem prime2;
- NSSItem exponent1;
- NSSItem exponent2;
- NSSItem coefficient;
+ SecKeychainItemRef itemRef;
+ SecItemClass itemClass;
+ PRBool hasID;
+ NSSItem modify;
+ NSSItem private;
+ NSSItem encrypt;
+ NSSItem decrypt;
+ NSSItem derive;
+ NSSItem sign;
+ NSSItem signRecover;
+ NSSItem verify;
+ NSSItem verifyRecover;
+ NSSItem wrap;
+ NSSItem unwrap;
+ NSSItem label;
+ NSSItem subject;
+ NSSItem issuer;
+ NSSItem serial;
+ NSSItem derCert;
+ NSSItem id;
+ NSSItem modulus;
+ NSSItem exponent;
+ NSSItem privateExponent;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem coefficient;
};
typedef struct ckmkItemObjectStr ckmkItemObject;
typedef enum {
- ckmkRaw,
- ckmkItem,
+ ckmkRaw,
+ ckmkItem,
} ckmkObjectType;
/*
@@ -87,112 +87,96 @@ typedef enum {
* cfind as ckmkInternalObjects.
*/
struct ckmkInternalObjectStr {
- ckmkObjectType type;
- union {
- ckmkRawObject raw;
- ckmkItemObject item;
- } u;
- CK_OBJECT_CLASS objClass;
- NSSItem hashKey;
- unsigned char hashKeyData[128];
- NSSCKMDObject mdObject;
+ ckmkObjectType type;
+ union {
+ ckmkRawObject raw;
+ ckmkItemObject item;
+ } u;
+ CK_OBJECT_CLASS objClass;
+ NSSItem hashKey;
+ unsigned char hashKeyData[128];
+ NSSCKMDObject mdObject;
};
typedef struct ckmkInternalObjectStr ckmkInternalObject;
/* our raw object data array */
NSS_EXTERN_DATA ckmkInternalObject nss_ckmk_data[];
-NSS_EXTERN_DATA const PRUint32 nss_ckmk_nObjects;
-
-NSS_EXTERN_DATA const CK_VERSION nss_ckmk_CryptokiVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_ManufacturerID;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_LibraryDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_ckmk_LibraryVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_SlotDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_ckmk_HardwareVersion;
-NSS_EXTERN_DATA const CK_VERSION nss_ckmk_FirmwareVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_TokenLabel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_TokenModel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_ckmk_TokenSerialNumber;
-
-NSS_EXTERN_DATA const NSSCKMDInstance nss_ckmk_mdInstance;
-NSS_EXTERN_DATA const NSSCKMDSlot nss_ckmk_mdSlot;
-NSS_EXTERN_DATA const NSSCKMDToken nss_ckmk_mdToken;
+NSS_EXTERN_DATA const PRUint32 nss_ckmk_nObjects;
+
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_CryptokiVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_ManufacturerID;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_LibraryDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_LibraryVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_SlotDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_HardwareVersion;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_FirmwareVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenLabel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenModel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenSerialNumber;
+
+NSS_EXTERN_DATA const NSSCKMDInstance nss_ckmk_mdInstance;
+NSS_EXTERN_DATA const NSSCKMDSlot nss_ckmk_mdSlot;
+NSS_EXTERN_DATA const NSSCKMDToken nss_ckmk_mdToken;
NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckmk_mdMechanismRSA;
NSS_EXTERN NSSCKMDSession *
-nss_ckmk_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
+nss_ckmk_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDFindObjects *
-nss_ckmk_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nss_ckmk_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
/*
* Object Utilities
*/
NSS_EXTERN NSSCKMDObject *
-nss_ckmk_CreateMDObject
-(
- NSSArena *arena,
- ckmkInternalObject *io,
- CK_RV *pError
-);
+nss_ckmk_CreateMDObject(
+ NSSArena *arena,
+ ckmkInternalObject *io,
+ CK_RV *pError);
NSS_EXTERN NSSCKMDObject *
-nss_ckmk_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
+nss_ckmk_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
NSS_EXTERN const NSSItem *
-nss_ckmk_FetchAttribute
-(
- ckmkInternalObject *io,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError
-);
+nss_ckmk_FetchAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError);
NSS_EXTERN void
-nss_ckmk_DestroyInternalObject
-(
- ckmkInternalObject *io
-);
+nss_ckmk_DestroyInternalObject(
+ ckmkInternalObject *io);
unsigned char *
-nss_ckmk_DERUnwrap
-(
- unsigned char *src,
- int size,
- int *outSize,
- unsigned char **next
-);
+nss_ckmk_DERUnwrap(
+ unsigned char *src,
+ int size,
+ int *outSize,
+ unsigned char **next);
CK_ULONG
-nss_ckmk_GetULongAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-);
+nss_ckmk_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError);
-#define NSS_CKMK_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))
+#define NSS_CKMK_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))
#ifdef DEBUG
-#define CKMK_MACERR(str,err) cssmPerror(str,err)
+#define CKMK_MACERR(str, err) cssmPerror(str, err)
#else
-#define CKMK_MACERR(str,err)
+#define CKMK_MACERR(str, err)
#endif
-
+
#endif
diff --git a/lib/ckfw/nssmkey/ckmkver.c b/lib/ckfw/nssmkey/ckmkver.c
index 0f6897634..2b99f1e22 100644
--- a/lib/ckfw/nssmkey/ckmkver.c
+++ b/lib/ckfw/nssmkey/ckmkver.c
@@ -14,5 +14,4 @@
/*
* Version information
*/
-const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring "
- NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING;
+const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring " NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/lib/ckfw/nssmkey/manchor.c b/lib/ckfw/nssmkey/manchor.c
index 1b4d70bcd..6261eff95 100644
--- a/lib/ckfw/nssmkey/manchor.c
+++ b/lib/ckfw/nssmkey/manchor.c
@@ -6,12 +6,12 @@
* nssmkey/manchor.c
*
* This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
+ * shared library, which is required for dynamic loading. See the
* comments in nssck.api for more information.
*/
#include "ckmk.h"
#define MODULE_NAME ckmk
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckmk_mdInstance
+#define INSTANCE_NAME (NSSCKMDInstance *) & nss_ckmk_mdInstance
#include "nssck.api"
diff --git a/lib/ckfw/nssmkey/mconstants.c b/lib/ckfw/nssmkey/mconstants.c
index 89df4f25a..c26298ada 100644
--- a/lib/ckfw/nssmkey/mconstants.c
+++ b/lib/ckfw/nssmkey/mconstants.c
@@ -19,40 +19,43 @@
#include "nssmkey.h"
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckmk_CryptokiVersion = {
- NSS_CKMK_CRYPTOKI_VERSION_MAJOR,
- NSS_CKMK_CRYPTOKI_VERSION_MINOR };
+ nss_ckmk_CryptokiVersion = {
+ NSS_CKMK_CRYPTOKI_VERSION_MAJOR,
+ NSS_CKMK_CRYPTOKI_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_ManufacturerID = (NSSUTF8 *) "Mozilla Foundation";
+ nss_ckmk_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_LibraryDescription = (NSSUTF8 *) "NSS Access to Mac OS X Key Ring";
+ nss_ckmk_LibraryDescription = (NSSUTF8 *)"NSS Access to Mac OS X Key Ring";
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckmk_LibraryVersion = {
- NSS_CKMK_LIBRARY_VERSION_MAJOR,
- NSS_CKMK_LIBRARY_VERSION_MINOR};
+ nss_ckmk_LibraryVersion = {
+ NSS_CKMK_LIBRARY_VERSION_MAJOR,
+ NSS_CKMK_LIBRARY_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_SlotDescription = (NSSUTF8 *) "Mac OS X Key Ring";
+ nss_ckmk_SlotDescription = (NSSUTF8 *)"Mac OS X Key Ring";
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckmk_HardwareVersion = {
- NSS_CKMK_HARDWARE_VERSION_MAJOR,
- NSS_CKMK_HARDWARE_VERSION_MINOR };
+ nss_ckmk_HardwareVersion = {
+ NSS_CKMK_HARDWARE_VERSION_MAJOR,
+ NSS_CKMK_HARDWARE_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const CK_VERSION
-nss_ckmk_FirmwareVersion = {
- NSS_CKMK_FIRMWARE_VERSION_MAJOR,
- NSS_CKMK_FIRMWARE_VERSION_MINOR };
+ nss_ckmk_FirmwareVersion = {
+ NSS_CKMK_FIRMWARE_VERSION_MAJOR,
+ NSS_CKMK_FIRMWARE_VERSION_MINOR
+ };
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_TokenLabel = (NSSUTF8 *) "Mac OS X Key Ring";
+ nss_ckmk_TokenLabel = (NSSUTF8 *)"Mac OS X Key Ring";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_TokenModel = (NSSUTF8 *) "1";
+ nss_ckmk_TokenModel = (NSSUTF8 *)"1";
NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_ckmk_TokenSerialNumber = (NSSUTF8 *) "1";
-
+ nss_ckmk_TokenSerialNumber = (NSSUTF8 *)"1";
diff --git a/lib/ckfw/nssmkey/mfind.c b/lib/ckfw/nssmkey/mfind.c
index 8f22bdac8..41deef5e9 100644
--- a/lib/ckfw/nssmkey/mfind.c
+++ b/lib/ckfw/nssmkey/mfind.c
@@ -14,354 +14,343 @@
*/
struct ckmkFOStr {
- NSSArena *arena;
- CK_ULONG n;
- CK_ULONG i;
- ckmkInternalObject **objs;
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ ckmkInternalObject **objs;
};
static void
-ckmk_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
- NSSArena *arena = fo->arena;
- PRUint32 i;
-
- /* walk down an free the unused 'objs' */
- for (i=fo->i; i < fo->n ; i++) {
- nss_ckmk_DestroyInternalObject(fo->objs[i]);
- }
-
- nss_ZFreeIf(fo->objs);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(mdFindObjects);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
-
- return;
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+ PRUint32 i;
+
+ /* walk down an free the unused 'objs' */
+ for (i = fo->i; i < fo->n; i++) {
+ nss_ckmk_DestroyInternalObject(fo->objs[i]);
+ }
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
}
static NSSCKMDObject *
-ckmk_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+ckmk_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
- ckmkInternalObject *io;
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
+ ckmkInternalObject *io;
- if( fo->i == fo->n ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
- io = fo->objs[ fo->i ];
- fo->i++;
+ io = fo->objs[fo->i];
+ fo->i++;
- return nss_ckmk_CreateMDObject(arena, io, pError);
+ return nss_ckmk_CreateMDObject(arena, io, pError);
}
static CK_BBOOL
-ckmk_attrmatch
-(
- CK_ATTRIBUTE_PTR a,
- ckmkInternalObject *o
-)
+ckmk_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ ckmkInternalObject *o)
{
- PRBool prb;
- const NSSItem *b;
- CK_RV error;
-
- b = nss_ckmk_FetchAttribute(o, a->type, &error);
- if (b == NULL) {
- return CK_FALSE;
- }
-
- if( a->ulValueLen != b->size ) {
- /* match a decoded serial number */
- if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
- int len;
- unsigned char *data;
-
- data = nss_ckmk_DERUnwrap(b->data, b->size, &len, NULL);
- if ((len == a->ulValueLen) &&
- nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
- return CK_TRUE;
- }
+ PRBool prb;
+ const NSSItem *b;
+ CK_RV error;
+
+ b = nss_ckmk_FetchAttribute(o, a->type, &error);
+ if (b == NULL) {
+ return CK_FALSE;
}
- return CK_FALSE;
- }
- prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ int len;
+ unsigned char *data;
+
+ data = nss_ckmk_DERUnwrap(b->data, b->size, &len, NULL);
+ if ((len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
- if( PR_TRUE == prb ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ }
+ else {
+ return CK_FALSE;
+ }
+}
static CK_BBOOL
-ckmk_match
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckmkInternalObject *o
-)
+ckmk_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject *o)
{
- CK_ULONG i;
+ CK_ULONG i;
- for( i = 0; i < ulAttributeCount; i++ ) {
- if (CK_FALSE == ckmk_attrmatch(&pTemplate[i], o)) {
- return CK_FALSE;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CK_FALSE == ckmk_attrmatch(&pTemplate[i], o)) {
+ return CK_FALSE;
+ }
}
- }
- /* Every attribute passed */
- return CK_TRUE;
+ /* Every attribute passed */
+ return CK_TRUE;
}
-#define CKMK_ITEM_CHUNK 20
-
-#define PUT_OBJECT(obj, err, size, count, list) \
- { \
- if (count >= size) { \
- (list) = (list) ? \
- nss_ZREALLOCARRAY(list, ckmkInternalObject *, \
- ((size)+CKMK_ITEM_CHUNK) ) : \
- nss_ZNEWARRAY(NULL, ckmkInternalObject *, \
- ((size)+CKMK_ITEM_CHUNK) ) ; \
- if ((ckmkInternalObject **)NULL == list) { \
- err = CKR_HOST_MEMORY; \
- goto loser; \
- } \
- (size) += CKMK_ITEM_CHUNK; \
- } \
- (list)[ count ] = (obj); \
- count++; \
- }
-
+#define CKMK_ITEM_CHUNK 20
+
+#define PUT_OBJECT(obj, err, size, count, list) \
+ { \
+ if (count >= size) { \
+ (list) = (list) ? \
+ nss_ZREALLOCARRAY(list, ckmkInternalObject *, \
+ ((size) + \
+ CKMK_ITEM_CHUNK)) \
+ : \
+ nss_ZNEWARRAY(NULL, ckmkInternalObject *, \
+ ((size) + \
+ CKMK_ITEM_CHUNK)); \
+ if ((ckmkInternalObject **)NULL == list) { \
+ err = CKR_HOST_MEMORY; \
+ goto loser; \
+ } \
+ (size) += CKMK_ITEM_CHUNK; \
+ } \
+ (list)[count] = (obj); \
+ count++; \
+ }
/* find all the certs that represent the appropriate object (cert, priv key, or
* pub key) in the cert store.
*/
static PRUint32
collect_class(
- CK_OBJECT_CLASS objClass,
- SecItemClass itemClass,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckmkInternalObject ***listp,
- PRUint32 *sizep,
- PRUint32 count,
- CK_RV *pError
-)
+ CK_OBJECT_CLASS objClass,
+ SecItemClass itemClass,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
{
- ckmkInternalObject *next = NULL;
- SecKeychainSearchRef searchRef = 0;
- SecKeychainItemRef itemRef = 0;
- OSStatus error;
-
- /* future, build the attribute list based on the template
- * so we can refine the search */
- error = SecKeychainSearchCreateFromAttributes(
- NULL, itemClass, NULL, &searchRef);
-
- while (noErr == SecKeychainSearchCopyNext(searchRef, &itemRef)) {
- /* if we don't have an internal object structure, get one */
- if ((ckmkInternalObject *)NULL == next) {
- next = nss_ZNEW(NULL, ckmkInternalObject);
- if ((ckmkInternalObject *)NULL == next) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
- }
- /* fill in the relevant object data */
- next->type = ckmkItem;
- next->objClass = objClass;
- next->u.item.itemRef = itemRef;
- next->u.item.itemClass = itemClass;
-
- /* see if this is one of the objects we are looking for */
- if( CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, next) ) {
- /* yes, put it on the list */
- PUT_OBJECT(next, *pError, *sizep, count, *listp);
- next = NULL; /* this one is on the list, need to allocate a new one now */
- } else {
- /* no , release the current item and clear out the structure for reuse */
- CFRelease(itemRef);
- /* don't cache the values we just loaded */
- nsslibc_memset(next, 0, sizeof(*next));
+ ckmkInternalObject *next = NULL;
+ SecKeychainSearchRef searchRef = 0;
+ SecKeychainItemRef itemRef = 0;
+ OSStatus error;
+
+ /* future, build the attribute list based on the template
+ * so we can refine the search */
+ error = SecKeychainSearchCreateFromAttributes(
+ NULL, itemClass, NULL, &searchRef);
+
+ while (noErr == SecKeychainSearchCopyNext(searchRef, &itemRef)) {
+ /* if we don't have an internal object structure, get one */
+ if ((ckmkInternalObject *)NULL == next) {
+ next = nss_ZNEW(NULL, ckmkInternalObject);
+ if ((ckmkInternalObject *)NULL == next) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ /* fill in the relevant object data */
+ next->type = ckmkItem;
+ next->objClass = objClass;
+ next->u.item.itemRef = itemRef;
+ next->u.item.itemClass = itemClass;
+
+ /* see if this is one of the objects we are looking for */
+ if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, next)) {
+ /* yes, put it on the list */
+ PUT_OBJECT(next, *pError, *sizep, count, *listp);
+ next = NULL; /* this one is on the list, need to allocate a new one now */
+ }
+ else {
+ /* no , release the current item and clear out the structure for reuse */
+ CFRelease(itemRef);
+ /* don't cache the values we just loaded */
+ nsslibc_memset(next, 0, sizeof(*next));
+ }
}
- }
loser:
- if (searchRef) {
- CFRelease(searchRef);
- }
- nss_ZFreeIf(next);
- return count;
+ if (searchRef) {
+ CFRelease(searchRef);
+ }
+ nss_ZFreeIf(next);
+ return count;
}
static PRUint32
collect_objects(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- ckmkInternalObject ***listp,
- CK_RV *pError
-)
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject ***listp,
+ CK_RV *pError)
{
- PRUint32 i;
- PRUint32 count = 0;
- PRUint32 size = 0;
- CK_OBJECT_CLASS objClass;
-
- /*
- * first handle the static build in objects (if any)
- */
- for( i = 0; i < nss_ckmk_nObjects; i++ ) {
- ckmkInternalObject *o = (ckmkInternalObject *)&nss_ckmk_data[i];
-
- if( CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, o) ) {
- PUT_OBJECT(o, *pError, size, count, *listp);
+ PRUint32 i;
+ PRUint32 count = 0;
+ PRUint32 size = 0;
+ CK_OBJECT_CLASS objClass;
+
+ /*
+ * first handle the static build in objects (if any)
+ */
+ for (i = 0; i < nss_ckmk_nObjects; i++) {
+ ckmkInternalObject *o = (ckmkInternalObject *)&nss_ckmk_data[i];
+
+ if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, o)) {
+ PUT_OBJECT(o, *pError, size, count, *listp);
+ }
+ }
+
+ /*
+ * now handle the various object types
+ */
+ objClass = nss_ckmk_GetULongAttribute(CKA_CLASS,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ objClass = CK_INVALID_HANDLE;
+ }
+ *pError = CKR_OK;
+ switch (objClass) {
+ case CKO_CERTIFICATE:
+ count = collect_class(objClass, kSecCertificateItemClass,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ count = collect_class(objClass, CSSM_DL_DB_RECORD_PUBLIC_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ count = collect_class(objClass, CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ /* all of them */
+ case CK_INVALID_HANDLE:
+ count = collect_class(CKO_CERTIFICATE, kSecCertificateItemClass,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PUBLIC_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ default:
+ break;
+ }
+ if (CKR_OK != *pError) {
+ goto loser;
}
- }
-
- /*
- * now handle the various object types
- */
- objClass = nss_ckmk_GetULongAttribute(CKA_CLASS,
- pTemplate, ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- objClass = CK_INVALID_HANDLE;
- }
- *pError = CKR_OK;
- switch (objClass) {
- case CKO_CERTIFICATE:
- count = collect_class(objClass, kSecCertificateItemClass,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- case CKO_PUBLIC_KEY:
- count = collect_class(objClass, CSSM_DL_DB_RECORD_PUBLIC_KEY,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- case CKO_PRIVATE_KEY:
- count = collect_class(objClass, CSSM_DL_DB_RECORD_PRIVATE_KEY,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- /* all of them */
- case CK_INVALID_HANDLE:
- count = collect_class(CKO_CERTIFICATE, kSecCertificateItemClass,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PUBLIC_KEY,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PRIVATE_KEY,
- pTemplate, ulAttributeCount, listp,
- &size, count, pError);
- break;
- default:
- break;
- }
- if (CKR_OK != *pError) {
- goto loser;
- }
-
- return count;
+
+ return count;
loser:
- nss_ZFreeIf(*listp);
- return 0;
+ nss_ZFreeIf(*listp);
+ return 0;
}
-
NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_ckmk_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckmk_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- /* This could be made more efficient. I'm rather rushed. */
- NSSArena *arena;
- NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
- struct ckmkFOStr *fo = (struct ckmkFOStr *)NULL;
- ckmkInternalObject **temp = (ckmkInternalObject **)NULL;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo = nss_ZNEW(arena, struct ckmkFOStr);
- if( (struct ckmkFOStr *)NULL == fo ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo->arena = arena;
- /* fo->n and fo->i are already zero */
-
- rv->etc = (void *)fo;
- rv->Final = ckmk_mdFindObjects_Final;
- rv->Next = ckmk_mdFindObjects_Next;
- rv->null = (void *)NULL;
-
- fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
- if (*pError != CKR_OK) {
- goto loser;
- }
-
- fo->objs = nss_ZNEWARRAY(arena, ckmkInternalObject *, fo->n);
- if( (ckmkInternalObject **)NULL == fo->objs ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckmkInternalObject *) * fo->n);
- nss_ZFreeIf(temp);
- temp = (ckmkInternalObject **)NULL;
-
- return rv;
-
- loser:
- nss_ZFreeIf(temp);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(rv);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
- return (NSSCKMDFindObjects *)NULL;
-}
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)NULL;
+ ckmkInternalObject **temp = (ckmkInternalObject **)NULL;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct ckmkFOStr);
+ if ((struct ckmkFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+ rv->etc = (void *)fo;
+ rv->Final = ckmk_mdFindObjects_Final;
+ rv->Next = ckmk_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
+ if (*pError != CKR_OK) {
+ goto loser;
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, ckmkInternalObject *, fo->n);
+ if ((ckmkInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckmkInternalObject *) * fo->n);
+ nss_ZFreeIf(temp);
+ temp = (ckmkInternalObject **)NULL;
+
+ return rv;
+
+loser:
+ nss_ZFreeIf(temp);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/lib/ckfw/nssmkey/minst.c b/lib/ckfw/nssmkey/minst.c
index 923ba105c..fcb96c652 100644
--- a/lib/ckfw/nssmkey/minst.c
+++ b/lib/ckfw/nssmkey/minst.c
@@ -7,7 +7,7 @@
/*
* nssmkey/minstance.c
*
- * This file implements the NSSCKMDInstance object for the
+ * This file implements the NSSCKMDInstance object for the
* "nssmkey" cryptoki module.
*/
@@ -16,96 +16,82 @@
*/
static CK_ULONG
-ckmk_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (CK_ULONG)1;
+ return (CK_ULONG)1;
}
static CK_VERSION
-ckmk_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_CryptokiVersion;
+ return nss_ckmk_CryptokiVersion;
}
static NSSUTF8 *
-ckmk_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
}
static NSSUTF8 *
-ckmk_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_LibraryDescription;
+ return (NSSUTF8 *)nss_ckmk_LibraryDescription;
}
static CK_VERSION
-ckmk_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_LibraryVersion;
+ return nss_ckmk_LibraryVersion;
}
static CK_RV
-ckmk_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
+ckmk_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
{
- slots[0] = (NSSCKMDSlot *)&nss_ckmk_mdSlot;
- return CKR_OK;
+ slots[0] = (NSSCKMDSlot *)&nss_ckmk_mdSlot;
+ return CKR_OK;
}
static CK_BBOOL
-ckmk_mdInstance_ModuleHandlesSessionObjects
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- /* we don't want to allow any session object creation, at least
- * until we can investigate whether or not we can use those objects
- */
- return CK_TRUE;
+ /* we don't want to allow any session object creation, at least
+ * until we can investigate whether or not we can use those objects
+ */
+ return CK_TRUE;
}
NSS_IMPLEMENT_DATA const NSSCKMDInstance
-nss_ckmk_mdInstance = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Finalize */
- ckmk_mdInstance_GetNSlots,
- ckmk_mdInstance_GetCryptokiVersion,
- ckmk_mdInstance_GetManufacturerID,
- ckmk_mdInstance_GetLibraryDescription,
- ckmk_mdInstance_GetLibraryVersion,
- ckmk_mdInstance_ModuleHandlesSessionObjects,
- /*NULL, /* HandleSessionObjects */
- ckmk_mdInstance_GetSlots,
- NULL, /* WaitForSlotEvent */
- (void *)NULL /* null terminator */
-};
+ nss_ckmk_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ ckmk_mdInstance_GetNSlots,
+ ckmk_mdInstance_GetCryptokiVersion,
+ ckmk_mdInstance_GetManufacturerID,
+ ckmk_mdInstance_GetLibraryDescription,
+ ckmk_mdInstance_GetLibraryVersion,
+ ckmk_mdInstance_ModuleHandlesSessionObjects,
+ /*NULL, /* HandleSessionObjects */
+ ckmk_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/nssmkey/mobject.c b/lib/ckfw/nssmkey/mobject.c
index 2013e7e99..0b5f0a485 100644
--- a/lib/ckfw/nssmkey/mobject.c
+++ b/lib/ckfw/nssmkey/mobject.c
@@ -90,37 +90,45 @@ static const CK_KEY_TYPE ckk_rsa = CKK_RSA;
static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY;
static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY;
-static const NSSItem ckmk_trueItem = {
- (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) };
-static const NSSItem ckmk_falseItem = {
- (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) };
-static const NSSItem ckmk_x509Item = {
- (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) };
-static const NSSItem ckmk_rsaItem = {
- (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE) };
-static const NSSItem ckmk_certClassItem = {
- (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) };
+static const NSSItem ckmk_trueItem = {
+ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckmk_falseItem = {
+ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckmk_x509Item = {
+ (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE)
+};
+static const NSSItem ckmk_rsaItem = {
+ (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE)
+};
+static const NSSItem ckmk_certClassItem = {
+ (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
static const NSSItem ckmk_privKeyClassItem = {
- (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS) };
+ (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
static const NSSItem ckmk_pubKeyClassItem = {
- (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS) };
-static const NSSItem ckmk_emptyItem = {
- (void *)&ck_true, 0};
+ (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckmk_emptyItem = {
+ (void *)&ck_true, 0
+};
/*
* these are utilities. The chould be moved to a new utilities file.
*/
#ifdef DEBUG
static void
-itemdump(char *str, void *data, int size, CK_RV error)
+itemdump(char *str, void *data, int size, CK_RV error)
{
- unsigned char *ptr = (unsigned char *)data;
- int i;
- fprintf(stderr,str);
- for (i=0; i < size; i++) {
- fprintf(stderr,"%02x ",(unsigned int) ptr[i]);
- }
- fprintf(stderr," (error = %d)\n", (int ) error);
+ unsigned char *ptr = (unsigned char *)data;
+ int i;
+ fprintf(stderr, str);
+ for (i = 0; i < size; i++) {
+ fprintf(stderr, "%02x ", (unsigned int)ptr[i]);
+ }
+ fprintf(stderr, " (error = %d)\n", (int)error);
}
#endif
@@ -130,48 +138,46 @@ itemdump(char *str, void *data, int size, CK_RV error)
* the ANS1_Decoder for this work...
*/
unsigned char *
-nss_ckmk_DERUnwrap
-(
- unsigned char *src,
- int size,
- int *outSize,
- unsigned char **next
-)
+nss_ckmk_DERUnwrap(
+ unsigned char *src,
+ int size,
+ int *outSize,
+ unsigned char **next)
{
- unsigned char *start = src;
- unsigned int len = 0;
-
- /* initialize error condition return values */
- *outSize = 0;
- if (next) {
- *next = src;
- }
-
- if (size < 2) {
- return start;
- }
- src ++ ; /* skip the tag -- should check it against an expected value! */
- len = (unsigned) *src++;
- if (len & 0x80) {
- int count = len & 0x7f;
- len =0;
-
- if (count+2 > size) {
- return start;
- }
- while (count-- > 0) {
- len = (len << 8) | (unsigned) *src++;
- }
- }
- if (len + (src-start) > (unsigned int)size) {
- return start;
- }
- if (next) {
- *next = src+len;
- }
- *outSize = len;
-
- return src;
+ unsigned char *start = src;
+ unsigned int len = 0;
+
+ /* initialize error condition return values */
+ *outSize = 0;
+ if (next) {
+ *next = src;
+ }
+
+ if (size < 2) {
+ return start;
+ }
+ src++; /* skip the tag -- should check it against an expected value! */
+ len = (unsigned)*src++;
+ if (len & 0x80) {
+ int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return start;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | (unsigned)*src++;
+ }
+ }
+ if (len + (src - start) > (unsigned int)size) {
+ return start;
+ }
+ if (next) {
+ *next = src + len;
+ }
+ *outSize = len;
+
+ return src;
}
/*
@@ -179,74 +185,68 @@ nss_ckmk_DERUnwrap
* data for the item is owned by the template.
*/
CK_RV
-nss_ckmk_GetAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- NSSItem *item
-)
+nss_ckmk_GetAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ NSSItem *item)
{
- CK_ULONG i;
-
- for (i=0; i < templateSize; i++) {
- if (template[i].type == type) {
- item->data = template[i].pValue;
- item->size = template[i].ulValueLen;
- return CKR_OK;
+ CK_ULONG i;
+
+ for (i = 0; i < templateSize; i++) {
+ if (template[i].type == type) {
+ item->data = template[i].pValue;
+ item->size = template[i].ulValueLen;
+ return CKR_OK;
+ }
}
- }
- return CKR_TEMPLATE_INCOMPLETE;
+ return CKR_TEMPLATE_INCOMPLETE;
}
/*
* get an attribute which is type CK_ULONG.
*/
CK_ULONG
-nss_ckmk_GetULongAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-)
+nss_ckmk_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
{
- NSSItem item;
-
- *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != *pError) {
- return (CK_ULONG) 0;
- }
- if (item.size != sizeof(CK_ULONG)) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (CK_ULONG) 0;
- }
- return *(CK_ULONG *)item.data;
+ NSSItem item;
+
+ *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+ if (item.size != sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_ULONG)0;
+ }
+ return *(CK_ULONG *)item.data;
}
/*
* get an attribute which is type CK_BBOOL.
*/
CK_BBOOL
-nss_ckmk_GetBoolAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_BBOOL defaultBool
-)
+nss_ckmk_GetBoolAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_BBOOL defaultBool)
{
- NSSItem item;
- CK_RV error;
-
- error = nss_ckmk_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != error) {
- return defaultBool;
- }
- if (item.size != sizeof(CK_BBOOL)) {
- return defaultBool;
- }
- return *(CK_BBOOL *)item.data;
+ NSSItem item;
+ CK_RV error;
+
+ error = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != error) {
+ return defaultBool;
+ }
+ if (item.size != sizeof(CK_BBOOL)) {
+ return defaultBool;
+ }
+ return *(CK_BBOOL *)item.data;
}
/*
@@ -254,33 +254,31 @@ nss_ckmk_GetBoolAttribute
* free the string.
*/
char *
-nss_ckmk_GetStringAttribute
-(
- CK_ATTRIBUTE_TYPE type,
- CK_ATTRIBUTE *template,
- CK_ULONG templateSize,
- CK_RV *pError
-)
+nss_ckmk_GetStringAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
{
- NSSItem item;
- char *str;
-
- /* get the attribute */
- *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
- if (CKR_OK != *pError) {
- return (char *)NULL;
- }
- /* make sure it is null terminated */
- str = nss_ZNEWARRAY(NULL, char, item.size+1);
- if ((char *)NULL == str) {
- *pError = CKR_HOST_MEMORY;
- return (char *)NULL;
- }
-
- nsslibc_memcpy(str, item.data, item.size);
- str[item.size] = 0;
-
- return str;
+ NSSItem item;
+ char *str;
+
+ /* get the attribute */
+ *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (char *)NULL;
+ }
+ /* make sure it is null terminated */
+ str = nss_ZNEWARRAY(NULL, char, item.size + 1);
+ if ((char *)NULL == str) {
+ *pError = CKR_HOST_MEMORY;
+ return (char *)NULL;
+ }
+
+ nsslibc_memcpy(str, item.data, item.size);
+ str[item.size] = 0;
+
+ return str;
}
/*
@@ -291,230 +289,225 @@ nss_ckmk_GetStringAttribute
*/
static CK_RV
ckmk_encodeInt(NSSItem *dest, void *src, int srcLen)
-{
- int dataLen = srcLen;
- int lenLen = 1;
- int encLen;
- int isSigned = 0;
- int offset = 0;
- unsigned char *data = NULL;
- int i;
-
- if (*(unsigned char *)src & 0x80) {
- dataLen++;
- isSigned = 1;
- }
-
- /* calculate the length of the length specifier */
- /* (NOTE: destroys dataLen value) */
- if (dataLen > 0x7f) {
- do {
- lenLen++;
- dataLen >>= 8;
- } while (dataLen);
- }
-
- /* calculate our total length */
- dataLen = isSigned + srcLen;
- encLen = 1 + lenLen + dataLen;
- data = nss_ZNEWARRAY(NULL, unsigned char, encLen);
- if ((unsigned char *)NULL == data) {
- return CKR_HOST_MEMORY;
- }
- data[0] = DER_INTEGER;
- if (1 == lenLen) {
- data[1] = dataLen;
- } else {
- data[1] = 0x80 + lenLen;
- for (i=0; i < lenLen; i++) {
- data[i+1] = ((dataLen >> ((lenLen-i-1)*8)) & 0xff);
- }
- }
- offset = lenLen+1;
-
- if (isSigned) {
- data[offset++] = 0;
- }
- nsslibc_memcpy(&data[offset], src, srcLen);
- dest->data = data;
- dest->size = encLen;
- return CKR_OK;
-}
+{
+ int dataLen = srcLen;
+ int lenLen = 1;
+ int encLen;
+ int isSigned = 0;
+ int offset = 0;
+ unsigned char *data = NULL;
+ int i;
+
+ if (*(unsigned char *)src & 0x80) {
+ dataLen++;
+ isSigned = 1;
+ }
+
+ /* calculate the length of the length specifier */
+ /* (NOTE: destroys dataLen value) */
+ if (dataLen > 0x7f) {
+ do {
+ lenLen++;
+ dataLen >>= 8;
+ } while (dataLen);
+ }
+ /* calculate our total length */
+ dataLen = isSigned + srcLen;
+ encLen = 1 + lenLen + dataLen;
+ data = nss_ZNEWARRAY(NULL, unsigned char, encLen);
+ if ((unsigned char *)NULL == data) {
+ return CKR_HOST_MEMORY;
+ }
+ data[0] = DER_INTEGER;
+ if (1 == lenLen) {
+ data[1] = dataLen;
+ }
+ else {
+ data[1] = 0x80 + lenLen;
+ for (i = 0; i < lenLen; i++) {
+ data[i + 1] = ((dataLen >> ((lenLen -
+ i - 1) *
+ 8)) &
+ 0xff);
+ }
+ }
+ offset = lenLen + 1;
+
+ if (isSigned) {
+ data[offset++] = 0;
+ }
+ nsslibc_memcpy(&data[offset], src, srcLen);
+ dest->data = data;
+ dest->size = encLen;
+ return CKR_OK;
+}
/*
* Get a Keyring attribute. If content is set to true, then we get the
* content, not the attribute.
*/
static CK_RV
-ckmk_GetCommonAttribute
-(
- ckmkInternalObject *io,
- SecItemAttr itemAttr,
- PRBool content,
- NSSItem *item,
- char *dbString
-)
+ckmk_GetCommonAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ PRBool content,
+ NSSItem *item,
+ char *dbString)
{
- SecKeychainAttributeList *attrList = NULL;
- SecKeychainAttributeInfo attrInfo;
- PRUint32 len = 0;
- PRUint32 dataLen = 0;
- PRUint32 attrFormat = 0;
- void *dataVal = 0;
- void *out = NULL;
- CK_RV error = CKR_OK;
- OSStatus macErr;
-
- attrInfo.count = 1;
- attrInfo.tag = &itemAttr;
- attrInfo.format = &attrFormat;
-
- macErr = SecKeychainItemCopyAttributesAndData(io->u.item.itemRef,
- &attrInfo, NULL, &attrList, &len, &out);
- if (noErr != macErr) {
- CKMK_MACERR(dbString, macErr);
- return CKR_ATTRIBUTE_TYPE_INVALID;
- }
- dataLen = content ? len : attrList->attr->length;
- dataVal = content ? out : attrList->attr->data;
-
- /* Apple's documentation says this value is DER Encoded, but it clearly isn't
- * der encode it before we ship it back off to NSS
- */
- if ( kSecSerialNumberItemAttr == itemAttr ) {
- error = ckmk_encodeInt(item, dataVal, dataLen);
- goto loser; /* logically 'done' if error == CKR_OK */
- }
- item->data = nss_ZNEWARRAY(NULL, char, dataLen);
- if (NULL == item->data) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
- nsslibc_memcpy(item->data, dataVal, dataLen);
- item->size = dataLen;
+ SecKeychainAttributeList *attrList = NULL;
+ SecKeychainAttributeInfo attrInfo;
+ PRUint32 len = 0;
+ PRUint32 dataLen = 0;
+ PRUint32 attrFormat = 0;
+ void *dataVal = 0;
+ void *out = NULL;
+ CK_RV error = CKR_OK;
+ OSStatus macErr;
+
+ attrInfo.count = 1;
+ attrInfo.tag = &itemAttr;
+ attrInfo.format = &attrFormat;
+
+ macErr = SecKeychainItemCopyAttributesAndData(io->u.item.itemRef,
+ &attrInfo, NULL, &attrList, &len, &out);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ return CKR_ATTRIBUTE_TYPE_INVALID;
+ }
+ dataLen = content ? len : attrList->attr->length;
+ dataVal = content ? out : attrList->attr->data;
+
+ /* Apple's documentation says this value is DER Encoded, but it clearly isn't
+ * der encode it before we ship it back off to NSS
+ */
+ if (kSecSerialNumberItemAttr == itemAttr) {
+ error = ckmk_encodeInt(item, dataVal, dataLen);
+ goto loser; /* logically 'done' if error == CKR_OK */
+ }
+ item->data = nss_ZNEWARRAY(NULL, char, dataLen);
+ if (NULL == item->data) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(item->data, dataVal, dataLen);
+ item->size = dataLen;
loser:
- SecKeychainItemFreeAttributesAndData(attrList, out);
- return error;
+ SecKeychainItemFreeAttributesAndData(attrList, out);
+ return error;
}
/*
* change an attribute (does not operate on the content).
*/
static CK_RV
-ckmk_updateAttribute
-(
- SecKeychainItemRef itemRef,
- SecItemAttr itemAttr,
- void *data,
- PRUint32 len,
- char *dbString
-)
+ckmk_updateAttribute(
+ SecKeychainItemRef itemRef,
+ SecItemAttr itemAttr,
+ void *data,
+ PRUint32 len,
+ char *dbString)
{
- SecKeychainAttributeList attrList;
- SecKeychainAttribute attrAttr;
- OSStatus macErr;
- CK_RV error = CKR_OK;
-
- attrList.count = 1;
- attrList.attr = &attrAttr;
- attrAttr.tag = itemAttr;
- attrAttr.data = data;
- attrAttr.length = len;
- macErr = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, 0, NULL);
- if (noErr != macErr) {
- CKMK_MACERR(dbString, macErr);
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- }
- return error;
+ SecKeychainAttributeList attrList;
+ SecKeychainAttribute attrAttr;
+ OSStatus macErr;
+ CK_RV error = CKR_OK;
+
+ attrList.count = 1;
+ attrList.attr = &attrAttr;
+ attrAttr.tag = itemAttr;
+ attrAttr.data = data;
+ attrAttr.length = len;
+ macErr = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, 0, NULL);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ }
+ return error;
}
/*
* get an attribute (does not operate on the content)
*/
static CK_RV
-ckmk_GetDataAttribute
-(
- ckmkInternalObject *io,
- SecItemAttr itemAttr,
- NSSItem *item,
- char *dbString
-)
+ckmk_GetDataAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ NSSItem *item,
+ char *dbString)
{
- return ckmk_GetCommonAttribute(io, itemAttr, PR_FALSE, item, dbString);
+ return ckmk_GetCommonAttribute(io, itemAttr, PR_FALSE, item, dbString);
}
/*
* get an attribute we know is a BOOL.
*/
static CK_RV
-ckmk_GetBoolAttribute
-(
- ckmkInternalObject *io,
- SecItemAttr itemAttr,
- NSSItem *item,
- char *dbString
-)
+ckmk_GetBoolAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ NSSItem *item,
+ char *dbString)
{
- SecKeychainAttribute attr;
- SecKeychainAttributeList attrList;
- CK_BBOOL *boolp = NULL;
- PRUint32 len = 0;;
- void *out = NULL;
- CK_RV error = CKR_OK;
- OSStatus macErr;
-
- attr.tag = itemAttr;
- attr.length = 0;
- attr.data = NULL;
- attrList.count = 1;
- attrList.attr = &attr;
-
- boolp = nss_ZNEW(NULL, CK_BBOOL);
- if ((CK_BBOOL *)NULL == boolp) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
-
- macErr = SecKeychainItemCopyContent(io->u.item.itemRef, NULL,
- &attrList, &len, &out);
- if (noErr != macErr) {
- CKMK_MACERR(dbString, macErr);
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- goto loser;
- }
- if (sizeof(PRUint32) != attr.length) {
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- goto loser;
- }
- *boolp = *(PRUint32 *)attr.data ? 1 : 0;
- item->data = boolp;
- boolp = NULL;
- item->size = sizeof(CK_BBOOL);
+ SecKeychainAttribute attr;
+ SecKeychainAttributeList attrList;
+ CK_BBOOL *boolp = NULL;
+ PRUint32 len = 0;
+ ;
+ void *out = NULL;
+ CK_RV error = CKR_OK;
+ OSStatus macErr;
+
+ attr.tag = itemAttr;
+ attr.length = 0;
+ attr.data = NULL;
+ attrList.count = 1;
+ attrList.attr = &attr;
+
+ boolp = nss_ZNEW(NULL, CK_BBOOL);
+ if ((CK_BBOOL *)NULL == boolp) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ macErr = SecKeychainItemCopyContent(io->u.item.itemRef, NULL,
+ &attrList, &len, &out);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+ if (sizeof(PRUint32) != attr.length) {
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+ *boolp = *(PRUint32 *)attr.data ? 1 : 0;
+ item->data = boolp;
+ boolp = NULL;
+ item->size = sizeof(CK_BBOOL);
loser:
- nss_ZFreeIf(boolp);
- SecKeychainItemFreeContent(&attrList, out);
- return error;
+ nss_ZFreeIf(boolp);
+ SecKeychainItemFreeContent(&attrList, out);
+ return error;
}
-
/*
* macros for fetching attributes into a cache and returning the
* appropriate value. These operate inside switch statements
*/
#define CKMK_HANDLE_ITEM(func, io, type, loc, item, error, str) \
- if (0 == (item)->loc.size) { \
- error = func(io, type, &(item)->loc, str); \
- } \
+ if (0 == (item)->loc.size) { \
+ error = func(io, type, &(item)->loc, str); \
+ } \
return (CKR_OK == (error)) ? &(item)->loc : NULL;
#define CKMK_HANDLE_OPT_ITEM(func, io, type, loc, item, error, str) \
- if (0 == (item)->loc.size) { \
- (void) func(io, type, &(item)->loc, str); \
- } \
- return &(item)->loc ;
+ if (0 == (item)->loc.size) { \
+ (void) func(io, type, &(item)->loc, str); \
+ } \
+ return &(item)->loc;
#define CKMK_HANDLE_BOOL_ITEM(io, type, loc, item, error, str) \
CKMK_HANDLE_ITEM(ckmk_GetBoolAttribute, io, type, loc, item, error, str)
@@ -527,379 +520,364 @@ loser:
* fetch the unique identifier for each object type.
*/
static void
-ckmk_FetchHashKey
-(
- ckmkInternalObject *io
-)
+ckmk_FetchHashKey(
+ ckmkInternalObject *io)
{
- NSSItem *key = &io->hashKey;
-
- if (io->objClass == CKO_CERTIFICATE) {
- ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr,
- PR_TRUE, key, "Fetching HashKey (cert)");
- } else {
- ckmk_GetCommonAttribute(io, kSecKeyLabel,
- PR_FALSE, key, "Fetching HashKey (key)");
- }
+ NSSItem *key = &io->hashKey;
+
+ if (io->objClass == CKO_CERTIFICATE) {
+ ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr,
+ PR_TRUE, key, "Fetching HashKey (cert)");
+ }
+ else {
+ ckmk_GetCommonAttribute(io, kSecKeyLabel,
+ PR_FALSE, key, "Fetching HashKey (key)");
+ }
}
/*
* Apple mucks with the actual subject and issuer, so go fetch
* the real ones ourselves.
*/
-static void
-ckmk_fetchCert
-(
- ckmkInternalObject *io
-)
+static void
+ckmk_fetchCert(
+ ckmkInternalObject *io)
{
- CK_RV error;
- unsigned char * cert, *next;
- int certSize, thisEntrySize;
+ CK_RV error;
+ unsigned char *cert, *next;
+ int certSize, thisEntrySize;
+
+ error = ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, PR_TRUE,
+ &io->u.item.derCert, "Fetching Value (cert)");
+ if (CKR_OK != error) {
+ return;
+ }
+ /* unwrap the cert bundle */
+ cert = nss_ckmk_DERUnwrap((unsigned char *)io->u.item.derCert.data,
+ io->u.item.derCert.size,
+ &certSize, NULL);
+ /* unwrap the cert itself */
+ /* cert == certdata */
+ cert = nss_ckmk_DERUnwrap(cert, certSize, &certSize, NULL);
+
+ /* skip the optional version */
+ if ((cert[0] & 0xa0) == 0xa0) {
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+ }
+ /* skip the serial number */
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
- error = ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, PR_TRUE,
- &io->u.item.derCert, "Fetching Value (cert)");
- if (CKR_OK != error) {
- return;
- }
- /* unwrap the cert bundle */
- cert = nss_ckmk_DERUnwrap((unsigned char *)io->u.item.derCert.data,
- io->u.item.derCert.size,
- &certSize, NULL);
- /* unwrap the cert itself */
- /* cert == certdata */
- cert = nss_ckmk_DERUnwrap(cert, certSize, &certSize, NULL);
-
- /* skip the optional version */
- if ((cert[0] & 0xa0) == 0xa0) {
+ /* skip the OID */
nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
certSize -= next - cert;
cert = next;
- }
- /* skip the serial number */
- nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
- certSize -= next - cert;
- cert = next;
-
- /* skip the OID */
- nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
- certSize -= next - cert;
- cert = next;
-
- /* save the (wrapped) issuer */
- io->u.item.issuer.data = cert;
- nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
- io->u.item.issuer.size = next - cert;
- certSize -= io->u.item.issuer.size;
- cert = next;
-
- /* skip the OID */
- nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
- certSize -= next - cert;
- cert = next;
-
- /* save the (wrapped) subject */
- io->u.item.subject.data = cert;
- nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
- io->u.item.subject.size = next - cert;
- certSize -= io->u.item.subject.size;
- cert = next;
+
+ /* save the (wrapped) issuer */
+ io->u.item.issuer.data = cert;
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ io->u.item.issuer.size = next - cert;
+ certSize -= io->u.item.issuer.size;
+ cert = next;
+
+ /* skip the OID */
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+
+ /* save the (wrapped) subject */
+ io->u.item.subject.data = cert;
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ io->u.item.subject.size = next - cert;
+ certSize -= io->u.item.subject.size;
+ cert = next;
}
-static void
-ckmk_fetchModulus
-(
- ckmkInternalObject *io
-)
+static void
+ckmk_fetchModulus(
+ ckmkInternalObject *io)
{
- NSSItem item;
- PRInt32 modLen;
- CK_RV error;
-
- /* we can't reliably get the modulus for private keys through CSSM (sigh).
- * For NSS this is OK because we really only use this to get the modulus
- * length (unless we are trying to get a public key from a private keys,
- * something CSSM ALSO does not do!).
- */
- error = ckmk_GetDataAttribute(io, kSecKeyKeySizeInBits, &item,
- "Key Fetch Modulus");
- if (CKR_OK != error) {
- return;
- }
+ NSSItem item;
+ PRInt32 modLen;
+ CK_RV error;
+
+ /* we can't reliably get the modulus for private keys through CSSM (sigh).
+ * For NSS this is OK because we really only use this to get the modulus
+ * length (unless we are trying to get a public key from a private keys,
+ * something CSSM ALSO does not do!).
+ */
+ error = ckmk_GetDataAttribute(io, kSecKeyKeySizeInBits, &item,
+ "Key Fetch Modulus");
+ if (CKR_OK != error) {
+ return;
+ }
- modLen = *(PRInt32 *)item.data;
- modLen = modLen/8; /* convert from bits to bytes */
+ modLen = *(PRInt32 *)item.data;
+ modLen = modLen / 8; /* convert from bits to bytes */
- nss_ZFreeIf(item.data);
- io->u.item.modulus.data = nss_ZNEWARRAY(NULL, char, modLen);
- if (NULL == io->u.item.modulus.data) {
- return;
- }
- *(char *)io->u.item.modulus.data = 0x80; /* fake NSS out or it will
+ nss_ZFreeIf(item.data);
+ io->u.item.modulus.data = nss_ZNEWARRAY(NULL, char, modLen);
+ if (NULL == io->u.item.modulus.data) {
+ return;
+ }
+ *(char *)io->u.item.modulus.data = 0x80; /* fake NSS out or it will
* drop the first byte */
- io->u.item.modulus.size = modLen;
- return;
+ io->u.item.modulus.size = modLen;
+ return;
}
const NSSItem *
-ckmk_FetchCertAttribute
-(
- ckmkInternalObject *io,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError
-)
+ckmk_FetchCertAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
{
- ckmkItemObject *item = &io->u.item;
- *pError = CKR_OK;
- switch(type) {
- case CKA_CLASS:
- return &ckmk_certClassItem;
- case CKA_TOKEN:
- case CKA_MODIFIABLE:
- return &ckmk_trueItem;
- case CKA_PRIVATE:
- return &ckmk_falseItem;
- case CKA_CERTIFICATE_TYPE:
- return &ckmk_x509Item;
- case CKA_LABEL:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecLabelItemAttr, label, item, *pError,
- "Cert:Label attr")
- case CKA_SUBJECT:
- /* OK, well apple does provide an subject and issuer attribute, but they
- * decided to cannonicalize that value. Probably a good move for them,
- * but makes it useless for most users of PKCS #11.. Get the real subject
- * from the certificate */
- if (0 == item->derCert.size) {
- ckmk_fetchCert(io);
- }
- return &item->subject;
- case CKA_ISSUER:
- if (0 == item->derCert.size) {
- ckmk_fetchCert(io);
- }
- return &item->issuer;
- case CKA_SERIAL_NUMBER:
- CKMK_HANDLE_DATA_ITEM(io, kSecSerialNumberItemAttr, serial, item, *pError,
- "Cert:Serial Number attr")
- case CKA_VALUE:
- if (0 == item->derCert.size) {
- ckmk_fetchCert(io);
- }
- return &item->derCert;
- case CKA_ID:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecPublicKeyHashItemAttr, id, item, *pError,
- "Cert:ID attr")
- default:
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- break;
- }
- return NULL;
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_certClassItem;
+ case CKA_TOKEN:
+ case CKA_MODIFIABLE:
+ return &ckmk_trueItem;
+ case CKA_PRIVATE:
+ return &ckmk_falseItem;
+ case CKA_CERTIFICATE_TYPE:
+ return &ckmk_x509Item;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecLabelItemAttr, label, item, *pError,
+ "Cert:Label attr")
+ case CKA_SUBJECT:
+ /* OK, well apple does provide an subject and issuer attribute, but they
+ * decided to cannonicalize that value. Probably a good move for them,
+ * but makes it useless for most users of PKCS #11.. Get the real subject
+ * from the certificate */
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->subject;
+ case CKA_ISSUER:
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->issuer;
+ case CKA_SERIAL_NUMBER:
+ CKMK_HANDLE_DATA_ITEM(io, kSecSerialNumberItemAttr, serial, item, *pError,
+ "Cert:Serial Number attr")
+ case CKA_VALUE:
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->derCert;
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecPublicKeyHashItemAttr, id, item, *pError,
+ "Cert:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ return NULL;
}
const NSSItem *
-ckmk_FetchPubKeyAttribute
-(
- ckmkInternalObject *io,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError
-)
+ckmk_FetchPubKeyAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
{
- ckmkItemObject *item = &io->u.item;
- *pError = CKR_OK;
-
- switch(type) {
- case CKA_CLASS:
- return &ckmk_pubKeyClassItem;
- case CKA_TOKEN:
- case CKA_LOCAL:
- return &ckmk_trueItem;
- case CKA_KEY_TYPE:
- return &ckmk_rsaItem;
- case CKA_LABEL:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
- "PubKey:Label attr")
- case CKA_ENCRYPT:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyEncrypt, encrypt, item, *pError,
- "PubKey:Encrypt attr")
- case CKA_VERIFY:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerify, verify, item, *pError,
- "PubKey:Verify attr")
- case CKA_VERIFY_RECOVER:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerifyRecover, verifyRecover,
- item, *pError, "PubKey:VerifyRecover attr")
- case CKA_PRIVATE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
- "PubKey:Private attr")
- case CKA_MODIFIABLE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
- "PubKey:Modify attr")
- case CKA_DERIVE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
- "PubKey:Derive attr")
- case CKA_WRAP:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyWrap, wrap, item, *pError,
- "PubKey:Wrap attr")
- case CKA_SUBJECT:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
- "PubKey:Subect attr")
- case CKA_MODULUS:
- return &ckmk_emptyItem;
- case CKA_PUBLIC_EXPONENT:
- return &ckmk_emptyItem;
- case CKA_ID:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
- "PubKey:ID attr")
- default:
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- break;
- }
- return NULL;
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_pubKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ return &ckmk_trueItem;
+ case CKA_KEY_TYPE:
+ return &ckmk_rsaItem;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
+ "PubKey:Label attr")
+ case CKA_ENCRYPT:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyEncrypt, encrypt, item, *pError,
+ "PubKey:Encrypt attr")
+ case CKA_VERIFY:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerify, verify, item, *pError,
+ "PubKey:Verify attr")
+ case CKA_VERIFY_RECOVER:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerifyRecover, verifyRecover,
+ item, *pError, "PubKey:VerifyRecover attr")
+ case CKA_PRIVATE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
+ "PubKey:Private attr")
+ case CKA_MODIFIABLE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
+ "PubKey:Modify attr")
+ case CKA_DERIVE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
+ "PubKey:Derive attr")
+ case CKA_WRAP:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyWrap, wrap, item, *pError,
+ "PubKey:Wrap attr")
+ case CKA_SUBJECT:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
+ "PubKey:Subect attr")
+ case CKA_MODULUS:
+ return &ckmk_emptyItem;
+ case CKA_PUBLIC_EXPONENT:
+ return &ckmk_emptyItem;
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
+ "PubKey:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ return NULL;
}
const NSSItem *
-ckmk_FetchPrivKeyAttribute
-(
- ckmkInternalObject *io,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError
-)
+ckmk_FetchPrivKeyAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
{
- ckmkItemObject *item = &io->u.item;
- *pError = CKR_OK;
-
- switch(type) {
- case CKA_CLASS:
- return &ckmk_privKeyClassItem;
- case CKA_TOKEN:
- case CKA_LOCAL:
- return &ckmk_trueItem;
- case CKA_SENSITIVE:
- case CKA_EXTRACTABLE: /* will probably move in the future */
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- return &ckmk_falseItem;
- case CKA_KEY_TYPE:
- return &ckmk_rsaItem;
- case CKA_LABEL:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
- "PrivateKey:Label attr")
- case CKA_DECRYPT:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDecrypt, decrypt, item, *pError,
- "PrivateKey:Decrypt attr")
- case CKA_SIGN:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeySign, sign, item, *pError,
- "PrivateKey:Sign attr")
- case CKA_SIGN_RECOVER:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeySignRecover, signRecover, item, *pError,
- "PrivateKey:Sign Recover attr")
- case CKA_PRIVATE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
- "PrivateKey:Private attr")
- case CKA_MODIFIABLE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
- "PrivateKey:Modify attr")
- case CKA_DERIVE:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
- "PrivateKey:Derive attr")
- case CKA_UNWRAP:
- CKMK_HANDLE_BOOL_ITEM(io, kSecKeyUnwrap, unwrap, item, *pError,
- "PrivateKey:Unwrap attr")
- case CKA_SUBJECT:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
- "PrivateKey:Subject attr")
- case CKA_MODULUS:
- if (0 == item->modulus.size) {
- ckmk_fetchModulus(io);
- }
- return &item->modulus;
- case CKA_PUBLIC_EXPONENT:
- return &ckmk_emptyItem;
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_privKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ return &ckmk_trueItem;
+ case CKA_SENSITIVE:
+ case CKA_EXTRACTABLE: /* will probably move in the future */
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ return &ckmk_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckmk_rsaItem;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
+ "PrivateKey:Label attr")
+ case CKA_DECRYPT:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDecrypt, decrypt, item, *pError,
+ "PrivateKey:Decrypt attr")
+ case CKA_SIGN:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeySign, sign, item, *pError,
+ "PrivateKey:Sign attr")
+ case CKA_SIGN_RECOVER:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeySignRecover, signRecover, item, *pError,
+ "PrivateKey:Sign Recover attr")
+ case CKA_PRIVATE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
+ "PrivateKey:Private attr")
+ case CKA_MODIFIABLE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
+ "PrivateKey:Modify attr")
+ case CKA_DERIVE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
+ "PrivateKey:Derive attr")
+ case CKA_UNWRAP:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyUnwrap, unwrap, item, *pError,
+ "PrivateKey:Unwrap attr")
+ case CKA_SUBJECT:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
+ "PrivateKey:Subject attr")
+ case CKA_MODULUS:
+ if (0 == item->modulus.size) {
+ ckmk_fetchModulus(io);
+ }
+ return &item->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ return &ckmk_emptyItem;
#ifdef notdef
- /* the following are sensitive attributes. We could implement them for
- * sensitive keys using the key export function, but it's better to
- * just support wrap through this token. That will more reliably allow us
- * to export any private key that is truly exportable.
- */
- case CKA_PRIVATE_EXPONENT:
- CKMK_HANDLE_DATA_ITEM(io, kSecPrivateExponentItemAttr, privateExponent,
- item, *pError)
- case CKA_PRIME_1:
- CKMK_HANDLE_DATA_ITEM(io, kSecPrime1ItemAttr, prime1, item, *pError)
- case CKA_PRIME_2:
- CKMK_HANDLE_DATA_ITEM(io, kSecPrime2ItemAttr, prime2, item, *pError)
- case CKA_EXPONENT_1:
- CKMK_HANDLE_DATA_ITEM(io, kSecExponent1ItemAttr, exponent1, item, *pError)
- case CKA_EXPONENT_2:
- CKMK_HANDLE_DATA_ITEM(io, kSecExponent2ItemAttr, exponent2, item, *pError)
- case CKA_COEFFICIENT:
- CKMK_HANDLE_DATA_ITEM(io, kSecCoefficientItemAttr, coefficient,
- item, *pError)
+ /* the following are sensitive attributes. We could implement them for
+ * sensitive keys using the key export function, but it's better to
+ * just support wrap through this token. That will more reliably allow us
+ * to export any private key that is truly exportable.
+ */
+ case CKA_PRIVATE_EXPONENT:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrivateExponentItemAttr, privateExponent,
+ item, *pError)
+ case CKA_PRIME_1:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrime1ItemAttr, prime1, item, *pError)
+ case CKA_PRIME_2:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrime2ItemAttr, prime2, item, *pError)
+ case CKA_EXPONENT_1:
+ CKMK_HANDLE_DATA_ITEM(io, kSecExponent1ItemAttr, exponent1, item, *pError)
+ case CKA_EXPONENT_2:
+ CKMK_HANDLE_DATA_ITEM(io, kSecExponent2ItemAttr, exponent2, item, *pError)
+ case CKA_COEFFICIENT:
+ CKMK_HANDLE_DATA_ITEM(io, kSecCoefficientItemAttr, coefficient,
+ item, *pError)
#endif
- case CKA_ID:
- CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
- "PrivateKey:ID attr")
- default:
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return NULL;
- }
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
+ "PrivateKey:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return NULL;
+ }
}
const NSSItem *
-nss_ckmk_FetchAttribute
-(
- ckmkInternalObject *io,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError
-)
+nss_ckmk_FetchAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
{
- CK_ULONG i;
- const NSSItem * value = NULL;
-
- if (io->type == ckmkRaw) {
- for( i = 0; i < io->u.raw.n; i++ ) {
- if( type == io->u.raw.types[i] ) {
- return &io->u.raw.items[i];
- }
+ CK_ULONG i;
+ const NSSItem *value = NULL;
+
+ if (io->type == ckmkRaw) {
+ for (i = 0; i < io->u.raw.n; i++) {
+ if (type == io->u.raw.types[i]) {
+ return &io->u.raw.items[i];
+ }
+ }
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return NULL;
+ }
+ /* deal with the common attributes */
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ value = ckmk_FetchCertAttribute(io, type, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ value = ckmk_FetchPrivKeyAttribute(io, type, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ value = ckmk_FetchPubKeyAttribute(io, type, pError);
+ break;
+ default:
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ return NULL;
}
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return NULL;
- }
- /* deal with the common attributes */
- switch (io->objClass) {
- case CKO_CERTIFICATE:
- value = ckmk_FetchCertAttribute(io, type, pError);
- break;
- case CKO_PRIVATE_KEY:
- value = ckmk_FetchPrivKeyAttribute(io, type, pError);
- break;
- case CKO_PUBLIC_KEY:
- value = ckmk_FetchPubKeyAttribute(io, type, pError);
- break;
- default:
- *pError = CKR_OBJECT_HANDLE_INVALID;
- return NULL;
- }
#ifdef DEBUG
- if (CKA_ID == type) {
- itemdump("id: ", value->data, value->size, *pError);
- }
+ if (CKA_ID == type) {
+ itemdump("id: ", value->data, value->size, *pError);
+ }
#endif
- return value;
+ return value;
}
-static void
-ckmk_removeObjectFromHash
-(
- ckmkInternalObject *io
-);
+static void
+ckmk_removeObjectFromHash(
+ ckmkInternalObject *io);
/*
*
* These are the MSObject functions we need to implement
*
* Finalize - unneeded (actually we should clean up the hashtables)
- * Destroy
+ * Destroy
* IsTokenObject - CK_TRUE
* GetAttributeCount
* GetAttributeTypes
@@ -910,541 +888,516 @@ ckmk_removeObjectFromHash
*/
static CK_RV
-ckmk_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
- OSStatus macErr;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ OSStatus macErr;
- if (ckmkRaw == io->type) {
- /* there is not 'object write protected' error, use the next best thing */
- return CKR_TOKEN_WRITE_PROTECTED;
- }
+ if (ckmkRaw == io->type) {
+ /* there is not 'object write protected' error, use the next best thing */
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
- /* This API is done well. The following 4 lines are the complete apple
- * specific part of this implementation */
- macErr = SecKeychainItemDelete(io->u.item.itemRef);
- if (noErr != macErr) {
- CKMK_MACERR("Delete object", macErr);
- }
+ /* This API is done well. The following 4 lines are the complete apple
+ * specific part of this implementation */
+ macErr = SecKeychainItemDelete(io->u.item.itemRef);
+ if (noErr != macErr) {
+ CKMK_MACERR("Delete object", macErr);
+ }
- /* remove it from the hash */
- ckmk_removeObjectFromHash(io);
+ /* remove it from the hash */
+ ckmk_removeObjectFromHash(io);
- /* free the puppy.. */
- nss_ckmk_DestroyInternalObject(io);
+ /* free the puppy.. */
+ nss_ckmk_DestroyInternalObject(io);
- return CKR_OK;
+ return CKR_OK;
}
static CK_BBOOL
-ckmk_mdObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_ULONG
-ckmk_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
-
- if (ckmkRaw == io->type) {
- return io->u.raw.n;
- }
- switch (io->objClass) {
- case CKO_CERTIFICATE:
- return certAttrsCount;
- case CKO_PUBLIC_KEY:
- return pubKeyAttrsCount;
- case CKO_PRIVATE_KEY:
- return privKeyAttrsCount;
- default:
- break;
- }
- return 0;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+
+ if (ckmkRaw == io->type) {
+ return io->u.raw.n;
+ }
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return certAttrsCount;
+ case CKO_PUBLIC_KEY:
+ return pubKeyAttrsCount;
+ case CKO_PRIVATE_KEY:
+ return privKeyAttrsCount;
+ default:
+ break;
+ }
+ return 0;
}
static CK_RV
-ckmk_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+ckmk_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
- CK_ULONG i;
- CK_RV error = CKR_OK;
- const CK_ATTRIBUTE_TYPE *attrs = NULL;
- CK_ULONG size = ckmk_mdObject_GetAttributeCount(
- mdObject, fwObject, mdSession, fwSession,
- mdToken, fwToken, mdInstance, fwInstance, &error);
-
- if( size != ulCount ) {
- return CKR_BUFFER_TOO_SMALL;
- }
- if (io->type == ckmkRaw) {
- attrs = io->u.raw.types;
- } else switch(io->objClass) {
- case CKO_CERTIFICATE:
- attrs = certAttrs;
- break;
- case CKO_PUBLIC_KEY:
- attrs = pubKeyAttrs;
- break;
- case CKO_PRIVATE_KEY:
- attrs = privKeyAttrs;
- break;
- default:
- return CKR_OK;
- }
-
- for( i = 0; i < size; i++) {
- typeArray[i] = attrs[i];
- }
-
- return CKR_OK;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_RV error = CKR_OK;
+ const CK_ATTRIBUTE_TYPE *attrs = NULL;
+ CK_ULONG size = ckmk_mdObject_GetAttributeCount(
+ mdObject, fwObject, mdSession, fwSession,
+ mdToken, fwToken, mdInstance, fwInstance, &error);
+
+ if (size != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ if (io->type == ckmkRaw) {
+ attrs = io->u.raw.types;
+ }
+ else
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ attrs =
+ certAttrs;
+ break;
+ case CKO_PUBLIC_KEY:
+ attrs =
+ pubKeyAttrs;
+ break;
+ case CKO_PRIVATE_KEY:
+ attrs =
+ privKeyAttrs;
+ break;
+ default:
+ return CKR_OK;
+ }
+
+ for (i = 0; i < size; i++) {
+ typeArray[i] = attrs[i];
+ }
+
+ return CKR_OK;
}
static CK_ULONG
-ckmk_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+ckmk_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
- const NSSItem *b;
+ const NSSItem *b;
- b = nss_ckmk_FetchAttribute(io, attribute, pError);
+ b = nss_ckmk_FetchAttribute(io, attribute, pError);
- if ((const NSSItem *)NULL == b) {
- return 0;
- }
- return b->size;
+ if ((const NSSItem *)NULL == b) {
+ return 0;
+ }
+ return b->size;
}
static CK_RV
-ckmk_mdObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
+ckmk_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
{
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
- SecKeychainItemRef itemRef;
-
- if (io->type == ckmkRaw) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- itemRef = io->u.item.itemRef;
-
- switch (io->objClass) {
- case CKO_PRIVATE_KEY:
- case CKO_PUBLIC_KEY:
- switch (attribute) {
- case CKA_ID:
- ckmk_updateAttribute(itemRef, kSecKeyLabel,
- value->data, value->size, "Set Attr Key ID");
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ SecKeychainItemRef itemRef;
+
+ if (io->type == ckmkRaw) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ itemRef = io->u.item.itemRef;
+
+ switch (io->objClass) {
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ switch (attribute) {
+ case CKA_ID:
+ ckmk_updateAttribute(itemRef, kSecKeyLabel,
+ value->data, value->size, "Set Attr Key ID");
#ifdef DEBUG
- itemdump("key id: ", value->data, value->size, CKR_OK);
+ itemdump("key id: ", value->data, value->size, CKR_OK);
#endif
- break;
- case CKA_LABEL:
- ckmk_updateAttribute(itemRef, kSecKeyPrintName, value->data,
- value->size, "Set Attr Key Label");
- break;
- default:
- break;
- }
- break;
-
- case CKO_CERTIFICATE:
- switch (attribute) {
- case CKA_ID:
- ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
- value->data, value->size, "Set Attr Cert ID");
- break;
- case CKA_LABEL:
- ckmk_updateAttribute(itemRef, kSecLabelItemAttr, value->data,
- value->size, "Set Attr Cert Label");
- break;
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- return CKR_OK;
+ break;
+ case CKA_LABEL:
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, value->data,
+ value->size, "Set Attr Key Label");
+ break;
+ default:
+ break;
+ }
+ break;
+
+ case CKO_CERTIFICATE:
+ switch (attribute) {
+ case CKA_ID:
+ ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
+ value->data, value->size, "Set Attr Cert ID");
+ break;
+ case CKA_LABEL:
+ ckmk_updateAttribute(itemRef, kSecLabelItemAttr, value->data,
+ value->size, "Set Attr Cert Label");
+ break;
+ default:
+ break;
+ }
+ break;
+
+ default:
+ break;
+ }
+ return CKR_OK;
}
static NSSCKFWItem
-ckmk_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+ckmk_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- NSSCKFWItem mdItem;
- ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
-
- mdItem.needsFreeing = PR_FALSE;
- mdItem.item = (NSSItem*)nss_ckmk_FetchAttribute(io, attribute, pError);
+ NSSCKFWItem mdItem;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)nss_ckmk_FetchAttribute(io, attribute, pError);
- return mdItem;
+ return mdItem;
}
static CK_ULONG
-ckmk_mdObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- CK_ULONG rv = 1;
+ CK_ULONG rv = 1;
- /* size is irrelevant to this token */
- return rv;
+ /* size is irrelevant to this token */
+ return rv;
}
static const NSSCKMDObject
-ckmk_prototype_mdObject = {
- (void *)NULL, /* etc */
- NULL, /* Finalize */
- ckmk_mdObject_Destroy,
- ckmk_mdObject_IsTokenObject,
- ckmk_mdObject_GetAttributeCount,
- ckmk_mdObject_GetAttributeTypes,
- ckmk_mdObject_GetAttributeSize,
- ckmk_mdObject_GetAttribute,
- NULL, /* FreeAttribute */
- ckmk_mdObject_SetAttribute,
- ckmk_mdObject_GetObjectSize,
- (void *)NULL /* null terminator */
-};
+ ckmk_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ ckmk_mdObject_Destroy,
+ ckmk_mdObject_IsTokenObject,
+ ckmk_mdObject_GetAttributeCount,
+ ckmk_mdObject_GetAttributeTypes,
+ ckmk_mdObject_GetAttributeSize,
+ ckmk_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ ckmk_mdObject_SetAttribute,
+ ckmk_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
static nssHash *ckmkInternalObjectHash = NULL;
NSS_IMPLEMENT NSSCKMDObject *
-nss_ckmk_CreateMDObject
-(
- NSSArena *arena,
- ckmkInternalObject *io,
- CK_RV *pError
-)
+nss_ckmk_CreateMDObject(
+ NSSArena *arena,
+ ckmkInternalObject *io,
+ CK_RV *pError)
{
- if ((nssHash *)NULL == ckmkInternalObjectHash) {
- ckmkInternalObjectHash = nssHash_CreateItem(NULL, 10);
- }
- if (ckmkItem == io->type) {
- /* the hash key, not a cryptographic key */
- NSSItem *key = &io->hashKey;
- ckmkInternalObject *old_o = NULL;
+ if ((nssHash *)NULL == ckmkInternalObjectHash) {
+ ckmkInternalObjectHash = nssHash_CreateItem(NULL, 10);
+ }
+ if (ckmkItem == io->type) {
+ /* the hash key, not a cryptographic key */
+ NSSItem *key = &io->hashKey;
+ ckmkInternalObject *old_o = NULL;
+
+ if (key->size == 0) {
+ ckmk_FetchHashKey(io);
+ }
+ old_o = (ckmkInternalObject *)
+ nssHash_Lookup(ckmkInternalObjectHash, key);
+ if (!old_o) {
+ nssHash_Add(ckmkInternalObjectHash, key, io);
+ }
+ else if (old_o != io) {
+ nss_ckmk_DestroyInternalObject(io);
+ io = old_o;
+ }
+ }
- if (key->size == 0) {
- ckmk_FetchHashKey(io);
- }
- old_o = (ckmkInternalObject *)
- nssHash_Lookup(ckmkInternalObjectHash, key);
- if (!old_o) {
- nssHash_Add(ckmkInternalObjectHash, key, io);
- } else if (old_o != io) {
- nss_ckmk_DestroyInternalObject(io);
- io = old_o;
- }
- }
-
- if ( (void*)NULL == io->mdObject.etc) {
- (void) nsslibc_memcpy(&io->mdObject,&ckmk_prototype_mdObject,
- sizeof(ckmk_prototype_mdObject));
- io->mdObject.etc = (void *)io;
- }
- return &io->mdObject;
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &ckmk_prototype_mdObject,
+ sizeof(ckmk_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
+ return &io->mdObject;
}
static void
-ckmk_removeObjectFromHash
-(
- ckmkInternalObject *io
-)
+ckmk_removeObjectFromHash(
+ ckmkInternalObject *io)
{
- NSSItem *key = &io->hashKey;
+ NSSItem *key = &io->hashKey;
- if ((nssHash *)NULL == ckmkInternalObjectHash) {
+ if ((nssHash *)NULL == ckmkInternalObjectHash) {
+ return;
+ }
+ if (key->size == 0) {
+ ckmk_FetchHashKey(io);
+ }
+ nssHash_Remove(ckmkInternalObjectHash, key);
return;
- }
- if (key->size == 0) {
- ckmk_FetchHashKey(io);
- }
- nssHash_Remove(ckmkInternalObjectHash, key);
- return;
}
-
void
-nss_ckmk_DestroyInternalObject
-(
- ckmkInternalObject *io
-)
+nss_ckmk_DestroyInternalObject(
+ ckmkInternalObject *io)
{
- switch (io->type) {
- case ckmkRaw:
+ switch (io->type) {
+ case ckmkRaw:
+ return;
+ case ckmkItem:
+ nss_ZFreeIf(io->u.item.modify.data);
+ nss_ZFreeIf(io->u.item.private.data);
+ nss_ZFreeIf(io->u.item.encrypt.data);
+ nss_ZFreeIf(io->u.item.decrypt.data);
+ nss_ZFreeIf(io->u.item.derive.data);
+ nss_ZFreeIf(io->u.item.sign.data);
+ nss_ZFreeIf(io->u.item.signRecover.data);
+ nss_ZFreeIf(io->u.item.verify.data);
+ nss_ZFreeIf(io->u.item.verifyRecover.data);
+ nss_ZFreeIf(io->u.item.wrap.data);
+ nss_ZFreeIf(io->u.item.unwrap.data);
+ nss_ZFreeIf(io->u.item.label.data);
+ /*nss_ZFreeIf(io->u.item.subject.data); */
+ /*nss_ZFreeIf(io->u.item.issuer.data); */
+ nss_ZFreeIf(io->u.item.serial.data);
+ nss_ZFreeIf(io->u.item.modulus.data);
+ nss_ZFreeIf(io->u.item.exponent.data);
+ nss_ZFreeIf(io->u.item.privateExponent.data);
+ nss_ZFreeIf(io->u.item.prime1.data);
+ nss_ZFreeIf(io->u.item.prime2.data);
+ nss_ZFreeIf(io->u.item.exponent1.data);
+ nss_ZFreeIf(io->u.item.exponent2.data);
+ nss_ZFreeIf(io->u.item.coefficient.data);
+ break;
+ }
+ nss_ZFreeIf(io);
return;
- case ckmkItem:
- nss_ZFreeIf(io->u.item.modify.data);
- nss_ZFreeIf(io->u.item.private.data);
- nss_ZFreeIf(io->u.item.encrypt.data);
- nss_ZFreeIf(io->u.item.decrypt.data);
- nss_ZFreeIf(io->u.item.derive.data);
- nss_ZFreeIf(io->u.item.sign.data);
- nss_ZFreeIf(io->u.item.signRecover.data);
- nss_ZFreeIf(io->u.item.verify.data);
- nss_ZFreeIf(io->u.item.verifyRecover.data);
- nss_ZFreeIf(io->u.item.wrap.data);
- nss_ZFreeIf(io->u.item.unwrap.data);
- nss_ZFreeIf(io->u.item.label.data);
- /*nss_ZFreeIf(io->u.item.subject.data); */
- /*nss_ZFreeIf(io->u.item.issuer.data); */
- nss_ZFreeIf(io->u.item.serial.data);
- nss_ZFreeIf(io->u.item.modulus.data);
- nss_ZFreeIf(io->u.item.exponent.data);
- nss_ZFreeIf(io->u.item.privateExponent.data);
- nss_ZFreeIf(io->u.item.prime1.data);
- nss_ZFreeIf(io->u.item.prime2.data);
- nss_ZFreeIf(io->u.item.exponent1.data);
- nss_ZFreeIf(io->u.item.exponent2.data);
- nss_ZFreeIf(io->u.item.coefficient.data);
- break;
- }
- nss_ZFreeIf(io);
- return;
}
-
static ckmkInternalObject *
-nss_ckmk_NewInternalObject
-(
- CK_OBJECT_CLASS objClass,
- SecKeychainItemRef itemRef,
- SecItemClass itemClass,
- CK_RV *pError
-)
+nss_ckmk_NewInternalObject(
+ CK_OBJECT_CLASS objClass,
+ SecKeychainItemRef itemRef,
+ SecItemClass itemClass,
+ CK_RV *pError)
{
- ckmkInternalObject *io = nss_ZNEW(NULL, ckmkInternalObject);
+ ckmkInternalObject *io = nss_ZNEW(NULL, ckmkInternalObject);
- if ((ckmkInternalObject *)NULL == io) {
- *pError = CKR_HOST_MEMORY;
+ if ((ckmkInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ return io;
+ }
+ io->type = ckmkItem;
+ io->objClass = objClass;
+ io->u.item.itemRef = itemRef;
+ io->u.item.itemClass = itemClass;
return io;
- }
- io->type = ckmkItem;
- io->objClass = objClass;
- io->u.item.itemRef = itemRef;
- io->u.item.itemClass = itemClass;
- return io;
}
/*
- * Apple doesn't alway have a default keyChain set by the OS, use the
+ * Apple doesn't alway have a default keyChain set by the OS, use the
* SearchList to try to find one.
*/
static CK_RV
-ckmk_GetSafeDefaultKeychain
-(
- SecKeychainRef *keychainRef
-)
+ckmk_GetSafeDefaultKeychain(
+ SecKeychainRef *keychainRef)
{
- OSStatus macErr;
- CFArrayRef searchList = 0;
- CK_RV error = CKR_OK;
-
- macErr = SecKeychainCopyDefault(keychainRef);
- if (noErr != macErr) {
- int searchCount = 0;
- if (errSecNoDefaultKeychain != macErr) {
- CKMK_MACERR("Getting default key chain", macErr);
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
- /* ok, we don't have a default key chain, find one */
- macErr = SecKeychainCopySearchList(&searchList);
+ OSStatus macErr;
+ CFArrayRef searchList = 0;
+ CK_RV error = CKR_OK;
+
+ macErr = SecKeychainCopyDefault(keychainRef);
if (noErr != macErr) {
- CKMK_MACERR("failed to find a keyring searchList", macErr);
- error = CKR_DEVICE_REMOVED;
- goto loser;
- }
- searchCount = CFArrayGetCount(searchList);
- if (searchCount < 1) {
- error = CKR_DEVICE_REMOVED;
- goto loser;
- }
- *keychainRef =
- (SecKeychainRef)CFRetain(CFArrayGetValueAtIndex(searchList, 0));
- if (0 == *keychainRef) {
- error = CKR_DEVICE_REMOVED;
- goto loser;
- }
- /* should we set it as default? */
- }
+ int searchCount = 0;
+ if (errSecNoDefaultKeychain != macErr) {
+ CKMK_MACERR("Getting default key chain", macErr);
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+ /* ok, we don't have a default key chain, find one */
+ macErr = SecKeychainCopySearchList(&searchList);
+ if (noErr != macErr) {
+ CKMK_MACERR("failed to find a keyring searchList", macErr);
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ searchCount = CFArrayGetCount(searchList);
+ if (searchCount < 1) {
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ *keychainRef =
+ (SecKeychainRef)CFRetain(CFArrayGetValueAtIndex(searchList, 0));
+ if (0 == *keychainRef) {
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ /* should we set it as default? */
+ }
loser:
- if (0 != searchList) {
- CFRelease(searchList);
- }
- return error;
+ if (0 != searchList) {
+ CFRelease(searchList);
+ }
+ return error;
}
static ckmkInternalObject *
-nss_ckmk_CreateCertificate
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckmk_CreateCertificate(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSItem value;
- ckmkInternalObject *io = NULL;
- OSStatus macErr;
- SecCertificateRef certRef;
- SecKeychainItemRef itemRef;
- SecKeychainRef keychainRef;
- CSSM_DATA certData;
-
- *pError = nss_ckmk_GetAttribute(CKA_VALUE, pTemplate,
- ulAttributeCount, &value);
- if (CKR_OK != *pError) {
- goto loser;
- }
-
- certData.Data = value.data;
- certData.Length = value.size;
- macErr = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3,
- CSSM_CERT_ENCODING_BER, &certRef);
- if (noErr != macErr) {
- CKMK_MACERR("Create cert from data Failed", macErr);
- *pError = CKR_GENERAL_ERROR; /* need to map macErr */
- goto loser;
- }
-
- *pError = ckmk_GetSafeDefaultKeychain(&keychainRef);
- if (CKR_OK != *pError) {
- goto loser;
- }
-
- macErr = SecCertificateAddToKeychain( certRef, keychainRef);
- itemRef = (SecKeychainItemRef) certRef;
- if (errSecDuplicateItem != macErr) {
- NSSItem keyID = { NULL, 0 };
- char *nickname = NULL;
- CK_RV dummy;
+ NSSItem value;
+ ckmkInternalObject *io = NULL;
+ OSStatus macErr;
+ SecCertificateRef certRef;
+ SecKeychainItemRef itemRef;
+ SecKeychainRef keychainRef;
+ CSSM_DATA certData;
+
+ *pError = nss_ckmk_GetAttribute(CKA_VALUE, pTemplate,
+ ulAttributeCount, &value);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+ certData.Data = value.data;
+ certData.Length = value.size;
+ macErr = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3,
+ CSSM_CERT_ENCODING_BER, &certRef);
if (noErr != macErr) {
- CKMK_MACERR("Add cert to keychain Failed", macErr);
- *pError = CKR_GENERAL_ERROR; /* need to map macErr */
- goto loser;
- }
- /* these two are optional */
- nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
- ulAttributeCount, &dummy);
- /* we've added a new one, update the attributes in the key ring */
- if (nickname) {
- ckmk_updateAttribute(itemRef, kSecLabelItemAttr, nickname,
- strlen(nickname)+1, "Modify Cert Label");
- nss_ZFreeIf(nickname);
+ CKMK_MACERR("Create cert from data Failed", macErr);
+ *pError = CKR_GENERAL_ERROR; /* need to map macErr */
+ goto loser;
}
- dummy = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
- ulAttributeCount, &keyID);
- if (CKR_OK == dummy) {
- dummy = ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
- keyID.data, keyID.size, "Modify Cert ID");
+
+ *pError = ckmk_GetSafeDefaultKeychain(&keychainRef);
+ if (CKR_OK != *pError) {
+ goto loser;
}
- }
- io = nss_ckmk_NewInternalObject(CKO_CERTIFICATE, itemRef,
- kSecCertificateItemClass, pError);
- if ((ckmkInternalObject *)NULL != io) {
- itemRef = 0;
- }
+ macErr = SecCertificateAddToKeychain(certRef, keychainRef);
+ itemRef = (SecKeychainItemRef)certRef;
+ if (errSecDuplicateItem != macErr) {
+ NSSItem keyID = { NULL, 0 };
+ char *nickname = NULL;
+ CK_RV dummy;
+
+ if (noErr != macErr) {
+ CKMK_MACERR("Add cert to keychain Failed", macErr);
+ *pError = CKR_GENERAL_ERROR; /* need to map macErr */
+ goto loser;
+ }
+ /* these two are optional */
+ nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &dummy);
+ /* we've added a new one, update the attributes in the key ring */
+ if (nickname) {
+ ckmk_updateAttribute(itemRef, kSecLabelItemAttr, nickname,
+ strlen(nickname) + 1, "Modify Cert Label");
+ nss_ZFreeIf(nickname);
+ }
+ dummy = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+ if (CKR_OK == dummy) {
+ dummy = ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
+ keyID.data, keyID.size, "Modify Cert ID");
+ }
+ }
+
+ io = nss_ckmk_NewInternalObject(CKO_CERTIFICATE, itemRef,
+ kSecCertificateItemClass, pError);
+ if ((ckmkInternalObject *)NULL != io) {
+ itemRef = 0;
+ }
loser:
- if (0 != itemRef) {
- CFRelease(itemRef);
- }
- if (0 != keychainRef) {
- CFRelease(keychainRef);
- }
-
- return io;
+ if (0 != itemRef) {
+ CFRelease(itemRef);
+ }
+ if (0 != keychainRef) {
+ CFRelease(keychainRef);
+ }
+
+ return io;
}
/*
@@ -1457,8 +1410,8 @@ struct ckmk_AttributeStr {
typedef struct ckmk_AttributeStr ckmk_Attribute;
/*
-** A PKCS#8 private key info object
-*/
+ ** A PKCS#8 private key info object
+ */
struct PrivateKeyInfoStr {
PLArenaPool *arena;
SECItem version;
@@ -1470,23 +1423,23 @@ typedef struct PrivateKeyInfoStr PrivateKeyInfo;
const SEC_ASN1Template ckmk_RSAPrivateKeyTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(RSAPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,version) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,modulus) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,publicExponent) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,privateExponent) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,prime1) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,prime2) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,exponent1) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,exponent2) },
- { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey,coefficient) },
- { 0 }
-};
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, version) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, modulus) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime1) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime2) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, coefficient) },
+ { 0 }
+};
const SEC_ASN1Template ckmk_AttributeTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ckmk_Attribute) },
{ SEC_ASN1_OBJECT_ID, offsetof(ckmk_Attribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(ckmk_Attribute, attrValue),
- SEC_AnyTemplate },
+ { SEC_ASN1_SET_OF, offsetof(ckmk_Attribute, attrValue),
+ SEC_AnyTemplate },
{ 0 }
};
@@ -1499,91 +1452,89 @@ SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
/* ASN1 Templates for new decoder/encoder */
const SEC_ASN1Template ckmk_PrivateKeyInfoTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PrivateKeyInfo) },
- { SEC_ASN1_INTEGER, offsetof(PrivateKeyInfo,version) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(PrivateKeyInfo,algorithm),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(PrivateKeyInfo,privateKey) },
+ { SEC_ASN1_INTEGER, offsetof(PrivateKeyInfo, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(PrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(PrivateKeyInfo, privateKey) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(PrivateKeyInfo, attributes), ckmk_SetOfAttributeTemplate },
+ offsetof(PrivateKeyInfo, attributes), ckmk_SetOfAttributeTemplate },
{ 0 }
};
#define CKMK_PRIVATE_KEY_INFO_VERSION 0
static CK_RV
-ckmk_CreateRSAKeyBlob
-(
- RSAPrivateKey *lk,
- NSSItem *keyBlob
-)
+ckmk_CreateRSAKeyBlob(
+ RSAPrivateKey *lk,
+ NSSItem *keyBlob)
{
- PrivateKeyInfo *pki = NULL;
- PLArenaPool *arena = NULL;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
- void *dummy;
- SECStatus rv;
- SECItem *encodedKey = NULL;
- CK_RV error = CKR_OK;
-
- arena = PORT_NewArena(2048); /* XXX different size? */
- if(!arena) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
-
- pki = (PrivateKeyInfo*)PORT_ArenaZAlloc(arena, sizeof(PrivateKeyInfo));
- if(!pki) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
- pki->arena = arena;
-
- dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
- ckmk_RSAPrivateKeyTemplate);
- algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
-
- if (!dummy) {
- error = CKR_DEVICE_ERROR; /* should map NSS SECError */
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
- (SECItem*)NULL);
- if (rv != SECSuccess) {
- error = CKR_DEVICE_ERROR; /* should map NSS SECError */
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
- CKMK_PRIVATE_KEY_INFO_VERSION);
- if (!dummy) {
- error = CKR_DEVICE_ERROR; /* should map NSS SECError */
- goto loser;
- }
-
- encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
- ckmk_PrivateKeyInfoTemplate);
- if (!encodedKey) {
- error = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- keyBlob->data = nss_ZNEWARRAY(NULL, char, encodedKey->len);
- if (NULL == keyBlob->data) {
- error = CKR_HOST_MEMORY;
- goto loser;
- }
- nsslibc_memcpy(keyBlob->data, encodedKey->data, encodedKey->len);
- keyBlob->size = encodedKey->len;
+ PrivateKeyInfo *pki = NULL;
+ PLArenaPool *arena = NULL;
+ SECOidTag algorithm = SEC_OID_UNKNOWN;
+ void *dummy;
+ SECStatus rv;
+ SECItem *encodedKey = NULL;
+ CK_RV error = CKR_OK;
+
+ arena = PORT_NewArena(2048); /* XXX different size? */
+ if (!arena) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ pki = (PrivateKeyInfo *)PORT_ArenaZAlloc(arena, sizeof(PrivateKeyInfo));
+ if (!pki) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ pki->arena = arena;
+
+ dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
+ ckmk_RSAPrivateKeyTemplate);
+ algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
+
+ if (!dummy) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
+ (SECItem *)NULL);
+ if (rv != SECSuccess) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
+ CKMK_PRIVATE_KEY_INFO_VERSION);
+ if (!dummy) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
+ ckmk_PrivateKeyInfoTemplate);
+ if (!encodedKey) {
+ error = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ keyBlob->data = nss_ZNEWARRAY(NULL, char, encodedKey->len);
+ if (NULL == keyBlob->data) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(keyBlob->data, encodedKey->data, encodedKey->len);
+ keyBlob->size = encodedKey->len;
loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
- if (encodedKey) {
- SECITEM_FreeItem(encodedKey, PR_TRUE);
- }
-
- return error;
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ if (encodedKey) {
+ SECITEM_FreeItem(encodedKey, PR_TRUE);
+ }
+
+ return error;
}
/*
* There MUST be a better way to do this. For now, find the key based on the
@@ -1591,334 +1542,327 @@ loser:
*/
#define IMPORTED_NAME "Imported Private Key"
static CK_RV
-ckmk_FindImportedKey
-(
- SecKeychainRef keychainRef,
- SecItemClass itemClass,
- SecKeychainItemRef *outItemRef
-)
+ckmk_FindImportedKey(
+ SecKeychainRef keychainRef,
+ SecItemClass itemClass,
+ SecKeychainItemRef *outItemRef)
{
- OSStatus macErr;
- SecKeychainSearchRef searchRef = 0;
- SecKeychainItemRef newItemRef;
-
- macErr = SecKeychainSearchCreateFromAttributes(keychainRef, itemClass,
- NULL, &searchRef);
- if (noErr != macErr) {
- CKMK_MACERR("Can't search for Key", macErr);
- return CKR_GENERAL_ERROR;
- }
- while (noErr == SecKeychainSearchCopyNext(searchRef, &newItemRef)) {
- SecKeychainAttributeList *attrList = NULL;
- SecKeychainAttributeInfo attrInfo;
- SecItemAttr itemAttr = kSecKeyPrintName;
- PRUint32 attrFormat = 0;
OSStatus macErr;
+ SecKeychainSearchRef searchRef = 0;
+ SecKeychainItemRef newItemRef;
- attrInfo.count = 1;
- attrInfo.tag = &itemAttr;
- attrInfo.format = &attrFormat;
-
- macErr = SecKeychainItemCopyAttributesAndData(newItemRef,
- &attrInfo, NULL, &attrList, NULL, NULL);
- if (noErr == macErr) {
- if (nsslibc_memcmp(attrList->attr->data, IMPORTED_NAME,
- attrList->attr->length, NULL) == 0) {
- *outItemRef = newItemRef;
- CFRelease (searchRef);
- SecKeychainItemFreeAttributesAndData(attrList, NULL);
- return CKR_OK;
- }
- SecKeychainItemFreeAttributesAndData(attrList, NULL);
- }
- CFRelease(newItemRef);
- }
- CFRelease (searchRef);
- return CKR_GENERAL_ERROR; /* we can come up with something better! */
+ macErr = SecKeychainSearchCreateFromAttributes(keychainRef, itemClass,
+ NULL, &searchRef);
+ if (noErr != macErr) {
+ CKMK_MACERR("Can't search for Key", macErr);
+ return CKR_GENERAL_ERROR;
+ }
+ while (noErr == SecKeychainSearchCopyNext(searchRef, &newItemRef)) {
+ SecKeychainAttributeList *attrList = NULL;
+ SecKeychainAttributeInfo attrInfo;
+ SecItemAttr itemAttr = kSecKeyPrintName;
+ PRUint32 attrFormat = 0;
+ OSStatus macErr;
+
+ attrInfo.count = 1;
+ attrInfo.tag = &itemAttr;
+ attrInfo.format = &attrFormat;
+
+ macErr = SecKeychainItemCopyAttributesAndData(newItemRef,
+ &attrInfo, NULL, &attrList, NULL, NULL);
+ if (noErr == macErr) {
+ if (nsslibc_memcmp(attrList->attr->data, IMPORTED_NAME,
+ attrList->attr->length, NULL) == 0) {
+ *outItemRef = newItemRef;
+ CFRelease(searchRef);
+ SecKeychainItemFreeAttributesAndData(attrList, NULL);
+ return CKR_OK;
+ }
+ SecKeychainItemFreeAttributesAndData(attrList, NULL);
+ }
+ CFRelease(newItemRef);
+ }
+ CFRelease(searchRef);
+ return CKR_GENERAL_ERROR; /* we can come up with something better! */
}
static ckmkInternalObject *
-nss_ckmk_CreatePrivateKey
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckmk_CreatePrivateKey(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSItem attribute;
- RSAPrivateKey lk;
- NSSItem keyID;
- char *nickname = NULL;
- ckmkInternalObject *io = NULL;
- CK_KEY_TYPE keyType;
- OSStatus macErr;
- SecKeychainItemRef itemRef = 0;
- NSSItem keyBlob = { NULL, 0 };
- CFDataRef dataRef = 0;
- SecExternalFormat inputFormat = kSecFormatBSAFE;
- /*SecExternalFormat inputFormat = kSecFormatOpenSSL; */
- SecExternalItemType itemType = kSecItemTypePrivateKey;
- SecKeyImportExportParameters keyParams ;
- SecKeychainRef targetKeychain = 0;
- unsigned char zero = 0;
- CK_RV error;
-
- keyParams.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION;
- keyParams.flags = 0;
- keyParams.passphrase = 0;
- keyParams.alertTitle = 0;
- keyParams.alertPrompt = 0;
- keyParams.accessRef = 0; /* default */
- keyParams.keyUsage = 0; /* will get filled in */
- keyParams.keyAttributes = CSSM_KEYATTR_PERMANENT; /* will get filled in */
- keyType = nss_ckmk_GetULongAttribute
- (CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- if (CKK_RSA != keyType) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (ckmkInternalObject *)NULL;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_DECRYPT,
- pTemplate, ulAttributeCount, CK_TRUE)) {
- keyParams.keyUsage |= CSSM_KEYUSE_DECRYPT;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_UNWRAP,
- pTemplate, ulAttributeCount, CK_TRUE)) {
- keyParams.keyUsage |= CSSM_KEYUSE_UNWRAP;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_SIGN,
- pTemplate, ulAttributeCount, CK_TRUE)) {
- keyParams.keyUsage |= CSSM_KEYUSE_SIGN;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_DERIVE,
- pTemplate, ulAttributeCount, CK_FALSE)) {
- keyParams.keyUsage |= CSSM_KEYUSE_DERIVE;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_SENSITIVE,
- pTemplate, ulAttributeCount, CK_TRUE)) {
- keyParams.keyAttributes |= CSSM_KEYATTR_SENSITIVE;
- }
- if (nss_ckmk_GetBoolAttribute(CKA_EXTRACTABLE,
- pTemplate, ulAttributeCount, CK_TRUE)) {
- keyParams.keyAttributes |= CSSM_KEYATTR_EXTRACTABLE;
- }
-
- lk.version.type = siUnsignedInteger;
- lk.version.data = &zero;
- lk.version.len = 1;
-
- *pError = nss_ckmk_GetAttribute(CKA_MODULUS, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.modulus.type = siUnsignedInteger;
- lk.modulus.data = attribute.data;
- lk.modulus.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.publicExponent.type = siUnsignedInteger;
- lk.publicExponent.data = attribute.data;
- lk.publicExponent.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.privateExponent.type = siUnsignedInteger;
- lk.privateExponent.data = attribute.data;
- lk.privateExponent.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_PRIME_1, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.prime1.type = siUnsignedInteger;
- lk.prime1.data = attribute.data;
- lk.prime1.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_PRIME_2, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.prime2.type = siUnsignedInteger;
- lk.prime2.data = attribute.data;
- lk.prime2.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_1, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.exponent1.type = siUnsignedInteger;
- lk.exponent1.data = attribute.data;
- lk.exponent1.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_2, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.exponent2.type = siUnsignedInteger;
- lk.exponent2.data = attribute.data;
- lk.exponent2.len = attribute.size;
-
- *pError = nss_ckmk_GetAttribute(CKA_COEFFICIENT, pTemplate,
- ulAttributeCount, &attribute);
- if (CKR_OK != *pError) {
- return (ckmkInternalObject *)NULL;
- }
- lk.coefficient.type = siUnsignedInteger;
- lk.coefficient.data = attribute.data;
- lk.coefficient.len = attribute.size;
-
- /* ASN1 Encode the pkcs8 structure... look at softoken to see how this
- * is done... */
- error = ckmk_CreateRSAKeyBlob(&lk, &keyBlob);
- if (CKR_OK != error) {
- goto loser;
- }
-
- dataRef = CFDataCreate(NULL, (UInt8 *)keyBlob.data, keyBlob.size);
- if (0 == dataRef) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- *pError == ckmk_GetSafeDefaultKeychain(&targetKeychain);
- if (CKR_OK != *pError) {
- goto loser;
- }
-
-
- /* the itemArray that is returned is useless. the item does not
- * is 'not on the key chain' so none of the modify calls work on it.
- * It also has a key that isn't the same key as the one in the actual
- * key chain. In short it isn't the item we want, and it gives us zero
- * information about the item we want, so don't even bother with it...
- */
- macErr = SecKeychainItemImport(dataRef, NULL, &inputFormat, &itemType, 0,
- &keyParams, targetKeychain, NULL);
- if (noErr != macErr) {
- CKMK_MACERR("Import Private Key", macErr);
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- *pError = ckmk_FindImportedKey(targetKeychain,
- CSSM_DL_DB_RECORD_PRIVATE_KEY,
- &itemRef);
- if (CKR_OK != *pError) {
+ NSSItem attribute;
+ RSAPrivateKey lk;
+ NSSItem keyID;
+ char *nickname = NULL;
+ ckmkInternalObject *io = NULL;
+ CK_KEY_TYPE keyType;
+ OSStatus macErr;
+ SecKeychainItemRef itemRef = 0;
+ NSSItem keyBlob = { NULL, 0 };
+ CFDataRef dataRef = 0;
+ SecExternalFormat inputFormat = kSecFormatBSAFE;
+ /*SecExternalFormat inputFormat = kSecFormatOpenSSL; */
+ SecExternalItemType itemType = kSecItemTypePrivateKey;
+ SecKeyImportExportParameters keyParams;
+ SecKeychainRef targetKeychain = 0;
+ unsigned char zero = 0;
+ CK_RV error;
+
+ keyParams.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION;
+ keyParams.flags = 0;
+ keyParams.passphrase = 0;
+ keyParams.alertTitle = 0;
+ keyParams.alertPrompt = 0;
+ keyParams.accessRef = 0; /* default */
+ keyParams.keyUsage = 0; /* will get filled in */
+ keyParams.keyAttributes = CSSM_KEYATTR_PERMANENT; /* will get filled in */
+ keyType = nss_ckmk_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ if (CKK_RSA != keyType) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (ckmkInternalObject *)NULL;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_DECRYPT,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_DECRYPT;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_UNWRAP,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_UNWRAP;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_SIGN,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_SIGN;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_DERIVE,
+ pTemplate, ulAttributeCount, CK_FALSE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_DERIVE;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_SENSITIVE,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyAttributes |= CSSM_KEYATTR_SENSITIVE;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_EXTRACTABLE,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyAttributes |= CSSM_KEYATTR_EXTRACTABLE;
+ }
+
+ lk.version.type = siUnsignedInteger;
+ lk.version.data = &zero;
+ lk.version.len = 1;
+
+ *pError = nss_ckmk_GetAttribute(CKA_MODULUS, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.modulus.type = siUnsignedInteger;
+ lk.modulus.data = attribute.data;
+ lk.modulus.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.publicExponent.type = siUnsignedInteger;
+ lk.publicExponent.data = attribute.data;
+ lk.publicExponent.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.privateExponent.type = siUnsignedInteger;
+ lk.privateExponent.data = attribute.data;
+ lk.privateExponent.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIME_1, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.prime1.type = siUnsignedInteger;
+ lk.prime1.data = attribute.data;
+ lk.prime1.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIME_2, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.prime2.type = siUnsignedInteger;
+ lk.prime2.data = attribute.data;
+ lk.prime2.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_1, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.exponent1.type = siUnsignedInteger;
+ lk.exponent1.data = attribute.data;
+ lk.exponent1.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_2, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.exponent2.type = siUnsignedInteger;
+ lk.exponent2.data = attribute.data;
+ lk.exponent2.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_COEFFICIENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.coefficient.type = siUnsignedInteger;
+ lk.coefficient.data = attribute.data;
+ lk.coefficient.len = attribute.size;
+
+ /* ASN1 Encode the pkcs8 structure... look at softoken to see how this
+ * is done... */
+ error = ckmk_CreateRSAKeyBlob(&lk, &keyBlob);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ dataRef = CFDataCreate(NULL, (UInt8 *)keyBlob.data, keyBlob.size);
+ if (0 == dataRef) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ *pError == ckmk_GetSafeDefaultKeychain(&targetKeychain);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ /* the itemArray that is returned is useless. the item does not
+ * is 'not on the key chain' so none of the modify calls work on it.
+ * It also has a key that isn't the same key as the one in the actual
+ * key chain. In short it isn't the item we want, and it gives us zero
+ * information about the item we want, so don't even bother with it...
+ */
+ macErr = SecKeychainItemImport(dataRef, NULL, &inputFormat, &itemType, 0,
+ &keyParams, targetKeychain, NULL);
+ if (noErr != macErr) {
+ CKMK_MACERR("Import Private Key", macErr);
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ *pError = ckmk_FindImportedKey(targetKeychain,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ &itemRef);
+ if (CKR_OK != *pError) {
#ifdef DEBUG
- fprintf(stderr,"couldn't find key in keychain \n");
+ fprintf(stderr, "couldn't find key in keychain \n");
#endif
- goto loser;
- }
-
+ goto loser;
+ }
- /* set the CKA_ID and the CKA_LABEL */
- error = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
+ /* set the CKA_ID and the CKA_LABEL */
+ error = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
ulAttributeCount, &keyID);
- if (CKR_OK == error) {
- error = ckmk_updateAttribute(itemRef, kSecKeyLabel,
- keyID.data, keyID.size, "Modify Key ID");
+ if (CKR_OK == error) {
+ error = ckmk_updateAttribute(itemRef, kSecKeyLabel,
+ keyID.data, keyID.size, "Modify Key ID");
#ifdef DEBUG
- itemdump("key id: ", keyID.data, keyID.size, error);
+ itemdump("key id: ", keyID.data, keyID.size, error);
#endif
- }
- nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
- ulAttributeCount, &error);
- if (nickname) {
- ckmk_updateAttribute(itemRef, kSecKeyPrintName, nickname,
- strlen(nickname)+1, "Modify Key Label");
- } else {
+ }
+ nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &error);
+ if (nickname) {
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, nickname,
+ strlen(nickname) + 1, "Modify Key Label");
+ }
+ else {
#define DEFAULT_NICKNAME "NSS Imported Key"
- ckmk_updateAttribute(itemRef, kSecKeyPrintName, DEFAULT_NICKNAME,
- sizeof(DEFAULT_NICKNAME), "Modify Key Label");
- }
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, DEFAULT_NICKNAME,
+ sizeof(DEFAULT_NICKNAME), "Modify Key Label");
+ }
- io = nss_ckmk_NewInternalObject(CKO_PRIVATE_KEY, itemRef,
- CSSM_DL_DB_RECORD_PRIVATE_KEY, pError);
- if ((ckmkInternalObject *)NULL == io) {
- CFRelease(itemRef);
- }
+ io = nss_ckmk_NewInternalObject(CKO_PRIVATE_KEY, itemRef,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY, pError);
+ if ((ckmkInternalObject *)NULL == io) {
+ CFRelease(itemRef);
+ }
- return io;
+ return io;
loser:
- /* free the key blob */
- if (keyBlob.data) {
- nss_ZFreeIf(keyBlob.data);
- }
- if (0 != targetKeychain) {
- CFRelease(targetKeychain);
- }
- if (0 != dataRef) {
- CFRelease(dataRef);
- }
- return io;
+ /* free the key blob */
+ if (keyBlob.data) {
+ nss_ZFreeIf(keyBlob.data);
+ }
+ if (0 != targetKeychain) {
+ CFRelease(targetKeychain);
+ }
+ if (0 != dataRef) {
+ CFRelease(dataRef);
+ }
+ return io;
}
-
NSS_EXTERN NSSCKMDObject *
-nss_ckmk_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nss_ckmk_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- CK_OBJECT_CLASS objClass;
- ckmkInternalObject *io = NULL;
- CK_BBOOL isToken;
-
- /*
- * only create token objects
- */
- isToken = nss_ckmk_GetBoolAttribute(CKA_TOKEN, pTemplate,
- ulAttributeCount, CK_FALSE);
- if (!isToken) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (NSSCKMDObject *) NULL;
- }
-
- /*
- * only create keys and certs.
- */
- objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, pTemplate,
- ulAttributeCount, pError);
- if (CKR_OK != *pError) {
- return (NSSCKMDObject *) NULL;
- }
+ CK_OBJECT_CLASS objClass;
+ ckmkInternalObject *io = NULL;
+ CK_BBOOL isToken;
+
+ /*
+ * only create token objects
+ */
+ isToken = nss_ckmk_GetBoolAttribute(CKA_TOKEN, pTemplate,
+ ulAttributeCount, CK_FALSE);
+ if (!isToken) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ /*
+ * only create keys and certs.
+ */
+ objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
#ifdef notdef
- if (objClass == CKO_PUBLIC_KEY) {
- return CKR_OK; /* fake public key creation, happens as a side effect of
- * private key creation */
- }
+ if (objClass == CKO_PUBLIC_KEY) {
+ return CKR_OK; /* fake public key creation, happens as a side effect of
+ * private key creation */
+ }
#endif
- if (objClass == CKO_CERTIFICATE) {
- io = nss_ckmk_CreateCertificate(fwSession, pTemplate,
- ulAttributeCount, pError);
- } else if (objClass == CKO_PRIVATE_KEY) {
- io = nss_ckmk_CreatePrivateKey(fwSession, pTemplate,
- ulAttributeCount, pError);
- } else {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- if ((ckmkInternalObject *)NULL == io) {
- return (NSSCKMDObject *) NULL;
- }
- return nss_ckmk_CreateMDObject(NULL, io, pError);
+ if (objClass == CKO_CERTIFICATE) {
+ io = nss_ckmk_CreateCertificate(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ }
+ else if (objClass == CKO_PRIVATE_KEY) {
+ io = nss_ckmk_CreatePrivateKey(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ }
+ else {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if ((ckmkInternalObject *)NULL == io) {
+ return (NSSCKMDObject *)NULL;
+ }
+ return nss_ckmk_CreateMDObject(NULL, io, pError);
}
diff --git a/lib/ckfw/nssmkey/mrsa.c b/lib/ckfw/nssmkey/mrsa.c
index 8cf46adbc..00175b47a 100644
--- a/lib/ckfw/nssmkey/mrsa.c
+++ b/lib/ckfw/nssmkey/mrsa.c
@@ -9,196 +9,183 @@
* to NSS's S/MIME code. The following two functions currently are not
* part of the SecKey.h interface.
*/
-OSStatus
-SecKeyGetCredentials
-(
- SecKeyRef keyRef,
- CSSM_ACL_AUTHORIZATION_TAG authTag,
- int type,
- const CSSM_ACCESS_CREDENTIALS **creds
-);
+OSStatus
+SecKeyGetCredentials(
+ SecKeyRef keyRef,
+ CSSM_ACL_AUTHORIZATION_TAG authTag,
+ int type,
+ const CSSM_ACCESS_CREDENTIALS **creds);
/* this function could be implemented using 'SecKeychainItemCopyKeychain' and
* 'SecKeychainGetCSPHandle' */
-OSStatus
-SecKeyGetCSPHandle
-(
- SecKeyRef keyRef,
- CSSM_CSP_HANDLE *cspHandle
-);
-
-
-typedef struct ckmkInternalCryptoOperationRSAPrivStr
- ckmkInternalCryptoOperationRSAPriv;
-struct ckmkInternalCryptoOperationRSAPrivStr
-{
- NSSCKMDCryptoOperation mdOperation;
- NSSCKMDMechanism *mdMechanism;
- ckmkInternalObject *iKey;
- NSSItem *buffer;
- CSSM_CC_HANDLE cssmContext;
+OSStatus
+SecKeyGetCSPHandle(
+ SecKeyRef keyRef,
+ CSSM_CSP_HANDLE *cspHandle);
+
+typedef struct ckmkInternalCryptoOperationRSAPrivStr
+ ckmkInternalCryptoOperationRSAPriv;
+struct ckmkInternalCryptoOperationRSAPrivStr {
+ NSSCKMDCryptoOperation mdOperation;
+ NSSCKMDMechanism *mdMechanism;
+ ckmkInternalObject *iKey;
+ NSSItem *buffer;
+ CSSM_CC_HANDLE cssmContext;
};
typedef enum {
- CKMK_DECRYPT,
- CKMK_SIGN
+ CKMK_DECRYPT,
+ CKMK_SIGN
} ckmkRSAOpType;
/*
* ckmk_mdCryptoOperationRSAPriv_Create
*/
static NSSCKMDCryptoOperation *
-ckmk_mdCryptoOperationRSAPriv_Create
-(
- const NSSCKMDCryptoOperation *proto,
- NSSCKMDMechanism *mdMechanism,
- NSSCKMDObject *mdKey,
- ckmkRSAOpType type,
- CK_RV *pError
-)
+ckmk_mdCryptoOperationRSAPriv_Create(
+ const NSSCKMDCryptoOperation *proto,
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDObject *mdKey,
+ ckmkRSAOpType type,
+ CK_RV *pError)
{
- ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc;
- const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError);
- const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError);
- ckmkInternalCryptoOperationRSAPriv *iOperation;
- SecKeyRef privateKey;
- OSStatus macErr;
- CSSM_RETURN cssmErr;
- const CSSM_KEY *cssmKey;
- CSSM_CSP_HANDLE cspHandle;
- const CSSM_ACCESS_CREDENTIALS *creds = NULL;
- CSSM_CC_HANDLE cssmContext;
- CSSM_ACL_AUTHORIZATION_TAG authType;
-
- /* make sure we have the right objects */
- if (((const NSSItem *)NULL == classItem) ||
- (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
- (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
- ((const NSSItem *)NULL == keyType) ||
- (sizeof(CK_KEY_TYPE) != keyType->size) ||
- (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
- *pError = CKR_KEY_TYPE_INCONSISTENT;
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- privateKey = (SecKeyRef) iKey->u.item.itemRef;
- macErr = SecKeyGetCSSMKey(privateKey, &cssmKey);
- if (noErr != macErr) {
- CKMK_MACERR("Getting CSSM Key", macErr);
- *pError = CKR_KEY_HANDLE_INVALID;
- return (NSSCKMDCryptoOperation *)NULL;
- }
- macErr = SecKeyGetCSPHandle(privateKey, &cspHandle);
- if (noErr != macErr) {
- CKMK_MACERR("Getting CSP for Key", macErr);
- *pError = CKR_KEY_HANDLE_INVALID;
- return (NSSCKMDCryptoOperation *)NULL;
- }
- switch (type) {
- case CKMK_DECRYPT:
- authType = CSSM_ACL_AUTHORIZATION_DECRYPT;
- break;
- case CKMK_SIGN:
- authType = CSSM_ACL_AUTHORIZATION_SIGN;
- break;
- default:
- *pError = CKR_GENERAL_ERROR;
+ ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc;
+ const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError);
+ const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError);
+ ckmkInternalCryptoOperationRSAPriv *iOperation;
+ SecKeyRef privateKey;
+ OSStatus macErr;
+ CSSM_RETURN cssmErr;
+ const CSSM_KEY *cssmKey;
+ CSSM_CSP_HANDLE cspHandle;
+ const CSSM_ACCESS_CREDENTIALS *creds = NULL;
+ CSSM_CC_HANDLE cssmContext;
+ CSSM_ACL_AUTHORIZATION_TAG authType;
+
+ /* make sure we have the right objects */
+ if (((const NSSItem *)NULL == classItem) ||
+ (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
+ (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
+ ((const NSSItem *)NULL == keyType) ||
+ (sizeof(CK_KEY_TYPE) != keyType->size) ||
+ (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
+ *pError = CKR_KEY_TYPE_INCONSISTENT;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ privateKey = (SecKeyRef)iKey->u.item.itemRef;
+ macErr = SecKeyGetCSSMKey(privateKey, &cssmKey);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting CSSM Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ macErr = SecKeyGetCSPHandle(privateKey, &cspHandle);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting CSP for Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ switch (type) {
+ case CKMK_DECRYPT:
+ authType = CSSM_ACL_AUTHORIZATION_DECRYPT;
+ break;
+ case CKMK_SIGN:
+ authType = CSSM_ACL_AUTHORIZATION_SIGN;
+ break;
+ default:
+ *pError = CKR_GENERAL_ERROR;
#ifdef DEBUG
- fprintf(stderr,"RSAPriv_Create: bad type = %d\n", type);
+ fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type);
#endif
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds);
- if (noErr != macErr) {
- CKMK_MACERR("Getting Credentials for Key", macErr);
- *pError = CKR_KEY_HANDLE_INVALID;
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- switch (type) {
- case CKMK_DECRYPT:
- cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA,
- creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext);
- break;
- case CKMK_SIGN:
- cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA,
- creds, cssmKey, &cssmContext);
- break;
- default:
- *pError = CKR_GENERAL_ERROR;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting Credentials for Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ switch (type) {
+ case CKMK_DECRYPT:
+ cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA,
+ creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext);
+ break;
+ case CKMK_SIGN:
+ cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA,
+ creds, cssmKey, &cssmContext);
+ break;
+ default:
+ *pError = CKR_GENERAL_ERROR;
#ifdef DEBUG
- fprintf(stderr,"RSAPriv_Create: bad type = %d\n", type);
+ fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type);
#endif
- return (NSSCKMDCryptoOperation *)NULL;
- }
- if (noErr != cssmErr) {
- CKMK_MACERR("Getting Context for Key", cssmErr);
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKMDCryptoOperation *)NULL;
- }
-
- iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv);
- if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDCryptoOperation *)NULL;
- }
- iOperation->mdMechanism = mdMechanism;
- iOperation->iKey = iKey;
- iOperation->cssmContext = cssmContext;
-
- nsslibc_memcpy(&iOperation->mdOperation,
- proto, sizeof(NSSCKMDCryptoOperation));
- iOperation->mdOperation.etc = iOperation;
-
- return &iOperation->mdOperation;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ if (noErr != cssmErr) {
+ CKMK_MACERR("Getting Context for Key", cssmErr);
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv);
+ if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ iOperation->mdMechanism = mdMechanism;
+ iOperation->iKey = iKey;
+ iOperation->cssmContext = cssmContext;
+
+ nsslibc_memcpy(&iOperation->mdOperation,
+ proto, sizeof(NSSCKMDCryptoOperation));
+ iOperation->mdOperation.etc = iOperation;
+
+ return &iOperation->mdOperation;
}
static void
-ckmk_mdCryptoOperationRSAPriv_Destroy
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdCryptoOperationRSAPriv_Destroy(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- ckmkInternalCryptoOperationRSAPriv *iOperation =
- (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
-
- if (iOperation->buffer) {
- nssItem_Destroy(iOperation->buffer);
- }
- if (iOperation->cssmContext) {
- CSSM_DeleteContext(iOperation->cssmContext);
- }
- nss_ZFreeIf(iOperation);
- return;
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+
+ if (iOperation->buffer) {
+ nssItem_Destroy(iOperation->buffer);
+ }
+ if (iOperation->cssmContext) {
+ CSSM_DeleteContext(iOperation->cssmContext);
+ }
+ nss_ZFreeIf(iOperation);
+ return;
}
static CK_ULONG
-ckmk_mdCryptoOperationRSA_GetFinalLength
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdCryptoOperationRSA_GetFinalLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- ckmkInternalCryptoOperationRSAPriv *iOperation =
- (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
- const NSSItem *modulus =
- nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError);
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ const NSSItem *modulus =
+ nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError);
- return modulus->size;
+ return modulus->size;
}
-
/*
* ckmk_mdCryptoOperationRSADecrypt_GetOperationLength
* we won't know the length until we actually decrypt the
@@ -206,105 +193,101 @@ ckmk_mdCryptoOperationRSA_GetFinalLength
* the block, we'll save if for when the block is asked for
*/
static CK_ULONG
-ckmk_mdCryptoOperationRSADecrypt_GetOperationLength
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- CK_RV *pError
-)
+ckmk_mdCryptoOperationRSADecrypt_GetOperationLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ CK_RV *pError)
{
- ckmkInternalCryptoOperationRSAPriv *iOperation =
- (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
- CSSM_DATA cssmInput;
- CSSM_DATA cssmOutput = { 0, NULL };
- PRUint32 bytesDecrypted;
- CSSM_DATA remainder = { 0, NULL };
- NSSItem output;
- CSSM_RETURN cssmErr;
-
- if (iOperation->buffer) {
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CSSM_DATA cssmInput;
+ CSSM_DATA cssmOutput = { 0, NULL };
+ PRUint32 bytesDecrypted;
+ CSSM_DATA remainder = { 0, NULL };
+ NSSItem output;
+ CSSM_RETURN cssmErr;
+
+ if (iOperation->buffer) {
+ return iOperation->buffer->size;
+ }
+
+ cssmInput.Data = input->data;
+ cssmInput.Length = input->size;
+
+ cssmErr = CSSM_DecryptData(iOperation->cssmContext,
+ &cssmInput, 1, &cssmOutput, 1,
+ &bytesDecrypted, &remainder);
+ if (CSSM_OK != cssmErr) {
+ CKMK_MACERR("Decrypt Failed", cssmErr);
+ *pError = CKR_DATA_INVALID;
+ return 0;
+ }
+ /* we didn't suppy any buffers, so it should all be in remainder */
+ output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length);
+ if (NULL == output.data) {
+ free(cssmOutput.Data);
+ free(remainder.Data);
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+ output.size = bytesDecrypted + remainder.Length;
+
+ if (0 != bytesDecrypted) {
+ nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted);
+ free(cssmOutput.Data);
+ }
+ if (0 != remainder.Length) {
+ nsslibc_memcpy(((char *)output.data) + bytesDecrypted,
+ remainder.Data, remainder.Length);
+ free(remainder.Data);
+ }
+
+ iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL);
+ nss_ZFreeIf(output.data);
+ if ((NSSItem *)NULL == iOperation->buffer) {
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+
return iOperation->buffer->size;
- }
-
- cssmInput.Data = input->data;
- cssmInput.Length = input->size;
-
- cssmErr = CSSM_DecryptData(iOperation->cssmContext,
- &cssmInput, 1, &cssmOutput, 1,
- &bytesDecrypted, &remainder);
- if (CSSM_OK != cssmErr) {
- CKMK_MACERR("Decrypt Failed", cssmErr);
- *pError = CKR_DATA_INVALID;
- return 0;
- }
- /* we didn't suppy any buffers, so it should all be in remainder */
- output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length);
- if (NULL == output.data) {
- free(cssmOutput.Data);
- free(remainder.Data);
- *pError = CKR_HOST_MEMORY;
- return 0;
- }
- output.size = bytesDecrypted + remainder.Length;
-
- if (0 != bytesDecrypted) {
- nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted);
- free(cssmOutput.Data);
- }
- if (0 != remainder.Length) {
- nsslibc_memcpy(((char *)output.data)+bytesDecrypted,
- remainder.Data, remainder.Length);
- free(remainder.Data);
- }
-
- iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL);
- nss_ZFreeIf(output.data);
- if ((NSSItem *) NULL == iOperation->buffer) {
- *pError = CKR_HOST_MEMORY;
- return 0;
- }
-
- return iOperation->buffer->size;
}
/*
* ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
*
- * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
+ * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
* have been called previously.
*/
static CK_RV
-ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- NSSItem *output
-)
+ckmk_mdCryptoOperationRSADecrypt_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
{
- ckmkInternalCryptoOperationRSAPriv *iOperation =
- (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
- NSSItem *buffer = iOperation->buffer;
-
- if ((NSSItem *)NULL == buffer) {
- return CKR_GENERAL_ERROR;
- }
- nsslibc_memcpy(output->data, buffer->data, buffer->size);
- output->size = buffer->size;
- return CKR_OK;
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ NSSItem *buffer = iOperation->buffer;
+
+ if ((NSSItem *)NULL == buffer) {
+ return CKR_GENERAL_ERROR;
+ }
+ nsslibc_memcpy(output->data, buffer->data, buffer->size);
+ output->size = buffer->size;
+ return CKR_OK;
}
/*
@@ -312,199 +295,185 @@ ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
*
*/
static CK_RV
-ckmk_mdCryptoOperationRSASign_UpdateFinal
-(
- NSSCKMDCryptoOperation *mdOperation,
- NSSCKFWCryptoOperation *fwOperation,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- const NSSItem *input,
- NSSItem *output
-)
+ckmk_mdCryptoOperationRSASign_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
{
- ckmkInternalCryptoOperationRSAPriv *iOperation =
- (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
- CSSM_DATA cssmInput;
- CSSM_DATA cssmOutput = { 0, NULL };
- CSSM_RETURN cssmErr;
-
- cssmInput.Data = input->data;
- cssmInput.Length = input->size;
-
- cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1,
- CSSM_ALGID_NONE, &cssmOutput);
- if (CSSM_OK != cssmErr) {
- CKMK_MACERR("Signed Failed", cssmErr);
- return CKR_FUNCTION_FAILED;
- }
- if (cssmOutput.Length > output->size) {
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CSSM_DATA cssmInput;
+ CSSM_DATA cssmOutput = { 0, NULL };
+ CSSM_RETURN cssmErr;
+
+ cssmInput.Data = input->data;
+ cssmInput.Length = input->size;
+
+ cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1,
+ CSSM_ALGID_NONE, &cssmOutput);
+ if (CSSM_OK != cssmErr) {
+ CKMK_MACERR("Signed Failed", cssmErr);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (cssmOutput.Length > output->size) {
+ free(cssmOutput.Data);
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length);
free(cssmOutput.Data);
- return CKR_BUFFER_TOO_SMALL;
- }
- nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length);
- free(cssmOutput.Data);
- output->size = cssmOutput.Length;
+ output->size = cssmOutput.Length;
- return CKR_OK;
+ return CKR_OK;
}
-
NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
-ckmk_mdCryptoOperationRSADecrypt_proto = {
- NULL, /* etc */
- ckmk_mdCryptoOperationRSAPriv_Destroy,
- NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
- ckmk_mdCryptoOperationRSADecrypt_GetOperationLength,
- NULL, /* Final - not needed for one shot operation */
- NULL, /* Update - not needed for one shot operation */
- NULL, /* DigetUpdate - not needed for one shot operation */
- ckmk_mdCryptoOperationRSADecrypt_UpdateFinal,
- NULL, /* UpdateCombo - not needed for one shot operation */
- NULL, /* DigetKey - not needed for one shot operation */
- (void *)NULL /* null terminator */
-};
+ ckmk_mdCryptoOperationRSADecrypt_proto = {
+ NULL, /* etc */
+ ckmk_mdCryptoOperationRSAPriv_Destroy,
+ NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
+ ckmk_mdCryptoOperationRSADecrypt_GetOperationLength,
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckmk_mdCryptoOperationRSADecrypt_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
-ckmk_mdCryptoOperationRSASign_proto = {
- NULL, /* etc */
- ckmk_mdCryptoOperationRSAPriv_Destroy,
- ckmk_mdCryptoOperationRSA_GetFinalLength,
- NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
- NULL, /* Final - not needed for one shot operation */
- NULL, /* Update - not needed for one shot operation */
- NULL, /* DigetUpdate - not needed for one shot operation */
- ckmk_mdCryptoOperationRSASign_UpdateFinal,
- NULL, /* UpdateCombo - not needed for one shot operation */
- NULL, /* DigetKey - not needed for one shot operation */
- (void *)NULL /* null terminator */
-};
+ ckmk_mdCryptoOperationRSASign_proto = {
+ NULL, /* etc */
+ ckmk_mdCryptoOperationRSAPriv_Destroy,
+ ckmk_mdCryptoOperationRSA_GetFinalLength,
+ NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckmk_mdCryptoOperationRSASign_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
/********** NSSCKMDMechansim functions ***********************/
/*
* ckmk_mdMechanismRSA_Destroy
*/
static void
-ckmk_mdMechanismRSA_Destroy
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdMechanismRSA_Destroy(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nss_ZFreeIf(fwMechanism);
+ nss_ZFreeIf(fwMechanism);
}
/*
* ckmk_mdMechanismRSA_GetMinKeySize
*/
static CK_ULONG
-ckmk_mdMechanismRSA_GetMinKeySize
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdMechanismRSA_GetMinKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return 384;
+ return 384;
}
/*
* ckmk_mdMechanismRSA_GetMaxKeySize
*/
static CK_ULONG
-ckmk_mdMechanismRSA_GetMaxKeySize
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdMechanismRSA_GetMaxKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return 16384;
+ return 16384;
}
/*
* ckmk_mdMechanismRSA_DecryptInit
*/
-static NSSCKMDCryptoOperation *
-ckmk_mdMechanismRSA_DecryptInit
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
-)
+static NSSCKMDCryptoOperation *
+ckmk_mdMechanismRSA_DecryptInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
{
- return ckmk_mdCryptoOperationRSAPriv_Create(
- &ckmk_mdCryptoOperationRSADecrypt_proto,
- mdMechanism, mdKey, CKMK_DECRYPT, pError);
+ return ckmk_mdCryptoOperationRSAPriv_Create(
+ &ckmk_mdCryptoOperationRSADecrypt_proto,
+ mdMechanism, mdKey, CKMK_DECRYPT, pError);
}
/*
* ckmk_mdMechanismRSA_SignInit
*/
-static NSSCKMDCryptoOperation *
-ckmk_mdMechanismRSA_SignInit
-(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM *pMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- CK_RV *pError
-)
+static NSSCKMDCryptoOperation *
+ckmk_mdMechanismRSA_SignInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
{
- return ckmk_mdCryptoOperationRSAPriv_Create(
- &ckmk_mdCryptoOperationRSASign_proto,
- mdMechanism, mdKey, CKMK_SIGN, pError);
+ return ckmk_mdCryptoOperationRSAPriv_Create(
+ &ckmk_mdCryptoOperationRSASign_proto,
+ mdMechanism, mdKey, CKMK_SIGN, pError);
}
-
NSS_IMPLEMENT_DATA const NSSCKMDMechanism
-nss_ckmk_mdMechanismRSA = {
- (void *)NULL, /* etc */
- ckmk_mdMechanismRSA_Destroy,
- ckmk_mdMechanismRSA_GetMinKeySize,
- ckmk_mdMechanismRSA_GetMaxKeySize,
- NULL, /* GetInHardware - default false */
- NULL, /* EncryptInit - default errs */
- ckmk_mdMechanismRSA_DecryptInit,
- NULL, /* DigestInit - default errs*/
- ckmk_mdMechanismRSA_SignInit,
- NULL, /* VerifyInit - default errs */
- ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */
- NULL, /* VerifyRecoverInit - default errs */
- NULL, /* GenerateKey - default errs */
- NULL, /* GenerateKeyPair - default errs */
- NULL, /* GetWrapKeyLength - default errs */
- NULL, /* WrapKey - default errs */
- NULL, /* UnwrapKey - default errs */
- NULL, /* DeriveKey - default errs */
- (void *)NULL /* null terminator */
-};
+ nss_ckmk_mdMechanismRSA = {
+ (void *)NULL, /* etc */
+ ckmk_mdMechanismRSA_Destroy,
+ ckmk_mdMechanismRSA_GetMinKeySize,
+ ckmk_mdMechanismRSA_GetMaxKeySize,
+ NULL, /* GetInHardware - default false */
+ NULL, /* EncryptInit - default errs */
+ ckmk_mdMechanismRSA_DecryptInit,
+ NULL, /* DigestInit - default errs*/
+ ckmk_mdMechanismRSA_SignInit,
+ NULL, /* VerifyInit - default errs */
+ ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */
+ NULL, /* VerifyRecoverInit - default errs */
+ NULL, /* GenerateKey - default errs */
+ NULL, /* GenerateKeyPair - default errs */
+ NULL, /* GetWrapKeyLength - default errs */
+ NULL, /* WrapKey - default errs */
+ NULL, /* UnwrapKey - default errs */
+ NULL, /* DeriveKey - default errs */
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/nssmkey/msession.c b/lib/ckfw/nssmkey/msession.c
index 6e1e1954e..e6a29244a 100644
--- a/lib/ckfw/nssmkey/msession.c
+++ b/lib/ckfw/nssmkey/msession.c
@@ -7,87 +7,81 @@
/*
* nssmkey/msession.c
*
- * This file implements the NSSCKMDSession object for the
+ * This file implements the NSSCKMDSession object for the
* "nssmkey" cryptoki module.
*/
static NSSCKMDFindObjects *
-ckmk_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+ckmk_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- return nss_ckmk_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+ return nss_ckmk_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
}
static NSSCKMDObject *
-ckmk_mdSession_CreateObject
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+ckmk_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- return nss_ckmk_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
+ return nss_ckmk_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
}
NSS_IMPLEMENT NSSCKMDSession *
-nss_ckmk_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nss_ckmk_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
- NSSArena *arena;
- NSSCKMDSession *rv;
+ NSSArena *arena;
+ NSSCKMDSession *rv;
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- return (NSSCKMDSession *)NULL;
- }
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
- /*
- * rv was zeroed when allocated, so we only
- * need to set the non-zero members.
- */
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
- rv->etc = (void *)fwSession;
- /* rv->Close */
- /* rv->GetDeviceError */
- /* rv->Login */
- /* rv->Logout */
- /* rv->InitPIN */
- /* rv->SetPIN */
- /* rv->GetOperationStateLen */
- /* rv->GetOperationState */
- /* rv->SetOperationState */
- rv->CreateObject = ckmk_mdSession_CreateObject;
- /* rv->CopyObject */
- rv->FindObjectsInit = ckmk_mdSession_FindObjectsInit;
- /* rv->SeedRandom */
- /* rv->GetRandom */
- /* rv->null */
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ rv->CreateObject = ckmk_mdSession_CreateObject;
+ /* rv->CopyObject */
+ rv->FindObjectsInit = ckmk_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/nssmkey/mslot.c b/lib/ckfw/nssmkey/mslot.c
index 7a432124d..b2747ff7b 100644
--- a/lib/ckfw/nssmkey/mslot.c
+++ b/lib/ckfw/nssmkey/mslot.c
@@ -12,80 +12,70 @@
*/
static NSSUTF8 *
-ckmk_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_SlotDescription;
+ return (NSSUTF8 *)nss_ckmk_SlotDescription;
}
static NSSUTF8 *
-ckmk_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
}
static CK_VERSION
-ckmk_mdSlot_GetHardwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_HardwareVersion;
+ return nss_ckmk_HardwareVersion;
}
static CK_VERSION
-ckmk_mdSlot_GetFirmwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_FirmwareVersion;
+ return nss_ckmk_FirmwareVersion;
}
static NSSCKMDToken *
-ckmk_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSCKMDToken *)&nss_ckmk_mdToken;
+ return (NSSCKMDToken *)&nss_ckmk_mdToken;
}
NSS_IMPLEMENT_DATA const NSSCKMDSlot
-nss_ckmk_mdSlot = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Destroy */
- ckmk_mdSlot_GetSlotDescription,
- ckmk_mdSlot_GetManufacturerID,
- NULL, /* GetTokenPresent -- defaults to true */
- NULL, /* GetRemovableDevice -- defaults to false */
- NULL, /* GetHardwareSlot -- defaults to false */
- ckmk_mdSlot_GetHardwareVersion,
- ckmk_mdSlot_GetFirmwareVersion,
- ckmk_mdSlot_GetToken,
- (void *)NULL /* null terminator */
-};
+ nss_ckmk_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ ckmk_mdSlot_GetSlotDescription,
+ ckmk_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ ckmk_mdSlot_GetHardwareVersion,
+ ckmk_mdSlot_GetFirmwareVersion,
+ ckmk_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/nssmkey/mtoken.c b/lib/ckfw/nssmkey/mtoken.c
index a0278072c..e18d61240 100644
--- a/lib/ckfw/nssmkey/mtoken.c
+++ b/lib/ckfw/nssmkey/mtoken.c
@@ -12,197 +12,173 @@
*/
static NSSUTF8 *
-ckmk_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_TokenLabel;
+ return (NSSUTF8 *)nss_ckmk_TokenLabel;
}
static NSSUTF8 *
-ckmk_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
}
static NSSUTF8 *
-ckmk_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_TokenModel;
+ return (NSSUTF8 *)nss_ckmk_TokenModel;
}
static NSSUTF8 *
-ckmk_mdToken_GetSerialNumber
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+ckmk_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- return (NSSUTF8 *)nss_ckmk_TokenSerialNumber;
+ return (NSSUTF8 *)nss_ckmk_TokenSerialNumber;
}
static CK_BBOOL
-ckmk_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_FALSE;
+ return CK_FALSE;
}
/* fake out Mozilla so we don't try to initialize the token */
static CK_BBOOL
-ckmk_mdToken_GetUserPinInitialized
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdToken_GetUserPinInitialized(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return CK_TRUE;
+ return CK_TRUE;
}
static CK_VERSION
-ckmk_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_HardwareVersion;
+ return nss_ckmk_HardwareVersion;
}
static CK_VERSION
-ckmk_mdToken_GetFirmwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return nss_ckmk_FirmwareVersion;
+ return nss_ckmk_FirmwareVersion;
}
static NSSCKMDSession *
-ckmk_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
+ckmk_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
{
- return nss_ckmk_CreateSession(fwSession, pError);
+ return nss_ckmk_CreateSession(fwSession, pError);
}
static CK_ULONG
-ckmk_mdToken_GetMechanismCount
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+ckmk_mdToken_GetMechanismCount(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- return (CK_ULONG)1;
+ return (CK_ULONG)1;
}
static CK_RV
-ckmk_mdToken_GetMechanismTypes
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE types[]
-)
+ckmk_mdToken_GetMechanismTypes(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[])
{
- types[0] = CKM_RSA_PKCS;
- return CKR_OK;
+ types[0] = CKM_RSA_PKCS;
+ return CKR_OK;
}
static NSSCKMDMechanism *
-ckmk_mdToken_GetMechanism
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-)
+ckmk_mdToken_GetMechanism(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
{
- if (which != CKM_RSA_PKCS) {
- *pError = CKR_MECHANISM_INVALID;
- return (NSSCKMDMechanism *)NULL;
- }
- return (NSSCKMDMechanism *)&nss_ckmk_mdMechanismRSA;
+ if (which != CKM_RSA_PKCS) {
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKMDMechanism *)NULL;
+ }
+ return (NSSCKMDMechanism *)&nss_ckmk_mdMechanismRSA;
}
NSS_IMPLEMENT_DATA const NSSCKMDToken
-nss_ckmk_mdToken = {
- (void *)NULL, /* etc */
- NULL, /* Setup */
- NULL, /* Invalidate */
- NULL, /* InitToken -- default errs */
- ckmk_mdToken_GetLabel,
- ckmk_mdToken_GetManufacturerID,
- ckmk_mdToken_GetModel,
- ckmk_mdToken_GetSerialNumber,
- NULL, /* GetHasRNG -- default is false */
- ckmk_mdToken_GetIsWriteProtected,
- NULL, /* GetLoginRequired -- default is false */
- ckmk_mdToken_GetUserPinInitialized,
- NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
- NULL, /* GetHasClockOnToken -- default is false */
- NULL, /* GetHasProtectedAuthenticationPath -- default is false */
- NULL, /* GetSupportsDualCryptoOperations -- default is false */
- NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxPinLen -- irrelevant */
- NULL, /* GetMinPinLen -- irrelevant */
- NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- ckmk_mdToken_GetHardwareVersion,
- ckmk_mdToken_GetFirmwareVersion,
- NULL, /* GetUTCTime -- no clock */
- ckmk_mdToken_OpenSession,
- ckmk_mdToken_GetMechanismCount,
- ckmk_mdToken_GetMechanismTypes,
- ckmk_mdToken_GetMechanism,
- (void *)NULL /* null terminator */
-};
+ nss_ckmk_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ ckmk_mdToken_GetLabel,
+ ckmk_mdToken_GetManufacturerID,
+ ckmk_mdToken_GetModel,
+ ckmk_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ ckmk_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ ckmk_mdToken_GetUserPinInitialized,
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ ckmk_mdToken_GetHardwareVersion,
+ ckmk_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ ckmk_mdToken_OpenSession,
+ ckmk_mdToken_GetMechanismCount,
+ ckmk_mdToken_GetMechanismTypes,
+ ckmk_mdToken_GetMechanism,
+ (void *)NULL /* null terminator */
+ };
diff --git a/lib/ckfw/nssmkey/nssmkey.h b/lib/ckfw/nssmkey/nssmkey.h
index bce77bf13..ba58233e6 100644
--- a/lib/ckfw/nssmkey/nssmkey.h
+++ b/lib/ckfw/nssmkey/nssmkey.h
@@ -18,7 +18,7 @@
#define NSS_CKMK_CRYPTOKI_VERSION_MAJOR 2
#define NSS_CKMK_CRYPTOKI_VERSION_MINOR 20
-/* These version numbers detail the changes
+/* These version numbers detail the changes
* to the list of trusted certificates.
*
* NSS_CKMK_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
@@ -33,7 +33,7 @@
#define NSS_CKMK_HARDWARE_VERSION_MAJOR 1
#define NSS_CKMK_HARDWARE_VERSION_MINOR 0
-/* These version numbers detail the semantic changes to ckbi itself
+/* These version numbers detail the semantic changes to ckbi itself
* (new PKCS #11 objects), etc. */
#define NSS_CKMK_FIRMWARE_VERSION_MAJOR 1
#define NSS_CKMK_FIRMWARE_VERSION_MINOR 0
diff --git a/lib/ckfw/nssmkey/staticobj.c b/lib/ckfw/nssmkey/staticobj.c
index 0ccc86141..5f3bb7c72 100644
--- a/lib/ckfw/nssmkey/staticobj.c
+++ b/lib/ckfw/nssmkey/staticobj.c
@@ -17,20 +17,20 @@ static const CK_BBOOL ck_false = CK_FALSE;
static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
/* example of a static object */
-static const CK_ATTRIBUTE_TYPE nss_ckmk_types_1 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
+static const CK_ATTRIBUTE_TYPE nss_ckmk_types_1[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
};
-static const NSSItem nss_ckmk_items_1 [] = {
- { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Mozilla Mac Key Ring Access", (PRUint32)28 }
+static const NSSItem nss_ckmk_items_1[] = {
+ { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Mozilla Mac Key Ring Access", (PRUint32)28 }
};
ckmkInternalObject nss_ckmk_data[] = {
- { ckmkRaw, {{ 5, nss_ckmk_types_1, nss_ckmk_items_1}} , CKO_DATA, {NULL} },
+ { ckmkRaw, { { 5, nss_ckmk_types_1, nss_ckmk_items_1 } }, CKO_DATA, { NULL } },
};
const PRUint32 nss_ckmk_nObjects = 1;
diff --git a/lib/ckfw/object.c b/lib/ckfw/object.c
index 661977e6d..bb2663aa2 100644
--- a/lib/ckfw/object.c
+++ b/lib/ckfw/object.c
@@ -50,16 +50,16 @@
*/
struct NSSCKFWObjectStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKMDSession *mdSession;
- NSSCKFWSession *fwSession;
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
- NSSCKMDInstance *mdInstance;
- NSSCKFWInstance *fwInstance;
- CK_OBJECT_HANDLE hObject;
+ NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
+ NSSArena *arena;
+ NSSCKMDObject *mdObject;
+ NSSCKMDSession *mdSession;
+ NSSCKFWSession *fwSession;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
+ CK_OBJECT_HANDLE hObject;
};
#ifdef DEBUG
@@ -75,123 +75,114 @@ struct NSSCKFWObjectStr {
*/
static CK_RV
-object_add_pointer
-(
- const NSSCKFWObject *fwObject
-)
+object_add_pointer(
+ const NSSCKFWObject *fwObject)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-object_remove_pointer
-(
- const NSSCKFWObject *fwObject
-)
+object_remove_pointer(
+ const NSSCKFWObject *fwObject)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWObject_verifyPointer
-(
- const NSSCKFWObject *fwObject
-)
+nssCKFWObject_verifyPointer(
+ const NSSCKFWObject *fwObject)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
-
/*
* nssCKFWObject_Create
*
*/
NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nssCKFWObject_Create(
+ NSSArena *arena,
+ NSSCKMDObject *mdObject,
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- NSSCKFWObject *fwObject;
- nssCKFWHash *mdObjectHash;
+ NSSCKFWObject *fwObject;
+ nssCKFWHash *mdObjectHash;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
#endif /* NSSDEBUG */
- if (!fwToken) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
- if (!mdObjectHash) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-
- if( nssCKFWHash_Exists(mdObjectHash, mdObject) ) {
- fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
- return fwObject;
- }
-
- fwObject = nss_ZNEW(arena, NSSCKFWObject);
- if (!fwObject) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject->arena = arena;
- fwObject->mdObject = mdObject;
- fwObject->fwSession = fwSession;
-
- if (fwSession) {
- fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
- }
-
- fwObject->fwToken = fwToken;
- fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
- fwObject->fwInstance = fwInstance;
- fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if (!fwObject->mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ if (!fwToken) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
+ if (!mdObjectHash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
}
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
- *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
- if( CKR_OK != *pError ) {
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
+ if (nssCKFWHash_Exists(mdObjectHash, mdObject)) {
+ fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
+ return fwObject;
+ }
+
+ fwObject = nss_ZNEW(arena, NSSCKFWObject);
+ if (!fwObject) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject->arena = arena;
+ fwObject->mdObject = mdObject;
+ fwObject->fwSession = fwSession;
+
+ if (fwSession) {
+ fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
+ }
+
+ fwObject->fwToken = fwToken;
+ fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
+ fwObject->fwInstance = fwInstance;
+ fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+ fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!fwObject->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
+ if (CKR_OK != *pError) {
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
#ifdef DEBUG
- *pError = object_add_pointer(fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWHash_Remove(mdObjectHash, mdObject);
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
+ *pError = object_add_pointer(fwObject);
+ if (CKR_OK != *pError) {
+ nssCKFWHash_Remove(mdObjectHash, mdObject);
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
#endif /* DEBUG */
- *pError = CKR_OK;
- return fwObject;
+ *pError = CKR_OK;
+ return fwObject;
}
/*
@@ -199,45 +190,43 @@ nssCKFWObject_Create
*
*/
NSS_IMPLEMENT void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject,
- PRBool removeFromHash
-)
+nssCKFWObject_Finalize(
+ NSSCKFWObject *fwObject,
+ PRBool removeFromHash)
{
- nssCKFWHash *mdObjectHash;
+ nssCKFWHash *mdObjectHash;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return;
+ }
#endif /* NSSDEBUG */
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
+ (void)nssCKFWMutex_Destroy(fwObject->mutex);
- if (fwObject->mdObject->Finalize) {
- fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
+ if (fwObject->mdObject->Finalize) {
+ fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+ }
- if (removeFromHash) {
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if (mdObjectHash) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
+ if (removeFromHash) {
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
+ if (mdObjectHash) {
+ nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
+ }
}
- }
- if (fwObject->fwSession) {
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- }
- nss_ZFreeIf(fwObject);
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ nss_ZFreeIf(fwObject);
#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
+ (void)object_remove_pointer(fwObject);
#endif /* DEBUG */
- return;
+ return;
}
/*
@@ -245,42 +234,40 @@ nssCKFWObject_Finalize
*
*/
NSS_IMPLEMENT void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-)
+nssCKFWObject_Destroy(
+ NSSCKFWObject *fwObject)
{
- nssCKFWHash *mdObjectHash;
+ nssCKFWHash *mdObjectHash;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return;
+ }
#endif /* NSSDEBUG */
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
+ (void)nssCKFWMutex_Destroy(fwObject->mutex);
- if (fwObject->mdObject->Destroy) {
- fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
+ if (fwObject->mdObject->Destroy) {
+ fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+ }
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if (mdObjectHash) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
- }
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
+ if (mdObjectHash) {
+ nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
+ }
- if (fwObject->fwSession) {
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- }
- nss_ZFreeIf(fwObject);
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ nss_ZFreeIf(fwObject);
#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
+ (void)object_remove_pointer(fwObject);
#endif /* DEBUG */
- return;
+ return;
}
/*
@@ -288,18 +275,16 @@ nssCKFWObject_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
+nssCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (NSSCKMDObject *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwObject->mdObject;
+ return fwObject->mdObject;
}
/*
@@ -307,24 +292,22 @@ nssCKFWObject_GetMDObject
*
*/
NSS_IMPLEMENT NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+nssCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwObject->arena;
+ return fwObject->arena;
}
/*
@@ -332,30 +315,28 @@ nssCKFWObject_GetArena
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-)
+nssCKFWObject_SetHandle(
+ NSSCKFWObject *fwObject,
+ CK_OBJECT_HANDLE hObject)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- if( (CK_OBJECT_HANDLE)0 != fwObject->hObject ) {
- return CKR_GENERAL_ERROR;
- }
+ if ((CK_OBJECT_HANDLE)0 != fwObject->hObject) {
+ return CKR_GENERAL_ERROR;
+ }
- fwObject->hObject = hObject;
+ fwObject->hObject = hObject;
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -363,18 +344,16 @@ nssCKFWObject_SetHandle
*
*/
NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-)
+nssCKFWObject_GetHandle(
+ NSSCKFWObject *fwObject)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
#endif /* NSSDEBUG */
- return fwObject->hObject;
+ return fwObject->hObject;
}
/*
@@ -382,44 +361,42 @@ nssCKFWObject_GetHandle
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
+nssCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject)
{
- CK_BBOOL b = CK_FALSE;
+ CK_BBOOL b = CK_FALSE;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->IsTokenObject) {
- NSSItem item;
- NSSItem *pItem;
- CK_RV rv = CKR_OK;
+ if (!fwObject->mdObject->IsTokenObject) {
+ NSSItem item;
+ NSSItem *pItem;
+ CK_RV rv = CKR_OK;
- item.data = (void *)&b;
- item.size = sizeof(b);
+ item.data = (void *)&b;
+ item.size = sizeof(b);
- pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item,
- (NSSArena *)NULL, &rv);
- if (!pItem) {
- /* Error of some type */
- b = CK_FALSE;
- goto done;
- }
+ pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item,
+ (NSSArena *)NULL, &rv);
+ if (!pItem) {
+ /* Error of some type */
+ b = CK_FALSE;
+ goto done;
+ }
- goto done;
- }
+ goto done;
+ }
- b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+ b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- done:
- return b;
+done:
+ return b;
}
/*
@@ -427,42 +404,40 @@ nssCKFWObject_IsTokenObject
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+nssCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->GetAttributeCount) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
+ if (!fwObject->mdObject->GetAttributeCount) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
- rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
+ rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ pError);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
}
/*
@@ -470,42 +445,40 @@ nssCKFWObject_GetAttributeCount
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+nssCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->GetAttributeTypes) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwObject->mdObject->GetAttributeTypes) {
+ return CKR_GENERAL_ERROR;
+ }
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- typeArray, ulCount);
+ error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ typeArray, ulCount);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return error;
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return error;
}
/*
@@ -513,43 +486,41 @@ nssCKFWObject_GetAttributeTypes
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+nssCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->GetAttributeSize) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG )0;
- }
+ if (!fwObject->mdObject->GetAttributeSize) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
- rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
+ rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, pError);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
}
/*
@@ -563,97 +534,98 @@ nssCKFWObject_GetAttributeSize
* specified.
*/
NSS_IMPLEMENT NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
+nssCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
{
- NSSItem *rv = (NSSItem *)NULL;
- NSSCKFWItem mdItem;
+ NSSItem *rv = (NSSItem *)NULL;
+ NSSCKFWItem mdItem;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
+ if (!pError) {
+ return (NSSItem *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->GetAttribute) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSItem *)NULL;
- }
+ if (!fwObject->mdObject->GetAttribute) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSItem *)NULL;
+ }
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
- mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
+ mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, pError);
- if (!mdItem.item) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
+ if (!mdItem.item) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
- goto done;
- }
+ goto done;
+ }
- if (!itemOpt) {
- rv = nss_ZNEW(arenaOpt, NSSItem);
- if (!rv) {
- *pError = CKR_HOST_MEMORY;
- goto done;
+ if (!itemOpt) {
+ rv = nss_ZNEW(arenaOpt, NSSItem);
+ if (!rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto done;
+ }
+ }
+ else {
+ rv = itemOpt;
}
- } else {
- rv = itemOpt;
- }
- if (!rv->data) {
- rv->size = mdItem.item->size;
- rv->data = nss_ZAlloc(arenaOpt, rv->size);
if (!rv->data) {
- *pError = CKR_HOST_MEMORY;
- if (!itemOpt) {
- nss_ZFreeIf(rv);
- }
- rv = (NSSItem *)NULL;
- goto done;
- }
- } else {
- if( rv->size >= mdItem.item->size ) {
- rv->size = mdItem.item->size;
- } else {
- *pError = CKR_BUFFER_TOO_SMALL;
- /* Should we set rv->size to mdItem->size? */
- /* rv can't have been allocated */
- rv = (NSSItem *)NULL;
- goto done;
- }
- }
-
- (void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
-
- if (PR_TRUE == mdItem.needsFreeing) {
- PR_ASSERT(fwObject->mdObject->FreeAttribute);
- if (fwObject->mdObject->FreeAttribute) {
- *pError = fwObject->mdObject->FreeAttribute(&mdItem);
- }
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
+ rv->size = mdItem.item->size;
+ rv->data = nss_ZAlloc(arenaOpt, rv->size);
+ if (!rv->data) {
+ *pError = CKR_HOST_MEMORY;
+ if (!itemOpt) {
+ nss_ZFreeIf(rv);
+ }
+ rv = (NSSItem *)NULL;
+ goto done;
+ }
+ }
+ else {
+ if (rv->size >= mdItem.item->size) {
+ rv->size = mdItem.item->size;
+ }
+ else {
+ *pError = CKR_BUFFER_TOO_SMALL;
+ /* Should we set rv->size to mdItem->size? */
+ /* rv can't have been allocated */
+ rv = (NSSItem *)NULL;
+ goto done;
+ }
+ }
+
+ (void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
+
+ if (PR_TRUE == mdItem.needsFreeing) {
+ PR_ASSERT(fwObject->mdObject->FreeAttribute);
+ if (fwObject->mdObject->FreeAttribute) {
+ *pError = fwObject->mdObject->FreeAttribute(&mdItem);
+ }
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
}
/*
@@ -661,128 +633,128 @@ nssCKFWObject_GetAttribute
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
+nssCKFWObject_SetAttribute(
+ NSSCKFWObject *fwObject,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( CKA_TOKEN == attribute ) {
- /*
- * We're changing from a session object to a token object or
- * vice-versa.
- */
-
- CK_ATTRIBUTE a;
- NSSCKFWObject *newFwObject;
- NSSCKFWObject swab;
-
- a.type = CKA_TOKEN;
- a.pValue = value->data;
- a.ulValueLen = value->size;
-
- newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject,
- &a, 1, &error);
- if (!newFwObject) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
- }
- return error;
- }
-
- /*
- * Actually, I bet the locking is worse than this.. this part of
- * the code could probably use some scrutiny and reworking.
- */
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWObject_Destroy(newFwObject);
- return error;
- }
-
- error = nssCKFWMutex_Lock(newFwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWMutex_Unlock(fwObject->mutex);
- nssCKFWObject_Destroy(newFwObject);
- return error;
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
}
+#endif /* NSSDEBUG */
- /*
- * Now, we have our new object, but it has a new fwObject pointer,
- * while we have to keep the existing one. So quick swap the contents.
- */
- swab = *fwObject;
- *fwObject = *newFwObject;
- *newFwObject = swab;
-
- /* But keep the mutexes the same */
- swab.mutex = fwObject->mutex;
- fwObject->mutex = newFwObject->mutex;
- newFwObject->mutex = swab.mutex;
-
- (void)nssCKFWMutex_Unlock(newFwObject->mutex);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- /*
- * Either remove or add this to the list of session objects
- */
-
- if( CK_FALSE == *(CK_BBOOL *)value->data ) {
- /*
- * New one is a session object, except since we "stole" the fwObject, it's
- * not in the list. Add it.
- */
- nssCKFWSession_RegisterSessionObject(fwSession, fwObject);
- } else {
- /*
- * New one is a token object, except since we "stole" the fwObject, it's
- * in the list. Remove it.
- */
- if (fwObject->fwSession) {
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- }
- }
-
- /*
- * Now delete the old object. Remember the names have changed.
- */
- nssCKFWObject_Destroy(newFwObject);
-
- return CKR_OK;
- } else {
- /*
- * An "ordinary" change.
- */
- if (!fwObject->mdObject->SetAttribute) {
- /* We could fake it with copying, like above.. later */
- return CKR_ATTRIBUTE_READ_ONLY;
+ if (CKA_TOKEN == attribute) {
+ /*
+ * We're changing from a session object to a token object or
+ * vice-versa.
+ */
+
+ CK_ATTRIBUTE a;
+ NSSCKFWObject *newFwObject;
+ NSSCKFWObject swab;
+
+ a.type = CKA_TOKEN;
+ a.pValue = value->data;
+ a.ulValueLen = value->size;
+
+ newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject,
+ &a, 1, &error);
+ if (!newFwObject) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ return error;
+ }
+
+ /*
+ * Actually, I bet the locking is worse than this.. this part of
+ * the code could probably use some scrutiny and reworking.
+ */
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ nssCKFWObject_Destroy(newFwObject);
+ return error;
+ }
+
+ error = nssCKFWMutex_Lock(newFwObject->mutex);
+ if (CKR_OK != error) {
+ nssCKFWMutex_Unlock(fwObject->mutex);
+ nssCKFWObject_Destroy(newFwObject);
+ return error;
+ }
+
+ /*
+ * Now, we have our new object, but it has a new fwObject pointer,
+ * while we have to keep the existing one. So quick swap the contents.
+ */
+ swab = *fwObject;
+ *fwObject = *newFwObject;
+ *newFwObject = swab;
+
+ /* But keep the mutexes the same */
+ swab.mutex = fwObject->mutex;
+ fwObject->mutex = newFwObject->mutex;
+ newFwObject->mutex = swab.mutex;
+
+ (void)nssCKFWMutex_Unlock(newFwObject->mutex);
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+
+ /*
+ * Either remove or add this to the list of session objects
+ */
+
+ if (CK_FALSE == *(CK_BBOOL *)value->data) {
+ /*
+ * New one is a session object, except since we "stole" the fwObject, it's
+ * not in the list. Add it.
+ */
+ nssCKFWSession_RegisterSessionObject(fwSession, fwObject);
+ }
+ else {
+ /*
+ * New one is a token object, except since we "stole" the fwObject, it's
+ * in the list. Remove it.
+ */
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ }
+
+ /*
+ * Now delete the old object. Remember the names have changed.
+ */
+ nssCKFWObject_Destroy(newFwObject);
+
+ return CKR_OK;
}
-
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
+ else {
+ /*
+ * An "ordinary" change.
+ */
+ if (!fwObject->mdObject->SetAttribute) {
+ /* We could fake it with copying, like above.. later */
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, value);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+
+ return error;
}
-
- error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, value);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- return error;
- }
}
/*
@@ -790,42 +762,40 @@ nssCKFWObject_SetAttribute
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+nssCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if (!fwObject->mdObject->GetObjectSize) {
- *pError = CKR_INFORMATION_SENSITIVE;
- return (CK_ULONG)0;
- }
+ if (!fwObject->mdObject->GetObjectSize) {
+ *pError = CKR_INFORMATION_SENSITIVE;
+ return (CK_ULONG)0;
+ }
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
- rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
+ rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ pError);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
}
/*
@@ -833,18 +803,16 @@ nssCKFWObject_GetObjectSize
*
*/
NSS_IMPLEMENT NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
+NSSCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (NSSCKMDObject *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetMDObject(fwObject);
+ return nssCKFWObject_GetMDObject(fwObject);
}
/*
@@ -852,24 +820,22 @@ NSSCKFWObject_GetMDObject
*
*/
NSS_IMPLEMENT NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+NSSCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetArena(fwObject, pError);
+ return nssCKFWObject_GetArena(fwObject, pError);
}
/*
@@ -877,18 +843,16 @@ NSSCKFWObject_GetArena
*
*/
NSS_IMPLEMENT CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
+NSSCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return CK_FALSE;
+ }
#endif /* DEBUG */
- return nssCKFWObject_IsTokenObject(fwObject);
+ return nssCKFWObject_IsTokenObject(fwObject);
}
/*
@@ -896,24 +860,22 @@ NSSCKFWObject_IsTokenObject
*
*/
NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+NSSCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetAttributeCount(fwObject, pError);
+ return nssCKFWObject_GetAttributeCount(fwObject, pError);
}
/*
@@ -921,27 +883,25 @@ NSSCKFWObject_GetAttributeCount
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+NSSCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
#ifdef DEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
+ return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
}
/*
@@ -949,25 +909,23 @@ NSSCKFWObject_GetAttributeTypes
*
*/
NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+NSSCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
+ return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
}
/*
@@ -975,27 +933,25 @@ NSSCKFWObject_GetAttributeSize
*
*/
NSS_IMPLEMENT NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
+NSSCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
+ if (!pError) {
+ return (NSSItem *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
+ return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
}
/*
@@ -1003,22 +959,20 @@ NSSCKFWObject_GetAttribute
*
*/
NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
+NSSCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
#endif /* DEBUG */
- return nssCKFWObject_GetObjectSize(fwObject, pError);
+ return nssCKFWObject_GetObjectSize(fwObject, pError);
}
diff --git a/lib/ckfw/session.c b/lib/ckfw/session.c
index 4f9a7ce8c..39d7f4f89 100644
--- a/lib/ckfw/session.c
+++ b/lib/ckfw/session.c
@@ -61,26 +61,26 @@
*/
struct NSSCKFWSessionStr {
- NSSArena *arena;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_VOID_PTR pApplication;
- CK_NOTIFY Notify;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The items below are atomic. No locking required. If we fear
- * about pointer-copies being nonatomic, we'll lock fwFindObjects.
- */
-
- CK_BBOOL rw;
- NSSCKFWFindObjects *fwFindObjects;
- NSSCKFWCryptoOperation *fwOperationArray[NSSCKFWCryptoOperationState_Max];
- nssCKFWHash *sessionObjectHash;
- CK_SESSION_HANDLE hSession;
+ NSSArena *arena;
+ NSSCKMDSession *mdSession;
+ NSSCKFWToken *fwToken;
+ NSSCKMDToken *mdToken;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+ CK_VOID_PTR pApplication;
+ CK_NOTIFY Notify;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The items below are atomic. No locking required. If we fear
+ * about pointer-copies being nonatomic, we'll lock fwFindObjects.
+ */
+
+ CK_BBOOL rw;
+ NSSCKFWFindObjects *fwFindObjects;
+ NSSCKFWCryptoOperation *fwOperationArray[NSSCKFWCryptoOperationState_Max];
+ nssCKFWHash *sessionObjectHash;
+ CK_SESSION_HANDLE hSession;
};
#ifdef DEBUG
@@ -96,30 +96,24 @@ struct NSSCKFWSessionStr {
*/
static CK_RV
-session_add_pointer
-(
- const NSSCKFWSession *fwSession
-)
+session_add_pointer(
+ const NSSCKFWSession *fwSession)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-session_remove_pointer
-(
- const NSSCKFWSession *fwSession
-)
+session_remove_pointer(
+ const NSSCKFWSession *fwSession)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWSession_verifyPointer
-(
- const NSSCKFWSession *fwSession
-)
+nssCKFWSession_verifyPointer(
+ const NSSCKFWSession *fwSession)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -129,95 +123,91 @@ nssCKFWSession_verifyPointer
*
*/
NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
+nssCKFWSession_Create(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError)
{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
+ NSSArena *arena = (NSSArena *)NULL;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWSession *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWSession *)NULL;
+ }
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
#endif /* NSSDEBUG */
- arena = NSSArena_Create();
- if (!arena) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSession *)NULL;
- }
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWSession *)NULL;
+ }
- fwSession = nss_ZNEW(arena, NSSCKFWSession);
- if (!fwSession) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
+ fwSession = nss_ZNEW(arena, NSSCKFWSession);
+ if (!fwSession) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
- fwSession->arena = arena;
- fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
- fwSession->fwToken = fwToken;
- fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
+ fwSession->arena = arena;
+ fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
+ fwSession->fwToken = fwToken;
+ fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
- fwSlot = nssCKFWToken_GetFWSlot(fwToken);
- fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
+ fwSlot = nssCKFWToken_GetFWSlot(fwToken);
+ fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
+ fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
- fwSession->rw = rw;
- fwSession->pApplication = pApplication;
- fwSession->Notify = Notify;
+ fwSession->rw = rw;
+ fwSession->pApplication = pApplication;
+ fwSession->Notify = Notify;
- fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
+ fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
- fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
- if (!fwSession->sessionObjectHash) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
+ if (!fwSession->sessionObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
}
- goto loser;
- }
#ifdef DEBUG
- *pError = session_add_pointer(fwSession);
- if( CKR_OK != *pError ) {
- goto loser;
- }
+ *pError = session_add_pointer(fwSession);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
#endif /* DEBUG */
- return fwSession;
+ return fwSession;
- loser:
- if (arena) {
- if (fwSession && fwSession->sessionObjectHash) {
- (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
+loser:
+ if (arena) {
+ if (fwSession && fwSession->sessionObjectHash) {
+ (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
+ }
+ NSSArena_Destroy(arena);
}
- NSSArena_Destroy(arena);
- }
- return (NSSCKFWSession *)NULL;
+ return (NSSCKFWSession *)NULL;
}
static void
-nss_ckfw_session_object_destroy_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
+nss_ckfw_session_object_destroy_iterator(
+ const void *key,
+ void *value,
+ void *closure)
{
- NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
- nssCKFWObject_Finalize(fwObject, PR_TRUE);
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
+ nssCKFWObject_Finalize(fwObject, PR_TRUE);
}
/*
@@ -225,51 +215,49 @@ nss_ckfw_session_object_destroy_iterator
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-)
+nssCKFWSession_Destroy(
+ NSSCKFWSession *fwSession,
+ CK_BBOOL removeFromTokenHash)
{
- CK_RV error = CKR_OK;
- nssCKFWHash *sessionObjectHash;
- NSSCKFWCryptoOperationState i;
+ CK_RV error = CKR_OK;
+ nssCKFWHash *sessionObjectHash;
+ NSSCKFWCryptoOperationState i;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- if( removeFromTokenHash ) {
- error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
- }
+ if (removeFromTokenHash) {
+ error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
+ }
- /*
- * Invalidate session objects
- */
+ /*
+ * Invalidate session objects
+ */
- sessionObjectHash = fwSession->sessionObjectHash;
- fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
+ sessionObjectHash = fwSession->sessionObjectHash;
+ fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
- nssCKFWHash_Iterate(sessionObjectHash,
- nss_ckfw_session_object_destroy_iterator,
- (void *)NULL);
+ nssCKFWHash_Iterate(sessionObjectHash,
+ nss_ckfw_session_object_destroy_iterator,
+ (void *)NULL);
- for (i=0; i < NSSCKFWCryptoOperationState_Max; i++) {
- if (fwSession->fwOperationArray[i]) {
- nssCKFWCryptoOperation_Destroy(fwSession->fwOperationArray[i]);
+ for (i = 0; i < NSSCKFWCryptoOperationState_Max; i++) {
+ if (fwSession->fwOperationArray[i]) {
+ nssCKFWCryptoOperation_Destroy(fwSession->fwOperationArray[i]);
+ }
}
- }
#ifdef DEBUG
- (void)session_remove_pointer(fwSession);
+ (void)session_remove_pointer(fwSession);
#endif /* DEBUG */
- (void)nssCKFWHash_Destroy(sessionObjectHash);
- NSSArena_Destroy(fwSession->arena);
+ (void)nssCKFWHash_Destroy(sessionObjectHash);
+ NSSArena_Destroy(fwSession->arena);
- return error;
+ return error;
}
/*
@@ -277,18 +265,16 @@ nssCKFWSession_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKMDSession *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSession->mdSession;
+ return fwSession->mdSession;
}
/*
@@ -296,24 +282,22 @@ nssCKFWSession_GetMDSession
*
*/
NSS_IMPLEMENT NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nssCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSession->arena;
+ return fwSession->arena;
}
/*
@@ -321,34 +305,32 @@ nssCKFWSession_GetArena
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
+nssCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event)
{
- CK_RV error = CKR_OK;
- CK_SESSION_HANDLE handle;
+ CK_RV error = CKR_OK;
+ CK_SESSION_HANDLE handle;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- if( (CK_NOTIFY)NULL == fwSession->Notify ) {
- return CKR_OK;
- }
+ if ((CK_NOTIFY)NULL == fwSession->Notify) {
+ return CKR_OK;
+ }
- handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
- if( (CK_SESSION_HANDLE)0 == handle ) {
- return CKR_GENERAL_ERROR;
- }
+ handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
+ if ((CK_SESSION_HANDLE)0 == handle) {
+ return CKR_GENERAL_ERROR;
+ }
- error = fwSession->Notify(handle, event, fwSession->pApplication);
+ error = fwSession->Notify(handle, event, fwSession->pApplication);
- return error;
+ return error;
}
/*
@@ -356,18 +338,16 @@ nssCKFWSession_CallNotification
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- return fwSession->rw;
+ return fwSession->rw;
}
/*
@@ -375,31 +355,29 @@ nssCKFWSession_IsRWSession
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_IsSO(
+ NSSCKFWSession *fwSession)
{
- CK_STATE state;
+ CK_STATE state;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- switch( state ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- return CK_FALSE;
- case CKS_RW_SO_FUNCTIONS:
- return CK_TRUE;
- default:
- return CK_FALSE;
- }
+ state = nssCKFWToken_GetSessionState(fwSession->fwToken);
+ switch (state) {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_USER_FUNCTIONS:
+ return CK_FALSE;
+ case CKS_RW_SO_FUNCTIONS:
+ return CK_TRUE;
+ default:
+ return CK_FALSE;
+ }
}
/*
@@ -407,18 +385,16 @@ nssCKFWSession_IsSO
*
*/
NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKFWSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKFWSlot *)NULL;
+ }
#endif /* NSSDEBUG */
- return nssCKFWToken_GetFWSlot(fwSession->fwToken);
+ return nssCKFWToken_GetFWSlot(fwSession->fwToken);
}
/*
@@ -426,18 +402,16 @@ nssCKFWSession_GetFWSlot
*
*/
NSS_IMPLEMENT CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_GetSessionState(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKS_RO_PUBLIC_SESSION; /* whatever */
+ }
#endif /* NSSDEBUG */
- return nssCKFWToken_GetSessionState(fwSession->fwToken);
+ return nssCKFWToken_GetSessionState(fwSession->fwToken);
}
/*
@@ -445,33 +419,31 @@ nssCKFWSession_GetSessionState
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-)
+nssCKFWSession_SetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ NSSCKFWFindObjects *fwFindObjects)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- /* fwFindObjects may be null */
+/* fwFindObjects may be null */
#endif /* NSSDEBUG */
- if ((fwSession->fwFindObjects) &&
- (fwFindObjects)) {
- return CKR_OPERATION_ACTIVE;
- }
+ if ((fwSession->fwFindObjects) &&
+ (fwFindObjects)) {
+ return CKR_OPERATION_ACTIVE;
+ }
- fwSession->fwFindObjects = fwFindObjects;
+ fwSession->fwFindObjects = fwFindObjects;
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -479,29 +451,27 @@ nssCKFWSession_SetFWFindObjects
*
*/
NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nssCKFWSession_GetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->fwFindObjects) {
- *pError = CKR_OPERATION_NOT_INITIALIZED;
- return (NSSCKFWFindObjects *)NULL;
- }
+ if (!fwSession->fwFindObjects) {
+ *pError = CKR_OPERATION_NOT_INITIALIZED;
+ return (NSSCKFWFindObjects *)NULL;
+ }
- return fwSession->fwFindObjects;
+ return fwSession->fwFindObjects;
}
/*
@@ -509,34 +479,32 @@ nssCKFWSession_GetFWFindObjects
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-)
+nssCKFWSession_SetMDSession(
+ NSSCKFWSession *fwSession,
+ NSSCKMDSession *mdSession)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!mdSession) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!mdSession) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* NSSDEBUG */
- if (fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
- fwSession->mdSession = mdSession;
+ fwSession->mdSession = mdSession;
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -544,30 +512,28 @@ nssCKFWSession_SetMDSession
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-)
+nssCKFWSession_SetHandle(
+ NSSCKFWSession *fwSession,
+ CK_SESSION_HANDLE hSession)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
- return CKR_GENERAL_ERROR;
- }
+ if ((CK_SESSION_HANDLE)0 != fwSession->hSession) {
+ return CKR_GENERAL_ERROR;
+ }
- fwSession->hSession = hSession;
+ fwSession->hSession = hSession;
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -575,18 +541,16 @@ nssCKFWSession_SetHandle
*
*/
NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_GetHandle(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return NULL;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return NULL;
+ }
#endif /* NSSDEBUG */
- return fwSession->hSession;
+ return fwSession->hSession;
}
/*
@@ -594,25 +558,23 @@ nssCKFWSession_GetHandle
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWSession_RegisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
- CK_RV rv = CKR_OK;
+ CK_RV rv = CKR_OK;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (fwSession->sessionObjectHash) {
- rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- }
+ if (fwSession->sessionObjectHash) {
+ rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
+ }
- return rv;
+ return rv;
}
/*
@@ -620,23 +582,21 @@ nssCKFWSession_RegisterSessionObject
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
+nssCKFWSession_DeregisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (fwSession->sessionObjectHash) {
- nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
- }
+ if (fwSession->sessionObjectHash) {
+ nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
+ }
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -644,28 +604,26 @@ nssCKFWSession_DeregisterSessionObject
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_GetDeviceError(
+ NSSCKFWSession *fwSession)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (CK_ULONG)0;
+ }
- if (!fwSession->mdSession) {
- return (CK_ULONG)0;
- }
+ if (!fwSession->mdSession) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->mdSession->GetDeviceError) {
- return (CK_ULONG)0;
- }
+ if (!fwSession->mdSession->GetDeviceError) {
+ return (CK_ULONG)0;
+ }
- return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
+ return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance);
}
/*
@@ -673,116 +631,119 @@ nssCKFWSession_GetDeviceError
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-)
+nssCKFWSession_Login(
+ NSSCKFWSession *fwSession,
+ CK_USER_TYPE userType,
+ NSSItem *pin)
{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
+ CK_RV error = CKR_OK;
+ CK_STATE oldState;
+ CK_STATE newState;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- switch( userType ) {
- case CKU_SO:
- case CKU_USER:
- break;
- default:
- return CKR_USER_TYPE_INVALID;
- }
+ switch (userType) {
+ case CKU_SO:
+ case CKU_USER:
+ break;
+ default:
+ return CKR_USER_TYPE_INVALID;
+ }
- if (!pin) {
- if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
- return CKR_ARGUMENTS_BAD;
+ if (!pin) {
+ if (CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken)) {
+ return CKR_ARGUMENTS_BAD;
+ }
}
- }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- /*
- * It's not clear what happens when you're already logged in.
- * I'll just fail; but if we decide to change, the logic is
- * all right here.
- */
-
- if( CKU_SO == userType ) {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- /*
- * There's no such thing as a read-only security officer
- * session, so fail. The error should be CKR_SESSION_READ_ONLY,
- * except that C_Login isn't defined to return that. So we'll
- * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
- */
- return CKR_SESSION_READ_ONLY_EXISTS;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_SO_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- } else /* CKU_USER == userType */ {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- newState = CKS_RO_USER_FUNCTIONS;
- break;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_USER_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
- * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
- */
-
- if (!fwSession->mdSession->Login) {
+ oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
+
/*
- * The Module doesn't want to be informed (or check the pin)
- * it'll just rely on the Framework as needed.
+ * It's not clear what happens when you're already logged in.
+ * I'll just fail; but if we decide to change, the logic is
+ * all right here.
*/
- ;
- } else {
- error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, userType, pin, oldState, newState);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return CKR_OK;
+
+ if (CKU_SO == userType) {
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ /*
+ * There's no such thing as a read-only security officer
+ * session, so fail. The error should be CKR_SESSION_READ_ONLY,
+ * except that C_Login isn't defined to return that. So we'll
+ * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
+ */
+ return CKR_SESSION_READ_ONLY_EXISTS;
+ case CKS_RO_USER_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ case CKS_RW_PUBLIC_SESSION:
+ newState =
+ CKS_RW_SO_FUNCTIONS;
+ break;
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ case CKS_RW_SO_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+ }
+ else /* CKU_USER == userType */ {
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ newState =
+ CKS_RO_USER_FUNCTIONS;
+ break;
+ case CKS_RO_USER_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ case CKS_RW_PUBLIC_SESSION:
+ newState =
+ CKS_RW_USER_FUNCTIONS;
+ break;
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ case CKS_RW_SO_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+ }
+
+ /*
+ * So now we're in one of three cases:
+ *
+ * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
+ * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
+ * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
+ */
+
+ if (!fwSession->mdSession->Login) {
+ /*
+ * The Module doesn't want to be informed (or check the pin)
+ * it'll just rely on the Framework as needed.
+ */
+ ;
+ }
+ else {
+ error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, userType, pin, oldState, newState);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+
+ (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
+ return CKR_OK;
}
/*
@@ -790,74 +751,73 @@ nssCKFWSession_Login
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-)
+nssCKFWSession_Logout(
+ NSSCKFWSession *fwSession)
{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
+ CK_RV error = CKR_OK;
+ CK_STATE oldState;
+ CK_STATE newState;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RO_USER_FUNCTIONS:
- newState = CKS_RO_PUBLIC_SESSION;
- break;
- case CKS_RW_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RW_USER_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- case CKS_RW_SO_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- default:
- return CKR_GENERAL_ERROR;
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
- */
-
- if (!fwSession->mdSession->Logout) {
+ oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
+
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ return CKR_USER_NOT_LOGGED_IN;
+ case CKS_RO_USER_FUNCTIONS:
+ newState = CKS_RO_PUBLIC_SESSION;
+ break;
+ case CKS_RW_PUBLIC_SESSION:
+ return CKR_USER_NOT_LOGGED_IN;
+ case CKS_RW_USER_FUNCTIONS:
+ newState = CKS_RW_PUBLIC_SESSION;
+ break;
+ case CKS_RW_SO_FUNCTIONS:
+ newState = CKS_RW_PUBLIC_SESSION;
+ break;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+
/*
- * The Module doesn't want to be informed. Okay.
+ * So now we're in one of three cases:
+ *
+ * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
+ * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
+ * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
*/
- ;
- } else {
- error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, oldState, newState);
- if( CKR_OK != error ) {
- /*
- * Now what?! A failure really should end up with the Framework
- * considering it logged out, right?
- */
- ;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return error;
+
+ if (!fwSession->mdSession->Logout) {
+ /*
+ * The Module doesn't want to be informed. Okay.
+ */
+ ;
+ }
+ else {
+ error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, oldState, newState);
+ if (CKR_OK != error) {
+ /*
+ * Now what?! A failure really should end up with the Framework
+ * considering it logged out, right?
+ */
+ ;
+ }
+ }
+
+ (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
+ return error;
}
/*
@@ -865,47 +825,45 @@ nssCKFWSession_Logout
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-)
+nssCKFWSession_InitPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *pin)
{
- CK_RV error = CKR_OK;
- CK_STATE state;
+ CK_RV error = CKR_OK;
+ CK_STATE state;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- if( CKS_RW_SO_FUNCTIONS != state ) {
- return CKR_USER_NOT_LOGGED_IN;
- }
+ state = nssCKFWToken_GetSessionState(fwSession->fwToken);
+ if (CKS_RW_SO_FUNCTIONS != state) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
- if (!pin) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
+ if (!pin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
}
- }
- if (!fwSession->mdSession->InitPIN) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
+ if (!fwSession->mdSession->InitPIN) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
- error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pin);
+ error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, pin);
- return error;
+ return error;
}
/*
@@ -913,49 +871,47 @@ nssCKFWSession_InitPIN
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *oldPin,
- NSSItem *newPin
-)
+nssCKFWSession_SetPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *oldPin,
+ NSSItem *newPin)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (!newPin) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
+ if (!newPin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
}
- }
- if (!oldPin) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
+ if (!oldPin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
}
- }
- if (!fwSession->mdSession->SetPIN) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
+ if (!fwSession->mdSession->SetPIN) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
- error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, oldPin, newPin);
+ error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, oldPin, newPin);
- return error;
+ return error;
}
/*
@@ -963,54 +919,52 @@ nssCKFWSession_SetPIN
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+nssCKFWSession_GetOperationStateLen(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
- CK_ULONG mdAmt;
- CK_ULONG fwAmt;
+ CK_ULONG mdAmt;
+ CK_ULONG fwAmt;
#ifdef NSSDEBUG
- if (!pError) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- if (!fwSession->mdSession) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->mdSession->GetOperationStateLen) {
- *pError = CKR_STATE_UNSAVEABLE;
- return (CK_ULONG)0;
- }
+ if (!fwSession->mdSession->GetOperationStateLen) {
+ *pError = CKR_STATE_UNSAVEABLE;
+ return (CK_ULONG)0;
+ }
- /*
- * We could check that the session is actually in some state..
- */
+ /*
+ * We could check that the session is actually in some state..
+ */
- mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pError);
+ mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, pError);
- if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
- return (CK_ULONG)0;
- }
+ if (((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError)) {
+ return (CK_ULONG)0;
+ }
- /*
- * Add a bit of sanity-checking
- */
- fwAmt = mdAmt + 2*sizeof(CK_ULONG);
+ /*
+ * Add a bit of sanity-checking
+ */
+ fwAmt = mdAmt + 2 * sizeof(CK_ULONG);
- return fwAmt;
+ return fwAmt;
}
/*
@@ -1018,82 +972,80 @@ nssCKFWSession_GetOperationStateLen
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
+nssCKFWSession_GetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer)
{
- CK_RV error = CKR_OK;
- CK_ULONG fwAmt;
- CK_ULONG *ulBuffer;
- NSSItem i2;
- CK_ULONG n, i;
+ CK_RV error = CKR_OK;
+ CK_ULONG fwAmt;
+ CK_ULONG *ulBuffer;
+ NSSItem i2;
+ CK_ULONG n, i;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!buffer) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!buffer) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!buffer->data) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!buffer->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->mdSession->GetOperationState) {
- return CKR_STATE_UNSAVEABLE;
- }
+ if (!fwSession->mdSession->GetOperationState) {
+ return CKR_STATE_UNSAVEABLE;
+ }
- /*
- * Sanity-check the caller's buffer.
- */
+ /*
+ * Sanity-check the caller's buffer.
+ */
- error = CKR_OK;
- fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
- return error;
- }
+ error = CKR_OK;
+ fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
+ if (((CK_ULONG)0 == fwAmt) && (CKR_OK != error)) {
+ return error;
+ }
- if( buffer->size < fwAmt ) {
- return CKR_BUFFER_TOO_SMALL;
- }
+ if (buffer->size < fwAmt) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
- ulBuffer = (CK_ULONG *)buffer->data;
+ ulBuffer = (CK_ULONG *)buffer->data;
- i2.size = buffer->size - 2*sizeof(CK_ULONG);
- i2.data = (void *)&ulBuffer[2];
+ i2.size = buffer->size - 2 * sizeof(CK_ULONG);
+ i2.data = (void *)&ulBuffer[2];
- error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, &i2);
+ error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, &i2);
- if( CKR_OK != error ) {
- return error;
- }
-
- /*
- * Add a little integrety/identity check.
- * NOTE: right now, it's pretty stupid.
- * A CRC or something would be better.
- */
-
- ulBuffer[0] = 0x434b4657; /* CKFW */
- ulBuffer[1] = 0;
- n = i2.size/sizeof(CK_ULONG);
- for( i = 0; i < n; i++ ) {
- ulBuffer[1] ^= ulBuffer[2+i];
- }
-
- return CKR_OK;
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ /*
+ * Add a little integrety/identity check.
+ * NOTE: right now, it's pretty stupid.
+ * A CRC or something would be better.
+ */
+
+ ulBuffer[0] = 0x434b4657; /* CKFW */
+ ulBuffer[1] = 0;
+ n = i2.size / sizeof(CK_ULONG);
+ for (i = 0; i < n; i++) {
+ ulBuffer[1] ^= ulBuffer[2 + i];
+ }
+
+ return CKR_OK;
}
/*
@@ -1101,126 +1053,125 @@ nssCKFWSession_GetOperationState
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-)
+nssCKFWSession_SetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *state,
+ NSSCKFWObject *encryptionKey,
+ NSSCKFWObject *authenticationKey)
{
- CK_RV error = CKR_OK;
- CK_ULONG *ulBuffer;
- CK_ULONG n, i;
- CK_ULONG x;
- NSSItem s;
- NSSCKMDObject *mdek;
- NSSCKMDObject *mdak;
+ CK_RV error = CKR_OK;
+ CK_ULONG *ulBuffer;
+ CK_ULONG n, i;
+ CK_ULONG x;
+ NSSItem s;
+ NSSCKMDObject *mdek;
+ NSSCKMDObject *mdak;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!state) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!state) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!state->data) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!state->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (encryptionKey) {
- error = nssCKFWObject_verifyPointer(encryptionKey);
- if( CKR_OK != error ) {
- return error;
+ if (encryptionKey) {
+ error = nssCKFWObject_verifyPointer(encryptionKey);
+ if (CKR_OK != error) {
+ return error;
+ }
}
- }
- if (authenticationKey) {
- error = nssCKFWObject_verifyPointer(authenticationKey);
- if( CKR_OK != error ) {
- return error;
+ if (authenticationKey) {
+ error = nssCKFWObject_verifyPointer(authenticationKey);
+ if (CKR_OK != error) {
+ return error;
+ }
}
- }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- ulBuffer = (CK_ULONG *)state->data;
- if( 0x43b4657 != ulBuffer[0] ) {
- return CKR_SAVED_STATE_INVALID;
- }
- n = (state->size / sizeof(CK_ULONG)) - 2;
- x = (CK_ULONG)0;
- for( i = 0; i < n; i++ ) {
- x ^= ulBuffer[2+i];
- }
-
- if( x != ulBuffer[1] ) {
- return CKR_SAVED_STATE_INVALID;
- }
-
- if (!fwSession->mdSession->SetOperationState) {
- return CKR_GENERAL_ERROR;
- }
-
- s.size = state->size - 2*sizeof(CK_ULONG);
- s.data = (void *)&ulBuffer[2];
-
- if (encryptionKey) {
- mdek = nssCKFWObject_GetMDObject(encryptionKey);
- } else {
- mdek = (NSSCKMDObject *)NULL;
- }
-
- if (authenticationKey) {
- mdak = nssCKFWObject_GetMDObject(authenticationKey);
- } else {
- mdak = (NSSCKMDObject *)NULL;
- }
-
- error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
-
- if( CKR_OK != error ) {
- return error;
- }
+ ulBuffer = (CK_ULONG *)state->data;
+ if (0x43b4657 != ulBuffer[0]) {
+ return CKR_SAVED_STATE_INVALID;
+ }
+ n = (state->size / sizeof(CK_ULONG)) - 2;
+ x = (CK_ULONG)0;
+ for (i = 0; i < n; i++) {
+ x ^= ulBuffer[2 + i];
+ }
+
+ if (x != ulBuffer[1]) {
+ return CKR_SAVED_STATE_INVALID;
+ }
+
+ if (!fwSession->mdSession->SetOperationState) {
+ return CKR_GENERAL_ERROR;
+ }
- /*
- * Here'd we restore any session data
- */
-
- return CKR_OK;
+ s.size = state->size - 2 * sizeof(CK_ULONG);
+ s.data = (void *)&ulBuffer[2];
+
+ if (encryptionKey) {
+ mdek = nssCKFWObject_GetMDObject(encryptionKey);
+ }
+ else {
+ mdek = (NSSCKMDObject *)NULL;
+ }
+
+ if (authenticationKey) {
+ mdak = nssCKFWObject_GetMDObject(authenticationKey);
+ }
+ else {
+ mdak = (NSSCKMDObject *)NULL;
+ }
+
+ error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
+
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ /*
+ * Here'd we restore any session data
+ */
+
+ return CKR_OK;
}
static CK_BBOOL
-nss_attributes_form_token_object
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount
-)
+nss_attributes_form_token_object(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount)
{
- CK_ULONG i;
- CK_BBOOL rv;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* If we sanity-check, we can remove this sizeof check */
- if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
- (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
- return rv;
- } else {
- return CK_FALSE;
- }
+ CK_ULONG i;
+ CK_BBOOL rv;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* If we sanity-check, we can remove this sizeof check */
+ if (sizeof(CK_BBOOL) == pTemplate[i].ulValueLen) {
+ (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
+ return rv;
+ }
+ else {
+ return CK_FALSE;
+ }
+ }
}
- }
- return CK_FALSE;
+ return CK_FALSE;
}
/*
@@ -1228,133 +1179,136 @@ nss_attributes_form_token_object
*
*/
NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWSession_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject;
- CK_BBOOL isTokenObject;
+ NSSArena *arena;
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject;
+ CK_BBOOL isTokenObject;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
-
- if (!fwSession->mdSession) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Here would be an excellent place to sanity-check the object.
- */
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
- if( CK_TRUE == isTokenObject ) {
- /* === TOKEN OBJECT === */
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- if (!fwSession->mdSession->CreateObject) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- return (NSSCKFWObject *)NULL;
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
}
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- if (!arena) {
- if( CKR_OK == *pError ) {
+ if (!fwSession->mdSession) {
*pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
+ return (NSSCKFWObject *)NULL;
}
+#endif /* NSSDEBUG */
- goto callmdcreateobject;
- } else {
- /* === SESSION OBJECT === */
+ /*
+ * Here would be an excellent place to sanity-check the object.
+ */
- arena = nssCKFWSession_GetArena(fwSession, pError);
- if (!arena) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
+ isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
+ if (CK_TRUE == isTokenObject) {
+ /* === TOKEN OBJECT === */
+
+ if (!fwSession->mdSession->CreateObject) {
+ *pError = CKR_TOKEN_WRITE_PROTECTED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ goto callmdcreateobject;
}
+ else {
+ /* === SESSION OBJECT === */
+
+ arena = nssCKFWSession_GetArena(fwSession, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
- if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- /* --- module handles the session object -- */
+ if (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)) {
+ /* --- module handles the session object -- */
- if (!fwSession->mdSession->CreateObject) {
- *pError = CKR_GENERAL_ERROR;
+ if (!fwSession->mdSession->CreateObject) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ goto callmdcreateobject;
+ }
+ else {
+ /* --- framework handles the session object -- */
+ mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
+ arena, pTemplate, ulAttributeCount, pError);
+ goto gotmdobject;
+ }
+ }
+
+callmdcreateobject:
+ mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
+ ulAttributeCount, pError);
+
+gotmdobject:
+ if (!mdObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
return (NSSCKFWObject *)NULL;
- }
-
- goto callmdcreateobject;
- } else {
- /* --- framework handles the session object -- */
- mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
- arena, pTemplate, ulAttributeCount, pError);
- goto gotmdobject;
- }
- }
-
- callmdcreateobject:
- mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
- ulAttributeCount, pError);
-
- gotmdobject:
- if (!mdObject) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject = nssCKFWObject_Create(arena, mdObject,
- isTokenObject ? NULL : fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
- if (!fwObject) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- if (mdObject->Destroy) {
- (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
- fwSession->mdSession, fwSession, fwSession->mdToken,
- fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
- }
-
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_FALSE == isTokenObject ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(fwObject, PR_TRUE);
+ }
+
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ isTokenObject ?
+ NULL
+ :
+ fwSession,
+ fwSession->fwToken, fwSession->fwInstance, pError);
+ if (!fwObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+
+ if (mdObject->Destroy) {
+ (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
+ fwSession->mdSession, fwSession, fwSession->mdToken,
+ fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
+ }
+
return (NSSCKFWObject *)NULL;
- }
}
- }
-
- return fwObject;
+
+ if (CK_FALSE == isTokenObject) {
+ if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject)) {
+ *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
+ if (CKR_OK != *pError) {
+ nssCKFWObject_Finalize(fwObject, PR_TRUE);
+ return (NSSCKFWObject *)NULL;
+ }
+ }
+ }
+
+ return fwObject;
}
/*
@@ -1362,222 +1316,233 @@ nssCKFWSession_CreateObject
*
*/
NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWSession_CopyObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- CK_BBOOL oldIsToken;
- CK_BBOOL newIsToken;
- CK_ULONG i;
- NSSCKFWObject *rv;
+ CK_BBOOL oldIsToken;
+ CK_BBOOL newIsToken;
+ CK_ULONG i;
+ NSSCKFWObject *rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if (!fwSession->mdSession) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Sanity-check object
- */
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- if (!fwObject) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
- newIsToken = oldIsToken;
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Since we sanity-checked the object, we know this is the right size. */
- (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
- break;
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
}
- }
+#endif /* NSSDEBUG */
- /*
- * If the Module handles its session objects, or if both the new
- * and old object are token objects, use CopyObject if it exists.
- */
+ /*
+ * Sanity-check object
+ */
- if ((fwSession->mdSession->CopyObject) &&
- (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
- (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance))) ) {
- /* use copy object */
- NSSArena *arena;
- NSSCKMDObject *mdOldObject;
- NSSCKMDObject *mdObject;
+ if (!fwObject) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
- mdOldObject = nssCKFWObject_GetMDObject(fwObject);
+ oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
- if( CK_TRUE == newIsToken ) {
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- } else {
- arena = nssCKFWSession_GetArena(fwSession, pError);
- }
- if (!arena) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
+ newIsToken = oldIsToken;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* Since we sanity-checked the object, we know this is the right size. */
+ (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
+ break;
+ }
}
- mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
- fwObject, arena, pTemplate, ulAttributeCount, pError);
- if (!mdObject) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
+ /*
+ * If the Module handles its session objects, or if both the new
+ * and old object are token objects, use CopyObject if it exists.
+ */
- rv = nssCKFWObject_Create(arena, mdObject,
- newIsToken ? NULL : fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
+ if ((fwSession->mdSession->CopyObject) &&
+ (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
+ (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)))) {
+ /* use copy object */
+ NSSArena *arena;
+ NSSCKMDObject *mdOldObject;
+ NSSCKMDObject *mdObject;
- if( CK_FALSE == newIsToken ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(rv, PR_TRUE);
- return (NSSCKFWObject *)NULL;
+ mdOldObject = nssCKFWObject_GetMDObject(fwObject);
+
+ if (CK_TRUE == newIsToken) {
+ arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
+ }
+ else {
+ arena = nssCKFWSession_GetArena(fwSession, pError);
+ }
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
}
- }
- }
- return rv;
- } else {
- /* use create object */
- NSSArena *tmpArena;
- CK_ATTRIBUTE_PTR newTemplate;
- CK_ULONG i, j, n, newLength, k;
- CK_ATTRIBUTE_TYPE_PTR oldTypes;
- NSSCKFWObject *rv;
-
- n = nssCKFWObject_GetAttributeCount(fwObject, pError);
- if( (0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWObject *)NULL;
- }
+ mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
+ fwObject, arena, pTemplate, ulAttributeCount, pError);
+ if (!mdObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
- tmpArena = NSSArena_Create();
- if (!tmpArena) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
+ rv = nssCKFWObject_Create(arena, mdObject,
+ newIsToken ?
+ NULL
+ :
+ fwSession,
+ fwSession->fwToken, fwSession->fwInstance, pError);
+
+ if (CK_FALSE == newIsToken) {
+ if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv)) {
+ *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
+ if (CKR_OK != *pError) {
+ nssCKFWObject_Finalize(rv, PR_TRUE);
+ return (NSSCKFWObject *)NULL;
+ }
+ }
+ }
- oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
+ return rv;
}
+ else {
+ /* use create object */
+ NSSArena *tmpArena;
+ CK_ATTRIBUTE_PTR newTemplate;
+ CK_ULONG i, j, n, newLength, k;
+ CK_ATTRIBUTE_TYPE_PTR oldTypes;
+ NSSCKFWObject *rv;
+
+ n = nssCKFWObject_GetAttributeCount(fwObject, pError);
+ if ((0 == n) && (CKR_OK != *pError)) {
+ return (NSSCKFWObject *)NULL;
+ }
- *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
- if( CKR_OK != *pError ) {
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
+ tmpArena = NSSArena_Create();
+ if (!tmpArena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
- newLength = n;
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < n; j++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* Removing the attribute */
- newLength--;
- }
- break;
+ oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes) {
+ NSSArena_Destroy(tmpArena);
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
}
- }
- if( j == n ) {
- /* Not found */
- newLength++;
- }
- }
-
- newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
- if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- k = 0;
- for( j = 0; j < n; j++ ) {
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* This attribute is being deleted */
- ;
- } else {
- /* This attribute is being replaced */
- newTemplate[k].type = pTemplate[i].type;
- newTemplate[k].pValue = pTemplate[i].pValue;
- newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
- k++;
- }
- break;
+
+ *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
+ if (CKR_OK != *pError) {
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
}
- }
- if( i == ulAttributeCount ) {
- /* This attribute is being copied over from the old object */
- NSSItem item, *it;
- item.size = 0;
- item.data = (void *)NULL;
- it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
- &item, tmpArena, pError);
- if (!it) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
+
+ newLength = n;
+ for (i = 0; i < ulAttributeCount; i++) {
+ for (j = 0; j < n; j++) {
+ if (oldTypes[j] == pTemplate[i].type) {
+ if ((CK_VOID_PTR)NULL ==
+ pTemplate[i].pValue) {
+ /* Removing the attribute */
+ newLength--;
+ }
+ break;
+ }
+ }
+ if (j == n) {
+ /* Not found */
+ newLength++;
+ }
}
- newTemplate[k].type = oldTypes[j];
- newTemplate[k].pValue = it->data;
- newTemplate[k].ulValueLen = it->size;
- k++;
- }
- }
- /* assert that k == newLength */
- rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
- if (!rv) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
+ newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
+ if ((CK_ATTRIBUTE_PTR)NULL == newTemplate) {
+ NSSArena_Destroy(tmpArena);
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
- NSSArena_Destroy(tmpArena);
- return rv;
- }
+ k = 0;
+ for (j = 0; j < n; j++) {
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (oldTypes[j] == pTemplate[i].type) {
+ if ((CK_VOID_PTR)NULL ==
+ pTemplate[i].pValue) {
+ /* This attribute is being deleted */
+ ;
+ }
+ else {
+ /* This attribute is being replaced */
+ newTemplate[k].type =
+ pTemplate[i].type;
+ newTemplate[k].pValue =
+ pTemplate[i].pValue;
+ newTemplate[k].ulValueLen =
+ pTemplate[i].ulValueLen;
+ k++;
+ }
+ break;
+ }
+ }
+ if (i == ulAttributeCount) {
+ /* This attribute is being copied over from the old object */
+ NSSItem item, *it;
+ item.size = 0;
+ item.data = (void *)NULL;
+ it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
+ &item, tmpArena, pError);
+ if (!it) {
+ if (CKR_OK ==
+ *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
+ }
+ newTemplate[k].type = oldTypes[j];
+ newTemplate[k].pValue = it->data;
+ newTemplate[k].ulValueLen = it->size;
+ k++;
+ }
+ }
+ /* assert that k == newLength */
+
+ rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
+ if (!rv) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
+ }
+
+ NSSArena_Destroy(tmpArena);
+ return rv;
+ }
}
/*
@@ -1585,135 +1550,142 @@ nssCKFWSession_CopyObject
*
*/
NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
+nssCKFWSession_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
{
- NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
- NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
+ NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
+ NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if (!fwSession->mdSession) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- CK_ULONG i;
+ if (!pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
- /*
- * Does the search criteria restrict us to token or session
- * objects?
- */
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Yes, it does. */
- CK_BBOOL isToken;
- if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (NSSCKFWFindObjects *)NULL;
- }
- (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
+ if (((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWFindObjects *)NULL;
+ }
- if( CK_TRUE == isToken ) {
- /* Pass it on to the module's search routine */
- if (!fwSession->mdSession->FindObjectsInit) {
- goto wrap;
- }
-
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
- } else {
- /* Do the search ourselves */
- mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- }
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+#endif /* NSSDEBUG */
- if (!mdfo1) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
+ if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)) {
+ CK_ULONG i;
+
+ /*
+ * Does the search criteria restrict us to token or session
+ * objects?
+ */
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* Yes, it does. */
+ CK_BBOOL isToken;
+ if (sizeof(CK_BBOOL) != pTemplate[i].ulValueLen) {
+ *pError =
+ CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+ (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
+
+ if (CK_TRUE == isToken) {
+ /* Pass it on to the module's search routine */
+ if (!fwSession->mdSession->FindObjectsInit) {
+ goto wrap;
+ }
+
+ mdfo1 =
+ fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
+ }
+ else {
+ /* Do the search ourselves */
+ mdfo1 =
+ nssCKMDFindSessionObjects_Create(fwSession->fwToken,
+ pTemplate, ulAttributeCount, pError);
+ }
+
+ if (!mdfo1) {
+ if (CKR_OK ==
+ *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ goto wrap;
+ }
}
-
- goto wrap;
- }
- }
- if( i == ulAttributeCount ) {
- /* No, it doesn't. Do a hybrid search. */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
+ if (i == ulAttributeCount) {
+ /* No, it doesn't. Do a hybrid search. */
+ mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
+
+ if (!mdfo1) {
+ if (CKR_OK == *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
+ pTemplate, ulAttributeCount, pError);
+ if (!mdfo2) {
+ if (CKR_OK == *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ if (mdfo1->Final) {
+ mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance);
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
- if (!mdfo1) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ goto wrap;
}
- return (NSSCKFWFindObjects *)NULL;
- }
+ /*NOTREACHED*/
+ }
+ else {
+ /* Module handles all its own objects. Pass on to module's search */
+ mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
- mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- if (!mdfo2) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- if (mdfo1->Final) {
- mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
+ if (!mdfo1) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
}
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
- /*NOTREACHED*/
- } else {
- /* Module handles all its own objects. Pass on to module's search */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
- if (!mdfo1) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
+ goto wrap;
}
- goto wrap;
- }
-
- wrap:
- return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
- fwSession->fwInstance, mdfo1, mdfo2, pError);
+wrap:
+ return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
+ fwSession->fwInstance, mdfo1, mdfo2, pError);
}
/*
@@ -1721,46 +1693,44 @@ nssCKFWSession_FindObjectsInit
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-)
+nssCKFWSession_SeedRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *seed)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!seed) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!seed) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!seed->data) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!seed->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if( 0 == seed->size ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (0 == seed->size) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->mdSession->SeedRandom) {
- return CKR_RANDOM_SEED_NOT_SUPPORTED;
- }
+ if (!fwSession->mdSession->SeedRandom) {
+ return CKR_RANDOM_SEED_NOT_SUPPORTED;
+ }
- error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, seed);
+ error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, seed);
- return error;
+ return error;
}
/*
@@ -1768,565 +1738,548 @@ nssCKFWSession_SeedRandom
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
+nssCKFWSession_GetRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!buffer) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!buffer) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!buffer->data) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!buffer->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- if (!fwSession->mdSession->GetRandom) {
- if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
- return CKR_GENERAL_ERROR;
- } else {
- return CKR_RANDOM_NO_RNG;
+ if (!fwSession->mdSession->GetRandom) {
+ if (CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken)) {
+ return CKR_GENERAL_ERROR;
+ }
+ else {
+ return CKR_RANDOM_NO_RNG;
+ }
}
- }
- if( 0 == buffer->size ) {
- return CKR_OK;
- }
+ if (0 == buffer->size) {
+ return CKR_OK;
+ }
- error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, buffer);
+ error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, buffer);
- return error;
+ return error;
}
-
/*
* nssCKFWSession_SetCurrentCryptoOperation
*/
NSS_IMPLEMENT void
-nssCKFWSession_SetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperation * fwOperation,
- NSSCKFWCryptoOperationState state
-)
+nssCKFWSession_SetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperationState state)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return;
- }
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return;
+ }
- if ( state >= NSSCKFWCryptoOperationState_Max) {
- return;
- }
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return;
+ }
- if (!fwSession->mdSession) {
- return;
- }
+ if (!fwSession->mdSession) {
+ return;
+ }
#endif /* NSSDEBUG */
- fwSession->fwOperationArray[state] = fwOperation;
- return;
+ fwSession->fwOperationArray[state] = fwOperation;
+ return;
}
/*
* nssCKFWSession_GetCurrentCryptoOperation
*/
NSS_IMPLEMENT NSSCKFWCryptoOperation *
-nssCKFWSession_GetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationState state
-)
+nssCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return (NSSCKFWCryptoOperation *)NULL;
- }
-
- if ( state >= NSSCKFWCryptoOperationState_Max) {
- return (NSSCKFWCryptoOperation *)NULL;
- }
-
- if (!fwSession->mdSession) {
- return (NSSCKFWCryptoOperation *)NULL;
- }
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (!fwSession->mdSession) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSession->fwOperationArray[state];
+ return fwSession->fwOperationArray[state];
}
/*
* nssCKFWSession_Final
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Final
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-)
+nssCKFWSession_Final(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSItem outputBuffer;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem outputBuffer;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* handle buffer issues, note for Verify, the type is an input buffer. */
- if (NSSCKFWCryptoOperationType_Verify == type) {
- if ((CK_BYTE_PTR)NULL == outBuf) {
- error = CKR_ARGUMENTS_BAD;
- goto done;
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
}
- } else {
- CK_ULONG len = nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
- CK_ULONG maxBufLen = *outBufLen;
- if (CKR_OK != error) {
- goto done;
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
}
- *outBufLen = len;
- if ((CK_BYTE_PTR)NULL == outBuf) {
- return CKR_OK;
+
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ if (NSSCKFWCryptoOperationType_Verify == type) {
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ error = CKR_ARGUMENTS_BAD;
+ goto done;
+ }
}
+ else {
+ CK_ULONG len = nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
+ CK_ULONG maxBufLen = *outBufLen;
- if (len > maxBufLen) {
- return CKR_BUFFER_TOO_SMALL;
+ if (CKR_OK != error) {
+ goto done;
+ }
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
}
- }
- outputBuffer.data = outBuf;
- outputBuffer.size = *outBufLen;
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
- error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
+ error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
done:
- if (CKR_BUFFER_TOO_SMALL == error) {
+ if (CKR_BUFFER_TOO_SMALL == error) {
+ return error;
+ }
+ /* clean up our state */
+ nssCKFWCryptoOperation_Destroy(fwOperation);
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
return error;
- }
- /* clean up our state */
- nssCKFWCryptoOperation_Destroy(fwOperation);
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
- return error;
}
/*
* nssCKFWSession_Update
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_Update
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-)
+nssCKFWSession_Update(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSItem inputBuffer;
- NSSItem outputBuffer;
- CK_ULONG len;
- CK_ULONG maxBufLen;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ CK_ULONG len;
+ CK_ULONG maxBufLen;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- /* make sure it's the correct type */
- if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- inputBuffer.data = inBuf;
- inputBuffer.size = inBufLen;
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
- /* handle buffer issues, note for Verify, the type is an input buffer. */
- len = nssCKFWCryptoOperation_GetOperationLength(fwOperation, &inputBuffer,
- &error);
- if (CKR_OK != error) {
- return error;
- }
- maxBufLen = *outBufLen;
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ len = nssCKFWCryptoOperation_GetOperationLength(fwOperation, &inputBuffer,
+ &error);
+ if (CKR_OK != error) {
+ return error;
+ }
+ maxBufLen = *outBufLen;
- *outBufLen = len;
- if ((CK_BYTE_PTR)NULL == outBuf) {
- return CKR_OK;
- }
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
- if (len > maxBufLen) {
- return CKR_BUFFER_TOO_SMALL;
- }
- outputBuffer.data = outBuf;
- outputBuffer.size = *outBufLen;
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
- return nssCKFWCryptoOperation_Update(fwOperation,
- &inputBuffer, &outputBuffer);
+ return nssCKFWCryptoOperation_Update(fwOperation,
+ &inputBuffer, &outputBuffer);
}
/*
* nssCKFWSession_DigestUpdate
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_DigestUpdate
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen
-)
+nssCKFWSession_DigestUpdate(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSItem inputBuffer;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- inputBuffer.data = inBuf;
- inputBuffer.size = inBufLen;
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
- error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
- return error;
+ error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
+ return error;
}
/*
* nssCKFWSession_DigestUpdate
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_DigestKey
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwKey
-)
+nssCKFWSession_DigestKey(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwKey)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSItem *inputBuffer;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem *inputBuffer;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_Digest);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (NSSCKFWCryptoOperationType_Digest !=
- nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- error = nssCKFWCryptoOperation_DigestKey(fwOperation, fwKey);
- if (CKR_FUNCTION_FAILED != error) {
- return error;
- }
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_Digest);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (NSSCKFWCryptoOperationType_Digest !=
+ nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ error = nssCKFWCryptoOperation_DigestKey(fwOperation, fwKey);
+ if (CKR_FUNCTION_FAILED != error) {
+ return error;
+ }
- /* no machine depended way for this to happen, do it by hand */
- inputBuffer=nssCKFWObject_GetAttribute(fwKey, CKA_VALUE, NULL, NULL, &error);
- if (!inputBuffer) {
- /* couldn't get the value, just fail then */
+ /* no machine depended way for this to happen, do it by hand */
+ inputBuffer = nssCKFWObject_GetAttribute(fwKey, CKA_VALUE, NULL, NULL, &error);
+ if (!inputBuffer) {
+ /* couldn't get the value, just fail then */
+ return error;
+ }
+ error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, inputBuffer);
+ nssItem_Destroy(inputBuffer);
return error;
- }
- error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, inputBuffer);
- nssItem_Destroy(inputBuffer);
- return error;
}
/*
* nssCKFWSession_UpdateFinal
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSession_UpdateFinal
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType type,
- NSSCKFWCryptoOperationState state,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-)
+nssCKFWSession_UpdateFinal(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSItem inputBuffer;
- NSSItem outputBuffer;
- PRBool isEncryptDecrypt;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ PRBool isEncryptDecrypt;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- inputBuffer.data = inBuf;
- inputBuffer.size = inBufLen;
- isEncryptDecrypt = (PRBool) ((NSSCKFWCryptoOperationType_Encrypt == type) ||
- (NSSCKFWCryptoOperationType_Decrypt == type)) ;
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- /* handle buffer issues, note for Verify, the type is an input buffer. */
- if (NSSCKFWCryptoOperationType_Verify == type) {
- if ((CK_BYTE_PTR)NULL == outBuf) {
- error = CKR_ARGUMENTS_BAD;
- goto done;
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
}
- } else {
- CK_ULONG maxBufLen = *outBufLen;
- CK_ULONG len;
- len = (isEncryptDecrypt) ?
- nssCKFWCryptoOperation_GetOperationLength(fwOperation,
- &inputBuffer, &error) :
- nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+ isEncryptDecrypt = (PRBool)((NSSCKFWCryptoOperationType_Encrypt == type) ||
+ (NSSCKFWCryptoOperationType_Decrypt == type));
- if (CKR_OK != error) {
- goto done;
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ if (NSSCKFWCryptoOperationType_Verify == type) {
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ error = CKR_ARGUMENTS_BAD;
+ goto done;
+ }
}
+ else {
+ CK_ULONG maxBufLen = *outBufLen;
+ CK_ULONG len;
+
+ len = (isEncryptDecrypt) ?
+ nssCKFWCryptoOperation_GetOperationLength(fwOperation,
+ &inputBuffer, &error)
+ :
+ nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
+
+ if (CKR_OK != error) {
+ goto done;
+ }
- *outBufLen = len;
- if ((CK_BYTE_PTR)NULL == outBuf) {
- return CKR_OK;
- }
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
- if (len > maxBufLen) {
- return CKR_BUFFER_TOO_SMALL;
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
}
- }
- outputBuffer.data = outBuf;
- outputBuffer.size = *outBufLen;
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
- error = nssCKFWCryptoOperation_UpdateFinal(fwOperation,
- &inputBuffer, &outputBuffer);
+ error = nssCKFWCryptoOperation_UpdateFinal(fwOperation,
+ &inputBuffer, &outputBuffer);
- /* UpdateFinal isn't support, manually use Update and Final */
- if (CKR_FUNCTION_FAILED == error) {
- error = isEncryptDecrypt ?
- nssCKFWCryptoOperation_Update(fwOperation, &inputBuffer, &outputBuffer) :
- nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
+ /* UpdateFinal isn't support, manually use Update and Final */
+ if (CKR_FUNCTION_FAILED == error) {
+ error = isEncryptDecrypt ?
+ nssCKFWCryptoOperation_Update(fwOperation, &inputBuffer, &outputBuffer)
+ :
+ nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
- if (CKR_OK == error) {
- error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
+ if (CKR_OK == error) {
+ error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
+ }
}
- }
-
done:
- if (CKR_BUFFER_TOO_SMALL == error) {
- /* if we return CKR_BUFFER_TOO_SMALL, we the caller is not expecting.
- * the crypto state to be freed */
- return error;
- }
+ if (CKR_BUFFER_TOO_SMALL == error) {
+ /* if we return CKR_BUFFER_TOO_SMALL, we the caller is not expecting.
+ * the crypto state to be freed */
+ return error;
+ }
- /* clean up our state */
- nssCKFWCryptoOperation_Destroy(fwOperation);
- nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
- return error;
+ /* clean up our state */
+ nssCKFWCryptoOperation_Destroy(fwOperation);
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
+ return error;
}
NSS_IMPLEMENT CK_RV
-nssCKFWSession_UpdateCombo
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationType encryptType,
- NSSCKFWCryptoOperationType digestType,
- NSSCKFWCryptoOperationState digestState,
- CK_BYTE_PTR inBuf,
- CK_ULONG inBufLen,
- CK_BYTE_PTR outBuf,
- CK_ULONG_PTR outBufLen
-)
+nssCKFWSession_UpdateCombo(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType encryptType,
+ NSSCKFWCryptoOperationType digestType,
+ NSSCKFWCryptoOperationState digestState,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
{
- NSSCKFWCryptoOperation *fwOperation;
- NSSCKFWCryptoOperation *fwPeerOperation;
- NSSItem inputBuffer;
- NSSItem outputBuffer;
- CK_ULONG maxBufLen = *outBufLen;
- CK_ULONG len;
- CK_RV error = CKR_OK;
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKFWCryptoOperation *fwPeerOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ CK_ULONG maxBufLen = *outBufLen;
+ CK_ULONG len;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwSession->mdSession) {
- return CKR_GENERAL_ERROR;
- }
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
#endif /* NSSDEBUG */
- /* make sure we have a valid operation initialized */
- fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- NSSCKFWCryptoOperationState_EncryptDecrypt);
- if (!fwOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (encryptType != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
- /* make sure we have a valid operation initialized */
- fwPeerOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
- digestState);
- if (!fwPeerOperation) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- /* make sure it's the correct type */
- if (digestType != nssCKFWCryptoOperation_GetType(fwOperation)) {
- return CKR_OPERATION_NOT_INITIALIZED;
- }
-
- inputBuffer.data = inBuf;
- inputBuffer.size = inBufLen;
- len = nssCKFWCryptoOperation_GetOperationLength(fwOperation,
- &inputBuffer, &error);
- if (CKR_OK != error) {
- return error;
- }
-
- *outBufLen = len;
- if ((CK_BYTE_PTR)NULL == outBuf) {
- return CKR_OK;
- }
-
- if (len > maxBufLen) {
- return CKR_BUFFER_TOO_SMALL;
- }
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- outputBuffer.data = outBuf;
- outputBuffer.size = *outBufLen;
+ /* make sure it's the correct type */
+ if (encryptType != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+ /* make sure we have a valid operation initialized */
+ fwPeerOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ digestState);
+ if (!fwPeerOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- error = nssCKFWCryptoOperation_UpdateCombo(fwOperation, fwPeerOperation,
- &inputBuffer, &outputBuffer);
- if (CKR_FUNCTION_FAILED == error) {
- PRBool isEncrypt =
- (PRBool) (NSSCKFWCryptoOperationType_Encrypt == encryptType);
+ /* make sure it's the correct type */
+ if (digestType != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
- if (isEncrypt) {
- error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
- &inputBuffer);
- if (CKR_OK != error) {
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+ len = nssCKFWCryptoOperation_GetOperationLength(fwOperation,
+ &inputBuffer, &error);
+ if (CKR_OK != error) {
return error;
- }
}
- error = nssCKFWCryptoOperation_Update(fwOperation,
- &inputBuffer, &outputBuffer);
- if (CKR_OK != error) {
- return error;
+
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
}
- if (!isEncrypt) {
- error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
- &outputBuffer);
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
}
- }
- return error;
-}
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
+
+ error = nssCKFWCryptoOperation_UpdateCombo(fwOperation, fwPeerOperation,
+ &inputBuffer, &outputBuffer);
+ if (CKR_FUNCTION_FAILED == error) {
+ PRBool isEncrypt =
+ (PRBool)(NSSCKFWCryptoOperationType_Encrypt == encryptType);
+
+ if (isEncrypt) {
+ error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
+ &inputBuffer);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+ error = nssCKFWCryptoOperation_Update(fwOperation,
+ &inputBuffer, &outputBuffer);
+ if (CKR_OK != error) {
+ return error;
+ }
+ if (!isEncrypt) {
+ error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
+ &outputBuffer);
+ }
+ }
+ return error;
+}
/*
* NSSCKFWSession_GetMDSession
@@ -2334,18 +2287,16 @@ nssCKFWSession_UpdateCombo
*/
NSS_IMPLEMENT NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
+NSSCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKMDSession *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSession_GetMDSession(fwSession);
+ return nssCKFWSession_GetMDSession(fwSession);
}
/*
@@ -2354,24 +2305,22 @@ NSSCKFWSession_GetMDSession
*/
NSS_IMPLEMENT NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
+NSSCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSession_GetArena(fwSession, pError);
+ return nssCKFWSession_GetArena(fwSession, pError);
}
/*
@@ -2380,22 +2329,20 @@ NSSCKFWSession_GetArena
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
+NSSCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event)
{
#ifdef DEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* DEBUG */
- return nssCKFWSession_CallNotification(fwSession, event);
+ return nssCKFWSession_CallNotification(fwSession, event);
}
/*
@@ -2404,18 +2351,16 @@ NSSCKFWSession_CallNotification
*/
NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
+NSSCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
#endif /* DEBUG */
- return nssCKFWSession_IsRWSession(fwSession);
+ return nssCKFWSession_IsRWSession(fwSession);
}
/*
@@ -2424,37 +2369,33 @@ NSSCKFWSession_IsRWSession
*/
NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
+NSSCKFWSession_IsSO(
+ NSSCKFWSession *fwSession)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
#endif /* DEBUG */
- return nssCKFWSession_IsSO(fwSession);
+ return nssCKFWSession_IsSO(fwSession);
}
NSS_IMPLEMENT NSSCKFWCryptoOperation *
-NSSCKFWSession_GetCurrentCryptoOperation
-(
- NSSCKFWSession *fwSession,
- NSSCKFWCryptoOperationState state
-)
+NSSCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state)
{
#ifdef DEBUG
- CK_RV error = CKR_OK;
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return (NSSCKFWCryptoOperation *)NULL;
- }
-
- if ( state >= NSSCKFWCryptoOperationState_Max) {
- return (NSSCKFWCryptoOperation *)NULL;
- }
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ return nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
}
diff --git a/lib/ckfw/sessobj.c b/lib/ckfw/sessobj.c
index 113b0f45d..a144de288 100644
--- a/lib/ckfw/sessobj.c
+++ b/lib/ckfw/sessobj.c
@@ -5,7 +5,7 @@
/*
* sessobj.c
*
- * This file contains an NSSCKMDObject implementation for session
+ * This file contains an NSSCKMDObject implementation for session
* objects. The framework uses this implementation to manage
* session objects when a Module doesn't wish to be bothered.
*/
@@ -32,11 +32,11 @@
*/
struct nssCKMDSessionObjectStr {
- CK_ULONG n;
- NSSArena *arena;
- NSSItem *attributes;
- CK_ATTRIBUTE_TYPE_PTR types;
- nssCKFWHash *hash;
+ CK_ULONG n;
+ NSSArena *arena;
+ NSSItem *attributes;
+ CK_ATTRIBUTE_TYPE_PTR types;
+ nssCKFWHash *hash;
};
typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
@@ -53,31 +53,25 @@ typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
*/
static CK_RV
-nss_ckmdSessionObject_add_pointer
-(
- const NSSCKMDObject *mdObject
-)
+nss_ckmdSessionObject_add_pointer(
+ const NSSCKMDObject *mdObject)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-nss_ckmdSessionObject_remove_pointer
-(
- const NSSCKMDObject *mdObject
-)
+nss_ckmdSessionObject_remove_pointer(
+ const NSSCKMDObject *mdObject)
{
- return CKR_OK;
+ return CKR_OK;
}
#ifdef NSS_DEBUG
static CK_RV
-nss_ckmdSessionObject_verifyPointer
-(
- const NSSCKMDObject *mdObject
-)
+nss_ckmdSessionObject_verifyPointer(
+ const NSSCKMDObject *mdObject)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif
@@ -87,234 +81,214 @@ nss_ckmdSessionObject_verifyPointer
* We must forward-declare these routines
*/
static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
+nss_ckmdSessionObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
+nss_ckmdSessionObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
+nss_ckmdSessionObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nss_ckmdSessionObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
+nss_ckmdSessionObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
+nss_ckmdSessionObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
+nss_ckmdSessionObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
+nss_ckmdSessionObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
+nss_ckmdSessionObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
/*
* nssCKMDSessionObject_Create
*
*/
NSS_IMPLEMENT NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-)
+nssCKMDSessionObject_Create(
+ NSSCKFWToken *fwToken,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR attributes,
+ CK_ULONG ulCount,
+ CK_RV *pError)
{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
- CK_ULONG i;
- nssCKFWHash *hash;
-
- *pError = CKR_OK;
-
- mdso = nss_ZNEW(arena, nssCKMDSessionObject);
- if (!mdso) {
- goto loser;
- }
-
- mdso->arena = arena;
- mdso->n = ulCount;
- mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
- if (!mdso->attributes) {
- goto loser;
- }
-
- mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
- if (!mdso->types) {
- goto loser;
- }
- for( i = 0; i < ulCount; i++ ) {
- mdso->types[i] = attributes[i].type;
- mdso->attributes[i].size = attributes[i].ulValueLen;
- mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
- if (!mdso->attributes[i].data) {
- goto loser;
+ NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
+ nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
+ CK_ULONG i;
+ nssCKFWHash *hash;
+
+ *pError = CKR_OK;
+
+ mdso = nss_ZNEW(arena, nssCKMDSessionObject);
+ if (!mdso) {
+ goto loser;
+ }
+
+ mdso->arena = arena;
+ mdso->n = ulCount;
+ mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
+ if (!mdso->attributes) {
+ goto loser;
+ }
+
+ mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
+ if (!mdso->types) {
+ goto loser;
+ }
+ for (i = 0; i < ulCount; i++) {
+ mdso->types[i] = attributes[i].type;
+ mdso->attributes[i].size = attributes[i].ulValueLen;
+ mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
+ if (!mdso->attributes[i].data) {
+ goto loser;
+ }
+ (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
+ attributes[i].ulValueLen);
+ }
+
+ mdObject = nss_ZNEW(arena, NSSCKMDObject);
+ if (!mdObject) {
+ goto loser;
+ }
+
+ mdObject->etc = (void *)mdso;
+ mdObject->Finalize = nss_ckmdSessionObject_Finalize;
+ mdObject->Destroy = nss_ckmdSessionObject_Destroy;
+ mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
+ mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
+ mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
+ mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
+ mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
+ mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
+ mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
+
+ hash = nssCKFWToken_GetSessionObjectHash(fwToken);
+ if (!hash) {
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ mdso->hash = hash;
+
+ *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
+ if (CKR_OK != *pError) {
+ goto loser;
}
- (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
- attributes[i].ulValueLen);
- }
-
- mdObject = nss_ZNEW(arena, NSSCKMDObject);
- if (!mdObject) {
- goto loser;
- }
-
- mdObject->etc = (void *)mdso;
- mdObject->Finalize = nss_ckmdSessionObject_Finalize;
- mdObject->Destroy = nss_ckmdSessionObject_Destroy;
- mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
- mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
- mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
- mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
- mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
- mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
- mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
-
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if (!hash) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- mdso->hash = hash;
-
- *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
- if( CKR_OK != *pError ) {
- goto loser;
- }
#ifdef DEBUG
- if(( *pError = nss_ckmdSessionObject_add_pointer(mdObject)) != CKR_OK ) {
- goto loser;
- }
+ if ((*pError = nss_ckmdSessionObject_add_pointer(mdObject)) != CKR_OK) {
+ goto loser;
+ }
#endif /* DEBUG */
- return mdObject;
+ return mdObject;
- loser:
- if (mdso) {
- if (mdso->attributes) {
- for( i = 0; i < ulCount; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
- nss_ZFreeIf(mdso->attributes);
+loser:
+ if (mdso) {
+ if (mdso->attributes) {
+ for (i = 0; i < ulCount; i++) {
+ nss_ZFreeIf(mdso->attributes[i].data);
+ }
+ nss_ZFreeIf(mdso->attributes);
+ }
+ nss_ZFreeIf(mdso->types);
+ nss_ZFreeIf(mdso);
}
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- }
- nss_ZFreeIf(mdObject);
- if (*pError == CKR_OK) {
- *pError = CKR_HOST_MEMORY;
- }
- return (NSSCKMDObject *)NULL;
+ nss_ZFreeIf(mdObject);
+ if (*pError == CKR_OK) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ return (NSSCKMDObject *)NULL;
}
/*
@@ -322,20 +296,18 @@ nssCKMDSessionObject_Create
*
*/
static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_ckmdSessionObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- /* This shouldn't ever be called */
- return;
+ /* This shouldn't ever be called */
+ return;
}
/*
@@ -344,48 +316,46 @@ nss_ckmdSessionObject_Finalize
*/
static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_ckmdSessionObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
- nssCKMDSessionObject *mdso;
- CK_ULONG i;
+ nssCKMDSessionObject *mdso;
+ CK_ULONG i;
#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- mdso = (nssCKMDSessionObject *)mdObject->etc;
+ mdso = (nssCKMDSessionObject *)mdObject->etc;
- nssCKFWHash_Remove(mdso->hash, mdObject);
+ nssCKFWHash_Remove(mdso->hash, mdObject);
- for( i = 0; i < mdso->n; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
- nss_ZFreeIf(mdso->attributes);
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- nss_ZFreeIf(mdObject);
+ for (i = 0; i < mdso->n; i++) {
+ nss_ZFreeIf(mdso->attributes[i].data);
+ }
+ nss_ZFreeIf(mdso->attributes);
+ nss_ZFreeIf(mdso->types);
+ nss_ZFreeIf(mdso);
+ nss_ZFreeIf(mdObject);
#ifdef DEBUG
- (void)nss_ckmdSessionObject_remove_pointer(mdObject);
+ (void)nss_ckmdSessionObject_remove_pointer(mdObject);
#endif /* DEBUG */
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -394,28 +364,26 @@ nss_ckmdSessionObject_Destroy
*/
static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_ckmdSessionObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- /*
- * This implementation is only ever used for session objects.
- */
- return CK_FALSE;
+ /*
+ * This implementation is only ever used for session objects.
+ */
+ return CK_FALSE;
}
/*
@@ -423,37 +391,35 @@ nss_ckmdSessionObject_IsTokenObject
*
*/
static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_ckmdSessionObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nssCKMDSessionObject *obj;
+ nssCKMDSessionObject *obj;
#ifdef NSSDEBUG
- if (!pError) {
- return 0;
- }
+ if (!pError) {
+ return 0;
+ }
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- return obj->n;
+ return obj->n;
}
/*
@@ -461,44 +427,43 @@ nss_ckmdSessionObject_GetAttributeCount
*
*/
static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
+nss_ckmdSessionObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
{
#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#endif /* NSSDEBUG */
- nssCKMDSessionObject *obj;
+ nssCKMDSessionObject *obj;
#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return error;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- if( ulCount < obj->n ) {
- return CKR_BUFFER_TOO_SMALL;
- }
+ if (ulCount < obj->n) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
- (void)nsslibc_memcpy(typeArray, obj->types,
- sizeof(CK_ATTRIBUTE_TYPE) * obj->n);
+ (void)nsslibc_memcpy(typeArray, obj->types,
+ sizeof(CK_ATTRIBUTE_TYPE) *
+ obj->n);
- return CKR_OK;
+ return CKR_OK;
}
/*
@@ -506,46 +471,44 @@ nss_ckmdSessionObject_GetAttributeTypes
*
*/
static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+nss_ckmdSessionObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
#ifdef NSSDEBUG
- if (!pError) {
- return 0;
- }
+ if (!pError) {
+ return 0;
+ }
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- return (CK_ULONG)(obj->attributes[i].size);
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ return (CK_ULONG)(obj->attributes[i].size);
+ }
}
- }
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
}
/*
@@ -553,50 +516,48 @@ nss_ckmdSessionObject_GetAttributeSize
*
*/
static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
+nss_ckmdSessionObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
{
- NSSCKFWItem item;
- nssCKMDSessionObject *obj;
- CK_ULONG i;
+ NSSCKFWItem item;
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
- item.needsFreeing = PR_FALSE;
- item.item = NULL;
+ item.needsFreeing = PR_FALSE;
+ item.item = NULL;
#ifdef NSSDEBUG
- if (!pError) {
- return item;
- }
+ if (!pError) {
+ return item;
+ }
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return item;
- }
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return item;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- item.item = &obj->attributes[i];
- return item;
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ item.item = &obj->attributes[i];
+ return item;
+ }
}
- }
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return item;
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return item;
}
/*
@@ -612,79 +573,77 @@ nss_ckmdSessionObject_GetAttribute
* more easily. Do this later.
*/
static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
+nss_ckmdSessionObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- NSSItem n;
- NSSItem *ra;
- CK_ATTRIBUTE_TYPE_PTR rt;
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+ NSSItem n;
+ NSSItem *ra;
+ CK_ATTRIBUTE_TYPE_PTR rt;
#ifdef NSSDEBUG
- CK_RV error;
+ CK_RV error;
#endif /* NSSDEBUG */
#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return 0;
- }
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return 0;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- n.size = value->size;
- n.data = nss_ZAlloc(obj->arena, n.size);
- if (!n.data) {
- return CKR_HOST_MEMORY;
- }
- (void)nsslibc_memcpy(n.data, value->data, n.size);
+ n.size = value->size;
+ n.data = nss_ZAlloc(obj->arena, n.size);
+ if (!n.data) {
+ return CKR_HOST_MEMORY;
+ }
+ (void)nsslibc_memcpy(n.data, value->data, n.size);
+
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ nss_ZFreeIf(obj->attributes[i].data);
+ obj->attributes[i] = n;
+ return CKR_OK;
+ }
+ }
+
+ /*
+ * It's new.
+ */
+
+ ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
+ if (!ra) {
+ nss_ZFreeIf(n.data);
+ return CKR_HOST_MEMORY;
+ }
+ obj->attributes = ra;
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- nss_ZFreeIf(obj->attributes[i].data);
- obj->attributes[i] = n;
- return CKR_OK;
+ rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types,
+ sizeof(CK_ATTRIBUTE_TYPE) * (obj->n + 1));
+ if (!rt) {
+ nss_ZFreeIf(n.data);
+ return CKR_HOST_MEMORY;
}
- }
-
- /*
- * It's new.
- */
-
- ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
- if (!ra) {
- nss_ZFreeIf(n.data);
- return CKR_HOST_MEMORY;
- }
- obj->attributes = ra;
-
- rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types,
- sizeof(CK_ATTRIBUTE_TYPE) * (obj->n + 1));
- if (!rt) {
- nss_ZFreeIf(n.data);
- return CKR_HOST_MEMORY;
- }
-
- obj->types = rt;
- obj->attributes[obj->n] = n;
- obj->types[obj->n] = attribute;
- obj->n++;
-
- return CKR_OK;
+
+ obj->types = rt;
+ obj->attributes[obj->n] = n;
+ obj->types[obj->n] = attribute;
+ obj->n++;
+
+ return CKR_OK;
}
/*
@@ -692,47 +651,45 @@ nss_ckmdSessionObject_SetAttribute
*
*/
static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
+nss_ckmdSessionObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- CK_ULONG rv = (CK_ULONG)0;
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+ CK_ULONG rv = (CK_ULONG)0;
#ifdef NSSDEBUG
- if (!pError) {
- return 0;
- }
+ if (!pError) {
+ return 0;
+ }
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
- /* We could even check all the other arguments, for sanity. */
+/* We could even check all the other arguments, for sanity. */
#endif /* NSSDEBUG */
- obj = (nssCKMDSessionObject *)mdObject->etc;
+ obj = (nssCKMDSessionObject *)mdObject->etc;
- for( i = 0; i < obj->n; i++ ) {
- rv += obj->attributes[i].size;
- }
+ for (i = 0; i < obj->n; i++) {
+ rv += obj->attributes[i].size;
+ }
- rv += sizeof(NSSItem) * obj->n;
- rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
- rv += sizeof(nssCKMDSessionObject);
+ rv += sizeof(NSSItem) * obj->n;
+ rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
+ rv += sizeof(nssCKMDSessionObject);
- return rv;
+ return rv;
}
/*
@@ -747,18 +704,17 @@ nss_ckmdSessionObject_GetObjectSize
*/
struct nodeStr {
- struct nodeStr *next;
- NSSCKMDObject *mdObject;
+ struct nodeStr *next;
+ NSSCKMDObject *mdObject;
};
struct nssCKMDFindSessionObjectsStr {
- NSSArena *arena;
- CK_RV error;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulCount;
- struct nodeStr *list;
- nssCKFWHash *hash;
-
+ NSSArena *arena;
+ CK_RV error;
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulCount;
+ struct nodeStr *list;
+ nssCKFWHash *hash;
};
typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
@@ -775,31 +731,25 @@ typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
*/
static CK_RV
-nss_ckmdFindSessionObjects_add_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
+nss_ckmdFindSessionObjects_add_pointer(
+ const NSSCKMDFindObjects *mdFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-nss_ckmdFindSessionObjects_remove_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
+nss_ckmdFindSessionObjects_remove_pointer(
+ const NSSCKMDFindObjects *mdFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
#ifdef NSS_DEBUG
static CK_RV
-nss_ckmdFindSessionObjects_verifyPointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
+nss_ckmdFindSessionObjects_verifyPointer(
+ const NSSCKMDFindObjects *mdFindObjects)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif
@@ -809,104 +759,98 @@ nss_ckmdFindSessionObjects_verifyPointer
* We must forward-declare these routines.
*/
static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
+nss_ckmdFindSessionObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
+nss_ckmdFindSessionObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
static CK_BBOOL
-items_match
-(
- NSSItem *a,
- CK_VOID_PTR pValue,
- CK_ULONG ulValueLen
-)
+items_match(
+ NSSItem *a,
+ CK_VOID_PTR pValue,
+ CK_ULONG ulValueLen)
{
- if( a->size != ulValueLen ) {
- return CK_FALSE;
- }
+ if (a->size != ulValueLen) {
+ return CK_FALSE;
+ }
- if( PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL) ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
+ if (PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ else {
+ return CK_FALSE;
+ }
}
/*
* Our hashtable iterator
*/
static void
-findfcn
-(
- const void *key,
- void *value,
- void *closure
-)
+findfcn(
+ const void *key,
+ void *value,
+ void *closure)
{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
- nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
- CK_ULONG i, j;
- struct nodeStr *node;
-
- if( CKR_OK != mdfso->error ) {
- return;
- }
+ NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
+ nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
+ nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
+ CK_ULONG i, j;
+ struct nodeStr *node;
+
+ if (CKR_OK != mdfso->error) {
+ return;
+ }
- for( i = 0; i < mdfso->ulCount; i++ ) {
- CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
+ for (i = 0; i < mdfso->ulCount; i++) {
+ CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
+
+ for (j = 0; j < mdso->n; j++) {
+ if (mdso->types[j] == p->type) {
+ if (!items_match(&mdso->attributes[j], p->pValue, p->ulValueLen)) {
+ return;
+ }
+ else {
+ break;
+ }
+ }
+ }
- for( j = 0; j < mdso->n; j++ ) {
- if( mdso->types[j] == p->type ) {
- if( !items_match(&mdso->attributes[j], p->pValue, p->ulValueLen) ) {
- return;
- } else {
- break;
+ if (j == mdso->n) {
+ /* Attribute not found */
+ return;
}
- }
}
- if( j == mdso->n ) {
- /* Attribute not found */
- return;
+ /* Matches */
+ node = nss_ZNEW(mdfso->arena, struct nodeStr);
+ if ((struct nodeStr *)NULL == node) {
+ mdfso->error = CKR_HOST_MEMORY;
+ return;
}
- }
-
- /* Matches */
- node = nss_ZNEW(mdfso->arena, struct nodeStr);
- if( (struct nodeStr *)NULL == node ) {
- mdfso->error = CKR_HOST_MEMORY;
- return;
- }
- node->mdObject = mdObject;
- node->next = mdfso->list;
- mdfso->list = node;
+ node->mdObject = mdObject;
+ node->next = mdfso->list;
+ mdfso->list = node;
- return;
+ return;
}
/*
@@ -914,162 +858,157 @@ findfcn
*
*/
NSS_IMPLEMENT NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-)
+nssCKMDFindSessionObjects_Create(
+ NSSCKFWToken *fwToken,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_RV *pError)
{
- NSSArena *arena;
- nssCKMDFindSessionObjects *mdfso;
- nssCKFWHash *hash;
- NSSCKMDFindObjects *rv;
+ NSSArena *arena;
+ nssCKMDFindSessionObjects *mdfso;
+ nssCKFWHash *hash;
+ NSSCKMDFindObjects *rv;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKMDFindObjects *)NULL;
- }
+ if (!pError) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKMDFindObjects *)NULL;
+ }
#endif /* NSSDEBUG */
- *pError = CKR_OK;
+ *pError = CKR_OK;
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if (!hash) {
- *pError= CKR_GENERAL_ERROR;
- return (NSSCKMDFindObjects *)NULL;
- }
+ hash = nssCKFWToken_GetSessionObjectHash(fwToken);
+ if (!hash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKMDFindObjects *)NULL;
+ }
- arena = NSSArena_Create();
- if (!arena) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDFindObjects *)NULL;
+ }
- mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
- if (!mdfso) {
- goto loser;
- }
+ mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
+ if (!mdfso) {
+ goto loser;
+ }
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if(rv == NULL) {
- goto loser;
- }
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if (rv == NULL) {
+ goto loser;
+ }
- mdfso->error = CKR_OK;
- mdfso->pTemplate = pTemplate;
- mdfso->ulCount = ulCount;
- mdfso->hash = hash;
+ mdfso->error = CKR_OK;
+ mdfso->pTemplate = pTemplate;
+ mdfso->ulCount = ulCount;
+ mdfso->hash = hash;
- nssCKFWHash_Iterate(hash, findfcn, mdfso);
+ nssCKFWHash_Iterate(hash, findfcn, mdfso);
- if( CKR_OK != mdfso->error ) {
- goto loser;
- }
+ if (CKR_OK != mdfso->error) {
+ goto loser;
+ }
- rv->etc = (void *)mdfso;
- rv->Final = nss_ckmdFindSessionObjects_Final;
- rv->Next = nss_ckmdFindSessionObjects_Next;
+ rv->etc = (void *)mdfso;
+ rv->Final = nss_ckmdFindSessionObjects_Final;
+ rv->Next = nss_ckmdFindSessionObjects_Next;
#ifdef DEBUG
- if( (*pError = nss_ckmdFindSessionObjects_add_pointer(rv)) != CKR_OK ) {
- goto loser;
- }
-#endif /* DEBUG */
- mdfso->arena = arena;
+ if ((*pError = nss_ckmdFindSessionObjects_add_pointer(rv)) != CKR_OK) {
+ goto loser;
+ }
+#endif /* DEBUG */
+ mdfso->arena = arena;
- return rv;
+ return rv;
loser:
- if (arena) {
- NSSArena_Destroy(arena);
- }
- if (*pError == CKR_OK) {
- *pError = CKR_HOST_MEMORY;
- }
- return NULL;
+ if (arena) {
+ NSSArena_Destroy(arena);
+ }
+ if (*pError == CKR_OK) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ return NULL;
}
static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
+nss_ckmdFindSessionObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
{
- nssCKMDFindSessionObjects *mdfso;
+ nssCKMDFindSessionObjects *mdfso;
#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return;
- }
+ if (CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects)) {
+ return;
+ }
#endif /* NSSDEBUG */
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
- if (mdfso->arena) NSSArena_Destroy(mdfso->arena);
+ mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
+ if (mdfso->arena)
+ NSSArena_Destroy(mdfso->arena);
#ifdef DEBUG
- (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
+ (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
#endif /* DEBUG */
- return;
+ return;
}
static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
+nss_ckmdFindSessionObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
{
- nssCKMDFindSessionObjects *mdfso;
- NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
+ nssCKMDFindSessionObjects *mdfso;
+ NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return (NSSCKMDObject *)NULL;
- }
+ if (CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects)) {
+ return (NSSCKMDObject *)NULL;
+ }
#endif /* NSSDEBUG */
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
+ mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
- while (!rv) {
- if( (struct nodeStr *)NULL == mdfso->list ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
+ while (!rv) {
+ if ((struct nodeStr *)NULL == mdfso->list) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
- if( nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject) ) {
- rv = mdfso->list->mdObject;
- }
+ if (nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject)) {
+ rv = mdfso->list->mdObject;
+ }
- mdfso->list = mdfso->list->next;
- }
+ mdfso->list = mdfso->list->next;
+ }
- return rv;
+ return rv;
}
diff --git a/lib/ckfw/slot.c b/lib/ckfw/slot.c
index 658aedb65..fa3ffbced 100644
--- a/lib/ckfw/slot.c
+++ b/lib/ckfw/slot.c
@@ -46,35 +46,35 @@
*/
struct NSSCKFWSlotStr {
- NSSCKFWMutex *mutex;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_SLOT_ID slotID;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The fwToken points to the token currently in the slot, and
- * it is in a consistant state.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDSlot methods with the mutex locked. Those
- * methods may then call the public NSSCKFWSlot routines. Those
- * public routines only access the constant data above, so there's
- * no problem. But be careful if you add to this object; mutexes
- * are in general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *slotDescription;
- NSSUTF8 *manufacturerID;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
- NSSCKFWToken *fwToken;
+ NSSCKFWMutex *mutex;
+ NSSCKMDSlot *mdSlot;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+ CK_SLOT_ID slotID;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The fwToken points to the token currently in the slot, and
+ * it is in a consistant state.
+ *
+ * Note that the calls accessing the cached descriptions will
+ * call the NSSCKMDSlot methods with the mutex locked. Those
+ * methods may then call the public NSSCKFWSlot routines. Those
+ * public routines only access the constant data above, so there's
+ * no problem. But be careful if you add to this object; mutexes
+ * are in general not reentrant, so don't create deadlock situations.
+ */
+
+ NSSUTF8 *slotDescription;
+ NSSUTF8 *manufacturerID;
+ CK_VERSION hardwareVersion;
+ CK_VERSION firmwareVersion;
+ NSSCKFWToken *fwToken;
};
#ifdef DEBUG
@@ -90,30 +90,24 @@ struct NSSCKFWSlotStr {
*/
static CK_RV
-slot_add_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
+slot_add_pointer(
+ const NSSCKFWSlot *fwSlot)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-slot_remove_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
+slot_remove_pointer(
+ const NSSCKFWSlot *fwSlot)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWSlot_verifyPointer
-(
- const NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_verifyPointer(
+ const NSSCKFWSlot *fwSlot)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -123,86 +117,84 @@ nssCKFWSlot_verifyPointer
*
*/
NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-)
+nssCKFWSlot_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *mdSlot,
+ CK_SLOT_ID slotID,
+ CK_RV *pError)
{
- NSSCKFWSlot *fwSlot;
- NSSCKMDInstance *mdInstance;
- NSSArena *arena;
+ NSSCKFWSlot *fwSlot;
+ NSSCKMDInstance *mdInstance;
+ NSSArena *arena;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
+ if (!pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- if (!mdInstance) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
- arena = nssCKFWInstance_GetArena(fwInstance, pError);
- if (!arena) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+ if (!mdInstance) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWSlot *)NULL;
}
- }
- fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
- if (!fwSlot) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSlot *)NULL;
- }
+ arena = nssCKFWInstance_GetArena(fwInstance, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ }
- fwSlot->mdSlot = mdSlot;
- fwSlot->fwInstance = fwInstance;
- fwSlot->mdInstance = mdInstance;
- fwSlot->slotID = slotID;
+ fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
+ if (!fwSlot) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWSlot *)NULL;
+ }
- fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if (!fwSlot->mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ fwSlot->mdSlot = mdSlot;
+ fwSlot->fwInstance = fwInstance;
+ fwSlot->mdInstance = mdInstance;
+ fwSlot->slotID = slotID;
+
+ fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!fwSlot->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
}
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
- if (mdSlot->Initialize) {
- *pError = CKR_OK;
- *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
- if( CKR_OK != *pError ) {
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
+ if (mdSlot->Initialize) {
+ *pError = CKR_OK;
+ *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
+ if (CKR_OK != *pError) {
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
+ }
}
- }
#ifdef DEBUG
- *pError = slot_add_pointer(fwSlot);
- if( CKR_OK != *pError ) {
- if (mdSlot->Destroy) {
- mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
+ *pError = slot_add_pointer(fwSlot);
+ if (CKR_OK != *pError) {
+ if (mdSlot->Destroy) {
+ mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
+ }
+
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
}
-
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
#endif /* DEBUG */
- return fwSlot;
+ return fwSlot;
}
/*
@@ -210,35 +202,33 @@ nssCKFWSlot_Create
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_Destroy(
+ NSSCKFWSlot *fwSlot)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- if (fwSlot->fwToken) {
- nssCKFWToken_Destroy(fwSlot->fwToken);
- }
+ if (fwSlot->fwToken) {
+ nssCKFWToken_Destroy(fwSlot->fwToken);
+ }
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- if (fwSlot->mdSlot->Destroy) {
- fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
- }
+ if (fwSlot->mdSlot->Destroy) {
+ fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
+ }
#ifdef DEBUG
- error = slot_remove_pointer(fwSlot);
+ error = slot_remove_pointer(fwSlot);
#endif /* DEBUG */
- (void)nss_ZFreeIf(fwSlot);
- return error;
+ (void)nss_ZFreeIf(fwSlot);
+ return error;
}
/*
@@ -246,18 +236,16 @@ nssCKFWSlot_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDSlot *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSlot->mdSlot;
+ return fwSlot->mdSlot;
}
/*
@@ -266,18 +254,16 @@ nssCKFWSlot_GetMDSlot
*/
NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKFWInstance *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSlot->fwInstance;
+ return fwSlot->fwInstance;
}
/*
@@ -286,18 +272,16 @@ nssCKFWSlot_GetFWInstance
*/
NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDInstance *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwSlot->mdInstance;
+ return fwSlot->mdInstance;
}
/*
@@ -305,18 +289,16 @@ nssCKFWSlot_GetMDInstance
*
*/
NSS_IMPLEMENT CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (CK_SLOT_ID)0;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (CK_SLOT_ID)0;
+ }
#endif /* NSSDEBUG */
- return fwSlot->slotID;
+ return fwSlot->slotID;
}
/*
@@ -324,49 +306,48 @@ nssCKFWSlot_GetSlotID
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-)
+nssCKFWSlot_GetSlotDescription(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR slotDescription[64])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == slotDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == slotDescription) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if (!fwSlot->slotDescription) {
- if (fwSlot->mdSlot->GetSlotDescription) {
- fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if ((!fwSlot->slotDescription) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwSlot->slotDescription = (NSSUTF8 *) "";
+ error = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSlot->slotDescription) {
+ if (fwSlot->mdSlot->GetSlotDescription) {
+ fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
+ fwSlot->fwInstance, &error);
+ if ((!fwSlot->slotDescription) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwSlot->slotDescription = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return error;
}
/*
@@ -374,49 +355,48 @@ nssCKFWSlot_GetSlotDescription
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-)
+nssCKFWSlot_GetManufacturerID(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR manufacturerID[32])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if (!fwSlot->manufacturerID) {
- if (fwSlot->mdSlot->GetManufacturerID) {
- fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if ((!fwSlot->manufacturerID) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwSlot->manufacturerID = (NSSUTF8 *) "";
+ error = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSlot->manufacturerID) {
+ if (fwSlot->mdSlot->GetManufacturerID) {
+ fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
+ fwSlot->fwInstance, &error);
+ if ((!fwSlot->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwSlot->manufacturerID = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return error;
}
/*
@@ -424,23 +404,21 @@ nssCKFWSlot_GetManufacturerID
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetTokenPresent(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwSlot->mdSlot->GetTokenPresent) {
- return CK_TRUE;
- }
+ if (!fwSlot->mdSlot->GetTokenPresent) {
+ return CK_TRUE;
+ }
- return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
+ return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
}
/*
@@ -448,23 +426,21 @@ nssCKFWSlot_GetTokenPresent
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetRemovableDevice(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwSlot->mdSlot->GetRemovableDevice) {
- return CK_FALSE;
- }
+ if (!fwSlot->mdSlot->GetRemovableDevice) {
+ return CK_FALSE;
+ }
- return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
+ return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
}
/*
@@ -472,23 +448,21 @@ nssCKFWSlot_GetRemovableDevice
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetHardwareSlot(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwSlot->mdSlot->GetHardwareSlot) {
- return CK_FALSE;
- }
+ if (!fwSlot->mdSlot->GetHardwareSlot) {
+ return CK_FALSE;
+ }
- return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
+ return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
}
/*
@@ -496,43 +470,42 @@ nssCKFWSlot_GetHardwareSlot
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetHardwareVersion(
+ NSSCKFWSlot *fwSlot)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwSlot->hardwareVersion.major) ||
+ (0 != fwSlot->hardwareVersion.minor)) {
+ rv = fwSlot->hardwareVersion;
+ goto done;
+ }
+
+ if (fwSlot->mdSlot->GetHardwareVersion) {
+ fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
+ }
+ else {
+ fwSlot->hardwareVersion.major = 0;
+ fwSlot->hardwareVersion.minor = 1;
+ }
- if( (0 != fwSlot->hardwareVersion.major) ||
- (0 != fwSlot->hardwareVersion.minor) ) {
rv = fwSlot->hardwareVersion;
- goto done;
- }
-
- if (fwSlot->mdSlot->GetHardwareVersion) {
- fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->hardwareVersion.major = 0;
- fwSlot->hardwareVersion.minor = 1;
- }
-
- rv = fwSlot->hardwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return rv;
}
/*
@@ -540,100 +513,98 @@ nssCKFWSlot_GetHardwareVersion
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_GetFirmwareVersion(
+ NSSCKFWSlot *fwSlot)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwSlot->firmwareVersion.major) ||
+ (0 != fwSlot->firmwareVersion.minor)) {
+ rv = fwSlot->firmwareVersion;
+ goto done;
+ }
+
+ if (fwSlot->mdSlot->GetFirmwareVersion) {
+ fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
+ }
+ else {
+ fwSlot->firmwareVersion.major = 0;
+ fwSlot->firmwareVersion.minor = 1;
+ }
- if( (0 != fwSlot->firmwareVersion.major) ||
- (0 != fwSlot->firmwareVersion.minor) ) {
rv = fwSlot->firmwareVersion;
- goto done;
- }
-
- if (fwSlot->mdSlot->GetFirmwareVersion) {
- fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->firmwareVersion.major = 0;
- fwSlot->firmwareVersion.minor = 1;
- }
-
- rv = fwSlot->firmwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return rv;
}
/*
* nssCKFWSlot_GetToken
- *
+ *
*/
NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-)
+nssCKFWSlot_GetToken(
+ NSSCKFWSlot *fwSlot,
+ CK_RV *pError)
{
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWToken *)NULL;
- }
-
- *pError = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWToken *)NULL;
+ }
- if (!fwSlot->fwToken) {
- if (!fwSlot->mdSlot->GetToken) {
- *pError = CKR_GENERAL_ERROR;
- fwToken = (NSSCKFWToken *)NULL;
- goto done;
+ *pError = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWToken *)NULL;
}
+#endif /* NSSDEBUG */
- mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance, pError);
- if (!mdToken) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWToken *)NULL;
+ *pError = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWToken *)NULL;
}
- fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
- fwSlot->fwToken = fwToken;
- } else {
- fwToken = fwSlot->fwToken;
- }
+ if (!fwSlot->fwToken) {
+ if (!fwSlot->mdSlot->GetToken) {
+ *pError = CKR_GENERAL_ERROR;
+ fwToken = (NSSCKFWToken *)NULL;
+ goto done;
+ }
+
+ mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance, pError);
+ if (!mdToken) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWToken *)NULL;
+ }
+
+ fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
+ fwSlot->fwToken = fwToken;
+ }
+ else {
+ fwToken = fwSlot->fwToken;
+ }
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return fwToken;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return fwToken;
}
/*
@@ -641,25 +612,23 @@ nssCKFWSlot_GetToken
*
*/
NSS_IMPLEMENT void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-)
+nssCKFWSlot_ClearToken(
+ NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- /* Now what? */
- return;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ /* Now what? */
+ return;
+ }
- fwSlot->fwToken = (NSSCKFWToken *)NULL;
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return;
+ fwSlot->fwToken = (NSSCKFWToken *)NULL;
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return;
}
/*
@@ -668,18 +637,16 @@ nssCKFWSlot_ClearToken
*/
NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
+NSSCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDSlot *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSlot_GetMDSlot(fwSlot);
+ return nssCKFWSlot_GetMDSlot(fwSlot);
}
/*
@@ -688,18 +655,16 @@ NSSCKFWSlot_GetMDSlot
*/
NSS_IMPLEMENT NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
+NSSCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKFWInstance *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSlot_GetFWInstance(fwSlot);
+ return nssCKFWSlot_GetFWInstance(fwSlot);
}
/*
@@ -708,16 +673,14 @@ NSSCKFWSlot_GetFWInstance
*/
NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
+NSSCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDInstance *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWSlot_GetMDInstance(fwSlot);
+ return nssCKFWSlot_GetMDInstance(fwSlot);
}
diff --git a/lib/ckfw/token.c b/lib/ckfw/token.c
index 4a9757643..d8d37fc8d 100644
--- a/lib/ckfw/token.c
+++ b/lib/ckfw/token.c
@@ -75,49 +75,49 @@
*/
struct NSSCKFWTokenStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDToken *mdToken;
- NSSCKFWSlot *fwSlot;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session counts and hashes are consistant.
- *
- * 3) The object hashes are consistant.
- *
- * Note that the calls accessing the cached descriptions will call
- * the NSSCKMDToken methods with the mutex locked. Those methods
- * may then call the public NSSCKFWToken routines. Those public
- * routines only access the constant data above and the atomic
- * CK_STATE session state variable below, so there's no problem.
- * But be careful if you add to this object; mutexes are in
- * general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *label;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *model;
- NSSUTF8 *serialNumber;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
-
- CK_ULONG sessionCount;
- CK_ULONG rwSessionCount;
- nssCKFWHash *sessions;
- nssCKFWHash *sessionObjectHash;
- nssCKFWHash *mdObjectHash;
- nssCKFWHash *mdMechanismHash;
-
- CK_STATE state;
+ NSSCKFWMutex *mutex;
+ NSSArena *arena;
+ NSSCKMDToken *mdToken;
+ NSSCKFWSlot *fwSlot;
+ NSSCKMDSlot *mdSlot;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The session counts and hashes are consistant.
+ *
+ * 3) The object hashes are consistant.
+ *
+ * Note that the calls accessing the cached descriptions will call
+ * the NSSCKMDToken methods with the mutex locked. Those methods
+ * may then call the public NSSCKFWToken routines. Those public
+ * routines only access the constant data above and the atomic
+ * CK_STATE session state variable below, so there's no problem.
+ * But be careful if you add to this object; mutexes are in
+ * general not reentrant, so don't create deadlock situations.
+ */
+
+ NSSUTF8 *label;
+ NSSUTF8 *manufacturerID;
+ NSSUTF8 *model;
+ NSSUTF8 *serialNumber;
+ CK_VERSION hardwareVersion;
+ CK_VERSION firmwareVersion;
+
+ CK_ULONG sessionCount;
+ CK_ULONG rwSessionCount;
+ nssCKFWHash *sessions;
+ nssCKFWHash *sessionObjectHash;
+ nssCKFWHash *mdObjectHash;
+ nssCKFWHash *mdMechanismHash;
+
+ CK_STATE state;
};
#ifdef DEBUG
@@ -133,30 +133,24 @@ struct NSSCKFWTokenStr {
*/
static CK_RV
-token_add_pointer
-(
- const NSSCKFWToken *fwToken
-)
+token_add_pointer(
+ const NSSCKFWToken *fwToken)
{
- return CKR_OK;
+ return CKR_OK;
}
static CK_RV
-token_remove_pointer
-(
- const NSSCKFWToken *fwToken
-)
+token_remove_pointer(
+ const NSSCKFWToken *fwToken)
{
- return CKR_OK;
+ return CKR_OK;
}
NSS_IMPLEMENT CK_RV
-nssCKFWToken_verifyPointer
-(
- const NSSCKFWToken *fwToken
-)
+nssCKFWToken_verifyPointer(
+ const NSSCKFWToken *fwToken)
{
- return CKR_OK;
+ return CKR_OK;
}
#endif /* DEBUG */
@@ -166,154 +160,148 @@ nssCKFWToken_verifyPointer
*
*/
NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-)
+nssCKFWToken_Create(
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDToken *mdToken,
+ CK_RV *pError)
{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_BBOOL called_setup = CK_FALSE;
-
- /*
- * We have already verified the arguments in nssCKFWSlot_GetToken.
- */
-
- arena = NSSArena_Create();
- if (!arena) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken = nss_ZNEW(arena, NSSCKFWToken);
- if (!fwToken) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken->arena = arena;
- fwToken->mdToken = mdToken;
- fwToken->fwSlot = fwSlot;
- fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
-
- fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
- if (!fwToken->mutex) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
- if (!fwToken->sessions) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwToken->fwInstance) ) {
- fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if (!fwToken->sessionObjectHash) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
+ NSSArena *arena = (NSSArena *)NULL;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ CK_BBOOL called_setup = CK_FALSE;
+
+ /*
+ * We have already verified the arguments in nssCKFWSlot_GetToken.
+ */
+
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
}
- }
- fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if (!fwToken->mdObjectHash) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ fwToken = nss_ZNEW(arena, NSSCKFWToken);
+ if (!fwToken) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
}
- goto loser;
- }
- fwToken->mdMechanismHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if (!fwToken->mdMechanismHash) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ fwToken->arena = arena;
+ fwToken->mdToken = mdToken;
+ fwToken->fwSlot = fwSlot;
+ fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
+ fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ fwToken->sessionCount = 0;
+ fwToken->rwSessionCount = 0;
+
+ fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
+ if (!fwToken->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
}
- goto loser;
- }
- /* More here */
+ fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
+ if (!fwToken->sessions) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
- if (mdToken->Setup) {
- *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- if( CKR_OK != *pError ) {
- goto loser;
+ if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwToken->fwInstance)) {
+ fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->sessionObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
}
- }
- called_setup = CK_TRUE;
+ fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->mdObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ fwToken->mdMechanismHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->mdMechanismHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ /* More here */
+
+ if (mdToken->Setup) {
+ *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+ }
+
+ called_setup = CK_TRUE;
#ifdef DEBUG
- *pError = token_add_pointer(fwToken);
- if( CKR_OK != *pError ) {
- goto loser;
- }
+ *pError = token_add_pointer(fwToken);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
#endif /* DEBUG */
- *pError = CKR_OK;
- return fwToken;
+ *pError = CKR_OK;
+ return fwToken;
- loser:
+loser:
- if( CK_TRUE == called_setup ) {
- if (mdToken->Invalidate) {
- mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ if (CK_TRUE == called_setup) {
+ if (mdToken->Invalidate) {
+ mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ }
}
- }
- if (arena) {
- (void)NSSArena_Destroy(arena);
- }
+ if (arena) {
+ (void)NSSArena_Destroy(arena);
+ }
- return (NSSCKFWToken *)NULL;
+ return (NSSCKFWToken *)NULL;
}
static void
-nss_ckfwtoken_session_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
+nss_ckfwtoken_session_iterator(
+ const void *key,
+ void *value,
+ void *closure)
{
- /*
- * Remember that the fwToken->mutex is locked
- */
- NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- return;
+ /*
+ * Remember that the fwToken->mutex is locked
+ */
+ NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ return;
}
static void
-nss_ckfwtoken_object_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
+nss_ckfwtoken_object_iterator(
+ const void *key,
+ void *value,
+ void *closure)
{
- /*
- * Remember that the fwToken->mutex is locked
- */
- NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
- (void)nssCKFWObject_Finalize(fwObject, CK_FALSE);
- return;
+ /*
+ * Remember that the fwToken->mutex is locked
+ */
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
+ (void)nssCKFWObject_Finalize(fwObject, CK_FALSE);
+ return;
}
/*
@@ -321,56 +309,54 @@ nss_ckfwtoken_object_iterator
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_Destroy(
+ NSSCKFWToken *fwToken)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- (void)nssCKFWMutex_Destroy(fwToken->mutex);
-
- if (fwToken->mdToken->Invalidate) {
- fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
- }
- /* we can destroy the list without locking now because no one else is
- * referencing us (or _Destroy was invalidly called!)
- */
- nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
- (void *)NULL);
- nssCKFWHash_Destroy(fwToken->sessions);
-
- /* session objects go away when their sessions are removed */
- if (fwToken->sessionObjectHash) {
- nssCKFWHash_Destroy(fwToken->sessionObjectHash);
- }
-
- /* free up the token objects */
- if (fwToken->mdObjectHash) {
- nssCKFWHash_Iterate(fwToken->mdObjectHash, nss_ckfwtoken_object_iterator,
- (void *)NULL);
- nssCKFWHash_Destroy(fwToken->mdObjectHash);
- }
- if (fwToken->mdMechanismHash) {
- nssCKFWHash_Destroy(fwToken->mdMechanismHash);
- }
-
- nssCKFWSlot_ClearToken(fwToken->fwSlot);
-
+ (void)nssCKFWMutex_Destroy(fwToken->mutex);
+
+ if (fwToken->mdToken->Invalidate) {
+ fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+ }
+ /* we can destroy the list without locking now because no one else is
+ * referencing us (or _Destroy was invalidly called!)
+ */
+ nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
+ (void *)NULL);
+ nssCKFWHash_Destroy(fwToken->sessions);
+
+ /* session objects go away when their sessions are removed */
+ if (fwToken->sessionObjectHash) {
+ nssCKFWHash_Destroy(fwToken->sessionObjectHash);
+ }
+
+ /* free up the token objects */
+ if (fwToken->mdObjectHash) {
+ nssCKFWHash_Iterate(fwToken->mdObjectHash, nss_ckfwtoken_object_iterator,
+ (void *)NULL);
+ nssCKFWHash_Destroy(fwToken->mdObjectHash);
+ }
+ if (fwToken->mdMechanismHash) {
+ nssCKFWHash_Destroy(fwToken->mdMechanismHash);
+ }
+
+ nssCKFWSlot_ClearToken(fwToken->fwSlot);
+
#ifdef DEBUG
- error = token_remove_pointer(fwToken);
+ error = token_remove_pointer(fwToken);
#endif /* DEBUG */
- (void)NSSArena_Destroy(fwToken->arena);
- return error;
+ (void)NSSArena_Destroy(fwToken->arena);
+ return error;
}
/*
@@ -378,18 +364,16 @@ nssCKFWToken_Destroy
*
*/
NSS_IMPLEMENT NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDToken *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->mdToken;
+ return fwToken->mdToken;
}
/*
@@ -397,24 +381,22 @@ nssCKFWToken_GetMDToken
*
*/
NSS_IMPLEMENT NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
+nssCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError)
{
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->arena;
+ return fwToken->arena;
}
/*
@@ -422,18 +404,16 @@ nssCKFWToken_GetArena
*
*/
NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKFWSlot *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->fwSlot;
+ return fwToken->fwSlot;
}
/*
@@ -441,18 +421,16 @@ nssCKFWToken_GetFWSlot
*
*/
NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDSlot *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->mdSlot;
+ return fwToken->mdSlot;
}
/*
@@ -460,29 +438,27 @@ nssCKFWToken_GetMDSlot
*
*/
NSS_IMPLEMENT CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKS_RO_PUBLIC_SESSION; /* whatever */
+ }
#endif /* NSSDEBUG */
- /*
- * BTW, do not lock the token in this method.
- */
+ /*
+ * BTW, do not lock the token in this method.
+ */
- /*
- * Theoretically, there is no state if there aren't any
- * sessions open. But then we'd need to worry about
- * reporting an error, etc. What the heck-- let's just
- * revert to CKR_RO_PUBLIC_SESSION as the "default."
- */
+ /*
+ * Theoretically, there is no state if there aren't any
+ * sessions open. But then we'd need to worry about
+ * reporting an error, etc. What the heck-- let's just
+ * revert to CKR_RO_PUBLIC_SESSION as the "default."
+ */
- return fwToken->state;
+ return fwToken->state;
}
/*
@@ -490,56 +466,55 @@ nssCKFWToken_GetSessionState
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-)
+nssCKFWToken_InitToken(
+ NSSCKFWToken *fwToken,
+ NSSItem *pin,
+ NSSUTF8 *label)
{
- CK_RV error;
+ CK_RV error;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return CKR_ARGUMENTS_BAD;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if( fwToken->sessionCount > 0 ) {
- error = CKR_SESSION_EXISTS;
- goto done;
- }
+ if (fwToken->sessionCount > 0) {
+ error = CKR_SESSION_EXISTS;
+ goto done;
+ }
- if (!fwToken->mdToken->InitToken) {
- error = CKR_DEVICE_ERROR;
- goto done;
- }
+ if (!fwToken->mdToken->InitToken) {
+ error = CKR_DEVICE_ERROR;
+ goto done;
+ }
- if (!pin) {
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- ; /* okay */
- } else {
- error = CKR_PIN_INCORRECT;
- goto done;
+ if (!pin) {
+ if (nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken)) {
+ ; /* okay */
+ }
+ else {
+ error = CKR_PIN_INCORRECT;
+ goto done;
+ }
}
- }
- if (!label) {
- label = (NSSUTF8 *) "";
- }
+ if (!label) {
+ label = (NSSUTF8 *)"";
+ }
- error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, pin, label);
+ error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, pin, label);
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
/*
@@ -547,48 +522,47 @@ nssCKFWToken_InitToken
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-)
+nssCKFWToken_GetLabel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR label[32])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == label ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == label) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwToken->label) {
- if (fwToken->mdToken->GetLabel) {
- fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if ((!fwToken->label) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwToken->label = (NSSUTF8 *) "";
+ if (!fwToken->label) {
+ if (fwToken->mdToken->GetLabel) {
+ fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->label) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwToken->label = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
/*
@@ -596,48 +570,47 @@ nssCKFWToken_GetLabel
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-)
+nssCKFWToken_GetManufacturerID(
+ NSSCKFWToken *fwToken,
+ CK_CHAR manufacturerID[32])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwToken->manufacturerID) {
- if (fwToken->mdToken->GetManufacturerID) {
- fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if ((!fwToken->manufacturerID) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwToken->manufacturerID = (NSSUTF8 *)"";
+ if (!fwToken->manufacturerID) {
+ if (fwToken->mdToken->GetManufacturerID) {
+ fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwToken->manufacturerID = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
/*
@@ -645,48 +618,47 @@ nssCKFWToken_GetManufacturerID
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-)
+nssCKFWToken_GetModel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR model[16])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == model ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == model) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwToken->model) {
- if (fwToken->mdToken->GetModel) {
- fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if ((!fwToken->model) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwToken->model = (NSSUTF8 *)"";
+ if (!fwToken->model) {
+ if (fwToken->mdToken->GetModel) {
+ fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->model) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwToken->model = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
/*
@@ -694,73 +666,69 @@ nssCKFWToken_GetModel
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-)
+nssCKFWToken_GetSerialNumber(
+ NSSCKFWToken *fwToken,
+ CK_CHAR serialNumber[16])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == serialNumber ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == serialNumber) {
+ return CKR_ARGUMENTS_BAD;
+ }
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if (!fwToken->serialNumber) {
- if (fwToken->mdToken->GetSerialNumber) {
- fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if ((!fwToken->serialNumber) && (CKR_OK != error)) {
- goto done;
- }
- } else {
- fwToken->serialNumber = (NSSUTF8 *)"";
+ if (!fwToken->serialNumber) {
+ if (fwToken->mdToken->GetSerialNumber) {
+ fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->serialNumber) && (CKR_OK != error)) {
+ goto done;
+ }
+ }
+ else {
+ fwToken->serialNumber = (NSSUTF8 *)"";
+ }
}
- }
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
- error = CKR_OK;
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
-
/*
* nssCKFWToken_GetHasRNG
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetHasRNG(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetHasRNG) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetHasRNG) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -768,23 +736,21 @@ nssCKFWToken_GetHasRNG
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetIsWriteProtected(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetIsWriteProtected) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetIsWriteProtected) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -792,23 +758,21 @@ nssCKFWToken_GetIsWriteProtected
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetLoginRequired(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetLoginRequired) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetLoginRequired) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -816,23 +780,21 @@ nssCKFWToken_GetLoginRequired
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetUserPinInitialized(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetUserPinInitialized) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetUserPinInitialized) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -840,23 +802,21 @@ nssCKFWToken_GetUserPinInitialized
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetRestoreKeyNotNeeded(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetRestoreKeyNotNeeded) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetRestoreKeyNotNeeded) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -864,23 +824,21 @@ nssCKFWToken_GetRestoreKeyNotNeeded
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetHasClockOnToken(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetHasClockOnToken) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetHasClockOnToken) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -888,23 +846,21 @@ nssCKFWToken_GetHasClockOnToken
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetHasProtectedAuthenticationPath(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetHasProtectedAuthenticationPath) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetHasProtectedAuthenticationPath) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -912,23 +868,21 @@ nssCKFWToken_GetHasProtectedAuthenticationPath
*
*/
NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetSupportsDualCryptoOperations(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetSupportsDualCryptoOperations) {
- return CK_FALSE;
- }
+ if (!fwToken->mdToken->GetSupportsDualCryptoOperations) {
+ return CK_FALSE;
+ }
- return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -936,23 +890,21 @@ nssCKFWToken_GetSupportsDualCryptoOperations
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMaxSessionCount(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMaxSessionCount) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetMaxSessionCount) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -960,23 +912,21 @@ nssCKFWToken_GetMaxSessionCount
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMaxRwSessionCount(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMaxRwSessionCount) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetMaxRwSessionCount) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -984,23 +934,21 @@ nssCKFWToken_GetMaxRwSessionCount
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMaxPinLen(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMaxPinLen) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetMaxPinLen) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1008,23 +956,21 @@ nssCKFWToken_GetMaxPinLen
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMinPinLen(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMinPinLen) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetMinPinLen) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1032,23 +978,21 @@ nssCKFWToken_GetMinPinLen
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetTotalPublicMemory(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetTotalPublicMemory) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetTotalPublicMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1056,23 +1000,21 @@ nssCKFWToken_GetTotalPublicMemory
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetFreePublicMemory(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetFreePublicMemory) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetFreePublicMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1080,23 +1022,21 @@ nssCKFWToken_GetFreePublicMemory
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetTotalPrivateMemory(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetTotalPrivateMemory) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetTotalPrivateMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1104,23 +1044,21 @@ nssCKFWToken_GetTotalPrivateMemory
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetFreePrivateMemory(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetFreePrivateMemory) {
- return CK_UNAVAILABLE_INFORMATION;
- }
+ if (!fwToken->mdToken->GetFreePrivateMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
- return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1128,44 +1066,43 @@ nssCKFWToken_GetFreePrivateMemory
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetHardwareVersion(
+ NSSCKFWToken *fwToken)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwToken->hardwareVersion.major) ||
+ (0 != fwToken->hardwareVersion.minor)) {
+ rv = fwToken->hardwareVersion;
+ goto done;
+ }
+
+ if (fwToken->mdToken->GetHardwareVersion) {
+ fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
+ fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ }
+ else {
+ fwToken->hardwareVersion.major = 0;
+ fwToken->hardwareVersion.minor = 1;
+ }
- if( (0 != fwToken->hardwareVersion.major) ||
- (0 != fwToken->hardwareVersion.minor) ) {
rv = fwToken->hardwareVersion;
- goto done;
- }
-
- if (fwToken->mdToken->GetHardwareVersion) {
- fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->hardwareVersion.major = 0;
- fwToken->hardwareVersion.minor = 1;
- }
-
- rv = fwToken->hardwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
}
/*
@@ -1173,44 +1110,43 @@ nssCKFWToken_GetHardwareVersion
*
*/
NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetFirmwareVersion(
+ NSSCKFWToken *fwToken)
{
- CK_VERSION rv;
+ CK_VERSION rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwToken->firmwareVersion.major) ||
+ (0 != fwToken->firmwareVersion.minor)) {
+ rv = fwToken->firmwareVersion;
+ goto done;
+ }
+
+ if (fwToken->mdToken->GetFirmwareVersion) {
+ fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
+ fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ }
+ else {
+ fwToken->firmwareVersion.major = 0;
+ fwToken->firmwareVersion.minor = 1;
+ }
- if( (0 != fwToken->firmwareVersion.major) ||
- (0 != fwToken->firmwareVersion.minor) ) {
rv = fwToken->firmwareVersion;
- goto done;
- }
-
- if (fwToken->mdToken->GetFirmwareVersion) {
- fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->firmwareVersion.major = 0;
- fwToken->firmwareVersion.minor = 1;
- }
-
- rv = fwToken->firmwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
}
/*
@@ -1218,86 +1154,96 @@ nssCKFWToken_GetFirmwareVersion
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-)
+nssCKFWToken_GetUTCTime(
+ NSSCKFWToken *fwToken,
+ CK_CHAR utcTime[16])
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
- if( (CK_CHAR_PTR)NULL == utcTime ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if ((CK_CHAR_PTR)NULL == utcTime) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* DEBUG */
- if( CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- /* return CKR_DEVICE_ERROR; */
- (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
- return CKR_OK;
- }
-
- if (!fwToken->mdToken->GetUTCTime) {
- /* It said it had one! */
- return CKR_GENERAL_ERROR;
- }
-
- error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, utcTime);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* Sanity-check the data */
- {
- /* Format is YYYYMMDDhhmmss00 */
- int i;
- int Y, M, D, h, m, s;
- static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
-
- for( i = 0; i < 16; i++ ) {
- if( (utcTime[i] < '0') || (utcTime[i] > '9') ) {
- goto badtime;
- }
+ if (CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken)) {
+ /* return CKR_DEVICE_ERROR; */
+ (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
+ return CKR_OK;
}
- Y = ((utcTime[ 0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
- ((utcTime[ 2] - '0') * 10) + (utcTime[ 3] - '0');
- M = ((utcTime[ 4] - '0') * 10) + (utcTime[ 5] - '0');
- D = ((utcTime[ 6] - '0') * 10) + (utcTime[ 7] - '0');
- h = ((utcTime[ 8] - '0') * 10) + (utcTime[ 9] - '0');
- m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
- s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
-
- if( (Y < 1990) || (Y > 3000) ) goto badtime; /* Y3K problem. heh heh heh */
- if( (M < 1) || (M > 12) ) goto badtime;
- if( (D < 1) || (D > 31) ) goto badtime;
-
- if( D > dims[M-1] ) goto badtime; /* per-month check */
- if( (2 == M) && (((Y%4)||!(Y%100))&&(Y%400)) && (D > 28) ) goto badtime; /* leap years */
+ if (!fwToken->mdToken->GetUTCTime) {
+ /* It said it had one! */
+ return CKR_GENERAL_ERROR;
+ }
- if( (h < 0) || (h > 23) ) goto badtime;
- if( (m < 0) || (m > 60) ) goto badtime;
- if( (s < 0) || (s > 61) ) goto badtime;
+ error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, utcTime);
+ if (CKR_OK != error) {
+ return error;
+ }
- /* 60m and 60 or 61s is only allowed for leap seconds. */
- if( (60 == m) || (s >= 60) ) {
- if( (23 != h) || (60 != m) || (s < 60) ) goto badtime;
- /* leap seconds can only happen on June 30 or Dec 31.. I think */
- /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
+ /* Sanity-check the data */
+ {
+ /* Format is YYYYMMDDhhmmss00 */
+ int i;
+ int Y, M, D, h, m, s;
+ static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
+
+ for (i = 0; i < 16; i++) {
+ if ((utcTime[i] < '0') || (utcTime[i] > '9')) {
+ goto badtime;
+ }
+ }
+
+ Y = ((utcTime[0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
+ ((utcTime[2] - '0') * 10) + (utcTime[3] - '0');
+ M = ((utcTime[4] - '0') * 10) + (utcTime[5] - '0');
+ D = ((utcTime[6] - '0') * 10) + (utcTime[7] - '0');
+ h = ((utcTime[8] - '0') * 10) + (utcTime[9] - '0');
+ m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
+ s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
+
+ if ((Y < 1990) || (Y > 3000))
+ goto badtime; /* Y3K problem. heh heh heh */
+ if ((M < 1) || (M > 12))
+ goto badtime;
+ if ((D < 1) || (D > 31))
+ goto badtime;
+
+ if (D > dims[M - 1])
+ goto badtime; /* per-month check */
+ if ((2 == M) && (((Y % 4) || !(Y %
+ 100)) &&
+ (Y % 400)) &&
+ (D > 28))
+ goto badtime; /* leap years */
+
+ if ((h < 0) || (h > 23))
+ goto badtime;
+ if ((m < 0) || (m > 60))
+ goto badtime;
+ if ((s < 0) || (s > 61))
+ goto badtime;
+
+ /* 60m and 60 or 61s is only allowed for leap seconds. */
+ if ((60 == m) || (s >= 60)) {
+ if ((23 != h) || (60 != m) || (s < 60))
+ goto badtime;
+ /* leap seconds can only happen on June 30 or Dec 31.. I think */
+ /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
+ }
}
- }
- return CKR_OK;
+ return CKR_OK;
- badtime:
- return CKR_GENERAL_ERROR;
+badtime:
+ return CKR_GENERAL_ERROR;
}
/*
@@ -1305,108 +1251,107 @@ nssCKFWToken_GetUTCTime
*
*/
NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
+nssCKFWToken_OpenSession(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError)
{
- NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
- NSSCKMDSession *mdSession;
+ NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
+ NSSCKMDSession *mdSession;
#ifdef NSSDEBUG
- if (!pError) {
- return (NSSCKFWSession *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- switch( rw ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSession *)NULL;
- }
+ if (!pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ switch (rw) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWSession *)NULL;
+ }
#endif /* NSSDEBUG */
- *pError = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
+ *pError = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
- if( CK_TRUE == rw ) {
- /* Read-write session desired */
- if( CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- goto done;
+ if (CK_TRUE == rw) {
+ /* Read-write session desired */
+ if (CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken)) {
+ *pError = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
}
- } else {
- /* Read-only session desired */
- if( CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken) ) {
- *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
- goto done;
+ else {
+ /* Read-only session desired */
+ if (CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken)) {
+ *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
+ goto done;
+ }
}
- }
- /* We could compare sesion counts to any limits we know of, I guess.. */
+ /* We could compare sesion counts to any limits we know of, I guess.. */
- if (!fwToken->mdToken->OpenSession) {
- /*
- * I'm not sure that the Module actually needs to implement
- * mdSessions -- the Framework can keep track of everything
- * needed, really. But I'll sort out that detail later..
- */
- *pError = CKR_GENERAL_ERROR;
- goto done;
- }
-
- fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
- if (!fwSession) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, fwSession,
- rw, pError);
- if (!mdSession) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
+ if (!fwToken->mdToken->OpenSession) {
+ /*
+ * I'm not sure that the Module actually needs to implement
+ * mdSessions -- the Framework can keep track of everything
+ * needed, really. But I'll sort out that detail later..
+ */
+ *pError = CKR_GENERAL_ERROR;
+ goto done;
}
- goto done;
- }
- *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
- if( CKR_OK != *pError ) {
- if (mdSession->Close) {
- mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
+ if (!fwSession) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto done;
}
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- goto done;
- }
- *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
- if( CKR_OK != *pError ) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- fwSession = (NSSCKFWSession *)NULL;
- goto done;
- }
+ mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, fwSession,
+ rw, pError);
+ if (!mdSession) {
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto done;
+ }
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return fwSession;
+ *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
+ if (CKR_OK != *pError) {
+ if (mdSession->Close) {
+ mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+ }
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
+ if (CKR_OK != *pError) {
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ fwSession = (NSSCKFWSession *)NULL;
+ goto done;
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return fwSession;
}
/*
@@ -1414,23 +1359,21 @@ nssCKFWToken_OpenSession
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMechanismCount(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return 0;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return 0;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMechanismCount) {
- return 0;
- }
+ if (!fwToken->mdToken->GetMechanismCount) {
+ return 0;
+ }
- return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
/*
@@ -1438,110 +1381,103 @@ nssCKFWToken_GetMechanismCount
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-)
+nssCKFWToken_GetMechanismTypes(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE types[])
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKR_ARGUMENTS_BAD;
+ }
- if (!types) {
- return CKR_ARGUMENTS_BAD;
- }
+ if (!types) {
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* NSSDEBUG */
- if (!fwToken->mdToken->GetMechanismTypes) {
- /*
- * This should only be called with a sufficiently-large
- * "types" array, which can only be done if GetMechanismCount
- * is implemented. If that's implemented (and returns nonzero),
- * then this should be too. So return an error.
- */
- return CKR_GENERAL_ERROR;
- }
+ if (!fwToken->mdToken->GetMechanismTypes) {
+ /*
+ * This should only be called with a sufficiently-large
+ * "types" array, which can only be done if GetMechanismCount
+ * is implemented. If that's implemented (and returns nonzero),
+ * then this should be too. So return an error.
+ */
+ return CKR_GENERAL_ERROR;
+ }
- return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, types);
+ return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, types);
}
-
/*
* nssCKFWToken_GetMechanism
*
*/
NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-)
+nssCKFWToken_GetMechanism(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
{
- NSSCKMDMechanism *mdMechanism;
- if (!fwToken->mdMechanismHash) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWMechanism *)NULL;
- }
-
- if (!fwToken->mdToken->GetMechanism) {
- /*
- * If we don't implement any GetMechanism function, then we must
- * not support any.
- */
- *pError = CKR_MECHANISM_INVALID;
- return (NSSCKFWMechanism *)NULL;
- }
-
- /* lookup in hash table */
- mdMechanism = fwToken->mdToken->GetMechanism(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, which, pError);
- if (!mdMechanism) {
- return (NSSCKFWMechanism *) NULL;
- }
- /* store in hash table */
- return nssCKFWMechanism_Create(mdMechanism, fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
+ NSSCKMDMechanism *mdMechanism;
+ if (!fwToken->mdMechanismHash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWMechanism *)NULL;
+ }
+
+ if (!fwToken->mdToken->GetMechanism) {
+ /*
+ * If we don't implement any GetMechanism function, then we must
+ * not support any.
+ */
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKFWMechanism *)NULL;
+ }
+
+ /* lookup in hash table */
+ mdMechanism = fwToken->mdToken->GetMechanism(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, which, pError);
+ if (!mdMechanism) {
+ return (NSSCKFWMechanism *)NULL;
+ }
+ /* store in hash table */
+ return nssCKFWMechanism_Create(mdMechanism, fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
}
NSS_IMPLEMENT CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-)
+nssCKFWToken_SetSessionState(
+ NSSCKFWToken *fwToken,
+ CK_STATE newState)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- switch( newState ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- break;
- default:
- return CKR_ARGUMENTS_BAD;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ switch (newState) {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_USER_FUNCTIONS:
+ case CKS_RW_SO_FUNCTIONS:
+ break;
+ default:
+ return CKR_ARGUMENTS_BAD;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- fwToken->state = newState;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return CKR_OK;
+ fwToken->state = newState;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return CKR_OK;
}
/*
@@ -1549,101 +1485,96 @@ nssCKFWToken_SetSessionState
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-)
+nssCKFWToken_RemoveSession(
+ NSSCKFWToken *fwToken,
+ NSSCKFWSession *fwSession)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- if( CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession) ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto done;
- }
+ if (CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession)) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto done;
+ }
- nssCKFWHash_Remove(fwToken->sessions, fwSession);
- fwToken->sessionCount--;
+ nssCKFWHash_Remove(fwToken->sessions, fwSession);
+ fwToken->sessionCount--;
- if( nssCKFWSession_IsRWSession(fwSession) ) {
- fwToken->rwSessionCount--;
- }
+ if (nssCKFWSession_IsRWSession(fwSession)) {
+ fwToken->rwSessionCount--;
+ }
- if( 0 == fwToken->sessionCount ) {
- fwToken->rwSessionCount = 0; /* sanity */
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- }
+ if (0 == fwToken->sessionCount) {
+ fwToken->rwSessionCount = 0; /* sanity */
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ }
- error = CKR_OK;
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
-
/*
* nssCKFWToken_CloseAllSessions
*
*/
NSS_IMPLEMENT CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_CloseAllSessions(
+ NSSCKFWToken *fwToken)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
#endif /* NSSDEBUG */
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
- nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
+ nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
- nssCKFWHash_Destroy(fwToken->sessions);
+ nssCKFWHash_Destroy(fwToken->sessions);
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
- if (!fwToken->sessions) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
+ fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
+ if (!fwToken->sessions) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ goto done;
}
- goto done;
- }
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ fwToken->sessionCount = 0;
+ fwToken->rwSessionCount = 0;
- error = CKR_OK;
+ error = CKR_OK;
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
}
/*
@@ -1651,26 +1582,24 @@ nssCKFWToken_CloseAllSessions
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetSessionCount(
+ NSSCKFWToken *fwToken)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
- rv = fwToken->sessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
+ rv = fwToken->sessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
}
/*
@@ -1678,26 +1607,24 @@ nssCKFWToken_GetSessionCount
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetRwSessionCount(
+ NSSCKFWToken *fwToken)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
- rv = fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
+ rv = fwToken->rwSessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
}
/*
@@ -1705,26 +1632,24 @@ nssCKFWToken_GetRwSessionCount
*
*/
NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetRoSessionCount(
+ NSSCKFWToken *fwToken)
{
- CK_ULONG rv;
+ CK_ULONG rv;
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
#endif /* NSSDEBUG */
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
- rv = fwToken->sessionCount - fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
+ rv = fwToken->sessionCount - fwToken->rwSessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
}
/*
@@ -1732,18 +1657,16 @@ nssCKFWToken_GetRoSessionCount
*
*/
NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetSessionObjectHash(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->sessionObjectHash;
+ return fwToken->sessionObjectHash;
}
/*
@@ -1751,18 +1674,16 @@ nssCKFWToken_GetSessionObjectHash
*
*/
NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetMDObjectHash(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->mdObjectHash;
+ return fwToken->mdObjectHash;
}
/*
@@ -1770,18 +1691,16 @@ nssCKFWToken_GetMDObjectHash
*
*/
NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-)
+nssCKFWToken_GetObjectHandleHash(
+ NSSCKFWToken *fwToken)
{
#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
#endif /* NSSDEBUG */
- return fwToken->mdObjectHash;
+ return fwToken->mdObjectHash;
}
/*
@@ -1790,18 +1709,16 @@ nssCKFWToken_GetObjectHandleHash
*/
NSS_IMPLEMENT NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
+NSSCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDToken *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWToken_GetMDToken(fwToken);
+ return nssCKFWToken_GetMDToken(fwToken);
}
/*
@@ -1810,24 +1727,22 @@ NSSCKFWToken_GetMDToken
*/
NSS_IMPLEMENT NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
+NSSCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError)
{
#ifdef DEBUG
- if (!pError) {
- return (NSSArena *)NULL;
- }
-
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSArena *)NULL;
- }
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSArena *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWToken_GetArena(fwToken, pError);
+ return nssCKFWToken_GetArena(fwToken, pError);
}
/*
@@ -1836,18 +1751,16 @@ NSSCKFWToken_GetArena
*/
NSS_IMPLEMENT NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
+NSSCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKFWSlot *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWToken_GetFWSlot(fwToken);
+ return nssCKFWToken_GetFWSlot(fwToken);
}
/*
@@ -1856,18 +1769,16 @@ NSSCKFWToken_GetFWSlot
*/
NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
+NSSCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDSlot *)NULL;
+ }
#endif /* DEBUG */
- return nssCKFWToken_GetMDSlot(fwToken);
+ return nssCKFWToken_GetMDSlot(fwToken);
}
/*
@@ -1876,16 +1787,14 @@ NSSCKFWToken_GetMDSlot
*/
NSS_IMPLEMENT CK_STATE
-NSSCKFWSession_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
+NSSCKFWSession_GetSessionState(
+ NSSCKFWToken *fwToken)
{
#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION;
- }
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKS_RO_PUBLIC_SESSION;
+ }
#endif /* DEBUG */
- return nssCKFWToken_GetSessionState(fwToken);
+ return nssCKFWToken_GetSessionState(fwToken);
}
diff --git a/lib/ckfw/wrap.c b/lib/ckfw/wrap.c
index 3a0b0df21..7a8d42f8e 100644
--- a/lib/ckfw/wrap.c
+++ b/lib/ckfw/wrap.c
@@ -92,41 +92,46 @@
/* figure out out locking semantics */
static CK_RV
nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- CryptokiLockingState *pLocking_state) {
- int functionCount = 0;
+ CryptokiLockingState *pLocking_state)
+{
+ int functionCount = 0;
- /* parsed according to (PKCS #11 Section 11.4) */
- /* no args, the degenerate version of case 1 */
- if (!pInitArgs) {
- *pLocking_state = SingleThreaded;
- return CKR_OK;
- }
+ /* parsed according to (PKCS #11 Section 11.4) */
+ /* no args, the degenerate version of case 1 */
+ if (!pInitArgs) {
+ *pLocking_state = SingleThreaded;
+ return CKR_OK;
+ }
- /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
- if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
- *pLocking_state = MultiThreaded;
- return CKR_OK;
- }
- if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
- if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
- if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
- if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
-
- /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
- * explicit case 1 */
- if (0 == functionCount) {
- *pLocking_state = SingleThreaded;
- return CKR_OK;
- }
-
- /* OS_LOCKING_OK is not set and functions have been supplied. Since
- * ckfw uses nssbase library which explicitly calls NSPR, and since
- * there is no way to reliably override these explicit calls to NSPR,
- * therefore we can't support applications which have their own threading
- * module. Return CKR_CANT_LOCK if they supplied the correct number of
- * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
- * fail the initialize */
- return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
+ /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
+ if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
+ *pLocking_state = MultiThreaded;
+ return CKR_OK;
+ }
+ if ((CK_CREATEMUTEX)NULL != pInitArgs->CreateMutex)
+ functionCount++;
+ if ((CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex)
+ functionCount++;
+ if ((CK_LOCKMUTEX)NULL != pInitArgs->LockMutex)
+ functionCount++;
+ if ((CK_UNLOCKMUTEX)NULL != pInitArgs->UnlockMutex)
+ functionCount++;
+
+ /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
+ * explicit case 1 */
+ if (0 == functionCount) {
+ *pLocking_state = SingleThreaded;
+ return CKR_OK;
+ }
+
+ /* OS_LOCKING_OK is not set and functions have been supplied. Since
+ * ckfw uses nssbase library which explicitly calls NSPR, and since
+ * there is no way to reliably override these explicit calls to NSPR,
+ * therefore we can't support applications which have their own threading
+ * module. Return CKR_CANT_LOCK if they supplied the correct number of
+ * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
+ * fail the initialize */
+ return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
}
static PRInt32 liveInstances;
@@ -136,60 +141,58 @@ static PRInt32 liveInstances;
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-)
+NSSCKFWC_Initialize(
+ NSSCKFWInstance **pFwInstance,
+ NSSCKMDInstance *mdInstance,
+ CK_VOID_PTR pInitArgs)
{
- CK_RV error = CKR_OK;
- CryptokiLockingState locking_state;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if (*pFwInstance) {
- error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
- goto loser;
- }
-
- if (!mdInstance) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
- if (!*pFwInstance) {
- goto loser;
- }
- PR_ATOMIC_INCREMENT(&liveInstances);
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CANT_LOCK:
- case CKR_CRYPTOKI_ALREADY_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NEED_TO_CREATE_THREADS:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CryptokiLockingState locking_state;
+
+ if ((NSSCKFWInstance **)NULL == pFwInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ if (*pFwInstance) {
+ error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ goto loser;
+ }
+
+ if (!mdInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ error = nssCKFW_GetThreadSafeState(pInitArgs, &locking_state);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
+ if (!*pFwInstance) {
+ goto loser;
+ }
+ PR_ATOMIC_INCREMENT(&liveInstances);
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CANT_LOCK:
+ case CKR_CRYPTOKI_ALREADY_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_NEED_TO_CREATE_THREADS:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -197,59 +200,57 @@ NSSCKFWC_Initialize
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-)
+NSSCKFWC_Finalize(
+ NSSCKFWInstance **pFwInstance)
{
- CK_RV error = CKR_OK;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if (!*pFwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- error = nssCKFWInstance_Destroy(*pFwInstance);
-
- /* In any case */
- *pFwInstance = (NSSCKFWInstance *)NULL;
-
- loser:
- switch( error ) {
- PRInt32 remainingInstances;
- case CKR_OK:
- remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
- if (!remainingInstances) {
- nssArena_Shutdown();
- }
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- /*
- * A thread's error stack is automatically destroyed when the thread
- * terminates or, for the primordial thread, by PR_Cleanup. On
- * Windows with MinGW, the thread private data destructor PR_Free
- * registered by this module is actually a thunk for PR_Free defined
- * in this module. When the thread that unloads this module terminates
- * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
- * module. Therefore we need to destroy the error stack before the
- * module is unloaded.
- */
- nss_DestroyErrorStack();
- return error;
+ CK_RV error = CKR_OK;
+
+ if ((NSSCKFWInstance **)NULL == pFwInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ if (!*pFwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ error = nssCKFWInstance_Destroy(*pFwInstance);
+
+ /* In any case */
+ *pFwInstance = (NSSCKFWInstance *)NULL;
+
+loser:
+ switch (error) {
+ PRInt32 remainingInstances;
+ case CKR_OK:
+ remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
+ if (!remainingInstances) {
+ nssArena_Shutdown();
+ }
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ /*
+ * A thread's error stack is automatically destroyed when the thread
+ * terminates or, for the primordial thread, by PR_Cleanup. On
+ * Windows with MinGW, the thread private data destructor PR_Free
+ * registered by this module is actually a thunk for PR_Free defined
+ * in this module. When the thread that unloads this module terminates
+ * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
+ * module. Therefore we need to destroy the error stack before the
+ * module is unloaded.
+ */
+ nss_DestroyErrorStack();
+ return error;
}
/*
@@ -257,57 +258,55 @@ NSSCKFWC_Finalize
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-)
+NSSCKFWC_GetInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_INFO_PTR pInfo)
{
- CK_RV error = CKR_OK;
+ CK_RV error = CKR_OK;
- if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
+ if ((CK_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
- /*
- * A purify error here means a caller error
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
+ /*
+ * A purify error here means a caller error
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
- pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
+ pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
- error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
+ error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
- pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
+ pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
- error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
+ error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
+ if (CKR_OK != error) {
+ goto loser;
+ }
- pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
+ pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
- return CKR_OK;
+ return CKR_OK;
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
- return error;
+ return error;
}
-
+
/*
* C_GetFunctionList is implemented entirely in the Module's file which
* includes the Framework API insert file. It requires no "actual"
@@ -319,179 +318,176 @@ NSSCKFWC_GetInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
+NSSCKFWC_GetSlotList(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- switch( tokenPresent ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
- *pulCount = nSlots;
- return CKR_OK;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
- if( *pulCount < nSlots ) {
- *pulCount = nSlots;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- } else {
- CK_ULONG i;
- *pulCount = nSlots;
-
- /*
- * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
- * just index one when we need it.
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ switch (tokenPresent) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulCount) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList) {
+ *pulCount = nSlots;
+ return CKR_OK;
+ }
+
+ /*
+ * A purify error here indicates caller error.
*/
+ (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
- for( i = 0; i < nSlots; i++ ) {
- pSlotList[i] = i+1;
+ if (*pulCount < nSlots) {
+ *pulCount = nSlots;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
}
+ else {
+ CK_ULONG i;
+ *pulCount = nSlots;
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ /*
+ * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
+ * just index one when we need it.
+ */
+
+ for (i = 0; i < nSlots; i++) {
+ pSlotList[i] = i + 1;
+ }
+
+ return CKR_OK;
+ }
+
+loser:
+ switch (error) {
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
-
+
/*
* NSSCKFWC_GetSlotInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
+NSSCKFWC_GetSlotInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- pInfo->flags |= CKF_TOKEN_PRESENT;
- }
-
- if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
- pInfo->flags |= CKF_REMOVABLE_DEVICE;
- }
-
- if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
- pInfo->flags |= CKF_HW_SLOT;
- }
-
- pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
- pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ if (nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ pInfo->flags |= CKF_TOKEN_PRESENT;
+ }
+
+ if (nssCKFWSlot_GetRemovableDevice(fwSlot)) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ }
+
+ if (nssCKFWSlot_GetHardwareSlot(fwSlot)) {
+ pInfo->flags |= CKF_HW_SLOT;
+ }
+
+ pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
+ pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ }
+
+ return error;
}
/*
@@ -499,156 +495,154 @@ NSSCKFWC_GetSlotInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
+NSSCKFWC_GetTokenInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetModel(fwToken, pInfo->model);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWToken_GetHasRNG(fwToken) ) {
- pInfo->flags |= CKF_RNG;
- }
-
- if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- pInfo->flags |= CKF_WRITE_PROTECTED;
- }
-
- if( nssCKFWToken_GetLoginRequired(fwToken) ) {
- pInfo->flags |= CKF_LOGIN_REQUIRED;
- }
-
- if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
- pInfo->flags |= CKF_USER_PIN_INITIALIZED;
- }
-
- if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
- pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
- }
-
- if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- pInfo->flags |= CKF_CLOCK_ON_TOKEN;
- }
-
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
- }
-
- if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
- pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
- }
-
- pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
- pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
- pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
- pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
- pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
- pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
- pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
- pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
- pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
- pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
- pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
- pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
-
- error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- if (fwToken)
- nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetModel(fwToken, pInfo->model);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ if (nssCKFWToken_GetHasRNG(fwToken)) {
+ pInfo->flags |= CKF_RNG;
+ }
+
+ if (nssCKFWToken_GetIsWriteProtected(fwToken)) {
+ pInfo->flags |= CKF_WRITE_PROTECTED;
+ }
+
+ if (nssCKFWToken_GetLoginRequired(fwToken)) {
+ pInfo->flags |= CKF_LOGIN_REQUIRED;
+ }
+
+ if (nssCKFWToken_GetUserPinInitialized(fwToken)) {
+ pInfo->flags |= CKF_USER_PIN_INITIALIZED;
+ }
+
+ if (nssCKFWToken_GetRestoreKeyNotNeeded(fwToken)) {
+ pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
+ }
+
+ if (nssCKFWToken_GetHasClockOnToken(fwToken)) {
+ pInfo->flags |= CKF_CLOCK_ON_TOKEN;
+ }
+
+ if (nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken)) {
+ pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
+ }
+
+ if (nssCKFWToken_GetSupportsDualCryptoOperations(fwToken)) {
+ pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
+ }
+
+ pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
+ pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
+ pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
+ pInfo->ulRwSessionCount = nssCKFWToken_GetRwSessionCount(fwToken);
+ pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
+ pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
+ pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
+ pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
+ pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
+ pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
+ pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
+ pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
+
+ error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -656,82 +650,80 @@ NSSCKFWC_GetTokenInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-)
+NSSCKFWC_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- CK_BBOOL block;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- CK_ULONG i;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( flags & ~CKF_DONT_BLOCK ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
- if (!fwSlot) {
- goto loser;
- }
-
- for( i = 0; i < nSlots; i++ ) {
- if( fwSlot == slots[i] ) {
- *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
- return CKR_OK;
- }
- }
-
- error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NO_EVENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ CK_BBOOL block;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ if (flags & ~CKF_DONT_BLOCK) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_VOID_PTR)CK_NULL_PTR != pReserved) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
+ if (!fwSlot) {
+ goto loser;
+ }
+
+ for (i = 0; i < nSlots; i++) {
+ if (fwSlot == slots[i]) {
+ *pSlot = (CK_SLOT_ID)(CK_ULONG)(i + 1);
+ return CKR_OK;
+ }
+ }
+
+ error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
+
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_NO_EVENT:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -739,113 +731,112 @@ NSSCKFWC_WaitForSlotEvent
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
+NSSCKFWC_GetMechanismList(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_ULONG count;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- count = nssCKFWToken_GetMechanismCount(fwToken);
-
- if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
- *pulCount = count;
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ CK_ULONG count;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulCount) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ count = nssCKFWToken_GetMechanismCount(fwToken);
+
+ if ((CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList) {
+ *pulCount = count;
+ return CKR_OK;
+ }
+
+ if (*pulCount < count) {
+ *pulCount = count;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
- if( *pulCount < count ) {
*pulCount = count;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
+ if (0 != count) {
+ error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
+ }
+ else {
+ error = CKR_OK;
+ }
- *pulCount = count;
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
- if( 0 != count ) {
- error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
- } else {
- error = CKR_OK;
- }
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
- if( CKR_OK == error ) {
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- if (fwToken)
- nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ return error;
}
/*
@@ -853,139 +844,137 @@ NSSCKFWC_GetMechanismList
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
+NSSCKFWC_GetMechanismInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
- pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
-
- if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
- pInfo->flags |= CKF_HW;
- }
- if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
- pInfo->flags |= CKF_ENCRYPT;
- }
- if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
- pInfo->flags |= CKF_DECRYPT;
- }
- if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
- pInfo->flags |= CKF_DIGEST;
- }
- if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
- pInfo->flags |= CKF_SIGN;
- }
- if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
- pInfo->flags |= CKF_SIGN_RECOVER;
- }
- if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
- pInfo->flags |= CKF_VERIFY;
- }
- if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
- pInfo->flags |= CKF_VERIFY_RECOVER;
- }
- if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
- pInfo->flags |= CKF_GENERATE;
- }
- if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
- pInfo->flags |= CKF_GENERATE_KEY_PAIR;
- }
- if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
- pInfo->flags |= CKF_WRAP;
- }
- if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
- pInfo->flags |= CKF_UNWRAP;
- }
- if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
- pInfo->flags |= CKF_DERIVE;
- }
- nssCKFWMechanism_Destroy(fwMechanism);
-
- return error;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- if (fwToken)
- nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ if ((CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
+ pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
+
+ if (nssCKFWMechanism_GetInHardware(fwMechanism, &error)) {
+ pInfo->flags |= CKF_HW;
+ }
+ if (nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error)) {
+ pInfo->flags |= CKF_ENCRYPT;
+ }
+ if (nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DECRYPT;
+ }
+ if (nssCKFWMechanism_GetCanDigest(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DIGEST;
+ }
+ if (nssCKFWMechanism_GetCanSign(fwMechanism, &error)) {
+ pInfo->flags |= CKF_SIGN;
+ }
+ if (nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error)) {
+ pInfo->flags |= CKF_SIGN_RECOVER;
+ }
+ if (nssCKFWMechanism_GetCanVerify(fwMechanism, &error)) {
+ pInfo->flags |= CKF_VERIFY;
+ }
+ if (nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error)) {
+ pInfo->flags |= CKF_VERIFY_RECOVER;
+ }
+ if (nssCKFWMechanism_GetCanGenerate(fwMechanism, &error)) {
+ pInfo->flags |= CKF_GENERATE;
+ }
+ if (nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error)) {
+ pInfo->flags |= CKF_GENERATE_KEY_PAIR;
+ }
+ if (nssCKFWMechanism_GetCanWrap(fwMechanism, &error)) {
+ pInfo->flags |= CKF_WRAP;
+ }
+ if (nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error)) {
+ pInfo->flags |= CKF_UNWRAP;
+ }
+ if (nssCKFWMechanism_GetCanDerive(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DERIVE;
+ }
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ return error;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -993,94 +982,92 @@ NSSCKFWC_GetMechanismInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
+NSSCKFWC_InitToken(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSItem pin;
- NSSUTF8 *label;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- label = (NSSUTF8 *)pLabel; /* identity conversion */
-
- error = nssCKFWToken_InitToken(fwToken, &pin, label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- if (fwToken)
- nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSItem pin;
+ NSSUTF8 *label;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ label = (NSSUTF8 *)pLabel; /* identity conversion */
+
+ error = nssCKFWToken_InitToken(fwToken, &pin, label);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_EXISTS:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1088,73 +1075,72 @@ NSSCKFWC_InitToken
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
+NSSCKFWC_InitPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_InitPIN(fwSession, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_SESSION_READ_ONLY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem pin, *arg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pPin) {
+ arg = (NSSItem *)NULL;
+ }
+ else {
+ arg = &pin;
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ }
+
+ error = nssCKFWSession_InitPIN(fwSession, arg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INVALID:
+ case CKR_PIN_LEN_RANGE:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1162,84 +1148,84 @@ NSSCKFWC_InitPIN
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
+NSSCKFWC_SetPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem oldPin, newPin, *oldArg, *newArg;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
- oldArg = (NSSItem *)NULL;
- } else {
- oldArg = &oldPin;
- oldPin.size = (PRUint32)ulOldLen;
- oldPin.data = (void *)pOldPin;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
- newArg = (NSSItem *)NULL;
- } else {
- newArg = &newPin;
- newPin.size = (PRUint32)ulNewLen;
- newPin.data = (void *)pNewPin;
- }
-
- error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem oldPin, newPin, *oldArg, *newArg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pOldPin) {
+ oldArg = (NSSItem *)NULL;
+ }
+ else {
+ oldArg = &oldPin;
+ oldPin.size = (PRUint32)ulOldLen;
+ oldPin.data = (void *)pOldPin;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pNewPin) {
+ newArg = (NSSItem *)NULL;
+ }
+ else {
+ newArg = &newPin;
+ newPin.size = (PRUint32)ulNewLen;
+ newPin.data = (void *)pNewPin;
+ }
+
+ error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_INVALID:
+ case CKR_PIN_LEN_RANGE:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1247,128 +1233,128 @@ NSSCKFWC_SetPIN
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
+NSSCKFWC_OpenSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWSession *fwSession;
- CK_BBOOL rw;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( flags & CKF_RW_SESSION ) {
- rw = CK_TRUE;
- } else {
- rw = CK_FALSE;
- }
-
- if( flags & CKF_SERIAL_SESSION ) {
- ;
- } else {
- error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
- goto loser;
- }
-
- if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phSession = (CK_SESSION_HANDLE)0;
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
- Notify, &error);
- if (!fwSession) {
- goto loser;
- }
-
- *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
- fwSession, &error);
- if( (CK_SESSION_HANDLE)0 == *phSession ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_COUNT:
- case CKR_SESSION_EXISTS:
- case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
- case CKR_SESSION_READ_WRITE_SO_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSCKFWSession *fwSession;
+ CK_BBOOL rw;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if (flags & CKF_RW_SESSION) {
+ rw = CK_TRUE;
+ }
+ else {
+ rw = CK_FALSE;
+ }
+
+ if (flags & CKF_SERIAL_SESSION) {
+ ;
+ }
+ else {
+ error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
+ goto loser;
+ }
+
+ if (flags & ~(CKF_RW_SESSION | CKF_SERIAL_SESSION)) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phSession = (CK_SESSION_HANDLE)0;
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
+ Notify, &error);
+ if (!fwSession) {
+ goto loser;
+ }
+
+ *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
+ fwSession, &error);
+ if ((CK_SESSION_HANDLE)0 == *phSession) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_COUNT:
+ case CKR_SESSION_EXISTS:
+ case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
+ case CKR_SESSION_READ_WRITE_SO_EXISTS:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_PRESENT:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1376,58 +1362,56 @@ NSSCKFWC_OpenSession
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+NSSCKFWC_CloseSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
- error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
+ error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1435,78 +1419,76 @@ NSSCKFWC_CloseSession
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-)
+NSSCKFWC_CloseAllSessions(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID)
{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- error = nssCKFWToken_CloseAllSessions(fwToken);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_CloseAllSessions(fwToken);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_PRESENT:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1514,80 +1496,78 @@ NSSCKFWC_CloseAllSessions
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
+NSSCKFWC_GetSessionInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
- pInfo->state = nssCKFWSession_GetSessionState(fwSession);
-
- if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
- pInfo->flags |= CKF_RW_SESSION;
- }
-
- pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
-
- pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
+ pInfo->state = nssCKFWSession_GetSessionState(fwSession);
+
+ if (CK_TRUE == nssCKFWSession_IsRWSession(fwSession)) {
+ pInfo->flags |= CKF_RW_SESSION;
+ }
+
+ pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
+
+ pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1595,88 +1575,86 @@ NSSCKFWC_GetSessionInfo
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
+NSSCKFWC_GetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- CK_ULONG len;
- NSSItem buf;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ CK_ULONG len;
+ NSSItem buf;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
+ if (((CK_ULONG)0 == len) && (CKR_OK != error)) {
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pOperationState) {
+ *pulOperationStateLen = len;
+ return CKR_OK;
+ }
+
+ if (*pulOperationStateLen < len) {
+ *pulOperationStateLen = len;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ buf.size = (PRUint32)*pulOperationStateLen;
+ buf.data = (void *)pOperationState;
*pulOperationStateLen = len;
+ error = nssCKFWSession_GetOperationState(fwSession, &buf);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
return CKR_OK;
- }
- if( *pulOperationStateLen < len ) {
- *pulOperationStateLen = len;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- buf.size = (PRUint32)*pulOperationStateLen;
- buf.data = (void *)pOperationState;
- *pulOperationStateLen = len;
- error = nssCKFWSession_GetOperationState(fwSession, &buf);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_STATE_UNSAVEABLE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_STATE_UNSAVEABLE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1684,100 +1662,100 @@ NSSCKFWC_GetOperationState
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
+NSSCKFWC_SetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *eKey;
- NSSCKFWObject *aKey;
- NSSItem state;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * We could loop through the buffer, to catch any purify errors
- * in a place with a "user error" note.
- */
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *eKey;
+ NSSCKFWObject *aKey;
+ NSSItem state;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pOperationState) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * We could loop through the buffer, to catch any purify errors
+ * in a place with a "user error" note.
+ */
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE)0 == hEncryptionKey) {
+ eKey = (NSSCKFWObject *)NULL;
+ }
+ else {
+ eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
+ if (!eKey) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+ }
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
- eKey = (NSSCKFWObject *)NULL;
- } else {
- eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
- if (!eKey) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
- aKey = (NSSCKFWObject *)NULL;
- } else {
- aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
- if (!aKey) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- state.data = pOperationState;
- state.size = ulOperationStateLen;
-
- error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_CHANGED:
- case CKR_KEY_NEEDED:
- case CKR_KEY_NOT_NEEDED:
- case CKR_SAVED_STATE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ if ((CK_OBJECT_HANDLE)0 == hAuthenticationKey) {
+ aKey = (NSSCKFWObject *)NULL;
+ }
+ else {
+ aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
+ if (!aKey) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+ }
+
+ state.data = pOperationState;
+ state.size = ulOperationStateLen;
+
+ error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_CHANGED:
+ case CKR_KEY_NEEDED:
+ case CKR_KEY_NOT_NEEDED:
+ case CKR_SAVED_STATE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1785,77 +1763,76 @@ NSSCKFWC_SetOperationState
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
+NSSCKFWC_Login(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_Login(fwSession, userType, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_EXPIRED:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY_EXISTS:
- case CKR_USER_ALREADY_LOGGED_IN:
- case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
- case CKR_USER_PIN_NOT_INITIALIZED:
- case CKR_USER_TOO_MANY_TYPES:
- case CKR_USER_TYPE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem pin, *arg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pPin) {
+ arg = (NSSItem *)NULL;
+ }
+ else {
+ arg = &pin;
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ }
+
+ error = nssCKFWSession_Login(fwSession, userType, arg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_EXPIRED:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY_EXISTS:
+ case CKR_USER_ALREADY_LOGGED_IN:
+ case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
+ case CKR_USER_PIN_NOT_INITIALIZED:
+ case CKR_USER_TOO_MANY_TYPES:
+ case CKR_USER_TYPE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1863,57 +1840,55 @@ NSSCKFWC_Login
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+NSSCKFWC_Logout(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Logout(fwSession);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Logout(fwSession);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -1921,85 +1896,83 @@ NSSCKFWC_Logout
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
+NSSCKFWC_CreateObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phObject = (CK_OBJECT_HANDLE)0;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
- fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
- ulCount, &error);
- if (!fwObject) {
- goto loser;
- }
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
- *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phObject ) {
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phObject = (CK_OBJECT_HANDLE)0;
+
+ fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
+ ulCount, &error);
+ if (!fwObject) {
+ goto loser;
+ }
+
+ *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+ if ((CK_OBJECT_HANDLE)0 == *phObject) {
+ nssCKFWObject_Destroy(fwObject);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2007,94 +1980,92 @@ NSSCKFWC_CreateObject
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
+NSSCKFWC_CopyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *fwNewObject;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phNewObject = (CK_OBJECT_HANDLE)0;
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if (!fwObject) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
- pTemplate, ulCount, &error);
- if (!fwNewObject) {
- goto loser;
- }
-
- *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
- fwNewObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
- nssCKFWObject_Destroy(fwNewObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwNewObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phNewObject = (CK_OBJECT_HANDLE)0;
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
+ pTemplate, ulCount, &error);
+ if (!fwNewObject) {
+ goto loser;
+ }
+
+ *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwNewObject, &error);
+ if ((CK_OBJECT_HANDLE)0 == *phNewObject) {
+ nssCKFWObject_Destroy(fwNewObject);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2102,65 +2073,63 @@ NSSCKFWC_CopyObject
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
+NSSCKFWC_DestroyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if (!fwObject) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
- nssCKFWObject_Destroy(fwObject);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
+ nssCKFWObject_Destroy(fwObject);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2168,77 +2137,75 @@ NSSCKFWC_DestroyObject
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
+NSSCKFWC_GetObjectSize(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if (!fwObject) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *pulSize = (CK_ULONG)0;
-
- *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
- if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_INFORMATION_SENSITIVE:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulSize) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *pulSize = (CK_ULONG)0;
+
+ *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
+ if (((CK_ULONG)0 == *pulSize) && (CKR_OK != error)) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_INFORMATION_SENSITIVE:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2246,229 +2213,236 @@ NSSCKFWC_GetObjectSize
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
+NSSCKFWC_GetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- CK_BBOOL sensitive = CK_FALSE;
- CK_BBOOL invalid = CK_FALSE;
- CK_BBOOL tooSmall = CK_FALSE;
- CK_ULONG i;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if (!fwObject) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- for( i = 0; i < ulCount; i++ ) {
- CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
- pTemplate[i].type, &error);
- if( (CK_ULONG)0 == size ) {
- switch( error ) {
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_OK:
- break;
- default:
- goto loser;
- }
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
- pTemplate[i].ulValueLen = size;
- } else {
- NSSItem it, *p;
-
- if( pTemplate[i].ulValueLen < size ) {
- tooSmall = CK_TRUE;
- continue;
- }
-
- it.size = (PRUint32)pTemplate[i].ulValueLen;
- it.data = (void *)pTemplate[i].pValue;
- p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
- (NSSArena *)NULL, &error);
- if (!p) {
- switch( error ) {
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ CK_BBOOL sensitive = CK_FALSE;
+ CK_BBOOL invalid = CK_FALSE;
+ CK_BBOOL tooSmall = CK_FALSE;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ for (i = 0; i < ulCount; i++) {
+ CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
+ pTemplate[i].type, &error);
+ if ((CK_ULONG)0 == size) {
+ switch (error) {
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_INFORMATION_SENSITIVE:
+ sensitive =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ invalid =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_OK:
+ break;
+ default:
+ goto loser;
+ }
+ }
+
+ if ((CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue) {
+ pTemplate[i].ulValueLen = size;
+ }
+ else {
+ NSSItem it, *p;
+
+ if (pTemplate[i].ulValueLen < size) {
+ tooSmall = CK_TRUE;
+ continue;
+ }
+
+ it.size = (PRUint32)pTemplate[i].ulValueLen;
+ it.data = (void *)pTemplate[i].pValue;
+ p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
+ (NSSArena *)NULL, &error);
+ if (!p) {
+ switch (error) {
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_INFORMATION_SENSITIVE:
+ sensitive =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ invalid =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ default:
+ goto loser;
+ }
+ }
+
+ pTemplate[i].ulValueLen = size;
+ }
+ }
+
+ if (sensitive) {
+ error = CKR_ATTRIBUTE_SENSITIVE;
+ goto loser;
+ }
+ else if (invalid) {
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+ else if (tooSmall) {
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
default:
- goto loser;
- }
- }
-
- pTemplate[i].ulValueLen = size;
- }
- }
-
- if( sensitive ) {
- error = CKR_ATTRIBUTE_SENSITIVE;
- goto loser;
- } else if( invalid ) {
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- goto loser;
- } else if( tooSmall ) {
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
-
+
/*
* NSSCKFWC_SetAttributeValue
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
+NSSCKFWC_SetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- CK_ULONG i;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if (!fwObject) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- for (i=0; i < ulCount; i++) {
- NSSItem value;
-
- value.data = pTemplate[i].pValue;
- value.size = pTemplate[i].ulValueLen;
-
- error = nssCKFWObject_SetAttribute(fwObject, fwSession,
- pTemplate[i].type, &value);
-
- if( CKR_OK != error ) {
- goto loser;
- }
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ for (i = 0; i < ulCount; i++) {
+ NSSItem value;
+
+ value.data = pTemplate[i].pValue;
+ value.size = pTemplate[i].ulValueLen;
+
+ error = nssCKFWObject_SetAttribute(fwObject, fwSession,
+ pTemplate[i].type, &value);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2476,85 +2450,83 @@ NSSCKFWC_SetAttributeValue
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
+NSSCKFWC_FindObjectsInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if (fwFindObjects) {
- error = CKR_OPERATION_ACTIVE;
- goto loser;
- }
-
- if( CKR_OPERATION_NOT_INITIALIZED != error ) {
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
- pTemplate, ulCount, &error);
- if (!fwFindObjects) {
- goto loser;
- }
-
- error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
-
- if( CKR_OK != error ) {
- nssCKFWFindObjects_Destroy(fwFindObjects);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if (((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0)) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (fwFindObjects) {
+ error = CKR_OPERATION_ACTIVE;
+ goto loser;
+ }
+
+ if (CKR_OPERATION_NOT_INITIALIZED != error) {
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
+ pTemplate, ulCount, &error);
+ if (!fwFindObjects) {
+ goto loser;
+ }
+
+ error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
+
+ if (CKR_OK != error) {
+ nssCKFWFindObjects_Destroy(fwFindObjects);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2562,93 +2534,91 @@ NSSCKFWC_FindObjectsInit
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
+NSSCKFWC_FindObjects(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
- CK_ULONG i;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
- *pulObjectCount = (CK_ULONG)0;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if (!fwFindObjects) {
- goto loser;
- }
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
- for( i = 0; i < ulMaxObjectCount; i++ ) {
- NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
- NULL, &error);
- if (!fwObject) {
- break;
- }
-
- phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- }
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- /* This isn't right either, is it? */
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
- }
-
- *pulObjectCount = i;
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
+ *pulObjectCount = (CK_ULONG)0;
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (!fwFindObjects) {
+ goto loser;
+ }
+
+ for (i = 0; i < ulMaxObjectCount; i++) {
+ NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
+ NULL, &error);
+ if (!fwObject) {
+ break;
+ }
+
+ phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
+ if ((CK_OBJECT_HANDLE)0 == phObject[i]) {
+ phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+ }
+ if ((CK_OBJECT_HANDLE)0 == phObject[i]) {
+ /* This isn't right either, is it? */
+ nssCKFWObject_Destroy(fwObject);
+ goto loser;
+ }
+ }
+
+ *pulObjectCount = i;
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2656,67 +2626,65 @@ NSSCKFWC_FindObjects
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+NSSCKFWC_FindObjectsFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if (!fwFindObjects) {
- error = CKR_OPERATION_NOT_INITIALIZED;
- goto loser;
- }
-
- nssCKFWFindObjects_Destroy(fwFindObjects);
- error = nssCKFWSession_SetFWFindObjects(fwSession,
- (NSSCKFWFindObjects *)NULL);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (!fwFindObjects) {
+ error = CKR_OPERATION_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nssCKFWFindObjects_Destroy(fwFindObjects);
+ error = nssCKFWSession_SetFWFindObjects(fwSession,
+ (NSSCKFWFindObjects *)NULL);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -2724,97 +2692,95 @@ NSSCKFWC_FindObjectsFinal
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_EncryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
- fwSession, fwObject);
-
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -2822,64 +2788,62 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
+NSSCKFWC_Encrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_Encrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_INVALID:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_CLOSED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -2887,63 +2851,61 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
+NSSCKFWC_EncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Update(fwSession,
- NSSCKFWCryptoOperationType_Encrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Update(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -2951,61 +2913,59 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
+NSSCKFWC_EncryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Final(fwSession,
- NSSCKFWCryptoOperationType_Encrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pLastEncryptedPart, pulLastEncryptedPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pLastEncryptedPart, pulLastEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3013,97 +2973,95 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_DecryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
- fwSession, fwObject);
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3111,71 +3069,69 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
+NSSCKFWC_Decrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_Decrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_ENCRYPTED_DATA_INVALID:
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- case CKR_DATA_LEN_RANGE:
- error = CKR_ENCRYPTED_DATA_LEN_RANGE;
- break;
- case CKR_DATA_INVALID:
- error = CKR_ENCRYPTED_DATA_INVALID;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3183,71 +3139,69 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
+NSSCKFWC_DecryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Update(fwSession,
- NSSCKFWCryptoOperationType_Decrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Update(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_ENCRYPTED_DATA_INVALID:
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- case CKR_DATA_LEN_RANGE:
- error = CKR_ENCRYPTED_DATA_LEN_RANGE;
- break;
- case CKR_DATA_INVALID:
- error = CKR_ENCRYPTED_DATA_INVALID;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3255,69 +3209,67 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
+NSSCKFWC_DecryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Final(fwSession,
- NSSCKFWCryptoOperationType_Decrypt,
- NSSCKFWCryptoOperationState_EncryptDecrypt,
- pLastPart, pulLastPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pLastPart, pulLastPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_FAILED:
- case CKR_FUNCTION_CANCELED:
- case CKR_ENCRYPTED_DATA_INVALID:
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- case CKR_DATA_LEN_RANGE:
- error = CKR_ENCRYPTED_DATA_LEN_RANGE;
- break;
- case CKR_DATA_INVALID:
- error = CKR_ENCRYPTED_DATA_INVALID;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3325,85 +3277,83 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
+NSSCKFWC_DigestInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
-
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3411,62 +3361,60 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
+NSSCKFWC_Digest(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_Digest,
- NSSCKFWCryptoOperationState_Digest,
- pData, ulDataLen, pDigest, pulDigestLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pData, ulDataLen, pDigest, pulDigestLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3474,59 +3422,57 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-)
+NSSCKFWC_DigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_DigestUpdate(fwSession,
- NSSCKFWCryptoOperationType_Digest,
- NSSCKFWCryptoOperationState_Digest,
- pData, ulDataLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pData, ulDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3534,64 +3480,62 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_DigestKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_DigestKey(fwSession, fwObject);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestKey(fwSession, fwObject);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_INDIGESTIBLE:
- case CKR_KEY_SIZE_RANGE:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_INDIGESTIBLE:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3599,60 +3543,58 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
+NSSCKFWC_DigestFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Final(fwSession,
- NSSCKFWCryptoOperationType_Digest,
- NSSCKFWCryptoOperationState_Digest,
- pDigest, pulDigestLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pDigest, pulDigestLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3660,98 +3602,96 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_SignInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
- fwObject);
-
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3759,66 +3699,64 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
+NSSCKFWC_Sign(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_Sign,
- NSSCKFWCryptoOperationState_SignVerify,
- pData, ulDataLen, pSignature, pulSignatureLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_INVALID:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- case CKR_FUNCTION_REJECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_FUNCTION_REJECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3826,61 +3764,59 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
+NSSCKFWC_SignUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_DigestUpdate(fwSession,
- NSSCKFWCryptoOperationType_Sign,
- NSSCKFWCryptoOperationState_SignVerify,
- pPart, ulPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3888,63 +3824,61 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
+NSSCKFWC_SignFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Final(fwSession,
- NSSCKFWCryptoOperationType_Sign,
- NSSCKFWCryptoOperationState_SignVerify,
- pSignature, pulSignatureLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- case CKR_FUNCTION_REJECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_FUNCTION_REJECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -3952,98 +3886,96 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_SignRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
- fwObject);
-
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4051,65 +3983,63 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
+NSSCKFWC_SignRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_SignRecover,
- NSSCKFWCryptoOperationState_SignVerify,
- pData, ulDataLen, pSignature, pulSignatureLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_SignRecover,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_INVALID:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4117,98 +4047,96 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_VerifyInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
- fwObject);
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
- nssCKFWMechanism_Destroy(fwMechanism);
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4216,65 +4144,63 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
+NSSCKFWC_Verify(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_Verify,
- NSSCKFWCryptoOperationState_SignVerify,
- pData, ulDataLen, pSignature, &ulSignatureLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, &ulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_INVALID:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SIGNATURE_INVALID:
- case CKR_SIGNATURE_LEN_RANGE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4282,60 +4208,58 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
+NSSCKFWC_VerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_DigestUpdate(fwSession,
- NSSCKFWCryptoOperationType_Verify,
- NSSCKFWCryptoOperationState_SignVerify,
- pPart, ulPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4343,62 +4267,60 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
+NSSCKFWC_VerifyFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Final(fwSession,
- NSSCKFWCryptoOperationType_Verify,
- NSSCKFWCryptoOperationState_SignVerify,
- pSignature, &ulSignatureLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, &ulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SIGNATURE_INVALID:
- case CKR_SIGNATURE_LEN_RANGE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4406,98 +4328,96 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
+NSSCKFWC_VerifyRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
- fwSession, fwObject);
-
- nssCKFWMechanism_Destroy(fwMechanism);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_FUNCTION_NOT_PERMITTED:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_CLOSED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4505,64 +4425,62 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
+NSSCKFWC_VerifyRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateFinal(fwSession,
- NSSCKFWCryptoOperationType_VerifyRecover,
- NSSCKFWCryptoOperationState_SignVerify,
- pSignature, ulSignatureLen, pData, pulDataLen);
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_VerifyRecover,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, ulSignatureLen, pData, pulDataLen);
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_INVALID:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SIGNATURE_INVALID:
- case CKR_SIGNATURE_LEN_RANGE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4570,64 +4488,62 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
+NSSCKFWC_DigestEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateCombo(fwSession,
- NSSCKFWCryptoOperationType_Encrypt,
- NSSCKFWCryptoOperationType_Digest,
- NSSCKFWCryptoOperationState_Digest,
- pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4635,71 +4551,69 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
+NSSCKFWC_DecryptDigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateCombo(fwSession,
- NSSCKFWCryptoOperationType_Decrypt,
- NSSCKFWCryptoOperationType_Digest,
- NSSCKFWCryptoOperationState_Digest,
- pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_ENCRYPTED_DATA_INVALID:
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- case CKR_DATA_INVALID:
- error = CKR_ENCRYPTED_DATA_INVALID;
- break;
- case CKR_DATA_LEN_RANGE:
- error = CKR_ENCRYPTED_DATA_LEN_RANGE;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4707,65 +4621,63 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
+NSSCKFWC_SignEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateCombo(fwSession,
- NSSCKFWCryptoOperationType_Encrypt,
- NSSCKFWCryptoOperationType_Sign,
- NSSCKFWCryptoOperationState_SignVerify,
- pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4773,69 +4685,67 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
+NSSCKFWC_DecryptVerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_UpdateCombo(fwSession,
- NSSCKFWCryptoOperationType_Decrypt,
- NSSCKFWCryptoOperationType_Verify,
- NSSCKFWCryptoOperationState_SignVerify,
- pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DATA_LEN_RANGE:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_ENCRYPTED_DATA_INVALID:
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- case CKR_DATA_INVALID:
- error = CKR_ENCRYPTED_DATA_INVALID;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4843,106 +4753,104 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
+NSSCKFWC_GenerateKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- fwObject = nssCKFWMechanism_GenerateKey(
- fwMechanism,
- pMechanism,
- fwSession,
- pTemplate,
- ulCount,
- &error);
-
- nssCKFWMechanism_Destroy(fwMechanism);
- if (!fwObject) {
- goto loser;
- }
- *phKey= nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ fwObject = nssCKFWMechanism_GenerateKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ pTemplate,
+ ulCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -4950,121 +4858,119 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
+NSSCKFWC_GenerateKeyPair(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwPrivateKeyObject;
- NSSCKFWObject *fwPublicKeyObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- error= nssCKFWMechanism_GenerateKeyPair(
- fwMechanism,
- pMechanism,
- fwSession,
- pPublicKeyTemplate,
- ulPublicKeyAttributeCount,
- pPublicKeyTemplate,
- ulPublicKeyAttributeCount,
- &fwPublicKeyObject,
- &fwPrivateKeyObject);
-
- nssCKFWMechanism_Destroy(fwMechanism);
- if (CKR_OK != error) {
- goto loser;
- }
- *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
- fwPublicKeyObject,
- &error);
- if (CKR_OK != error) {
- goto loser;
- }
- *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
- fwPrivateKeyObject,
- &error);
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwPrivateKeyObject;
+ NSSCKFWObject *fwPublicKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_GenerateKeyPair(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ &fwPublicKeyObject,
+ &fwPrivateKeyObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwPublicKeyObject,
+ &error);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwPrivateKeyObject,
+ &error);
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_DOMAIN_PARAMS_INVALID:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -5072,153 +4978,150 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
+NSSCKFWC_WrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwKeyObject;
- NSSCKFWObject *fwWrappingKeyObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
- NSSItem wrappedKey;
- CK_ULONG wrappedKeyLength = 0;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
- hWrappingKey);
- if (!fwWrappingKeyObject) {
- error = CKR_WRAPPING_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
- if (!fwKeyObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- /*
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwKeyObject;
+ NSSCKFWObject *fwWrappingKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+ NSSItem wrappedKey;
+ CK_ULONG wrappedKeyLength = 0;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
+ hWrappingKey);
+ if (!fwWrappingKeyObject) {
+ error = CKR_WRAPPING_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwKeyObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ /*
* first get the length...
*/
- wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
- fwMechanism,
- pMechanism,
- fwSession,
- fwWrappingKeyObject,
- fwKeyObject,
- &error);
- if ((CK_ULONG) 0 == wrappedKeyLength) {
- nssCKFWMechanism_Destroy(fwMechanism);
- goto loser;
- }
- if ((CK_BYTE_PTR)NULL == pWrappedKey) {
- *pulWrappedKeyLen = wrappedKeyLength;
- nssCKFWMechanism_Destroy(fwMechanism);
- return CKR_OK;
- }
- if (wrappedKeyLength > *pulWrappedKeyLen) {
- *pulWrappedKeyLen = wrappedKeyLength;
+ wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ fwKeyObject,
+ &error);
+ if ((CK_ULONG)0 == wrappedKeyLength) {
+ nssCKFWMechanism_Destroy(fwMechanism);
+ goto loser;
+ }
+ if ((CK_BYTE_PTR)NULL == pWrappedKey) {
+ *pulWrappedKeyLen = wrappedKeyLength;
+ nssCKFWMechanism_Destroy(fwMechanism);
+ return CKR_OK;
+ }
+ if (wrappedKeyLength > *pulWrappedKeyLen) {
+ *pulWrappedKeyLen = wrappedKeyLength;
+ nssCKFWMechanism_Destroy(fwMechanism);
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ wrappedKey.data = pWrappedKey;
+ wrappedKey.size = wrappedKeyLength;
+
+ error = nssCKFWMechanism_WrapKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ fwKeyObject,
+ &wrappedKey);
+
nssCKFWMechanism_Destroy(fwMechanism);
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
-
- wrappedKey.data = pWrappedKey;
- wrappedKey.size = wrappedKeyLength;
-
- error = nssCKFWMechanism_WrapKey(
- fwMechanism,
- pMechanism,
- fwSession,
- fwWrappingKeyObject,
- fwKeyObject,
- &wrappedKey);
-
- nssCKFWMechanism_Destroy(fwMechanism);
- *pulWrappedKeyLen = wrappedKey.size;
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ *pulWrappedKeyLen = wrappedKey.size;
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_NOT_WRAPPABLE:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_UNEXTRACTABLE:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_WRAPPING_KEY_HANDLE_INVALID:
- case CKR_WRAPPING_KEY_SIZE_RANGE:
- case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
- break;
- case CKR_KEY_TYPE_INCONSISTENT:
- error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_NOT_WRAPPABLE:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_UNEXTRACTABLE:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_WRAPPING_KEY_HANDLE_INVALID:
+ case CKR_WRAPPING_KEY_SIZE_RANGE:
+ case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
+ break;
+ case CKR_KEY_TYPE_INCONSISTENT:
+ error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -5226,145 +5129,143 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
+NSSCKFWC_UnwrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *fwWrappingKeyObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
- NSSItem wrappedKey;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
- hUnwrappingKey);
- if (!fwWrappingKeyObject) {
- error = CKR_WRAPPING_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- wrappedKey.data = pWrappedKey;
- wrappedKey.size = ulWrappedKeyLen;
-
- fwObject = nssCKFWMechanism_UnwrapKey(
- fwMechanism,
- pMechanism,
- fwSession,
- fwWrappingKeyObject,
- &wrappedKey,
- pTemplate,
- ulAttributeCount,
- &error);
-
- nssCKFWMechanism_Destroy(fwMechanism);
- if (!fwObject) {
- goto loser;
- }
- *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwWrappingKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+ NSSItem wrappedKey;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
+ hUnwrappingKey);
+ if (!fwWrappingKeyObject) {
+ error = CKR_WRAPPING_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ wrappedKey.data = pWrappedKey;
+ wrappedKey.size = ulWrappedKeyLen;
+
+ fwObject = nssCKFWMechanism_UnwrapKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ &wrappedKey,
+ pTemplate,
+ ulAttributeCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_DOMAIN_PARAMS_INVALID:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
- case CKR_UNWRAPPING_KEY_SIZE_RANGE:
- case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
- case CKR_USER_NOT_LOGGED_IN:
- case CKR_WRAPPED_KEY_INVALID:
- case CKR_WRAPPED_KEY_LEN_RANGE:
- break;
- case CKR_KEY_HANDLE_INVALID:
- error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
- break;
- case CKR_KEY_SIZE_RANGE:
- error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
- break;
- case CKR_KEY_TYPE_INCONSISTENT:
- error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
- break;
- case CKR_ENCRYPTED_DATA_INVALID:
- error = CKR_WRAPPED_KEY_INVALID;
- break;
- case CKR_ENCRYPTED_DATA_LEN_RANGE:
- error = CKR_WRAPPED_KEY_LEN_RANGE;
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
+ case CKR_UNWRAPPING_KEY_SIZE_RANGE:
+ case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_WRAPPED_KEY_INVALID:
+ case CKR_WRAPPED_KEY_LEN_RANGE:
+ break;
+ case CKR_KEY_HANDLE_INVALID:
+ error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
+ break;
+ case CKR_KEY_SIZE_RANGE:
+ error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
+ break;
+ case CKR_KEY_TYPE_INCONSISTENT:
+ error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
+ break;
+ case CKR_ENCRYPTED_DATA_INVALID:
+ error = CKR_WRAPPED_KEY_INVALID;
+ break;
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ error = CKR_WRAPPED_KEY_LEN_RANGE;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -5372,119 +5273,117 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
+NSSCKFWC_DeriveKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *fwBaseKeyObject;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken;
- NSSCKFWMechanism *fwMechanism;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
- if (!fwBaseKeyObject) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if (!fwSlot) {
- error = CKR_GENERAL_ERROR; /* should never happen! */
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if (!fwToken) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
- if (!fwMechanism) {
- goto loser;
- }
-
- fwObject = nssCKFWMechanism_DeriveKey(
- fwMechanism,
- pMechanism,
- fwSession,
- fwBaseKeyObject,
- pTemplate,
- ulAttributeCount,
- &error);
-
- nssCKFWMechanism_Destroy(fwMechanism);
- if (!fwObject) {
- goto loser;
- }
- *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
-
- if (CKR_OK == error) {
- return CKR_OK;
- }
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwBaseKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
+ if (!fwBaseKeyObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ fwObject = nssCKFWMechanism_DeriveKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwBaseKeyObject,
+ pTemplate,
+ ulAttributeCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
loser:
- /* verify error */
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_DEVICE_REMOVED:
- case CKR_DOMAIN_PARAMS_INVALID:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_HANDLE_INVALID:
- case CKR_KEY_SIZE_RANGE:
- case CKR_KEY_TYPE_INCONSISTENT:
- case CKR_MECHANISM_INVALID:
- case CKR_MECHANISM_PARAM_INVALID:
- case CKR_OPERATION_ACTIVE:
- case CKR_PIN_EXPIRED:
- case CKR_SESSION_CLOSED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
- return error;
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
}
/*
@@ -5492,76 +5391,74 @@ loser:
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
+NSSCKFWC_SeedRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem seed;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /* We could read through the buffer in a Purify trap */
-
- seed.size = (PRUint32)ulSeedLen;
- seed.data = (void *)pSeed;
-
- error = nssCKFWSession_SeedRandom(fwSession, &seed);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_SEED_NOT_SUPPORTED:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem seed;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pSeed) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /* We could read through the buffer in a Purify trap */
+
+ seed.size = (PRUint32)ulSeedLen;
+ seed.data = (void *)pSeed;
+
+ error = nssCKFWSession_SeedRandom(fwSession, &seed);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_RANDOM_SEED_NOT_SUPPORTED:
+ case CKR_RANDOM_NO_RNG:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -5569,78 +5466,76 @@ NSSCKFWC_SeedRandom
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-)
+NSSCKFWC_GenerateRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData,
+ CK_ULONG ulRandomLen)
{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem buffer;
-
- if (!fwInstance) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if (!fwSession) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem buffer;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pRandomData) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
* A purify error here indicates caller error.
*/
- (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
-
- buffer.size = (PRUint32)ulRandomLen;
- buffer.data = (void *)pRandomData;
-
- error = nssCKFWSession_GetRandom(fwSession, &buffer);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ARGUMENTS_BAD:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
+ (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
+
+ buffer.size = (PRUint32)ulRandomLen;
+ buffer.data = (void *)pRandomData;
+
+ error = nssCKFWSession_GetRandom(fwSession, &buffer);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_RANDOM_NO_RNG:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
}
/*
@@ -5648,13 +5543,11 @@ NSSCKFWC_GenerateRandom
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+NSSCKFWC_GetFunctionStatus(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- return CKR_FUNCTION_NOT_PARALLEL;
+ return CKR_FUNCTION_NOT_PARALLEL;
}
/*
@@ -5662,11 +5555,9 @@ NSSCKFWC_GetFunctionStatus
*
*/
NSS_IMPLEMENT CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
+NSSCKFWC_CancelFunction(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
{
- return CKR_FUNCTION_NOT_PARALLEL;
+ return CKR_FUNCTION_NOT_PARALLEL;
}