1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
14 * The Original Code is the Netscape security libraries.
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
35 * ***** END LICENSE BLOCK ***** */
38 static const char CVS_ID[] = "@(#) $RCSfile: wrap.c,v $ $Revision: 1.20 $ $Date: 2010/04/03 18:27:29 $";
44 * This file contains the routines that actually implement the cryptoki
45 * API, using the internal APIs of the NSS Cryptoki Framework. There is
46 * one routine here for every cryptoki routine. For linking reasons
47 * the actual entry points passed back with C_GetFunctionList have to
48 * exist in one of the Module's source files; however, those are merely
49 * simple wrappers that call these routines. The intelligence of the
50 * implementations is here.
61 * -- NSSCKFWC_GetFunctionList -- see the API insert file
62 * NSSCKFWC_GetSlotList
63 * NSSCKFWC_GetSlotInfo
64 * NSSCKFWC_GetTokenInfo
65 * NSSCKFWC_WaitForSlotEvent
66 * NSSCKFWC_GetMechanismList
67 * NSSCKFWC_GetMechanismInfo
71 * NSSCKFWC_OpenSession
72 * NSSCKFWC_CloseSession
73 * NSSCKFWC_CloseAllSessions
74 * NSSCKFWC_GetSessionInfo
75 * NSSCKFWC_GetOperationState
76 * NSSCKFWC_SetOperationState
79 * NSSCKFWC_CreateObject
81 * NSSCKFWC_DestroyObject
82 * NSSCKFWC_GetObjectSize
83 * NSSCKFWC_GetAttributeValue
84 * NSSCKFWC_SetAttributeValue
85 * NSSCKFWC_FindObjectsInit
86 * NSSCKFWC_FindObjects
87 * NSSCKFWC_FindObjectsFinal
88 * NSSCKFWC_EncryptInit
90 * NSSCKFWC_EncryptUpdate
91 * NSSCKFWC_EncryptFinal
92 * NSSCKFWC_DecryptInit
94 * NSSCKFWC_DecryptUpdate
95 * NSSCKFWC_DecryptFinal
98 * NSSCKFWC_DigestUpdate
100 * NSSCKFWC_DigestFinal
103 * NSSCKFWC_SignUpdate
105 * NSSCKFWC_SignRecoverInit
106 * NSSCKFWC_SignRecover
107 * NSSCKFWC_VerifyInit
109 * NSSCKFWC_VerifyUpdate
110 * NSSCKFWC_VerifyFinal
111 * NSSCKFWC_VerifyRecoverInit
112 * NSSCKFWC_VerifyRecover
113 * NSSCKFWC_DigestEncryptUpdate
114 * NSSCKFWC_DecryptDigestUpdate
115 * NSSCKFWC_SignEncryptUpdate
116 * NSSCKFWC_DecryptVerifyUpdate
117 * NSSCKFWC_GenerateKey
118 * NSSCKFWC_GenerateKeyPair
122 * NSSCKFWC_SeedRandom
123 * NSSCKFWC_GenerateRandom
124 * NSSCKFWC_GetFunctionStatus
125 * NSSCKFWC_CancelFunction
128 /* figure out out locking semantics */
130 nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
131 CryptokiLockingState *pLocking_state) {
132 int functionCount = 0;
134 /* parsed according to (PKCS #11 Section 11.4) */
135 /* no args, the degenerate version of case 1 */
137 *pLocking_state = SingleThreaded;
141 /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
142 if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
143 *pLocking_state = MultiThreaded;
146 if ((CK_CREATEMUTEX) NULL != pInitArgs->CreateMutex) functionCount++;
147 if ((CK_DESTROYMUTEX) NULL != pInitArgs->DestroyMutex) functionCount++;
148 if ((CK_LOCKMUTEX) NULL != pInitArgs->LockMutex) functionCount++;
149 if ((CK_UNLOCKMUTEX) NULL != pInitArgs->UnlockMutex) functionCount++;
151 /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
153 if (0 == functionCount) {
154 *pLocking_state = SingleThreaded;
158 /* OS_LOCKING_OK is not set and functions have been supplied. Since
159 * ckfw uses nssbase library which explicitly calls NSPR, and since
160 * there is no way to reliably override these explicit calls to NSPR,
161 * therefore we can't support applications which have their own threading
162 * module. Return CKR_CANT_LOCK if they supplied the correct number of
163 * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
164 * fail the initialize */
165 return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
168 static PRInt32 liveInstances;
171 * NSSCKFWC_Initialize
177 NSSCKFWInstance **pFwInstance,
178 NSSCKMDInstance *mdInstance,
179 CK_VOID_PTR pInitArgs
182 CK_RV error = CKR_OK;
183 CryptokiLockingState locking_state;
185 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
186 error = CKR_GENERAL_ERROR;
191 error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
196 error = CKR_GENERAL_ERROR;
200 error = nssCKFW_GetThreadSafeState(pInitArgs,&locking_state);
201 if( CKR_OK != error ) {
205 *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
209 PR_ATOMIC_INCREMENT(&liveInstances);
214 case CKR_ARGUMENTS_BAD:
216 case CKR_CRYPTOKI_ALREADY_INITIALIZED:
217 case CKR_FUNCTION_FAILED:
218 case CKR_GENERAL_ERROR:
219 case CKR_HOST_MEMORY:
220 case CKR_NEED_TO_CREATE_THREADS:
224 error = CKR_GENERAL_ERROR;
238 NSSCKFWInstance **pFwInstance
241 CK_RV error = CKR_OK;
243 if( (NSSCKFWInstance **)NULL == pFwInstance ) {
244 error = CKR_GENERAL_ERROR;
249 error = CKR_CRYPTOKI_NOT_INITIALIZED;
253 error = nssCKFWInstance_Destroy(*pFwInstance);
256 *pFwInstance = (NSSCKFWInstance *)NULL;
260 PRInt32 remainingInstances;
262 remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
263 if (!remainingInstances) {
267 case CKR_CRYPTOKI_NOT_INITIALIZED:
268 case CKR_FUNCTION_FAILED:
269 case CKR_GENERAL_ERROR:
270 case CKR_HOST_MEMORY:
273 error = CKR_GENERAL_ERROR;
278 * A thread's error stack is automatically destroyed when the thread
279 * terminates or, for the primordial thread, by PR_Cleanup. On
280 * Windows with MinGW, the thread private data destructor PR_Free
281 * registered by this module is actually a thunk for PR_Free defined
282 * in this module. When the thread that unloads this module terminates
283 * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
284 * module. Therefore we need to destroy the error stack before the
285 * module is unloaded.
287 nss_DestroyErrorStack();
298 NSSCKFWInstance *fwInstance,
302 CK_RV error = CKR_OK;
304 if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
305 error = CKR_ARGUMENTS_BAD;
310 * A purify error here means a caller error
312 (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
314 pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
316 error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
317 if( CKR_OK != error ) {
321 pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
323 error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
324 if( CKR_OK != error ) {
328 pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
334 case CKR_CRYPTOKI_NOT_INITIALIZED:
335 case CKR_FUNCTION_FAILED:
336 case CKR_GENERAL_ERROR:
337 case CKR_HOST_MEMORY:
340 error = CKR_GENERAL_ERROR;
348 * C_GetFunctionList is implemented entirely in the Module's file which
349 * includes the Framework API insert file. It requires no "actual"
354 * NSSCKFWC_GetSlotList
360 NSSCKFWInstance *fwInstance,
361 CK_BBOOL tokenPresent,
362 CK_SLOT_ID_PTR pSlotList,
363 CK_ULONG_PTR pulCount
366 CK_RV error = CKR_OK;
370 error = CKR_CRYPTOKI_NOT_INITIALIZED;
374 switch( tokenPresent ) {
379 error = CKR_ARGUMENTS_BAD;
383 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
384 error = CKR_ARGUMENTS_BAD;
388 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
389 if( (CK_ULONG)0 == nSlots ) {
393 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
399 * A purify error here indicates caller error.
401 (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
403 if( *pulCount < nSlots ) {
405 error = CKR_BUFFER_TOO_SMALL;
412 * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
413 * just index one when we need it.
416 for( i = 0; i < nSlots; i++ ) {
425 case CKR_BUFFER_TOO_SMALL:
426 case CKR_CRYPTOKI_NOT_INITIALIZED:
427 case CKR_FUNCTION_FAILED:
428 case CKR_GENERAL_ERROR:
429 case CKR_HOST_MEMORY:
433 error = CKR_GENERAL_ERROR;
441 * NSSCKFWC_GetSlotInfo
447 NSSCKFWInstance *fwInstance,
449 CK_SLOT_INFO_PTR pInfo
452 CK_RV error = CKR_OK;
458 error = CKR_CRYPTOKI_NOT_INITIALIZED;
462 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
463 if( (CK_ULONG)0 == nSlots ) {
467 if( (slotID < 1) || (slotID > nSlots) ) {
468 error = CKR_SLOT_ID_INVALID;
472 if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
473 error = CKR_ARGUMENTS_BAD;
478 * A purify error here indicates caller error.
480 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
482 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
483 if( (NSSCKFWSlot **)NULL == slots ) {
487 fwSlot = slots[ slotID-1 ];
489 error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
490 if( CKR_OK != error ) {
494 error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
495 if( CKR_OK != error ) {
499 if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
500 pInfo->flags |= CKF_TOKEN_PRESENT;
503 if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
504 pInfo->flags |= CKF_REMOVABLE_DEVICE;
507 if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
508 pInfo->flags |= CKF_HW_SLOT;
511 pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
512 pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
518 case CKR_CRYPTOKI_NOT_INITIALIZED:
519 case CKR_DEVICE_ERROR:
520 case CKR_FUNCTION_FAILED:
521 case CKR_GENERAL_ERROR:
522 case CKR_HOST_MEMORY:
523 case CKR_SLOT_ID_INVALID:
527 error = CKR_GENERAL_ERROR;
534 * NSSCKFWC_GetTokenInfo
538 NSSCKFWC_GetTokenInfo
540 NSSCKFWInstance *fwInstance,
542 CK_TOKEN_INFO_PTR pInfo
545 CK_RV error = CKR_OK;
549 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
552 error = CKR_CRYPTOKI_NOT_INITIALIZED;
556 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
557 if( (CK_ULONG)0 == nSlots ) {
561 if( (slotID < 1) || (slotID > nSlots) ) {
562 error = CKR_SLOT_ID_INVALID;
566 if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
567 error = CKR_ARGUMENTS_BAD;
572 * A purify error here indicates caller error.
574 (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
576 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
577 if( (NSSCKFWSlot **)NULL == slots ) {
581 fwSlot = slots[ slotID-1 ];
583 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
584 error = CKR_TOKEN_NOT_PRESENT;
588 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
593 error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
594 if( CKR_OK != error ) {
598 error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
599 if( CKR_OK != error ) {
603 error = nssCKFWToken_GetModel(fwToken, pInfo->model);
604 if( CKR_OK != error ) {
608 error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
609 if( CKR_OK != error ) {
613 if( nssCKFWToken_GetHasRNG(fwToken) ) {
614 pInfo->flags |= CKF_RNG;
617 if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
618 pInfo->flags |= CKF_WRITE_PROTECTED;
621 if( nssCKFWToken_GetLoginRequired(fwToken) ) {
622 pInfo->flags |= CKF_LOGIN_REQUIRED;
625 if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
626 pInfo->flags |= CKF_USER_PIN_INITIALIZED;
629 if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
630 pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
633 if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
634 pInfo->flags |= CKF_CLOCK_ON_TOKEN;
637 if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
638 pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
641 if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
642 pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
645 pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
646 pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
647 pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
648 pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
649 pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
650 pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
651 pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
652 pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
653 pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
654 pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
655 pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
656 pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
658 error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
659 if( CKR_OK != error ) {
667 case CKR_DEVICE_REMOVED:
668 case CKR_TOKEN_NOT_PRESENT:
670 nssCKFWToken_Destroy(fwToken);
672 case CKR_CRYPTOKI_NOT_INITIALIZED:
673 case CKR_DEVICE_ERROR:
674 case CKR_DEVICE_MEMORY:
675 case CKR_FUNCTION_FAILED:
676 case CKR_GENERAL_ERROR:
677 case CKR_HOST_MEMORY:
678 case CKR_SLOT_ID_INVALID:
679 case CKR_TOKEN_NOT_RECOGNIZED:
683 error = CKR_GENERAL_ERROR;
691 * NSSCKFWC_WaitForSlotEvent
695 NSSCKFWC_WaitForSlotEvent
697 NSSCKFWInstance *fwInstance,
699 CK_SLOT_ID_PTR pSlot,
700 CK_VOID_PTR pReserved
703 CK_RV error = CKR_OK;
711 error = CKR_CRYPTOKI_NOT_INITIALIZED;
715 if( flags & ~CKF_DONT_BLOCK ) {
716 error = CKR_ARGUMENTS_BAD;
720 block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
722 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
723 if( (CK_ULONG)0 == nSlots ) {
727 if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
728 error = CKR_ARGUMENTS_BAD;
732 if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
733 error = CKR_ARGUMENTS_BAD;
737 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
738 if( (NSSCKFWSlot **)NULL == slots ) {
742 fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
747 for( i = 0; i < nSlots; i++ ) {
748 if( fwSlot == slots[i] ) {
749 *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
754 error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
758 case CKR_CRYPTOKI_NOT_INITIALIZED:
759 case CKR_FUNCTION_FAILED:
760 case CKR_GENERAL_ERROR:
761 case CKR_HOST_MEMORY:
766 error = CKR_GENERAL_ERROR;
774 * NSSCKFWC_GetMechanismList
778 NSSCKFWC_GetMechanismList
780 NSSCKFWInstance *fwInstance,
782 CK_MECHANISM_TYPE_PTR pMechanismList,
783 CK_ULONG_PTR pulCount
786 CK_RV error = CKR_OK;
790 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
794 error = CKR_CRYPTOKI_NOT_INITIALIZED;
798 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
799 if( (CK_ULONG)0 == nSlots ) {
803 if( (slotID < 1) || (slotID > nSlots) ) {
804 error = CKR_SLOT_ID_INVALID;
808 if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
809 error = CKR_ARGUMENTS_BAD;
813 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
814 if( (NSSCKFWSlot **)NULL == slots ) {
818 fwSlot = slots[ slotID-1 ];
820 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
821 error = CKR_TOKEN_NOT_PRESENT;
825 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
830 count = nssCKFWToken_GetMechanismCount(fwToken);
832 if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
837 if( *pulCount < count ) {
839 error = CKR_BUFFER_TOO_SMALL;
844 * A purify error here indicates caller error.
846 (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
851 error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
856 if( CKR_OK == error ) {
862 case CKR_DEVICE_REMOVED:
863 case CKR_TOKEN_NOT_PRESENT:
865 nssCKFWToken_Destroy(fwToken);
867 case CKR_ARGUMENTS_BAD:
868 case CKR_BUFFER_TOO_SMALL:
869 case CKR_CRYPTOKI_NOT_INITIALIZED:
870 case CKR_DEVICE_ERROR:
871 case CKR_DEVICE_MEMORY:
872 case CKR_FUNCTION_FAILED:
873 case CKR_GENERAL_ERROR:
874 case CKR_HOST_MEMORY:
875 case CKR_SLOT_ID_INVALID:
876 case CKR_TOKEN_NOT_RECOGNIZED:
880 error = CKR_GENERAL_ERROR;
888 * NSSCKFWC_GetMechanismInfo
892 NSSCKFWC_GetMechanismInfo
894 NSSCKFWInstance *fwInstance,
896 CK_MECHANISM_TYPE type,
897 CK_MECHANISM_INFO_PTR pInfo
900 CK_RV error = CKR_OK;
904 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
905 NSSCKFWMechanism *fwMechanism;
908 error = CKR_CRYPTOKI_NOT_INITIALIZED;
912 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
913 if( (CK_ULONG)0 == nSlots ) {
917 if( (slotID < 1) || (slotID > nSlots) ) {
918 error = CKR_SLOT_ID_INVALID;
922 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
923 if( (NSSCKFWSlot **)NULL == slots ) {
927 fwSlot = slots[ slotID-1 ];
929 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
930 error = CKR_TOKEN_NOT_PRESENT;
934 if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
935 error = CKR_ARGUMENTS_BAD;
940 * A purify error here indicates caller error.
942 (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
944 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
949 fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
954 pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
955 pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
957 if( nssCKFWMechanism_GetInHardware(fwMechanism, &error) ) {
958 pInfo->flags |= CKF_HW;
960 if( nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error) ) {
961 pInfo->flags |= CKF_ENCRYPT;
963 if( nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error) ) {
964 pInfo->flags |= CKF_DECRYPT;
966 if( nssCKFWMechanism_GetCanDigest(fwMechanism, &error) ) {
967 pInfo->flags |= CKF_DIGEST;
969 if( nssCKFWMechanism_GetCanSign(fwMechanism, &error) ) {
970 pInfo->flags |= CKF_SIGN;
972 if( nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error) ) {
973 pInfo->flags |= CKF_SIGN_RECOVER;
975 if( nssCKFWMechanism_GetCanVerify(fwMechanism, &error) ) {
976 pInfo->flags |= CKF_VERIFY;
978 if( nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error) ) {
979 pInfo->flags |= CKF_VERIFY_RECOVER;
981 if( nssCKFWMechanism_GetCanGenerate(fwMechanism, &error) ) {
982 pInfo->flags |= CKF_GENERATE;
984 if( nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error) ) {
985 pInfo->flags |= CKF_GENERATE_KEY_PAIR;
987 if( nssCKFWMechanism_GetCanWrap(fwMechanism, &error) ) {
988 pInfo->flags |= CKF_WRAP;
990 if( nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error) ) {
991 pInfo->flags |= CKF_UNWRAP;
993 if( nssCKFWMechanism_GetCanDerive(fwMechanism, &error) ) {
994 pInfo->flags |= CKF_DERIVE;
996 nssCKFWMechanism_Destroy(fwMechanism);
1002 case CKR_DEVICE_REMOVED:
1003 case CKR_TOKEN_NOT_PRESENT:
1005 nssCKFWToken_Destroy(fwToken);
1007 case CKR_ARGUMENTS_BAD:
1008 case CKR_CRYPTOKI_NOT_INITIALIZED:
1009 case CKR_DEVICE_ERROR:
1010 case CKR_DEVICE_MEMORY:
1011 case CKR_FUNCTION_FAILED:
1012 case CKR_GENERAL_ERROR:
1013 case CKR_HOST_MEMORY:
1014 case CKR_MECHANISM_INVALID:
1015 case CKR_SLOT_ID_INVALID:
1016 case CKR_TOKEN_NOT_RECOGNIZED:
1020 error = CKR_GENERAL_ERROR;
1028 * NSSCKFWC_InitToken
1034 NSSCKFWInstance *fwInstance,
1041 CK_RV error = CKR_OK;
1043 NSSCKFWSlot **slots;
1044 NSSCKFWSlot *fwSlot;
1045 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1050 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1054 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1055 if( (CK_ULONG)0 == nSlots ) {
1059 if( (slotID < 1) || (slotID > nSlots) ) {
1060 error = CKR_SLOT_ID_INVALID;
1064 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1065 if( (NSSCKFWSlot **)NULL == slots ) {
1069 fwSlot = slots[ slotID-1 ];
1071 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1072 error = CKR_TOKEN_NOT_PRESENT;
1076 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1081 pin.size = (PRUint32)ulPinLen;
1082 pin.data = (void *)pPin;
1083 label = (NSSUTF8 *)pLabel; /* identity conversion */
1085 error = nssCKFWToken_InitToken(fwToken, &pin, label);
1086 if( CKR_OK != error ) {
1094 case CKR_DEVICE_REMOVED:
1095 case CKR_TOKEN_NOT_PRESENT:
1097 nssCKFWToken_Destroy(fwToken);
1099 case CKR_ARGUMENTS_BAD:
1100 case CKR_CRYPTOKI_NOT_INITIALIZED:
1101 case CKR_DEVICE_ERROR:
1102 case CKR_DEVICE_MEMORY:
1103 case CKR_FUNCTION_FAILED:
1104 case CKR_GENERAL_ERROR:
1105 case CKR_HOST_MEMORY:
1106 case CKR_PIN_INCORRECT:
1107 case CKR_PIN_LOCKED:
1108 case CKR_SESSION_EXISTS:
1109 case CKR_SLOT_ID_INVALID:
1110 case CKR_TOKEN_NOT_RECOGNIZED:
1111 case CKR_TOKEN_WRITE_PROTECTED:
1115 error = CKR_GENERAL_ERROR;
1129 NSSCKFWInstance *fwInstance,
1130 CK_SESSION_HANDLE hSession,
1135 CK_RV error = CKR_OK;
1136 NSSCKFWSession *fwSession;
1140 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1144 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1146 error = CKR_SESSION_HANDLE_INVALID;
1150 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1151 arg = (NSSItem *)NULL;
1154 pin.size = (PRUint32)ulPinLen;
1155 pin.data = (void *)pPin;
1158 error = nssCKFWSession_InitPIN(fwSession, arg);
1159 if( CKR_OK != error ) {
1167 case CKR_SESSION_CLOSED:
1168 /* destroy session? */
1170 case CKR_DEVICE_REMOVED:
1171 /* (void)nssCKFWToken_Destroy(fwToken); */
1173 case CKR_ARGUMENTS_BAD:
1174 case CKR_CRYPTOKI_NOT_INITIALIZED:
1175 case CKR_DEVICE_ERROR:
1176 case CKR_DEVICE_MEMORY:
1177 case CKR_FUNCTION_FAILED:
1178 case CKR_GENERAL_ERROR:
1179 case CKR_HOST_MEMORY:
1180 case CKR_PIN_INVALID:
1181 case CKR_PIN_LEN_RANGE:
1182 case CKR_SESSION_READ_ONLY:
1183 case CKR_SESSION_HANDLE_INVALID:
1184 case CKR_TOKEN_WRITE_PROTECTED:
1185 case CKR_USER_NOT_LOGGED_IN:
1189 error = CKR_GENERAL_ERROR;
1203 NSSCKFWInstance *fwInstance,
1204 CK_SESSION_HANDLE hSession,
1205 CK_CHAR_PTR pOldPin,
1207 CK_CHAR_PTR pNewPin,
1211 CK_RV error = CKR_OK;
1212 NSSCKFWSession *fwSession;
1213 NSSItem oldPin, newPin, *oldArg, *newArg;
1216 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1220 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1222 error = CKR_SESSION_HANDLE_INVALID;
1226 if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
1227 oldArg = (NSSItem *)NULL;
1230 oldPin.size = (PRUint32)ulOldLen;
1231 oldPin.data = (void *)pOldPin;
1234 if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
1235 newArg = (NSSItem *)NULL;
1238 newPin.size = (PRUint32)ulNewLen;
1239 newPin.data = (void *)pNewPin;
1242 error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
1243 if( CKR_OK != error ) {
1251 case CKR_SESSION_CLOSED:
1252 /* destroy session? */
1254 case CKR_DEVICE_REMOVED:
1255 /* (void)nssCKFWToken_Destroy(fwToken); */
1257 case CKR_ARGUMENTS_BAD:
1258 case CKR_CRYPTOKI_NOT_INITIALIZED:
1259 case CKR_DEVICE_ERROR:
1260 case CKR_DEVICE_MEMORY:
1261 case CKR_FUNCTION_FAILED:
1262 case CKR_GENERAL_ERROR:
1263 case CKR_HOST_MEMORY:
1264 case CKR_PIN_INCORRECT:
1265 case CKR_PIN_INVALID:
1266 case CKR_PIN_LEN_RANGE:
1267 case CKR_PIN_LOCKED:
1268 case CKR_SESSION_HANDLE_INVALID:
1269 case CKR_SESSION_READ_ONLY:
1270 case CKR_TOKEN_WRITE_PROTECTED:
1274 error = CKR_GENERAL_ERROR;
1282 * NSSCKFWC_OpenSession
1286 NSSCKFWC_OpenSession
1288 NSSCKFWInstance *fwInstance,
1291 CK_VOID_PTR pApplication,
1293 CK_SESSION_HANDLE_PTR phSession
1296 CK_RV error = CKR_OK;
1298 NSSCKFWSlot **slots;
1299 NSSCKFWSlot *fwSlot;
1300 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1301 NSSCKFWSession *fwSession;
1305 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1309 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1310 if( (CK_ULONG)0 == nSlots ) {
1314 if( (slotID < 1) || (slotID > nSlots) ) {
1315 error = CKR_SLOT_ID_INVALID;
1319 if( flags & CKF_RW_SESSION ) {
1325 if( flags & CKF_SERIAL_SESSION ) {
1328 error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
1332 if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
1333 error = CKR_ARGUMENTS_BAD;
1337 if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
1338 error = CKR_ARGUMENTS_BAD;
1343 * A purify error here indicates caller error.
1345 *phSession = (CK_SESSION_HANDLE)0;
1347 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1348 if( (NSSCKFWSlot **)NULL == slots ) {
1352 fwSlot = slots[ slotID-1 ];
1354 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1355 error = CKR_TOKEN_NOT_PRESENT;
1359 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1364 fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
1370 *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
1372 if( (CK_SESSION_HANDLE)0 == *phSession ) {
1380 case CKR_SESSION_CLOSED:
1381 /* destroy session? */
1383 case CKR_DEVICE_REMOVED:
1384 /* (void)nssCKFWToken_Destroy(fwToken); */
1386 case CKR_CRYPTOKI_NOT_INITIALIZED:
1387 case CKR_DEVICE_ERROR:
1388 case CKR_DEVICE_MEMORY:
1389 case CKR_FUNCTION_FAILED:
1390 case CKR_GENERAL_ERROR:
1391 case CKR_HOST_MEMORY:
1392 case CKR_SESSION_COUNT:
1393 case CKR_SESSION_EXISTS:
1394 case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
1395 case CKR_SESSION_READ_WRITE_SO_EXISTS:
1396 case CKR_SLOT_ID_INVALID:
1397 case CKR_TOKEN_NOT_PRESENT:
1398 case CKR_TOKEN_NOT_RECOGNIZED:
1399 case CKR_TOKEN_WRITE_PROTECTED:
1403 error = CKR_GENERAL_ERROR;
1411 * NSSCKFWC_CloseSession
1415 NSSCKFWC_CloseSession
1417 NSSCKFWInstance *fwInstance,
1418 CK_SESSION_HANDLE hSession
1421 CK_RV error = CKR_OK;
1422 NSSCKFWSession *fwSession;
1425 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1429 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1431 error = CKR_SESSION_HANDLE_INVALID;
1435 nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
1436 error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
1438 if( CKR_OK != error ) {
1446 case CKR_SESSION_CLOSED:
1447 /* destroy session? */
1449 case CKR_DEVICE_REMOVED:
1450 /* (void)nssCKFWToken_Destroy(fwToken); */
1452 case CKR_CRYPTOKI_NOT_INITIALIZED:
1453 case CKR_DEVICE_ERROR:
1454 case CKR_DEVICE_MEMORY:
1455 case CKR_FUNCTION_FAILED:
1456 case CKR_GENERAL_ERROR:
1457 case CKR_HOST_MEMORY:
1458 case CKR_SESSION_HANDLE_INVALID:
1462 error = CKR_GENERAL_ERROR;
1470 * NSSCKFWC_CloseAllSessions
1474 NSSCKFWC_CloseAllSessions
1476 NSSCKFWInstance *fwInstance,
1480 CK_RV error = CKR_OK;
1482 NSSCKFWSlot **slots;
1483 NSSCKFWSlot *fwSlot;
1484 NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
1487 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1491 nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
1492 if( (CK_ULONG)0 == nSlots ) {
1496 if( (slotID < 1) || (slotID > nSlots) ) {
1497 error = CKR_SLOT_ID_INVALID;
1501 slots = nssCKFWInstance_GetSlots(fwInstance, &error);
1502 if( (NSSCKFWSlot **)NULL == slots ) {
1506 fwSlot = slots[ slotID-1 ];
1508 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
1509 error = CKR_TOKEN_NOT_PRESENT;
1513 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
1518 error = nssCKFWToken_CloseAllSessions(fwToken);
1519 if( CKR_OK != error ) {
1527 case CKR_DEVICE_REMOVED:
1528 /* (void)nssCKFWToken_Destroy(fwToken); */
1530 case CKR_CRYPTOKI_NOT_INITIALIZED:
1531 case CKR_DEVICE_ERROR:
1532 case CKR_DEVICE_MEMORY:
1533 case CKR_FUNCTION_FAILED:
1534 case CKR_GENERAL_ERROR:
1535 case CKR_HOST_MEMORY:
1536 case CKR_SLOT_ID_INVALID:
1537 case CKR_TOKEN_NOT_PRESENT:
1541 error = CKR_GENERAL_ERROR;
1549 * NSSCKFWC_GetSessionInfo
1553 NSSCKFWC_GetSessionInfo
1555 NSSCKFWInstance *fwInstance,
1556 CK_SESSION_HANDLE hSession,
1557 CK_SESSION_INFO_PTR pInfo
1560 CK_RV error = CKR_OK;
1561 NSSCKFWSession *fwSession;
1562 NSSCKFWSlot *fwSlot;
1565 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1569 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1571 error = CKR_SESSION_HANDLE_INVALID;
1575 if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
1576 error = CKR_ARGUMENTS_BAD;
1581 * A purify error here indicates caller error.
1583 (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
1585 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
1587 error = CKR_GENERAL_ERROR;
1591 pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
1592 pInfo->state = nssCKFWSession_GetSessionState(fwSession);
1594 if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
1595 pInfo->flags |= CKF_RW_SESSION;
1598 pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
1600 pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
1606 case CKR_SESSION_CLOSED:
1607 /* destroy session? */
1609 case CKR_DEVICE_REMOVED:
1610 /* (void)nssCKFWToken_Destroy(fwToken); */
1612 case CKR_CRYPTOKI_NOT_INITIALIZED:
1613 case CKR_DEVICE_ERROR:
1614 case CKR_DEVICE_MEMORY:
1615 case CKR_FUNCTION_FAILED:
1616 case CKR_GENERAL_ERROR:
1617 case CKR_HOST_MEMORY:
1618 case CKR_SESSION_HANDLE_INVALID:
1622 error = CKR_GENERAL_ERROR;
1630 * NSSCKFWC_GetOperationState
1634 NSSCKFWC_GetOperationState
1636 NSSCKFWInstance *fwInstance,
1637 CK_SESSION_HANDLE hSession,
1638 CK_BYTE_PTR pOperationState,
1639 CK_ULONG_PTR pulOperationStateLen
1642 CK_RV error = CKR_OK;
1643 NSSCKFWSession *fwSession;
1648 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1652 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1654 error = CKR_SESSION_HANDLE_INVALID;
1658 if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
1659 error = CKR_ARGUMENTS_BAD;
1663 len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
1664 if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
1668 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1669 *pulOperationStateLen = len;
1673 if( *pulOperationStateLen < len ) {
1674 *pulOperationStateLen = len;
1675 error = CKR_BUFFER_TOO_SMALL;
1679 buf.size = (PRUint32)*pulOperationStateLen;
1680 buf.data = (void *)pOperationState;
1681 *pulOperationStateLen = len;
1682 error = nssCKFWSession_GetOperationState(fwSession, &buf);
1684 if( CKR_OK != error ) {
1692 case CKR_SESSION_CLOSED:
1693 /* destroy session? */
1695 case CKR_DEVICE_REMOVED:
1696 /* (void)nssCKFWToken_Destroy(fwToken); */
1698 case CKR_BUFFER_TOO_SMALL:
1699 case CKR_CRYPTOKI_NOT_INITIALIZED:
1700 case CKR_DEVICE_ERROR:
1701 case CKR_DEVICE_MEMORY:
1702 case CKR_FUNCTION_FAILED:
1703 case CKR_GENERAL_ERROR:
1704 case CKR_HOST_MEMORY:
1705 case CKR_OPERATION_NOT_INITIALIZED:
1706 case CKR_SESSION_HANDLE_INVALID:
1707 case CKR_STATE_UNSAVEABLE:
1711 error = CKR_GENERAL_ERROR;
1719 * NSSCKFWC_SetOperationState
1723 NSSCKFWC_SetOperationState
1725 NSSCKFWInstance *fwInstance,
1726 CK_SESSION_HANDLE hSession,
1727 CK_BYTE_PTR pOperationState,
1728 CK_ULONG ulOperationStateLen,
1729 CK_OBJECT_HANDLE hEncryptionKey,
1730 CK_OBJECT_HANDLE hAuthenticationKey
1733 CK_RV error = CKR_OK;
1734 NSSCKFWSession *fwSession;
1735 NSSCKFWObject *eKey;
1736 NSSCKFWObject *aKey;
1740 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1744 if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
1745 error = CKR_ARGUMENTS_BAD;
1750 * We could loop through the buffer, to catch any purify errors
1751 * in a place with a "user error" note.
1754 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1756 error = CKR_SESSION_HANDLE_INVALID;
1760 if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
1761 eKey = (NSSCKFWObject *)NULL;
1763 eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
1765 error = CKR_KEY_HANDLE_INVALID;
1770 if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
1771 aKey = (NSSCKFWObject *)NULL;
1773 aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
1775 error = CKR_KEY_HANDLE_INVALID;
1780 state.data = pOperationState;
1781 state.size = ulOperationStateLen;
1783 error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
1784 if( CKR_OK != error ) {
1792 case CKR_SESSION_CLOSED:
1793 /* destroy session? */
1795 case CKR_DEVICE_REMOVED:
1796 /* (void)nssCKFWToken_Destroy(fwToken); */
1798 case CKR_CRYPTOKI_NOT_INITIALIZED:
1799 case CKR_DEVICE_ERROR:
1800 case CKR_DEVICE_MEMORY:
1801 case CKR_FUNCTION_FAILED:
1802 case CKR_GENERAL_ERROR:
1803 case CKR_HOST_MEMORY:
1804 case CKR_KEY_CHANGED:
1805 case CKR_KEY_NEEDED:
1806 case CKR_KEY_NOT_NEEDED:
1807 case CKR_SAVED_STATE_INVALID:
1808 case CKR_SESSION_HANDLE_INVALID:
1812 error = CKR_GENERAL_ERROR;
1826 NSSCKFWInstance *fwInstance,
1827 CK_SESSION_HANDLE hSession,
1828 CK_USER_TYPE userType,
1833 CK_RV error = CKR_OK;
1834 NSSCKFWSession *fwSession;
1838 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1842 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1844 error = CKR_SESSION_HANDLE_INVALID;
1848 if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
1849 arg = (NSSItem *)NULL;
1852 pin.size = (PRUint32)ulPinLen;
1853 pin.data = (void *)pPin;
1856 error = nssCKFWSession_Login(fwSession, userType, arg);
1857 if( CKR_OK != error ) {
1865 case CKR_SESSION_CLOSED:
1866 /* destroy session? */
1868 case CKR_DEVICE_REMOVED:
1869 /* (void)nssCKFWToken_Destroy(fwToken); */
1871 case CKR_CRYPTOKI_NOT_INITIALIZED:
1872 case CKR_DEVICE_ERROR:
1873 case CKR_DEVICE_MEMORY:
1874 case CKR_FUNCTION_FAILED:
1875 case CKR_GENERAL_ERROR:
1876 case CKR_HOST_MEMORY:
1877 case CKR_PIN_EXPIRED:
1878 case CKR_PIN_INCORRECT:
1879 case CKR_PIN_LOCKED:
1880 case CKR_SESSION_HANDLE_INVALID:
1881 case CKR_SESSION_READ_ONLY_EXISTS:
1882 case CKR_USER_ALREADY_LOGGED_IN:
1883 case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
1884 case CKR_USER_PIN_NOT_INITIALIZED:
1885 case CKR_USER_TOO_MANY_TYPES:
1886 case CKR_USER_TYPE_INVALID:
1890 error = CKR_GENERAL_ERROR;
1904 NSSCKFWInstance *fwInstance,
1905 CK_SESSION_HANDLE hSession
1908 CK_RV error = CKR_OK;
1909 NSSCKFWSession *fwSession;
1912 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1916 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1918 error = CKR_SESSION_HANDLE_INVALID;
1922 error = nssCKFWSession_Logout(fwSession);
1923 if( CKR_OK != error ) {
1931 case CKR_SESSION_CLOSED:
1932 /* destroy session? */
1934 case CKR_DEVICE_REMOVED:
1935 /* (void)nssCKFWToken_Destroy(fwToken); */
1937 case CKR_CRYPTOKI_NOT_INITIALIZED:
1938 case CKR_DEVICE_ERROR:
1939 case CKR_DEVICE_MEMORY:
1940 case CKR_FUNCTION_FAILED:
1941 case CKR_GENERAL_ERROR:
1942 case CKR_HOST_MEMORY:
1943 case CKR_SESSION_HANDLE_INVALID:
1944 case CKR_USER_NOT_LOGGED_IN:
1948 error = CKR_GENERAL_ERROR;
1956 * NSSCKFWC_CreateObject
1960 NSSCKFWC_CreateObject
1962 NSSCKFWInstance *fwInstance,
1963 CK_SESSION_HANDLE hSession,
1964 CK_ATTRIBUTE_PTR pTemplate,
1966 CK_OBJECT_HANDLE_PTR phObject
1969 CK_RV error = CKR_OK;
1970 NSSCKFWSession *fwSession;
1971 NSSCKFWObject *fwObject;
1974 error = CKR_CRYPTOKI_NOT_INITIALIZED;
1978 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
1980 error = CKR_SESSION_HANDLE_INVALID;
1984 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
1985 error = CKR_ARGUMENTS_BAD;
1990 * A purify error here indicates caller error.
1992 *phObject = (CK_OBJECT_HANDLE)0;
1994 fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
2000 *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
2001 if( (CK_OBJECT_HANDLE)0 == *phObject ) {
2002 nssCKFWObject_Destroy(fwObject);
2010 case CKR_SESSION_CLOSED:
2011 /* destroy session? */
2013 case CKR_DEVICE_REMOVED:
2014 /* (void)nssCKFWToken_Destroy(fwToken); */
2016 case CKR_ATTRIBUTE_READ_ONLY:
2017 case CKR_ATTRIBUTE_TYPE_INVALID:
2018 case CKR_ATTRIBUTE_VALUE_INVALID:
2019 case CKR_CRYPTOKI_NOT_INITIALIZED:
2020 case CKR_DEVICE_ERROR:
2021 case CKR_DEVICE_MEMORY:
2022 case CKR_FUNCTION_FAILED:
2023 case CKR_GENERAL_ERROR:
2024 case CKR_HOST_MEMORY:
2025 case CKR_SESSION_HANDLE_INVALID:
2026 case CKR_SESSION_READ_ONLY:
2027 case CKR_TEMPLATE_INCOMPLETE:
2028 case CKR_TEMPLATE_INCONSISTENT:
2029 case CKR_TOKEN_WRITE_PROTECTED:
2030 case CKR_USER_NOT_LOGGED_IN:
2034 error = CKR_GENERAL_ERROR;
2042 * NSSCKFWC_CopyObject
2048 NSSCKFWInstance *fwInstance,
2049 CK_SESSION_HANDLE hSession,
2050 CK_OBJECT_HANDLE hObject,
2051 CK_ATTRIBUTE_PTR pTemplate,
2053 CK_OBJECT_HANDLE_PTR phNewObject
2056 CK_RV error = CKR_OK;
2057 NSSCKFWSession *fwSession;
2058 NSSCKFWObject *fwObject;
2059 NSSCKFWObject *fwNewObject;
2062 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2066 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2068 error = CKR_SESSION_HANDLE_INVALID;
2072 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
2073 error = CKR_ARGUMENTS_BAD;
2078 * A purify error here indicates caller error.
2080 *phNewObject = (CK_OBJECT_HANDLE)0;
2082 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2084 error = CKR_OBJECT_HANDLE_INVALID;
2088 fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
2089 pTemplate, ulCount, &error);
2094 *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
2095 fwNewObject, &error);
2096 if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
2097 nssCKFWObject_Destroy(fwNewObject);
2105 case CKR_SESSION_CLOSED:
2106 /* destroy session? */
2108 case CKR_DEVICE_REMOVED:
2109 /* (void)nssCKFWToken_Destroy(fwToken); */
2111 case CKR_ATTRIBUTE_READ_ONLY:
2112 case CKR_ATTRIBUTE_TYPE_INVALID:
2113 case CKR_ATTRIBUTE_VALUE_INVALID:
2114 case CKR_CRYPTOKI_NOT_INITIALIZED:
2115 case CKR_DEVICE_ERROR:
2116 case CKR_DEVICE_MEMORY:
2117 case CKR_FUNCTION_FAILED:
2118 case CKR_GENERAL_ERROR:
2119 case CKR_HOST_MEMORY:
2120 case CKR_OBJECT_HANDLE_INVALID:
2121 case CKR_SESSION_HANDLE_INVALID:
2122 case CKR_SESSION_READ_ONLY:
2123 case CKR_TEMPLATE_INCONSISTENT:
2124 case CKR_TOKEN_WRITE_PROTECTED:
2125 case CKR_USER_NOT_LOGGED_IN:
2129 error = CKR_GENERAL_ERROR;
2137 * NSSCKFWC_DestroyObject
2141 NSSCKFWC_DestroyObject
2143 NSSCKFWInstance *fwInstance,
2144 CK_SESSION_HANDLE hSession,
2145 CK_OBJECT_HANDLE hObject
2148 CK_RV error = CKR_OK;
2149 NSSCKFWSession *fwSession;
2150 NSSCKFWObject *fwObject;
2153 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2157 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2159 error = CKR_SESSION_HANDLE_INVALID;
2163 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2165 error = CKR_OBJECT_HANDLE_INVALID;
2169 nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
2170 nssCKFWObject_Destroy(fwObject);
2176 case CKR_SESSION_CLOSED:
2177 /* destroy session? */
2179 case CKR_DEVICE_REMOVED:
2180 /* (void)nssCKFWToken_Destroy(fwToken); */
2182 case CKR_CRYPTOKI_NOT_INITIALIZED:
2183 case CKR_DEVICE_ERROR:
2184 case CKR_DEVICE_MEMORY:
2185 case CKR_FUNCTION_FAILED:
2186 case CKR_GENERAL_ERROR:
2187 case CKR_HOST_MEMORY:
2188 case CKR_OBJECT_HANDLE_INVALID:
2189 case CKR_SESSION_HANDLE_INVALID:
2190 case CKR_SESSION_READ_ONLY:
2191 case CKR_TOKEN_WRITE_PROTECTED:
2195 error = CKR_GENERAL_ERROR;
2203 * NSSCKFWC_GetObjectSize
2207 NSSCKFWC_GetObjectSize
2209 NSSCKFWInstance *fwInstance,
2210 CK_SESSION_HANDLE hSession,
2211 CK_OBJECT_HANDLE hObject,
2212 CK_ULONG_PTR pulSize
2215 CK_RV error = CKR_OK;
2216 NSSCKFWSession *fwSession;
2217 NSSCKFWObject *fwObject;
2220 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2224 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2226 error = CKR_SESSION_HANDLE_INVALID;
2230 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2232 error = CKR_OBJECT_HANDLE_INVALID;
2236 if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
2237 error = CKR_ARGUMENTS_BAD;
2242 * A purify error here indicates caller error.
2244 *pulSize = (CK_ULONG)0;
2246 *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
2247 if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
2255 case CKR_SESSION_CLOSED:
2256 /* destroy session? */
2258 case CKR_DEVICE_REMOVED:
2259 /* (void)nssCKFWToken_Destroy(fwToken); */
2261 case CKR_CRYPTOKI_NOT_INITIALIZED:
2262 case CKR_DEVICE_ERROR:
2263 case CKR_DEVICE_MEMORY:
2264 case CKR_FUNCTION_FAILED:
2265 case CKR_GENERAL_ERROR:
2266 case CKR_HOST_MEMORY:
2267 case CKR_INFORMATION_SENSITIVE:
2268 case CKR_OBJECT_HANDLE_INVALID:
2269 case CKR_SESSION_HANDLE_INVALID:
2273 error = CKR_GENERAL_ERROR;
2281 * NSSCKFWC_GetAttributeValue
2285 NSSCKFWC_GetAttributeValue
2287 NSSCKFWInstance *fwInstance,
2288 CK_SESSION_HANDLE hSession,
2289 CK_OBJECT_HANDLE hObject,
2290 CK_ATTRIBUTE_PTR pTemplate,
2294 CK_RV error = CKR_OK;
2295 NSSCKFWSession *fwSession;
2296 NSSCKFWObject *fwObject;
2297 CK_BBOOL sensitive = CK_FALSE;
2298 CK_BBOOL invalid = CK_FALSE;
2299 CK_BBOOL tooSmall = CK_FALSE;
2303 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2307 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2309 error = CKR_SESSION_HANDLE_INVALID;
2313 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2315 error = CKR_OBJECT_HANDLE_INVALID;
2319 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2320 error = CKR_ARGUMENTS_BAD;
2324 for( i = 0; i < ulCount; i++ ) {
2325 CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
2326 pTemplate[i].type, &error);
2327 if( (CK_ULONG)0 == size ) {
2329 case CKR_ATTRIBUTE_SENSITIVE:
2330 case CKR_INFORMATION_SENSITIVE:
2331 sensitive = CK_TRUE;
2332 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2334 case CKR_ATTRIBUTE_TYPE_INVALID:
2336 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2345 if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
2346 pTemplate[i].ulValueLen = size;
2350 if( pTemplate[i].ulValueLen < size ) {
2355 it.size = (PRUint32)pTemplate[i].ulValueLen;
2356 it.data = (void *)pTemplate[i].pValue;
2357 p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
2358 (NSSArena *)NULL, &error);
2361 case CKR_ATTRIBUTE_SENSITIVE:
2362 case CKR_INFORMATION_SENSITIVE:
2363 sensitive = CK_TRUE;
2364 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2366 case CKR_ATTRIBUTE_TYPE_INVALID:
2368 pTemplate[i].ulValueLen = (CK_ULONG)(-1);
2375 pTemplate[i].ulValueLen = size;
2380 error = CKR_ATTRIBUTE_SENSITIVE;
2382 } else if( invalid ) {
2383 error = CKR_ATTRIBUTE_TYPE_INVALID;
2385 } else if( tooSmall ) {
2386 error = CKR_BUFFER_TOO_SMALL;
2394 case CKR_SESSION_CLOSED:
2395 /* destroy session? */
2397 case CKR_DEVICE_REMOVED:
2398 /* (void)nssCKFWToken_Destroy(fwToken); */
2400 case CKR_ATTRIBUTE_SENSITIVE:
2401 case CKR_ATTRIBUTE_TYPE_INVALID:
2402 case CKR_BUFFER_TOO_SMALL:
2403 case CKR_CRYPTOKI_NOT_INITIALIZED:
2404 case CKR_DEVICE_ERROR:
2405 case CKR_DEVICE_MEMORY:
2406 case CKR_FUNCTION_FAILED:
2407 case CKR_GENERAL_ERROR:
2408 case CKR_HOST_MEMORY:
2409 case CKR_OBJECT_HANDLE_INVALID:
2410 case CKR_SESSION_HANDLE_INVALID:
2414 error = CKR_GENERAL_ERROR;
2422 * NSSCKFWC_SetAttributeValue
2426 NSSCKFWC_SetAttributeValue
2428 NSSCKFWInstance *fwInstance,
2429 CK_SESSION_HANDLE hSession,
2430 CK_OBJECT_HANDLE hObject,
2431 CK_ATTRIBUTE_PTR pTemplate,
2435 CK_RV error = CKR_OK;
2436 NSSCKFWSession *fwSession;
2437 NSSCKFWObject *fwObject;
2441 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2445 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2447 error = CKR_SESSION_HANDLE_INVALID;
2451 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
2453 error = CKR_OBJECT_HANDLE_INVALID;
2457 if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
2458 error = CKR_ARGUMENTS_BAD;
2462 for (i=0; i < ulCount; i++) {
2465 value.data = pTemplate[i].pValue;
2466 value.size = pTemplate[i].ulValueLen;
2468 error = nssCKFWObject_SetAttribute(fwObject, fwSession,
2469 pTemplate[i].type, &value);
2471 if( CKR_OK != error ) {
2480 case CKR_SESSION_CLOSED:
2481 /* destroy session? */
2483 case CKR_DEVICE_REMOVED:
2484 /* (void)nssCKFWToken_Destroy(fwToken); */
2486 case CKR_ATTRIBUTE_READ_ONLY:
2487 case CKR_ATTRIBUTE_TYPE_INVALID:
2488 case CKR_ATTRIBUTE_VALUE_INVALID:
2489 case CKR_CRYPTOKI_NOT_INITIALIZED:
2490 case CKR_DEVICE_ERROR:
2491 case CKR_DEVICE_MEMORY:
2492 case CKR_FUNCTION_FAILED:
2493 case CKR_GENERAL_ERROR:
2494 case CKR_HOST_MEMORY:
2495 case CKR_OBJECT_HANDLE_INVALID:
2496 case CKR_SESSION_HANDLE_INVALID:
2497 case CKR_SESSION_READ_ONLY:
2498 case CKR_TEMPLATE_INCONSISTENT:
2499 case CKR_TOKEN_WRITE_PROTECTED:
2503 error = CKR_GENERAL_ERROR;
2511 * NSSCKFWC_FindObjectsInit
2515 NSSCKFWC_FindObjectsInit
2517 NSSCKFWInstance *fwInstance,
2518 CK_SESSION_HANDLE hSession,
2519 CK_ATTRIBUTE_PTR pTemplate,
2523 CK_RV error = CKR_OK;
2524 NSSCKFWSession *fwSession;
2525 NSSCKFWFindObjects *fwFindObjects;
2528 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2532 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2534 error = CKR_SESSION_HANDLE_INVALID;
2538 if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
2539 error = CKR_ARGUMENTS_BAD;
2543 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2544 if (fwFindObjects) {
2545 error = CKR_OPERATION_ACTIVE;
2549 if( CKR_OPERATION_NOT_INITIALIZED != error ) {
2553 fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
2554 pTemplate, ulCount, &error);
2555 if (!fwFindObjects) {
2559 error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
2561 if( CKR_OK != error ) {
2562 nssCKFWFindObjects_Destroy(fwFindObjects);
2570 case CKR_SESSION_CLOSED:
2571 /* destroy session? */
2573 case CKR_DEVICE_REMOVED:
2574 /* (void)nssCKFWToken_Destroy(fwToken); */
2576 case CKR_ATTRIBUTE_TYPE_INVALID:
2577 case CKR_ATTRIBUTE_VALUE_INVALID:
2578 case CKR_CRYPTOKI_NOT_INITIALIZED:
2579 case CKR_DEVICE_ERROR:
2580 case CKR_DEVICE_MEMORY:
2581 case CKR_FUNCTION_FAILED:
2582 case CKR_GENERAL_ERROR:
2583 case CKR_HOST_MEMORY:
2584 case CKR_OPERATION_ACTIVE:
2585 case CKR_SESSION_HANDLE_INVALID:
2589 error = CKR_GENERAL_ERROR;
2597 * NSSCKFWC_FindObjects
2601 NSSCKFWC_FindObjects
2603 NSSCKFWInstance *fwInstance,
2604 CK_SESSION_HANDLE hSession,
2605 CK_OBJECT_HANDLE_PTR phObject,
2606 CK_ULONG ulMaxObjectCount,
2607 CK_ULONG_PTR pulObjectCount
2610 CK_RV error = CKR_OK;
2611 NSSCKFWSession *fwSession;
2612 NSSCKFWFindObjects *fwFindObjects;
2616 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2620 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2622 error = CKR_SESSION_HANDLE_INVALID;
2626 if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
2627 error = CKR_ARGUMENTS_BAD;
2632 * A purify error here indicates caller error.
2634 (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
2635 *pulObjectCount = (CK_ULONG)0;
2637 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2638 if (!fwFindObjects) {
2642 for( i = 0; i < ulMaxObjectCount; i++ ) {
2643 NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
2649 phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
2650 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2651 phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
2653 if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
2654 /* This isn't right either, is it? */
2655 nssCKFWObject_Destroy(fwObject);
2660 *pulObjectCount = i;
2666 case CKR_SESSION_CLOSED:
2667 /* destroy session? */
2669 case CKR_DEVICE_REMOVED:
2670 /* (void)nssCKFWToken_Destroy(fwToken); */
2672 case CKR_CRYPTOKI_NOT_INITIALIZED:
2673 case CKR_DEVICE_ERROR:
2674 case CKR_DEVICE_MEMORY:
2675 case CKR_FUNCTION_FAILED:
2676 case CKR_GENERAL_ERROR:
2677 case CKR_HOST_MEMORY:
2678 case CKR_OPERATION_NOT_INITIALIZED:
2679 case CKR_SESSION_HANDLE_INVALID:
2683 error = CKR_GENERAL_ERROR;
2691 * NSSCKFWC_FindObjectsFinal
2695 NSSCKFWC_FindObjectsFinal
2697 NSSCKFWInstance *fwInstance,
2698 CK_SESSION_HANDLE hSession
2701 CK_RV error = CKR_OK;
2702 NSSCKFWSession *fwSession;
2703 NSSCKFWFindObjects *fwFindObjects;
2706 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2710 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2712 error = CKR_SESSION_HANDLE_INVALID;
2716 fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
2717 if (!fwFindObjects) {
2718 error = CKR_OPERATION_NOT_INITIALIZED;
2722 nssCKFWFindObjects_Destroy(fwFindObjects);
2723 error = nssCKFWSession_SetFWFindObjects(fwSession,
2724 (NSSCKFWFindObjects *)NULL);
2726 if( CKR_OK != error ) {
2734 case CKR_SESSION_CLOSED:
2735 /* destroy session? */
2737 case CKR_DEVICE_REMOVED:
2738 /* (void)nssCKFWToken_Destroy(fwToken); */
2740 case CKR_CRYPTOKI_NOT_INITIALIZED:
2741 case CKR_DEVICE_ERROR:
2742 case CKR_DEVICE_MEMORY:
2743 case CKR_FUNCTION_FAILED:
2744 case CKR_GENERAL_ERROR:
2745 case CKR_HOST_MEMORY:
2746 case CKR_OPERATION_NOT_INITIALIZED:
2747 case CKR_SESSION_HANDLE_INVALID:
2751 error = CKR_GENERAL_ERROR;
2759 * NSSCKFWC_EncryptInit
2763 NSSCKFWC_EncryptInit
2765 NSSCKFWInstance *fwInstance,
2766 CK_SESSION_HANDLE hSession,
2767 CK_MECHANISM_PTR pMechanism,
2768 CK_OBJECT_HANDLE hKey
2771 CK_RV error = CKR_OK;
2772 NSSCKFWSession *fwSession;
2773 NSSCKFWObject *fwObject;
2774 NSSCKFWSlot *fwSlot;
2775 NSSCKFWToken *fwToken;
2776 NSSCKFWMechanism *fwMechanism;
2779 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2783 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2785 error = CKR_SESSION_HANDLE_INVALID;
2789 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
2791 error = CKR_KEY_HANDLE_INVALID;
2795 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
2797 error = CKR_GENERAL_ERROR; /* should never happen! */
2801 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
2802 error = CKR_TOKEN_NOT_PRESENT;
2806 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
2811 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
2816 error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
2817 fwSession, fwObject);
2819 nssCKFWMechanism_Destroy(fwMechanism);
2821 if (CKR_OK == error) {
2828 case CKR_CRYPTOKI_NOT_INITIALIZED:
2829 case CKR_DEVICE_ERROR:
2830 case CKR_DEVICE_MEMORY:
2831 case CKR_DEVICE_REMOVED:
2832 case CKR_FUNCTION_CANCELED:
2833 case CKR_FUNCTION_FAILED:
2834 case CKR_GENERAL_ERROR:
2835 case CKR_HOST_MEMORY:
2836 case CKR_KEY_FUNCTION_NOT_PERMITTED:
2837 case CKR_KEY_HANDLE_INVALID:
2838 case CKR_KEY_SIZE_RANGE:
2839 case CKR_KEY_TYPE_INCONSISTENT:
2840 case CKR_MECHANISM_INVALID:
2841 case CKR_MECHANISM_PARAM_INVALID:
2842 case CKR_OPERATION_ACTIVE:
2843 case CKR_PIN_EXPIRED:
2844 case CKR_SESSION_CLOSED:
2845 case CKR_SESSION_HANDLE_INVALID:
2846 case CKR_USER_NOT_LOGGED_IN:
2850 error = CKR_GENERAL_ERROR;
2863 NSSCKFWInstance *fwInstance,
2864 CK_SESSION_HANDLE hSession,
2867 CK_BYTE_PTR pEncryptedData,
2868 CK_ULONG_PTR pulEncryptedDataLen
2871 CK_RV error = CKR_OK;
2872 NSSCKFWSession *fwSession;
2875 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2879 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2881 error = CKR_SESSION_HANDLE_INVALID;
2885 error = nssCKFWSession_UpdateFinal(fwSession,
2886 NSSCKFWCryptoOperationType_Encrypt,
2887 NSSCKFWCryptoOperationState_EncryptDecrypt,
2888 pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
2890 if (CKR_OK == error) {
2897 case CKR_ARGUMENTS_BAD:
2898 case CKR_BUFFER_TOO_SMALL:
2899 case CKR_CRYPTOKI_NOT_INITIALIZED:
2900 case CKR_DATA_INVALID:
2901 case CKR_DATA_LEN_RANGE:
2902 case CKR_DEVICE_ERROR:
2903 case CKR_DEVICE_MEMORY:
2904 case CKR_DEVICE_REMOVED:
2905 case CKR_FUNCTION_CANCELED:
2906 case CKR_FUNCTION_FAILED:
2907 case CKR_GENERAL_ERROR:
2908 case CKR_HOST_MEMORY:
2909 case CKR_OPERATION_NOT_INITIALIZED:
2910 case CKR_SESSION_HANDLE_INVALID:
2911 case CKR_SESSION_CLOSED:
2915 error = CKR_GENERAL_ERROR;
2922 * NSSCKFWC_EncryptUpdate
2926 NSSCKFWC_EncryptUpdate
2928 NSSCKFWInstance *fwInstance,
2929 CK_SESSION_HANDLE hSession,
2932 CK_BYTE_PTR pEncryptedPart,
2933 CK_ULONG_PTR pulEncryptedPartLen
2936 CK_RV error = CKR_OK;
2937 NSSCKFWSession *fwSession;
2940 error = CKR_CRYPTOKI_NOT_INITIALIZED;
2944 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
2946 error = CKR_SESSION_HANDLE_INVALID;
2950 error = nssCKFWSession_Update(fwSession,
2951 NSSCKFWCryptoOperationType_Encrypt,
2952 NSSCKFWCryptoOperationState_EncryptDecrypt,
2953 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
2955 if (CKR_OK == error) {
2962 case CKR_ARGUMENTS_BAD:
2963 case CKR_BUFFER_TOO_SMALL:
2964 case CKR_CRYPTOKI_NOT_INITIALIZED:
2965 case CKR_DATA_LEN_RANGE:
2966 case CKR_DEVICE_ERROR:
2967 case CKR_DEVICE_MEMORY:
2968 case CKR_DEVICE_REMOVED:
2969 case CKR_FUNCTION_CANCELED:
2970 case CKR_FUNCTION_FAILED:
2971 case CKR_GENERAL_ERROR:
2972 case CKR_HOST_MEMORY:
2973 case CKR_OPERATION_NOT_INITIALIZED:
2974 case CKR_SESSION_CLOSED:
2975 case CKR_SESSION_HANDLE_INVALID:
2979 error = CKR_GENERAL_ERROR;
2986 * NSSCKFWC_EncryptFinal
2990 NSSCKFWC_EncryptFinal
2992 NSSCKFWInstance *fwInstance,
2993 CK_SESSION_HANDLE hSession,
2994 CK_BYTE_PTR pLastEncryptedPart,
2995 CK_ULONG_PTR pulLastEncryptedPartLen
2998 CK_RV error = CKR_OK;
2999 NSSCKFWSession *fwSession;
3002 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3006 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3008 error = CKR_SESSION_HANDLE_INVALID;
3012 error = nssCKFWSession_Final(fwSession,
3013 NSSCKFWCryptoOperationType_Encrypt,
3014 NSSCKFWCryptoOperationState_EncryptDecrypt,
3015 pLastEncryptedPart, pulLastEncryptedPartLen);
3017 if (CKR_OK == error) {
3024 case CKR_ARGUMENTS_BAD:
3025 case CKR_BUFFER_TOO_SMALL:
3026 case CKR_CRYPTOKI_NOT_INITIALIZED:
3027 case CKR_DATA_LEN_RANGE:
3028 case CKR_DEVICE_ERROR:
3029 case CKR_DEVICE_MEMORY:
3030 case CKR_DEVICE_REMOVED:
3031 case CKR_FUNCTION_CANCELED:
3032 case CKR_FUNCTION_FAILED:
3033 case CKR_GENERAL_ERROR:
3034 case CKR_HOST_MEMORY:
3035 case CKR_OPERATION_NOT_INITIALIZED:
3036 case CKR_SESSION_CLOSED:
3037 case CKR_SESSION_HANDLE_INVALID:
3041 error = CKR_GENERAL_ERROR;
3048 * NSSCKFWC_DecryptInit
3052 NSSCKFWC_DecryptInit
3054 NSSCKFWInstance *fwInstance,
3055 CK_SESSION_HANDLE hSession,
3056 CK_MECHANISM_PTR pMechanism,
3057 CK_OBJECT_HANDLE hKey
3060 CK_RV error = CKR_OK;
3061 NSSCKFWSession *fwSession;
3062 NSSCKFWObject *fwObject;
3063 NSSCKFWSlot *fwSlot;
3064 NSSCKFWToken *fwToken;
3065 NSSCKFWMechanism *fwMechanism;
3068 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3072 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3074 error = CKR_SESSION_HANDLE_INVALID;
3078 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3080 error = CKR_KEY_HANDLE_INVALID;
3084 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3086 error = CKR_GENERAL_ERROR; /* should never happen! */
3090 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3091 error = CKR_TOKEN_NOT_PRESENT;
3095 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3100 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3105 error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
3106 fwSession, fwObject);
3107 nssCKFWMechanism_Destroy(fwMechanism);
3109 if (CKR_OK == error) {
3116 case CKR_ARGUMENTS_BAD:
3117 case CKR_CRYPTOKI_NOT_INITIALIZED:
3118 case CKR_DEVICE_ERROR:
3119 case CKR_DEVICE_MEMORY:
3120 case CKR_DEVICE_REMOVED:
3121 case CKR_FUNCTION_CANCELED:
3122 case CKR_FUNCTION_FAILED:
3123 case CKR_GENERAL_ERROR:
3124 case CKR_HOST_MEMORY:
3125 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3126 case CKR_KEY_HANDLE_INVALID:
3127 case CKR_KEY_SIZE_RANGE:
3128 case CKR_KEY_TYPE_INCONSISTENT:
3129 case CKR_MECHANISM_INVALID:
3130 case CKR_MECHANISM_PARAM_INVALID:
3131 case CKR_OPERATION_ACTIVE:
3132 case CKR_PIN_EXPIRED:
3133 case CKR_SESSION_CLOSED:
3134 case CKR_SESSION_HANDLE_INVALID:
3135 case CKR_USER_NOT_LOGGED_IN:
3139 error = CKR_GENERAL_ERROR;
3152 NSSCKFWInstance *fwInstance,
3153 CK_SESSION_HANDLE hSession,
3154 CK_BYTE_PTR pEncryptedData,
3155 CK_ULONG ulEncryptedDataLen,
3157 CK_ULONG_PTR pulDataLen
3160 CK_RV error = CKR_OK;
3161 NSSCKFWSession *fwSession;
3164 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3168 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3170 error = CKR_SESSION_HANDLE_INVALID;
3174 error = nssCKFWSession_UpdateFinal(fwSession,
3175 NSSCKFWCryptoOperationType_Decrypt,
3176 NSSCKFWCryptoOperationState_EncryptDecrypt,
3177 pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
3179 if (CKR_OK == error) {
3186 case CKR_ARGUMENTS_BAD:
3187 case CKR_BUFFER_TOO_SMALL:
3188 case CKR_CRYPTOKI_NOT_INITIALIZED:
3189 case CKR_DEVICE_ERROR:
3190 case CKR_DEVICE_MEMORY:
3191 case CKR_DEVICE_REMOVED:
3192 case CKR_ENCRYPTED_DATA_INVALID:
3193 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3194 case CKR_FUNCTION_CANCELED:
3195 case CKR_FUNCTION_FAILED:
3196 case CKR_GENERAL_ERROR:
3197 case CKR_HOST_MEMORY:
3198 case CKR_OPERATION_NOT_INITIALIZED:
3199 case CKR_SESSION_CLOSED:
3200 case CKR_SESSION_HANDLE_INVALID:
3201 case CKR_USER_NOT_LOGGED_IN:
3203 case CKR_DATA_LEN_RANGE:
3204 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3206 case CKR_DATA_INVALID:
3207 error = CKR_ENCRYPTED_DATA_INVALID;
3211 error = CKR_GENERAL_ERROR;
3218 * NSSCKFWC_DecryptUpdate
3222 NSSCKFWC_DecryptUpdate
3224 NSSCKFWInstance *fwInstance,
3225 CK_SESSION_HANDLE hSession,
3226 CK_BYTE_PTR pEncryptedPart,
3227 CK_ULONG ulEncryptedPartLen,
3229 CK_ULONG_PTR pulPartLen
3232 CK_RV error = CKR_OK;
3233 NSSCKFWSession *fwSession;
3236 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3240 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3242 error = CKR_SESSION_HANDLE_INVALID;
3246 error = nssCKFWSession_Update(fwSession,
3247 NSSCKFWCryptoOperationType_Decrypt,
3248 NSSCKFWCryptoOperationState_EncryptDecrypt,
3249 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
3251 if (CKR_OK == error) {
3258 case CKR_ARGUMENTS_BAD:
3259 case CKR_BUFFER_TOO_SMALL:
3260 case CKR_CRYPTOKI_NOT_INITIALIZED:
3261 case CKR_DEVICE_ERROR:
3262 case CKR_DEVICE_MEMORY:
3263 case CKR_DEVICE_REMOVED:
3264 case CKR_ENCRYPTED_DATA_INVALID:
3265 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3266 case CKR_FUNCTION_CANCELED:
3267 case CKR_FUNCTION_FAILED:
3268 case CKR_GENERAL_ERROR:
3269 case CKR_HOST_MEMORY:
3270 case CKR_OPERATION_NOT_INITIALIZED:
3271 case CKR_SESSION_CLOSED:
3272 case CKR_SESSION_HANDLE_INVALID:
3273 case CKR_USER_NOT_LOGGED_IN:
3275 case CKR_DATA_LEN_RANGE:
3276 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3278 case CKR_DATA_INVALID:
3279 error = CKR_ENCRYPTED_DATA_INVALID;
3283 error = CKR_GENERAL_ERROR;
3290 * NSSCKFWC_DecryptFinal
3294 NSSCKFWC_DecryptFinal
3296 NSSCKFWInstance *fwInstance,
3297 CK_SESSION_HANDLE hSession,
3298 CK_BYTE_PTR pLastPart,
3299 CK_ULONG_PTR pulLastPartLen
3302 CK_RV error = CKR_OK;
3303 NSSCKFWSession *fwSession;
3306 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3310 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3312 error = CKR_SESSION_HANDLE_INVALID;
3316 error = nssCKFWSession_Final(fwSession,
3317 NSSCKFWCryptoOperationType_Decrypt,
3318 NSSCKFWCryptoOperationState_EncryptDecrypt,
3319 pLastPart, pulLastPartLen);
3321 if (CKR_OK == error) {
3328 case CKR_ARGUMENTS_BAD:
3329 case CKR_BUFFER_TOO_SMALL:
3330 case CKR_CRYPTOKI_NOT_INITIALIZED:
3331 case CKR_DEVICE_ERROR:
3332 case CKR_DEVICE_MEMORY:
3333 case CKR_DEVICE_REMOVED:
3334 case CKR_FUNCTION_FAILED:
3335 case CKR_FUNCTION_CANCELED:
3336 case CKR_ENCRYPTED_DATA_INVALID:
3337 case CKR_ENCRYPTED_DATA_LEN_RANGE:
3338 case CKR_GENERAL_ERROR:
3339 case CKR_HOST_MEMORY:
3340 case CKR_OPERATION_NOT_INITIALIZED:
3341 case CKR_SESSION_CLOSED:
3342 case CKR_SESSION_HANDLE_INVALID:
3343 case CKR_USER_NOT_LOGGED_IN:
3345 case CKR_DATA_LEN_RANGE:
3346 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
3348 case CKR_DATA_INVALID:
3349 error = CKR_ENCRYPTED_DATA_INVALID;
3353 error = CKR_GENERAL_ERROR;
3360 * NSSCKFWC_DigestInit
3366 NSSCKFWInstance *fwInstance,
3367 CK_SESSION_HANDLE hSession,
3368 CK_MECHANISM_PTR pMechanism
3371 CK_RV error = CKR_OK;
3372 NSSCKFWSession *fwSession;
3373 NSSCKFWSlot *fwSlot;
3374 NSSCKFWToken *fwToken;
3375 NSSCKFWMechanism *fwMechanism;
3378 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3382 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3384 error = CKR_SESSION_HANDLE_INVALID;
3388 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3390 error = CKR_GENERAL_ERROR; /* should never happen! */
3394 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3395 error = CKR_TOKEN_NOT_PRESENT;
3399 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3404 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3409 error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
3411 nssCKFWMechanism_Destroy(fwMechanism);
3413 if (CKR_OK == error) {
3420 case CKR_ARGUMENTS_BAD:
3421 case CKR_CRYPTOKI_NOT_INITIALIZED:
3422 case CKR_DEVICE_ERROR:
3423 case CKR_DEVICE_MEMORY:
3424 case CKR_DEVICE_REMOVED:
3425 case CKR_FUNCTION_CANCELED:
3426 case CKR_FUNCTION_FAILED:
3427 case CKR_GENERAL_ERROR:
3428 case CKR_HOST_MEMORY:
3429 case CKR_MECHANISM_INVALID:
3430 case CKR_MECHANISM_PARAM_INVALID:
3431 case CKR_OPERATION_ACTIVE:
3432 case CKR_PIN_EXPIRED:
3433 case CKR_SESSION_CLOSED:
3434 case CKR_SESSION_HANDLE_INVALID:
3435 case CKR_USER_NOT_LOGGED_IN:
3439 error = CKR_GENERAL_ERROR;
3452 NSSCKFWInstance *fwInstance,
3453 CK_SESSION_HANDLE hSession,
3456 CK_BYTE_PTR pDigest,
3457 CK_ULONG_PTR pulDigestLen
3460 CK_RV error = CKR_OK;
3461 NSSCKFWSession *fwSession;
3464 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3468 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3470 error = CKR_SESSION_HANDLE_INVALID;
3474 error = nssCKFWSession_UpdateFinal(fwSession,
3475 NSSCKFWCryptoOperationType_Digest,
3476 NSSCKFWCryptoOperationState_Digest,
3477 pData, ulDataLen, pDigest, pulDigestLen);
3479 if (CKR_OK == error) {
3486 case CKR_ARGUMENTS_BAD:
3487 case CKR_BUFFER_TOO_SMALL:
3488 case CKR_CRYPTOKI_NOT_INITIALIZED:
3489 case CKR_DEVICE_ERROR:
3490 case CKR_DEVICE_MEMORY:
3491 case CKR_DEVICE_REMOVED:
3492 case CKR_FUNCTION_CANCELED:
3493 case CKR_FUNCTION_FAILED:
3494 case CKR_GENERAL_ERROR:
3495 case CKR_HOST_MEMORY:
3496 case CKR_OPERATION_NOT_INITIALIZED:
3497 case CKR_SESSION_CLOSED:
3498 case CKR_SESSION_HANDLE_INVALID:
3502 error = CKR_GENERAL_ERROR;
3509 * NSSCKFWC_DigestUpdate
3513 NSSCKFWC_DigestUpdate
3515 NSSCKFWInstance *fwInstance,
3516 CK_SESSION_HANDLE hSession,
3521 CK_RV error = CKR_OK;
3522 NSSCKFWSession *fwSession;
3525 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3529 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3531 error = CKR_SESSION_HANDLE_INVALID;
3535 error = nssCKFWSession_DigestUpdate(fwSession,
3536 NSSCKFWCryptoOperationType_Digest,
3537 NSSCKFWCryptoOperationState_Digest,
3540 if (CKR_OK == error) {
3547 case CKR_ARGUMENTS_BAD:
3548 case CKR_CRYPTOKI_NOT_INITIALIZED:
3549 case CKR_DEVICE_ERROR:
3550 case CKR_DEVICE_MEMORY:
3551 case CKR_DEVICE_REMOVED:
3552 case CKR_FUNCTION_CANCELED:
3553 case CKR_FUNCTION_FAILED:
3554 case CKR_GENERAL_ERROR:
3555 case CKR_HOST_MEMORY:
3556 case CKR_OPERATION_NOT_INITIALIZED:
3557 case CKR_SESSION_CLOSED:
3558 case CKR_SESSION_HANDLE_INVALID:
3562 error = CKR_GENERAL_ERROR;
3569 * NSSCKFWC_DigestKey
3575 NSSCKFWInstance *fwInstance,
3576 CK_SESSION_HANDLE hSession,
3577 CK_OBJECT_HANDLE hKey
3580 CK_RV error = CKR_OK;
3581 NSSCKFWSession *fwSession;
3582 NSSCKFWObject *fwObject;
3585 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3589 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3591 error = CKR_SESSION_HANDLE_INVALID;
3595 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3597 error = CKR_KEY_HANDLE_INVALID;
3601 error = nssCKFWSession_DigestKey(fwSession, fwObject);
3603 if (CKR_OK == error) {
3610 case CKR_CRYPTOKI_NOT_INITIALIZED:
3611 case CKR_DEVICE_ERROR:
3612 case CKR_DEVICE_MEMORY:
3613 case CKR_DEVICE_REMOVED:
3614 case CKR_FUNCTION_CANCELED:
3615 case CKR_FUNCTION_FAILED:
3616 case CKR_GENERAL_ERROR:
3617 case CKR_HOST_MEMORY:
3618 case CKR_KEY_HANDLE_INVALID:
3619 case CKR_KEY_INDIGESTIBLE:
3620 case CKR_KEY_SIZE_RANGE:
3621 case CKR_OPERATION_NOT_INITIALIZED:
3622 case CKR_SESSION_CLOSED:
3623 case CKR_SESSION_HANDLE_INVALID:
3627 error = CKR_GENERAL_ERROR;
3634 * NSSCKFWC_DigestFinal
3638 NSSCKFWC_DigestFinal
3640 NSSCKFWInstance *fwInstance,
3641 CK_SESSION_HANDLE hSession,
3642 CK_BYTE_PTR pDigest,
3643 CK_ULONG_PTR pulDigestLen
3646 CK_RV error = CKR_OK;
3647 NSSCKFWSession *fwSession;
3650 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3654 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3656 error = CKR_SESSION_HANDLE_INVALID;
3660 error = nssCKFWSession_Final(fwSession,
3661 NSSCKFWCryptoOperationType_Digest,
3662 NSSCKFWCryptoOperationState_Digest,
3663 pDigest, pulDigestLen);
3665 if (CKR_OK == error) {
3672 case CKR_ARGUMENTS_BAD:
3673 case CKR_BUFFER_TOO_SMALL:
3674 case CKR_CRYPTOKI_NOT_INITIALIZED:
3675 case CKR_DEVICE_ERROR:
3676 case CKR_DEVICE_MEMORY:
3677 case CKR_DEVICE_REMOVED:
3678 case CKR_FUNCTION_CANCELED:
3679 case CKR_FUNCTION_FAILED:
3680 case CKR_GENERAL_ERROR:
3681 case CKR_HOST_MEMORY:
3682 case CKR_OPERATION_NOT_INITIALIZED:
3683 case CKR_SESSION_CLOSED:
3684 case CKR_SESSION_HANDLE_INVALID:
3688 error = CKR_GENERAL_ERROR;
3701 NSSCKFWInstance *fwInstance,
3702 CK_SESSION_HANDLE hSession,
3703 CK_MECHANISM_PTR pMechanism,
3704 CK_OBJECT_HANDLE hKey
3707 CK_RV error = CKR_OK;
3708 NSSCKFWSession *fwSession;
3709 NSSCKFWObject *fwObject;
3710 NSSCKFWSlot *fwSlot;
3711 NSSCKFWToken *fwToken;
3712 NSSCKFWMechanism *fwMechanism;
3715 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3719 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3721 error = CKR_SESSION_HANDLE_INVALID;
3725 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
3727 error = CKR_KEY_HANDLE_INVALID;
3731 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
3733 error = CKR_GENERAL_ERROR; /* should never happen! */
3737 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
3738 error = CKR_TOKEN_NOT_PRESENT;
3742 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
3747 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
3752 error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
3755 nssCKFWMechanism_Destroy(fwMechanism);
3757 if (CKR_OK == error) {
3764 case CKR_ARGUMENTS_BAD:
3765 case CKR_CRYPTOKI_NOT_INITIALIZED:
3766 case CKR_DEVICE_ERROR:
3767 case CKR_DEVICE_MEMORY:
3768 case CKR_DEVICE_REMOVED:
3769 case CKR_FUNCTION_CANCELED:
3770 case CKR_FUNCTION_FAILED:
3771 case CKR_GENERAL_ERROR:
3772 case CKR_HOST_MEMORY:
3773 case CKR_KEY_FUNCTION_NOT_PERMITTED:
3774 case CKR_KEY_HANDLE_INVALID:
3775 case CKR_KEY_SIZE_RANGE:
3776 case CKR_KEY_TYPE_INCONSISTENT:
3777 case CKR_MECHANISM_INVALID:
3778 case CKR_MECHANISM_PARAM_INVALID:
3779 case CKR_OPERATION_ACTIVE:
3780 case CKR_PIN_EXPIRED:
3781 case CKR_SESSION_CLOSED:
3782 case CKR_SESSION_HANDLE_INVALID:
3783 case CKR_USER_NOT_LOGGED_IN:
3787 error = CKR_GENERAL_ERROR;
3800 NSSCKFWInstance *fwInstance,
3801 CK_SESSION_HANDLE hSession,
3804 CK_BYTE_PTR pSignature,
3805 CK_ULONG_PTR pulSignatureLen
3808 CK_RV error = CKR_OK;
3809 NSSCKFWSession *fwSession;
3812 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3816 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3818 error = CKR_SESSION_HANDLE_INVALID;
3822 error = nssCKFWSession_UpdateFinal(fwSession,
3823 NSSCKFWCryptoOperationType_Sign,
3824 NSSCKFWCryptoOperationState_SignVerify,
3825 pData, ulDataLen, pSignature, pulSignatureLen);
3827 if (CKR_OK == error) {
3834 case CKR_ARGUMENTS_BAD:
3835 case CKR_BUFFER_TOO_SMALL:
3836 case CKR_CRYPTOKI_NOT_INITIALIZED:
3837 case CKR_DATA_INVALID:
3838 case CKR_DATA_LEN_RANGE:
3839 case CKR_DEVICE_ERROR:
3840 case CKR_DEVICE_MEMORY:
3841 case CKR_DEVICE_REMOVED:
3842 case CKR_FUNCTION_CANCELED:
3843 case CKR_FUNCTION_FAILED:
3844 case CKR_GENERAL_ERROR:
3845 case CKR_HOST_MEMORY:
3846 case CKR_OPERATION_NOT_INITIALIZED:
3847 case CKR_SESSION_CLOSED:
3848 case CKR_SESSION_HANDLE_INVALID:
3849 case CKR_USER_NOT_LOGGED_IN:
3850 case CKR_FUNCTION_REJECTED:
3854 error = CKR_GENERAL_ERROR;
3861 * NSSCKFWC_SignUpdate
3867 NSSCKFWInstance *fwInstance,
3868 CK_SESSION_HANDLE hSession,
3873 CK_RV error = CKR_OK;
3874 NSSCKFWSession *fwSession;
3877 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3881 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3883 error = CKR_SESSION_HANDLE_INVALID;
3887 error = nssCKFWSession_DigestUpdate(fwSession,
3888 NSSCKFWCryptoOperationType_Sign,
3889 NSSCKFWCryptoOperationState_SignVerify,
3892 if (CKR_OK == error) {
3899 case CKR_ARGUMENTS_BAD:
3900 case CKR_CRYPTOKI_NOT_INITIALIZED:
3901 case CKR_DATA_LEN_RANGE:
3902 case CKR_DEVICE_ERROR:
3903 case CKR_DEVICE_MEMORY:
3904 case CKR_DEVICE_REMOVED:
3905 case CKR_FUNCTION_CANCELED:
3906 case CKR_FUNCTION_FAILED:
3907 case CKR_GENERAL_ERROR:
3908 case CKR_HOST_MEMORY:
3909 case CKR_OPERATION_NOT_INITIALIZED:
3910 case CKR_SESSION_CLOSED:
3911 case CKR_SESSION_HANDLE_INVALID:
3912 case CKR_USER_NOT_LOGGED_IN:
3916 error = CKR_GENERAL_ERROR;
3923 * NSSCKFWC_SignFinal
3929 NSSCKFWInstance *fwInstance,
3930 CK_SESSION_HANDLE hSession,
3931 CK_BYTE_PTR pSignature,
3932 CK_ULONG_PTR pulSignatureLen
3935 CK_RV error = CKR_OK;
3936 NSSCKFWSession *fwSession;
3939 error = CKR_CRYPTOKI_NOT_INITIALIZED;
3943 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
3945 error = CKR_SESSION_HANDLE_INVALID;
3949 error = nssCKFWSession_Final(fwSession,
3950 NSSCKFWCryptoOperationType_Sign,
3951 NSSCKFWCryptoOperationState_SignVerify,
3952 pSignature, pulSignatureLen);
3954 if (CKR_OK == error) {
3961 case CKR_ARGUMENTS_BAD:
3962 case CKR_BUFFER_TOO_SMALL:
3963 case CKR_CRYPTOKI_NOT_INITIALIZED:
3964 case CKR_DATA_LEN_RANGE:
3965 case CKR_DEVICE_ERROR:
3966 case CKR_DEVICE_MEMORY:
3967 case CKR_DEVICE_REMOVED:
3968 case CKR_FUNCTION_CANCELED:
3969 case CKR_FUNCTION_FAILED:
3970 case CKR_GENERAL_ERROR:
3971 case CKR_HOST_MEMORY:
3972 case CKR_OPERATION_NOT_INITIALIZED:
3973 case CKR_SESSION_CLOSED:
3974 case CKR_SESSION_HANDLE_INVALID:
3975 case CKR_USER_NOT_LOGGED_IN:
3976 case CKR_FUNCTION_REJECTED:
3980 error = CKR_GENERAL_ERROR;
3987 * NSSCKFWC_SignRecoverInit
3991 NSSCKFWC_SignRecoverInit
3993 NSSCKFWInstance *fwInstance,
3994 CK_SESSION_HANDLE hSession,
3995 CK_MECHANISM_PTR pMechanism,
3996 CK_OBJECT_HANDLE hKey
3999 CK_RV error = CKR_OK;
4000 NSSCKFWSession *fwSession;
4001 NSSCKFWObject *fwObject;
4002 NSSCKFWSlot *fwSlot;
4003 NSSCKFWToken *fwToken;
4004 NSSCKFWMechanism *fwMechanism;
4007 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4011 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4013 error = CKR_SESSION_HANDLE_INVALID;
4017 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4019 error = CKR_KEY_HANDLE_INVALID;
4023 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4025 error = CKR_GENERAL_ERROR; /* should never happen! */
4029 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4030 error = CKR_TOKEN_NOT_PRESENT;
4034 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4039 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4044 error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
4047 nssCKFWMechanism_Destroy(fwMechanism);
4049 if (CKR_OK == error) {
4056 case CKR_ARGUMENTS_BAD:
4057 case CKR_CRYPTOKI_NOT_INITIALIZED:
4058 case CKR_DEVICE_ERROR:
4059 case CKR_DEVICE_MEMORY:
4060 case CKR_DEVICE_REMOVED:
4061 case CKR_FUNCTION_CANCELED:
4062 case CKR_FUNCTION_FAILED:
4063 case CKR_GENERAL_ERROR:
4064 case CKR_HOST_MEMORY:
4065 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4066 case CKR_KEY_HANDLE_INVALID:
4067 case CKR_KEY_SIZE_RANGE:
4068 case CKR_KEY_TYPE_INCONSISTENT:
4069 case CKR_MECHANISM_INVALID:
4070 case CKR_MECHANISM_PARAM_INVALID:
4071 case CKR_OPERATION_ACTIVE:
4072 case CKR_PIN_EXPIRED:
4073 case CKR_SESSION_CLOSED:
4074 case CKR_SESSION_HANDLE_INVALID:
4075 case CKR_USER_NOT_LOGGED_IN:
4079 error = CKR_GENERAL_ERROR;
4086 * NSSCKFWC_SignRecover
4090 NSSCKFWC_SignRecover
4092 NSSCKFWInstance *fwInstance,
4093 CK_SESSION_HANDLE hSession,
4096 CK_BYTE_PTR pSignature,
4097 CK_ULONG_PTR pulSignatureLen
4100 CK_RV error = CKR_OK;
4101 NSSCKFWSession *fwSession;
4104 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4108 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4110 error = CKR_SESSION_HANDLE_INVALID;
4114 error = nssCKFWSession_UpdateFinal(fwSession,
4115 NSSCKFWCryptoOperationType_SignRecover,
4116 NSSCKFWCryptoOperationState_SignVerify,
4117 pData, ulDataLen, pSignature, pulSignatureLen);
4119 if (CKR_OK == error) {
4126 case CKR_ARGUMENTS_BAD:
4127 case CKR_BUFFER_TOO_SMALL:
4128 case CKR_CRYPTOKI_NOT_INITIALIZED:
4129 case CKR_DATA_INVALID:
4130 case CKR_DATA_LEN_RANGE:
4131 case CKR_DEVICE_ERROR:
4132 case CKR_DEVICE_MEMORY:
4133 case CKR_DEVICE_REMOVED:
4134 case CKR_FUNCTION_CANCELED:
4135 case CKR_FUNCTION_FAILED:
4136 case CKR_GENERAL_ERROR:
4137 case CKR_HOST_MEMORY:
4138 case CKR_OPERATION_NOT_INITIALIZED:
4139 case CKR_SESSION_CLOSED:
4140 case CKR_SESSION_HANDLE_INVALID:
4141 case CKR_USER_NOT_LOGGED_IN:
4145 error = CKR_GENERAL_ERROR;
4152 * NSSCKFWC_VerifyInit
4158 NSSCKFWInstance *fwInstance,
4159 CK_SESSION_HANDLE hSession,
4160 CK_MECHANISM_PTR pMechanism,
4161 CK_OBJECT_HANDLE hKey
4164 CK_RV error = CKR_OK;
4165 NSSCKFWSession *fwSession;
4166 NSSCKFWObject *fwObject;
4167 NSSCKFWSlot *fwSlot;
4168 NSSCKFWToken *fwToken;
4169 NSSCKFWMechanism *fwMechanism;
4172 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4176 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4178 error = CKR_SESSION_HANDLE_INVALID;
4182 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4184 error = CKR_KEY_HANDLE_INVALID;
4188 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4190 error = CKR_GENERAL_ERROR; /* should never happen! */
4194 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4195 error = CKR_TOKEN_NOT_PRESENT;
4199 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4204 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4209 error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
4212 nssCKFWMechanism_Destroy(fwMechanism);
4214 if (CKR_OK == error) {
4221 case CKR_ARGUMENTS_BAD:
4222 case CKR_CRYPTOKI_NOT_INITIALIZED:
4223 case CKR_DEVICE_ERROR:
4224 case CKR_DEVICE_MEMORY:
4225 case CKR_DEVICE_REMOVED:
4226 case CKR_FUNCTION_CANCELED:
4227 case CKR_FUNCTION_FAILED:
4228 case CKR_GENERAL_ERROR:
4229 case CKR_HOST_MEMORY:
4230 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4231 case CKR_KEY_HANDLE_INVALID:
4232 case CKR_KEY_SIZE_RANGE:
4233 case CKR_KEY_TYPE_INCONSISTENT:
4234 case CKR_MECHANISM_INVALID:
4235 case CKR_MECHANISM_PARAM_INVALID:
4236 case CKR_OPERATION_ACTIVE:
4237 case CKR_PIN_EXPIRED:
4238 case CKR_SESSION_CLOSED:
4239 case CKR_SESSION_HANDLE_INVALID:
4240 case CKR_USER_NOT_LOGGED_IN:
4244 error = CKR_GENERAL_ERROR;
4257 NSSCKFWInstance *fwInstance,
4258 CK_SESSION_HANDLE hSession,
4261 CK_BYTE_PTR pSignature,
4262 CK_ULONG ulSignatureLen
4265 CK_RV error = CKR_OK;
4266 NSSCKFWSession *fwSession;
4269 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4273 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4275 error = CKR_SESSION_HANDLE_INVALID;
4279 error = nssCKFWSession_UpdateFinal(fwSession,
4280 NSSCKFWCryptoOperationType_Verify,
4281 NSSCKFWCryptoOperationState_SignVerify,
4282 pData, ulDataLen, pSignature, &ulSignatureLen);
4284 if (CKR_OK == error) {
4291 case CKR_ARGUMENTS_BAD:
4292 case CKR_CRYPTOKI_NOT_INITIALIZED:
4293 case CKR_DATA_INVALID:
4294 case CKR_DATA_LEN_RANGE:
4295 case CKR_DEVICE_ERROR:
4296 case CKR_DEVICE_MEMORY:
4297 case CKR_DEVICE_REMOVED:
4298 case CKR_FUNCTION_CANCELED:
4299 case CKR_FUNCTION_FAILED:
4300 case CKR_GENERAL_ERROR:
4301 case CKR_HOST_MEMORY:
4302 case CKR_OPERATION_NOT_INITIALIZED:
4303 case CKR_SESSION_CLOSED:
4304 case CKR_SESSION_HANDLE_INVALID:
4305 case CKR_SIGNATURE_INVALID:
4306 case CKR_SIGNATURE_LEN_RANGE:
4310 error = CKR_GENERAL_ERROR;
4317 * NSSCKFWC_VerifyUpdate
4321 NSSCKFWC_VerifyUpdate
4323 NSSCKFWInstance *fwInstance,
4324 CK_SESSION_HANDLE hSession,
4329 CK_RV error = CKR_OK;
4330 NSSCKFWSession *fwSession;
4333 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4337 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4339 error = CKR_SESSION_HANDLE_INVALID;
4343 error = nssCKFWSession_DigestUpdate(fwSession,
4344 NSSCKFWCryptoOperationType_Verify,
4345 NSSCKFWCryptoOperationState_SignVerify,
4348 if (CKR_OK == error) {
4355 case CKR_ARGUMENTS_BAD:
4356 case CKR_CRYPTOKI_NOT_INITIALIZED:
4357 case CKR_DATA_LEN_RANGE:
4358 case CKR_DEVICE_ERROR:
4359 case CKR_DEVICE_MEMORY:
4360 case CKR_DEVICE_REMOVED:
4361 case CKR_FUNCTION_CANCELED:
4362 case CKR_FUNCTION_FAILED:
4363 case CKR_GENERAL_ERROR:
4364 case CKR_HOST_MEMORY:
4365 case CKR_OPERATION_NOT_INITIALIZED:
4366 case CKR_SESSION_CLOSED:
4367 case CKR_SESSION_HANDLE_INVALID:
4371 error = CKR_GENERAL_ERROR;
4378 * NSSCKFWC_VerifyFinal
4382 NSSCKFWC_VerifyFinal
4384 NSSCKFWInstance *fwInstance,
4385 CK_SESSION_HANDLE hSession,
4386 CK_BYTE_PTR pSignature,
4387 CK_ULONG ulSignatureLen
4390 CK_RV error = CKR_OK;
4391 NSSCKFWSession *fwSession;
4394 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4398 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4400 error = CKR_SESSION_HANDLE_INVALID;
4404 error = nssCKFWSession_Final(fwSession,
4405 NSSCKFWCryptoOperationType_Verify,
4406 NSSCKFWCryptoOperationState_SignVerify,
4407 pSignature, &ulSignatureLen);
4409 if (CKR_OK == error) {
4416 case CKR_ARGUMENTS_BAD:
4417 case CKR_CRYPTOKI_NOT_INITIALIZED:
4418 case CKR_DATA_LEN_RANGE:
4419 case CKR_DEVICE_ERROR:
4420 case CKR_DEVICE_MEMORY:
4421 case CKR_DEVICE_REMOVED:
4422 case CKR_FUNCTION_CANCELED:
4423 case CKR_FUNCTION_FAILED:
4424 case CKR_GENERAL_ERROR:
4425 case CKR_HOST_MEMORY:
4426 case CKR_OPERATION_NOT_INITIALIZED:
4427 case CKR_SESSION_CLOSED:
4428 case CKR_SESSION_HANDLE_INVALID:
4429 case CKR_SIGNATURE_INVALID:
4430 case CKR_SIGNATURE_LEN_RANGE:
4434 error = CKR_GENERAL_ERROR;
4441 * NSSCKFWC_VerifyRecoverInit
4445 NSSCKFWC_VerifyRecoverInit
4447 NSSCKFWInstance *fwInstance,
4448 CK_SESSION_HANDLE hSession,
4449 CK_MECHANISM_PTR pMechanism,
4450 CK_OBJECT_HANDLE hKey
4453 CK_RV error = CKR_OK;
4454 NSSCKFWSession *fwSession;
4455 NSSCKFWObject *fwObject;
4456 NSSCKFWSlot *fwSlot;
4457 NSSCKFWToken *fwToken;
4458 NSSCKFWMechanism *fwMechanism;
4461 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4465 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4467 error = CKR_SESSION_HANDLE_INVALID;
4471 fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
4473 error = CKR_KEY_HANDLE_INVALID;
4477 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4479 error = CKR_GENERAL_ERROR; /* should never happen! */
4483 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4484 error = CKR_TOKEN_NOT_PRESENT;
4488 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4493 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4498 error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
4499 fwSession, fwObject);
4501 nssCKFWMechanism_Destroy(fwMechanism);
4503 if (CKR_OK == error) {
4510 case CKR_ARGUMENTS_BAD:
4511 case CKR_CRYPTOKI_NOT_INITIALIZED:
4512 case CKR_DEVICE_ERROR:
4513 case CKR_DEVICE_MEMORY:
4514 case CKR_DEVICE_REMOVED:
4515 case CKR_FUNCTION_CANCELED:
4516 case CKR_FUNCTION_FAILED:
4517 case CKR_GENERAL_ERROR:
4518 case CKR_HOST_MEMORY:
4519 case CKR_KEY_FUNCTION_NOT_PERMITTED:
4520 case CKR_KEY_HANDLE_INVALID:
4521 case CKR_KEY_SIZE_RANGE:
4522 case CKR_KEY_TYPE_INCONSISTENT:
4523 case CKR_MECHANISM_INVALID:
4524 case CKR_MECHANISM_PARAM_INVALID:
4525 case CKR_OPERATION_ACTIVE:
4526 case CKR_PIN_EXPIRED:
4527 case CKR_SESSION_HANDLE_INVALID:
4528 case CKR_SESSION_CLOSED:
4529 case CKR_USER_NOT_LOGGED_IN:
4533 error = CKR_GENERAL_ERROR;
4540 * NSSCKFWC_VerifyRecover
4544 NSSCKFWC_VerifyRecover
4546 NSSCKFWInstance *fwInstance,
4547 CK_SESSION_HANDLE hSession,
4548 CK_BYTE_PTR pSignature,
4549 CK_ULONG ulSignatureLen,
4551 CK_ULONG_PTR pulDataLen
4554 CK_RV error = CKR_OK;
4555 NSSCKFWSession *fwSession;
4558 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4562 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4564 error = CKR_SESSION_HANDLE_INVALID;
4568 error = nssCKFWSession_UpdateFinal(fwSession,
4569 NSSCKFWCryptoOperationType_VerifyRecover,
4570 NSSCKFWCryptoOperationState_SignVerify,
4571 pSignature, ulSignatureLen, pData, pulDataLen);
4572 if (CKR_OK == error) {
4578 case CKR_ARGUMENTS_BAD:
4579 case CKR_BUFFER_TOO_SMALL:
4580 case CKR_CRYPTOKI_NOT_INITIALIZED:
4581 case CKR_DATA_INVALID:
4582 case CKR_DATA_LEN_RANGE:
4583 case CKR_DEVICE_ERROR:
4584 case CKR_DEVICE_MEMORY:
4585 case CKR_DEVICE_REMOVED:
4586 case CKR_FUNCTION_CANCELED:
4587 case CKR_FUNCTION_FAILED:
4588 case CKR_GENERAL_ERROR:
4589 case CKR_HOST_MEMORY:
4590 case CKR_OPERATION_NOT_INITIALIZED:
4591 case CKR_SESSION_CLOSED:
4592 case CKR_SESSION_HANDLE_INVALID:
4593 case CKR_SIGNATURE_INVALID:
4594 case CKR_SIGNATURE_LEN_RANGE:
4598 error = CKR_GENERAL_ERROR;
4605 * NSSCKFWC_DigestEncryptUpdate
4609 NSSCKFWC_DigestEncryptUpdate
4611 NSSCKFWInstance *fwInstance,
4612 CK_SESSION_HANDLE hSession,
4615 CK_BYTE_PTR pEncryptedPart,
4616 CK_ULONG_PTR pulEncryptedPartLen
4619 CK_RV error = CKR_OK;
4620 NSSCKFWSession *fwSession;
4623 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4627 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4629 error = CKR_SESSION_HANDLE_INVALID;
4633 error = nssCKFWSession_UpdateCombo(fwSession,
4634 NSSCKFWCryptoOperationType_Encrypt,
4635 NSSCKFWCryptoOperationType_Digest,
4636 NSSCKFWCryptoOperationState_Digest,
4637 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4639 if (CKR_OK == error) {
4646 case CKR_ARGUMENTS_BAD:
4647 case CKR_BUFFER_TOO_SMALL:
4648 case CKR_CRYPTOKI_NOT_INITIALIZED:
4649 case CKR_DATA_LEN_RANGE:
4650 case CKR_DEVICE_ERROR:
4651 case CKR_DEVICE_MEMORY:
4652 case CKR_DEVICE_REMOVED:
4653 case CKR_FUNCTION_CANCELED:
4654 case CKR_FUNCTION_FAILED:
4655 case CKR_GENERAL_ERROR:
4656 case CKR_HOST_MEMORY:
4657 case CKR_OPERATION_NOT_INITIALIZED:
4658 case CKR_SESSION_CLOSED:
4659 case CKR_SESSION_HANDLE_INVALID:
4663 error = CKR_GENERAL_ERROR;
4670 * NSSCKFWC_DecryptDigestUpdate
4674 NSSCKFWC_DecryptDigestUpdate
4676 NSSCKFWInstance *fwInstance,
4677 CK_SESSION_HANDLE hSession,
4678 CK_BYTE_PTR pEncryptedPart,
4679 CK_ULONG ulEncryptedPartLen,
4681 CK_ULONG_PTR pulPartLen
4684 CK_RV error = CKR_OK;
4685 NSSCKFWSession *fwSession;
4688 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4692 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4694 error = CKR_SESSION_HANDLE_INVALID;
4698 error = nssCKFWSession_UpdateCombo(fwSession,
4699 NSSCKFWCryptoOperationType_Decrypt,
4700 NSSCKFWCryptoOperationType_Digest,
4701 NSSCKFWCryptoOperationState_Digest,
4702 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4704 if (CKR_OK == error) {
4711 case CKR_ARGUMENTS_BAD:
4712 case CKR_BUFFER_TOO_SMALL:
4713 case CKR_CRYPTOKI_NOT_INITIALIZED:
4714 case CKR_DEVICE_ERROR:
4715 case CKR_DEVICE_MEMORY:
4716 case CKR_DEVICE_REMOVED:
4717 case CKR_ENCRYPTED_DATA_INVALID:
4718 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4719 case CKR_FUNCTION_CANCELED:
4720 case CKR_FUNCTION_FAILED:
4721 case CKR_GENERAL_ERROR:
4722 case CKR_HOST_MEMORY:
4723 case CKR_OPERATION_NOT_INITIALIZED:
4724 case CKR_SESSION_CLOSED:
4725 case CKR_SESSION_HANDLE_INVALID:
4727 case CKR_DATA_INVALID:
4728 error = CKR_ENCRYPTED_DATA_INVALID;
4730 case CKR_DATA_LEN_RANGE:
4731 error = CKR_ENCRYPTED_DATA_LEN_RANGE;
4735 error = CKR_GENERAL_ERROR;
4742 * NSSCKFWC_SignEncryptUpdate
4746 NSSCKFWC_SignEncryptUpdate
4748 NSSCKFWInstance *fwInstance,
4749 CK_SESSION_HANDLE hSession,
4752 CK_BYTE_PTR pEncryptedPart,
4753 CK_ULONG_PTR pulEncryptedPartLen
4756 CK_RV error = CKR_OK;
4757 NSSCKFWSession *fwSession;
4760 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4764 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4766 error = CKR_SESSION_HANDLE_INVALID;
4770 error = nssCKFWSession_UpdateCombo(fwSession,
4771 NSSCKFWCryptoOperationType_Encrypt,
4772 NSSCKFWCryptoOperationType_Sign,
4773 NSSCKFWCryptoOperationState_SignVerify,
4774 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
4776 if (CKR_OK == error) {
4783 case CKR_ARGUMENTS_BAD:
4784 case CKR_BUFFER_TOO_SMALL:
4785 case CKR_CRYPTOKI_NOT_INITIALIZED:
4786 case CKR_DATA_LEN_RANGE:
4787 case CKR_DEVICE_ERROR:
4788 case CKR_DEVICE_MEMORY:
4789 case CKR_DEVICE_REMOVED:
4790 case CKR_FUNCTION_CANCELED:
4791 case CKR_FUNCTION_FAILED:
4792 case CKR_GENERAL_ERROR:
4793 case CKR_HOST_MEMORY:
4794 case CKR_OPERATION_NOT_INITIALIZED:
4795 case CKR_SESSION_CLOSED:
4796 case CKR_SESSION_HANDLE_INVALID:
4797 case CKR_USER_NOT_LOGGED_IN:
4801 error = CKR_GENERAL_ERROR;
4808 * NSSCKFWC_DecryptVerifyUpdate
4812 NSSCKFWC_DecryptVerifyUpdate
4814 NSSCKFWInstance *fwInstance,
4815 CK_SESSION_HANDLE hSession,
4816 CK_BYTE_PTR pEncryptedPart,
4817 CK_ULONG ulEncryptedPartLen,
4819 CK_ULONG_PTR pulPartLen
4822 CK_RV error = CKR_OK;
4823 NSSCKFWSession *fwSession;
4826 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4830 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4832 error = CKR_SESSION_HANDLE_INVALID;
4836 error = nssCKFWSession_UpdateCombo(fwSession,
4837 NSSCKFWCryptoOperationType_Decrypt,
4838 NSSCKFWCryptoOperationType_Verify,
4839 NSSCKFWCryptoOperationState_SignVerify,
4840 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
4842 if (CKR_OK == error) {
4849 case CKR_ARGUMENTS_BAD:
4850 case CKR_BUFFER_TOO_SMALL:
4851 case CKR_CRYPTOKI_NOT_INITIALIZED:
4852 case CKR_DATA_LEN_RANGE:
4853 case CKR_DEVICE_ERROR:
4854 case CKR_DEVICE_MEMORY:
4855 case CKR_DEVICE_REMOVED:
4856 case CKR_ENCRYPTED_DATA_INVALID:
4857 case CKR_ENCRYPTED_DATA_LEN_RANGE:
4858 case CKR_FUNCTION_CANCELED:
4859 case CKR_FUNCTION_FAILED:
4860 case CKR_GENERAL_ERROR:
4861 case CKR_HOST_MEMORY:
4862 case CKR_OPERATION_NOT_INITIALIZED:
4863 case CKR_SESSION_CLOSED:
4864 case CKR_SESSION_HANDLE_INVALID:
4866 case CKR_DATA_INVALID:
4867 error = CKR_ENCRYPTED_DATA_INVALID;
4871 error = CKR_GENERAL_ERROR;
4878 * NSSCKFWC_GenerateKey
4882 NSSCKFWC_GenerateKey
4884 NSSCKFWInstance *fwInstance,
4885 CK_SESSION_HANDLE hSession,
4886 CK_MECHANISM_PTR pMechanism,
4887 CK_ATTRIBUTE_PTR pTemplate,
4889 CK_OBJECT_HANDLE_PTR phKey
4892 CK_RV error = CKR_OK;
4893 NSSCKFWSession *fwSession;
4894 NSSCKFWObject *fwObject;
4895 NSSCKFWSlot *fwSlot;
4896 NSSCKFWToken *fwToken;
4897 NSSCKFWMechanism *fwMechanism;
4900 error = CKR_CRYPTOKI_NOT_INITIALIZED;
4904 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
4906 error = CKR_SESSION_HANDLE_INVALID;
4910 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
4912 error = CKR_GENERAL_ERROR; /* should never happen! */
4916 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
4917 error = CKR_TOKEN_NOT_PRESENT;
4921 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
4926 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
4931 fwObject = nssCKFWMechanism_GenerateKey(
4939 nssCKFWMechanism_Destroy(fwMechanism);
4943 *phKey= nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
4945 if (CKR_OK == error) {
4952 case CKR_ARGUMENTS_BAD:
4953 case CKR_ATTRIBUTE_READ_ONLY:
4954 case CKR_ATTRIBUTE_TYPE_INVALID:
4955 case CKR_ATTRIBUTE_VALUE_INVALID:
4956 case CKR_CRYPTOKI_NOT_INITIALIZED:
4957 case CKR_DEVICE_ERROR:
4958 case CKR_DEVICE_MEMORY:
4959 case CKR_DEVICE_REMOVED:
4960 case CKR_FUNCTION_CANCELED:
4961 case CKR_FUNCTION_FAILED:
4962 case CKR_GENERAL_ERROR:
4963 case CKR_HOST_MEMORY:
4964 case CKR_MECHANISM_INVALID:
4965 case CKR_MECHANISM_PARAM_INVALID:
4966 case CKR_OPERATION_ACTIVE:
4967 case CKR_PIN_EXPIRED:
4968 case CKR_SESSION_CLOSED:
4969 case CKR_SESSION_HANDLE_INVALID:
4970 case CKR_SESSION_READ_ONLY:
4971 case CKR_TEMPLATE_INCOMPLETE:
4972 case CKR_TEMPLATE_INCONSISTENT:
4973 case CKR_TOKEN_WRITE_PROTECTED:
4974 case CKR_USER_NOT_LOGGED_IN:
4978 error = CKR_GENERAL_ERROR;
4985 * NSSCKFWC_GenerateKeyPair
4989 NSSCKFWC_GenerateKeyPair
4991 NSSCKFWInstance *fwInstance,
4992 CK_SESSION_HANDLE hSession,
4993 CK_MECHANISM_PTR pMechanism,
4994 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
4995 CK_ULONG ulPublicKeyAttributeCount,
4996 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
4997 CK_ULONG ulPrivateKeyAttributeCount,
4998 CK_OBJECT_HANDLE_PTR phPublicKey,
4999 CK_OBJECT_HANDLE_PTR phPrivateKey
5002 CK_RV error = CKR_OK;
5003 NSSCKFWSession *fwSession;
5004 NSSCKFWObject *fwPrivateKeyObject;
5005 NSSCKFWObject *fwPublicKeyObject;
5006 NSSCKFWSlot *fwSlot;
5007 NSSCKFWToken *fwToken;
5008 NSSCKFWMechanism *fwMechanism;
5011 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5015 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5017 error = CKR_SESSION_HANDLE_INVALID;
5021 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5023 error = CKR_GENERAL_ERROR; /* should never happen! */
5027 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5028 error = CKR_TOKEN_NOT_PRESENT;
5032 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5037 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5042 error= nssCKFWMechanism_GenerateKeyPair(
5047 ulPublicKeyAttributeCount,
5049 ulPublicKeyAttributeCount,
5051 &fwPrivateKeyObject);
5053 nssCKFWMechanism_Destroy(fwMechanism);
5054 if (CKR_OK != error) {
5057 *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5060 if (CKR_OK != error) {
5063 *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
5066 if (CKR_OK == error) {
5073 case CKR_ARGUMENTS_BAD:
5074 case CKR_ATTRIBUTE_READ_ONLY:
5075 case CKR_ATTRIBUTE_TYPE_INVALID:
5076 case CKR_ATTRIBUTE_VALUE_INVALID:
5077 case CKR_CRYPTOKI_NOT_INITIALIZED:
5078 case CKR_DEVICE_ERROR:
5079 case CKR_DEVICE_MEMORY:
5080 case CKR_DEVICE_REMOVED:
5081 case CKR_DOMAIN_PARAMS_INVALID:
5082 case CKR_FUNCTION_CANCELED:
5083 case CKR_FUNCTION_FAILED:
5084 case CKR_GENERAL_ERROR:
5085 case CKR_HOST_MEMORY:
5086 case CKR_MECHANISM_INVALID:
5087 case CKR_MECHANISM_PARAM_INVALID:
5088 case CKR_OPERATION_ACTIVE:
5089 case CKR_PIN_EXPIRED:
5090 case CKR_SESSION_CLOSED:
5091 case CKR_SESSION_HANDLE_INVALID:
5092 case CKR_SESSION_READ_ONLY:
5093 case CKR_TEMPLATE_INCOMPLETE:
5094 case CKR_TEMPLATE_INCONSISTENT:
5095 case CKR_TOKEN_WRITE_PROTECTED:
5096 case CKR_USER_NOT_LOGGED_IN:
5100 error = CKR_GENERAL_ERROR;
5113 NSSCKFWInstance *fwInstance,
5114 CK_SESSION_HANDLE hSession,
5115 CK_MECHANISM_PTR pMechanism,
5116 CK_OBJECT_HANDLE hWrappingKey,
5117 CK_OBJECT_HANDLE hKey,
5118 CK_BYTE_PTR pWrappedKey,
5119 CK_ULONG_PTR pulWrappedKeyLen
5122 CK_RV error = CKR_OK;
5123 NSSCKFWSession *fwSession;
5124 NSSCKFWObject *fwKeyObject;
5125 NSSCKFWObject *fwWrappingKeyObject;
5126 NSSCKFWSlot *fwSlot;
5127 NSSCKFWToken *fwToken;
5128 NSSCKFWMechanism *fwMechanism;
5130 CK_ULONG wrappedKeyLength = 0;
5133 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5137 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5139 error = CKR_SESSION_HANDLE_INVALID;
5143 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5145 if (!fwWrappingKeyObject) {
5146 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5150 fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
5152 error = CKR_KEY_HANDLE_INVALID;
5156 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5158 error = CKR_GENERAL_ERROR; /* should never happen! */
5162 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5163 error = CKR_TOKEN_NOT_PRESENT;
5167 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5172 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5178 * first get the length...
5180 wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
5184 fwWrappingKeyObject,
5187 if ((CK_ULONG) 0 == wrappedKeyLength) {
5188 nssCKFWMechanism_Destroy(fwMechanism);
5191 if ((CK_BYTE_PTR)NULL == pWrappedKey) {
5192 *pulWrappedKeyLen = wrappedKeyLength;
5193 nssCKFWMechanism_Destroy(fwMechanism);
5196 if (wrappedKeyLength > *pulWrappedKeyLen) {
5197 *pulWrappedKeyLen = wrappedKeyLength;
5198 nssCKFWMechanism_Destroy(fwMechanism);
5199 error = CKR_BUFFER_TOO_SMALL;
5204 wrappedKey.data = pWrappedKey;
5205 wrappedKey.size = wrappedKeyLength;
5207 error = nssCKFWMechanism_WrapKey(
5211 fwWrappingKeyObject,
5215 nssCKFWMechanism_Destroy(fwMechanism);
5216 *pulWrappedKeyLen = wrappedKey.size;
5218 if (CKR_OK == error) {
5225 case CKR_ARGUMENTS_BAD:
5226 case CKR_BUFFER_TOO_SMALL:
5227 case CKR_CRYPTOKI_NOT_INITIALIZED:
5228 case CKR_DEVICE_ERROR:
5229 case CKR_DEVICE_MEMORY:
5230 case CKR_DEVICE_REMOVED:
5231 case CKR_FUNCTION_CANCELED:
5232 case CKR_FUNCTION_FAILED:
5233 case CKR_GENERAL_ERROR:
5234 case CKR_HOST_MEMORY:
5235 case CKR_KEY_HANDLE_INVALID:
5236 case CKR_KEY_NOT_WRAPPABLE:
5237 case CKR_KEY_SIZE_RANGE:
5238 case CKR_KEY_UNEXTRACTABLE:
5239 case CKR_MECHANISM_INVALID:
5240 case CKR_MECHANISM_PARAM_INVALID:
5241 case CKR_OPERATION_ACTIVE:
5242 case CKR_PIN_EXPIRED:
5243 case CKR_SESSION_CLOSED:
5244 case CKR_SESSION_HANDLE_INVALID:
5245 case CKR_WRAPPING_KEY_HANDLE_INVALID:
5246 case CKR_WRAPPING_KEY_SIZE_RANGE:
5247 case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
5249 case CKR_KEY_TYPE_INCONSISTENT:
5250 error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
5254 error = CKR_GENERAL_ERROR;
5261 * NSSCKFWC_UnwrapKey
5267 NSSCKFWInstance *fwInstance,
5268 CK_SESSION_HANDLE hSession,
5269 CK_MECHANISM_PTR pMechanism,
5270 CK_OBJECT_HANDLE hUnwrappingKey,
5271 CK_BYTE_PTR pWrappedKey,
5272 CK_ULONG ulWrappedKeyLen,
5273 CK_ATTRIBUTE_PTR pTemplate,
5274 CK_ULONG ulAttributeCount,
5275 CK_OBJECT_HANDLE_PTR phKey
5278 CK_RV error = CKR_OK;
5279 NSSCKFWSession *fwSession;
5280 NSSCKFWObject *fwObject;
5281 NSSCKFWObject *fwWrappingKeyObject;
5282 NSSCKFWSlot *fwSlot;
5283 NSSCKFWToken *fwToken;
5284 NSSCKFWMechanism *fwMechanism;
5288 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5292 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5294 error = CKR_SESSION_HANDLE_INVALID;
5298 fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
5300 if (!fwWrappingKeyObject) {
5301 error = CKR_WRAPPING_KEY_HANDLE_INVALID;
5305 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5307 error = CKR_GENERAL_ERROR; /* should never happen! */
5311 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5312 error = CKR_TOKEN_NOT_PRESENT;
5316 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5321 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5326 wrappedKey.data = pWrappedKey;
5327 wrappedKey.size = ulWrappedKeyLen;
5329 fwObject = nssCKFWMechanism_UnwrapKey(
5333 fwWrappingKeyObject,
5339 nssCKFWMechanism_Destroy(fwMechanism);
5343 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5345 if (CKR_OK == error) {
5352 case CKR_ARGUMENTS_BAD:
5353 case CKR_ATTRIBUTE_READ_ONLY:
5354 case CKR_ATTRIBUTE_TYPE_INVALID:
5355 case CKR_ATTRIBUTE_VALUE_INVALID:
5356 case CKR_BUFFER_TOO_SMALL:
5357 case CKR_CRYPTOKI_NOT_INITIALIZED:
5358 case CKR_DEVICE_ERROR:
5359 case CKR_DEVICE_MEMORY:
5360 case CKR_DEVICE_REMOVED:
5361 case CKR_DOMAIN_PARAMS_INVALID:
5362 case CKR_FUNCTION_CANCELED:
5363 case CKR_FUNCTION_FAILED:
5364 case CKR_GENERAL_ERROR:
5365 case CKR_HOST_MEMORY:
5366 case CKR_MECHANISM_INVALID:
5367 case CKR_MECHANISM_PARAM_INVALID:
5368 case CKR_OPERATION_ACTIVE:
5369 case CKR_PIN_EXPIRED:
5370 case CKR_SESSION_CLOSED:
5371 case CKR_SESSION_HANDLE_INVALID:
5372 case CKR_SESSION_READ_ONLY:
5373 case CKR_TEMPLATE_INCOMPLETE:
5374 case CKR_TEMPLATE_INCONSISTENT:
5375 case CKR_TOKEN_WRITE_PROTECTED:
5376 case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
5377 case CKR_UNWRAPPING_KEY_SIZE_RANGE:
5378 case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
5379 case CKR_USER_NOT_LOGGED_IN:
5380 case CKR_WRAPPED_KEY_INVALID:
5381 case CKR_WRAPPED_KEY_LEN_RANGE:
5383 case CKR_KEY_HANDLE_INVALID:
5384 error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
5386 case CKR_KEY_SIZE_RANGE:
5387 error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
5389 case CKR_KEY_TYPE_INCONSISTENT:
5390 error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
5392 case CKR_ENCRYPTED_DATA_INVALID:
5393 error = CKR_WRAPPED_KEY_INVALID;
5395 case CKR_ENCRYPTED_DATA_LEN_RANGE:
5396 error = CKR_WRAPPED_KEY_LEN_RANGE;
5400 error = CKR_GENERAL_ERROR;
5407 * NSSCKFWC_DeriveKey
5413 NSSCKFWInstance *fwInstance,
5414 CK_SESSION_HANDLE hSession,
5415 CK_MECHANISM_PTR pMechanism,
5416 CK_OBJECT_HANDLE hBaseKey,
5417 CK_ATTRIBUTE_PTR pTemplate,
5418 CK_ULONG ulAttributeCount,
5419 CK_OBJECT_HANDLE_PTR phKey
5422 CK_RV error = CKR_OK;
5423 NSSCKFWSession *fwSession;
5424 NSSCKFWObject *fwObject;
5425 NSSCKFWObject *fwBaseKeyObject;
5426 NSSCKFWSlot *fwSlot;
5427 NSSCKFWToken *fwToken;
5428 NSSCKFWMechanism *fwMechanism;
5431 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5435 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5437 error = CKR_SESSION_HANDLE_INVALID;
5441 fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
5442 if (!fwBaseKeyObject) {
5443 error = CKR_KEY_HANDLE_INVALID;
5447 fwSlot = nssCKFWSession_GetFWSlot(fwSession);
5449 error = CKR_GENERAL_ERROR; /* should never happen! */
5453 if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
5454 error = CKR_TOKEN_NOT_PRESENT;
5458 fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
5463 fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
5468 fwObject = nssCKFWMechanism_DeriveKey(
5477 nssCKFWMechanism_Destroy(fwMechanism);
5481 *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
5483 if (CKR_OK == error) {
5490 case CKR_ARGUMENTS_BAD:
5491 case CKR_ATTRIBUTE_READ_ONLY:
5492 case CKR_ATTRIBUTE_TYPE_INVALID:
5493 case CKR_ATTRIBUTE_VALUE_INVALID:
5494 case CKR_CRYPTOKI_NOT_INITIALIZED:
5495 case CKR_DEVICE_ERROR:
5496 case CKR_DEVICE_MEMORY:
5497 case CKR_DEVICE_REMOVED:
5498 case CKR_DOMAIN_PARAMS_INVALID:
5499 case CKR_FUNCTION_CANCELED:
5500 case CKR_FUNCTION_FAILED:
5501 case CKR_GENERAL_ERROR:
5502 case CKR_HOST_MEMORY:
5503 case CKR_KEY_HANDLE_INVALID:
5504 case CKR_KEY_SIZE_RANGE:
5505 case CKR_KEY_TYPE_INCONSISTENT:
5506 case CKR_MECHANISM_INVALID:
5507 case CKR_MECHANISM_PARAM_INVALID:
5508 case CKR_OPERATION_ACTIVE:
5509 case CKR_PIN_EXPIRED:
5510 case CKR_SESSION_CLOSED:
5511 case CKR_SESSION_HANDLE_INVALID:
5512 case CKR_SESSION_READ_ONLY:
5513 case CKR_TEMPLATE_INCOMPLETE:
5514 case CKR_TEMPLATE_INCONSISTENT:
5515 case CKR_TOKEN_WRITE_PROTECTED:
5516 case CKR_USER_NOT_LOGGED_IN:
5520 error = CKR_GENERAL_ERROR;
5527 * NSSCKFWC_SeedRandom
5533 NSSCKFWInstance *fwInstance,
5534 CK_SESSION_HANDLE hSession,
5539 CK_RV error = CKR_OK;
5540 NSSCKFWSession *fwSession;
5544 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5548 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5550 error = CKR_SESSION_HANDLE_INVALID;
5554 if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
5555 error = CKR_ARGUMENTS_BAD;
5559 /* We could read through the buffer in a Purify trap */
5561 seed.size = (PRUint32)ulSeedLen;
5562 seed.data = (void *)pSeed;
5564 error = nssCKFWSession_SeedRandom(fwSession, &seed);
5566 if( CKR_OK != error ) {
5574 case CKR_SESSION_CLOSED:
5575 /* destroy session? */
5577 case CKR_DEVICE_REMOVED:
5578 /* (void)nssCKFWToken_Destroy(fwToken); */
5580 case CKR_ARGUMENTS_BAD:
5581 case CKR_CRYPTOKI_NOT_INITIALIZED:
5582 case CKR_DEVICE_ERROR:
5583 case CKR_DEVICE_MEMORY:
5584 case CKR_FUNCTION_CANCELED:
5585 case CKR_FUNCTION_FAILED:
5586 case CKR_GENERAL_ERROR:
5587 case CKR_HOST_MEMORY:
5588 case CKR_OPERATION_ACTIVE:
5589 case CKR_RANDOM_SEED_NOT_SUPPORTED:
5590 case CKR_RANDOM_NO_RNG:
5591 case CKR_SESSION_HANDLE_INVALID:
5592 case CKR_USER_NOT_LOGGED_IN:
5596 error = CKR_GENERAL_ERROR;
5604 * NSSCKFWC_GenerateRandom
5608 NSSCKFWC_GenerateRandom
5610 NSSCKFWInstance *fwInstance,
5611 CK_SESSION_HANDLE hSession,
5612 CK_BYTE_PTR pRandomData,
5613 CK_ULONG ulRandomLen
5616 CK_RV error = CKR_OK;
5617 NSSCKFWSession *fwSession;
5621 error = CKR_CRYPTOKI_NOT_INITIALIZED;
5625 fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
5627 error = CKR_SESSION_HANDLE_INVALID;
5631 if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
5632 error = CKR_ARGUMENTS_BAD;
5637 * A purify error here indicates caller error.
5639 (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
5641 buffer.size = (PRUint32)ulRandomLen;
5642 buffer.data = (void *)pRandomData;
5644 error = nssCKFWSession_GetRandom(fwSession, &buffer);
5646 if( CKR_OK != error ) {
5654 case CKR_SESSION_CLOSED:
5655 /* destroy session? */
5657 case CKR_DEVICE_REMOVED:
5658 /* (void)nssCKFWToken_Destroy(fwToken); */
5660 case CKR_ARGUMENTS_BAD:
5661 case CKR_CRYPTOKI_NOT_INITIALIZED:
5662 case CKR_DEVICE_ERROR:
5663 case CKR_DEVICE_MEMORY:
5664 case CKR_FUNCTION_CANCELED:
5665 case CKR_FUNCTION_FAILED:
5666 case CKR_GENERAL_ERROR:
5667 case CKR_HOST_MEMORY:
5668 case CKR_OPERATION_ACTIVE:
5669 case CKR_RANDOM_NO_RNG:
5670 case CKR_SESSION_HANDLE_INVALID:
5671 case CKR_USER_NOT_LOGGED_IN:
5675 error = CKR_GENERAL_ERROR;
5683 * NSSCKFWC_GetFunctionStatus
5687 NSSCKFWC_GetFunctionStatus
5689 NSSCKFWInstance *fwInstance,
5690 CK_SESSION_HANDLE hSession
5693 return CKR_FUNCTION_NOT_PARALLEL;
5697 * NSSCKFWC_CancelFunction
5701 NSSCKFWC_CancelFunction
5703 NSSCKFWInstance *fwInstance,
5704 CK_SESSION_HANDLE hSession
5707 return CKR_FUNCTION_NOT_PARALLEL;