/*
* nssCKFWInstance_DestroySessionHandle
*
*/
NSS_IMPLEMENT void
nssCKFWInstance_DestroySessionHandle(
NSSCKFWInstance *fwInstance,
CK_SESSION_HANDLE hSession)
{
NSSCKFWSession *fwSession;
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
return;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
return;
}
fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
fwInstance->sessionHandleHash, (const void *)hSession);
if (fwSession) {
nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
}
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return;
}
/*
* nssCKFWInstance_ResolveObjectHandle
*
*/
NSS_IMPLEMENT NSSCKFWObject *
nssCKFWInstance_ResolveObjectHandle(
NSSCKFWInstance *fwInstance,
CK_OBJECT_HANDLE hObject)
{
NSSCKFWObject *fwObject;
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
return (NSSCKFWObject *)NULL;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
return (NSSCKFWObject *)NULL;
}
fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
fwInstance->objectHandleHash, (const void *)hObject);
/* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return fwObject;
}
/*
* nssCKFWHash_Add
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWHash_Add
(
nssCKFWHash *hash,
const void *key,
const void *value
)
{
CK_RV error = CKR_OK;
PLHashEntry *he;
error = nssCKFWMutex_Lock(hash->mutex);
if( CKR_OK != error ) {
return error;
}
he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
if (!he) {
error = CKR_HOST_MEMORY;
} else {
hash->count++;
}
(void)nssCKFWMutex_Unlock(hash->mutex);
return error;
}
/*
* nssCKFWInstance_DestroyObjectHandle
*
*/
NSS_IMPLEMENT void
nssCKFWInstance_DestroyObjectHandle(
NSSCKFWInstance *fwInstance,
CK_OBJECT_HANDLE hObject)
{
NSSCKFWObject *fwObject;
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
return;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
return;
}
fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
fwInstance->objectHandleHash, (const void *)hObject);
if (fwObject) {
/* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
(void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
}
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return;
}
/*
* nssCKFWInstance_ResolveSessionHandle
*
*/
NSS_IMPLEMENT NSSCKFWSession *
nssCKFWInstance_ResolveSessionHandle(
NSSCKFWInstance *fwInstance,
CK_SESSION_HANDLE hSession)
{
NSSCKFWSession *fwSession;
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
return (NSSCKFWSession *)NULL;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
return (NSSCKFWSession *)NULL;
}
fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
fwInstance->sessionHandleHash, (const void *)hSession);
/* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return fwSession;
}
/*
* nssCKFWSlot_GetToken
*
*/
NSS_IMPLEMENT NSSCKFWToken *
nssCKFWSlot_GetToken
(
NSSCKFWSlot *fwSlot,
CK_RV *pError
)
{
NSSCKMDToken *mdToken;
NSSCKFWToken *fwToken;
#ifdef NSSDEBUG
if (!pError) {
return (NSSCKFWToken *)NULL;
}
*pError = nssCKFWSlot_verifyPointer(fwSlot);
if( CKR_OK != *pError ) {
return (NSSCKFWToken *)NULL;
}
#endif /* NSSDEBUG */
*pError = nssCKFWMutex_Lock(fwSlot->mutex);
if( CKR_OK != *pError ) {
return (NSSCKFWToken *)NULL;
}
if (!fwSlot->fwToken) {
if (!fwSlot->mdSlot->GetToken) {
*pError = CKR_GENERAL_ERROR;
fwToken = (NSSCKFWToken *)NULL;
goto done;
}
mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
fwSlot->mdInstance, fwSlot->fwInstance, pError);
if (!mdToken) {
if( CKR_OK == *pError ) {
*pError = CKR_GENERAL_ERROR;
}
return (NSSCKFWToken *)NULL;
}
fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
fwSlot->fwToken = fwToken;
} else {
fwToken = fwSlot->fwToken;
}
done:
(void)nssCKFWMutex_Unlock(fwSlot->mutex);
return fwToken;
}
/*
* nssCKFWSlot_GetManufacturerID
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWSlot_GetManufacturerID
(
NSSCKFWSlot *fwSlot,
CK_CHAR manufacturerID[32]
)
{
CK_RV error = CKR_OK;
#ifdef NSSDEBUG
if( (CK_CHAR_PTR)NULL == manufacturerID ) {
return CKR_ARGUMENTS_BAD;
}
error = nssCKFWSlot_verifyPointer(fwSlot);
if( CKR_OK != error ) {
return error;
}
#endif /* NSSDEBUG */
error = nssCKFWMutex_Lock(fwSlot->mutex);
if( CKR_OK != error ) {
return error;
}
if (!fwSlot->manufacturerID) {
if (fwSlot->mdSlot->GetManufacturerID) {
fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
fwSlot->fwInstance, &error);
if ((!fwSlot->manufacturerID) && (CKR_OK != error)) {
goto done;
}
} else {
fwSlot->manufacturerID = (NSSUTF8 *) "";
}
}
(void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
error = CKR_OK;
done:
(void)nssCKFWMutex_Unlock(fwSlot->mutex);
return error;
}
/*
* nssCKFWSlot_GetSlotDescription
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWSlot_GetSlotDescription
(
NSSCKFWSlot *fwSlot,
CK_CHAR slotDescription[64]
)
{
CK_RV error = CKR_OK;
#ifdef NSSDEBUG
if( (CK_CHAR_PTR)NULL == slotDescription ) {
return CKR_ARGUMENTS_BAD;
}
error = nssCKFWSlot_verifyPointer(fwSlot);
if( CKR_OK != error ) {
return error;
}
#endif /* NSSDEBUG */
error = nssCKFWMutex_Lock(fwSlot->mutex);
if( CKR_OK != error ) {
return error;
}
if (!fwSlot->slotDescription) {
if (fwSlot->mdSlot->GetSlotDescription) {
fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
fwSlot->fwInstance, &error);
if ((!fwSlot->slotDescription) && (CKR_OK != error)) {
goto done;
}
} else {
fwSlot->slotDescription = (NSSUTF8 *) "";
}
}
(void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
error = CKR_OK;
done:
(void)nssCKFWMutex_Unlock(fwSlot->mutex);
return error;
}
/*
* nssCKFWHash_Count
*
*/
NSS_IMPLEMENT CK_ULONG
nssCKFWHash_Count
(
nssCKFWHash *hash
)
{
CK_ULONG count;
if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
return (CK_ULONG)0;
}
count = hash->count;
(void)nssCKFWMutex_Unlock(hash->mutex);
return count;
}
/*
* nssCKFWInstance_CreateSessionHandle
*
*/
NSS_IMPLEMENT CK_SESSION_HANDLE
nssCKFWInstance_CreateSessionHandle(
NSSCKFWInstance *fwInstance,
NSSCKFWSession *fwSession,
CK_RV *pError)
{
CK_SESSION_HANDLE hSession;
#ifdef NSSDEBUG
if (!pError) {
return (CK_SESSION_HANDLE)0;
}
*pError = nssCKFWInstance_verifyPointer(fwInstance);
if (CKR_OK != *pError) {
return (CK_SESSION_HANDLE)0;
}
#endif /* NSSDEBUG */
*pError = nssCKFWMutex_Lock(fwInstance->mutex);
if (CKR_OK != *pError) {
return (CK_SESSION_HANDLE)0;
}
hSession = ++(fwInstance->lastSessionHandle);
/* Alan would say I should unlock for this call. */
*pError = nssCKFWSession_SetHandle(fwSession, hSession);
if (CKR_OK != *pError) {
goto done;
}
*pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
(const void *)hSession, (const void *)fwSession);
if (CKR_OK != *pError) {
hSession = (CK_SESSION_HANDLE)0;
goto done;
}
done:
nssCKFWMutex_Unlock(fwInstance->mutex);
return hSession;
}
/*
* nssCKFWHash_Lookup
*
*/
NSS_IMPLEMENT void *
nssCKFWHash_Lookup
(
nssCKFWHash *hash,
const void *it
)
{
void *rv;
if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
return (void *)NULL;
}
rv = PL_HashTableLookup(hash->plHashTable, it);
(void)nssCKFWMutex_Unlock(hash->mutex);
return rv;
}
/*
* nssCKFWInstance_CreateObjectHandle
*
*/
NSS_IMPLEMENT CK_OBJECT_HANDLE
nssCKFWInstance_CreateObjectHandle(
NSSCKFWInstance *fwInstance,
NSSCKFWObject *fwObject,
CK_RV *pError)
{
CK_OBJECT_HANDLE hObject;
#ifdef NSSDEBUG
if (!pError) {
return (CK_OBJECT_HANDLE)0;
}
*pError = nssCKFWInstance_verifyPointer(fwInstance);
if (CKR_OK != *pError) {
return (CK_OBJECT_HANDLE)0;
}
#endif /* NSSDEBUG */
*pError = nssCKFWMutex_Lock(fwInstance->mutex);
if (CKR_OK != *pError) {
return (CK_OBJECT_HANDLE)0;
}
hObject = ++(fwInstance->lastObjectHandle);
*pError = nssCKFWObject_SetHandle(fwObject, hObject);
if (CKR_OK != *pError) {
hObject = (CK_OBJECT_HANDLE)0;
goto done;
}
*pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
(const void *)hObject, (const void *)fwObject);
if (CKR_OK != *pError) {
hObject = (CK_OBJECT_HANDLE)0;
goto done;
}
done:
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return hObject;
}
/*
* nssCKFWSlot_ClearToken
*
*/
NSS_IMPLEMENT void
nssCKFWSlot_ClearToken(
NSSCKFWSlot *fwSlot)
{
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
return;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
/* Now what? */
return;
}
fwSlot->fwToken = (NSSCKFWToken *)NULL;
(void)nssCKFWMutex_Unlock(fwSlot->mutex);
return;
}
/*
* nssCKFWInstance_GetLibraryDescription
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWInstance_GetLibraryDescription(
NSSCKFWInstance *fwInstance,
CK_CHAR libraryDescription[32])
{
CK_RV error = CKR_OK;
#ifdef NSSDEBUG
if ((CK_CHAR_PTR)NULL == libraryDescription) {
return CKR_ARGUMENTS_BAD;
}
error = nssCKFWInstance_verifyPointer(fwInstance);
if (CKR_OK != error) {
return error;
}
#endif /* NSSDEBUG */
error = nssCKFWMutex_Lock(fwInstance->mutex);
if (CKR_OK != error) {
return error;
}
if (!fwInstance->libraryDescription) {
if (fwInstance->mdInstance->GetLibraryDescription) {
fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
fwInstance->mdInstance, fwInstance, &error);
if ((!fwInstance->libraryDescription) && (CKR_OK != error)) {
goto done;
}
} else {
fwInstance->libraryDescription = (NSSUTF8 *)"";
}
}
(void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
error = CKR_OK;
done:
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return error;
}
/*
* nssCKFWHash_Remove
*
*/
NSS_IMPLEMENT void
nssCKFWHash_Remove
(
nssCKFWHash *hash,
const void *it
)
{
PRBool found;
if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
return;
}
found = PL_HashTableRemove(hash->plHashTable, it);
if( found ) {
hash->count--;
}
(void)nssCKFWMutex_Unlock(hash->mutex);
return;
}
/*
* nssCKFWInstance_ReassignObjectHandle
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWInstance_ReassignObjectHandle(
NSSCKFWInstance *fwInstance,
CK_OBJECT_HANDLE hObject,
NSSCKFWObject *fwObject)
{
CK_RV error = CKR_OK;
NSSCKFWObject *oldObject;
#ifdef NSSDEBUG
error = nssCKFWInstance_verifyPointer(fwInstance);
if (CKR_OK != error) {
return error;
}
#endif /* NSSDEBUG */
error = nssCKFWMutex_Lock(fwInstance->mutex);
if (CKR_OK != error) {
return error;
}
oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
fwInstance->objectHandleHash, (const void *)hObject);
if (oldObject) {
/* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
(void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
}
error = nssCKFWObject_SetHandle(fwObject, hObject);
if (CKR_OK != error) {
goto done;
}
error = nssCKFWHash_Add(fwInstance->objectHandleHash,
(const void *)hObject, (const void *)fwObject);
done:
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return error;
}
/*
* nssCKFWObject_GetAttributeSize
*
*/
NSS_IMPLEMENT CK_ULONG
nssCKFWObject_GetAttributeSize
(
NSSCKFWObject *fwObject,
CK_ATTRIBUTE_TYPE attribute,
CK_RV *pError
)
{
CK_ULONG rv;
#ifdef NSSDEBUG
if( (CK_RV *)NULL == pError ) {
return (CK_ULONG)0;
}
*pError = nssCKFWObject_verifyPointer(fwObject);
if( CKR_OK != *pError ) {
return (CK_ULONG)0;
}
#endif /* NSSDEBUG */
if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeSize ) {
*pError = CKR_GENERAL_ERROR;
return (CK_ULONG )0;
}
*pError = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != *pError ) {
return (CK_ULONG)0;
}
rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
attribute, pError);
(void)nssCKFWMutex_Unlock(fwObject->mutex);
return rv;
}
/*
* nssCKFWSlot_GetFirmwareVersion
*
*/
NSS_IMPLEMENT CK_VERSION
nssCKFWSlot_GetFirmwareVersion
(
NSSCKFWSlot *fwSlot
)
{
CK_VERSION rv;
#ifdef NSSDEBUG
if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
rv.major = rv.minor = 0;
return rv;
}
#endif /* NSSDEBUG */
if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
rv.major = rv.minor = 0;
return rv;
}
if( (0 != fwSlot->firmwareVersion.major) ||
(0 != fwSlot->firmwareVersion.minor) ) {
rv = fwSlot->firmwareVersion;
goto done;
}
if (fwSlot->mdSlot->GetFirmwareVersion) {
fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
} else {
fwSlot->firmwareVersion.major = 0;
fwSlot->firmwareVersion.minor = 1;
}
rv = fwSlot->firmwareVersion;
done:
(void)nssCKFWMutex_Unlock(fwSlot->mutex);
return rv;
}
/*
* nssCKFWHash_Iterate
*
* NOTE that the iteration function will be called with the hashtable locked.
*/
NSS_IMPLEMENT void
nssCKFWHash_Iterate
(
nssCKFWHash *hash,
nssCKFWHashIterator fcn,
void *closure
)
{
struct arg_str as;
as.fcn = fcn;
as.closure = closure;
if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
return;
}
PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
(void)nssCKFWMutex_Unlock(hash->mutex);
return;
}
/*
* nssCKFWObject_GetObjectSize
*
*/
NSS_IMPLEMENT CK_ULONG
nssCKFWObject_GetObjectSize
(
NSSCKFWObject *fwObject,
CK_RV *pError
)
{
CK_ULONG rv;
#ifdef NSSDEBUG
if( (CK_RV *)NULL == pError ) {
return (CK_ULONG)0;
}
*pError = nssCKFWObject_verifyPointer(fwObject);
if( CKR_OK != *pError ) {
return (CK_ULONG)0;
}
#endif /* NSSDEBUG */
if( (void *)NULL == (void *)fwObject->mdObject->GetObjectSize ) {
*pError = CKR_INFORMATION_SENSITIVE;
return (CK_ULONG)0;
}
*pError = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != *pError ) {
return (CK_ULONG)0;
}
rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
pError);
(void)nssCKFWMutex_Unlock(fwObject->mutex);
return rv;
}
/*
* nssCKFWObject_GetAttributeTypes
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWObject_GetAttributeTypes
(
NSSCKFWObject *fwObject,
CK_ATTRIBUTE_TYPE_PTR typeArray,
CK_ULONG ulCount
)
{
CK_RV error = CKR_OK;
#ifdef NSSDEBUG
error = nssCKFWObject_verifyPointer(fwObject);
if( CKR_OK != error ) {
return error;
}
if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
return CKR_ARGUMENTS_BAD;
}
#endif /* NSSDEBUG */
if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeTypes ) {
return CKR_GENERAL_ERROR;
}
error = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != error ) {
return error;
}
error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
typeArray, ulCount);
(void)nssCKFWMutex_Unlock(fwObject->mutex);
return error;
}
/*
* nssCKFWInstance_GetCryptokiVersion
*
*/
NSS_IMPLEMENT CK_VERSION
nssCKFWInstance_GetCryptokiVersion(
NSSCKFWInstance *fwInstance)
{
CK_VERSION rv;
#ifdef NSSDEBUG
if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
rv.major = rv.minor = 0;
return rv;
}
#endif /* NSSDEBUG */
if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
rv.major = rv.minor = 0;
return rv;
}
if ((0 != fwInstance->cryptokiVersion.major) ||
(0 != fwInstance->cryptokiVersion.minor)) {
rv = fwInstance->cryptokiVersion;
goto done;
}
if (fwInstance->mdInstance->GetCryptokiVersion) {
fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
fwInstance->mdInstance, fwInstance);
} else {
fwInstance->cryptokiVersion.major = 2;
fwInstance->cryptokiVersion.minor = 1;
}
rv = fwInstance->cryptokiVersion;
done:
(void)nssCKFWMutex_Unlock(fwInstance->mutex);
return rv;
}
/*
* nssCKFWHash_Exists
*
*/
NSS_IMPLEMENT CK_BBOOL
nssCKFWHash_Exists
(
nssCKFWHash *hash,
const void *it
)
{
void *value;
if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
return CK_FALSE;
}
value = PL_HashTableLookup(hash->plHashTable, it);
(void)nssCKFWMutex_Unlock(hash->mutex);
if (!value) {
return CK_FALSE;
} else {
return CK_TRUE;
}
}
/*
* nssCKFWFindObjects_Next
*
*/
NSS_EXTERN NSSCKFWObject *
nssCKFWFindObjects_Next
(
NSSCKFWFindObjects *fwFindObjects,
NSSArena *arenaOpt,
CK_RV *pError
)
{
NSSCKMDObject *mdObject;
NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
NSSArena *objArena;
#ifdef NSSDEBUG
if (!pError) {
return (NSSCKFWObject *)NULL;
}
*pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
if( CKR_OK != *pError ) {
return (NSSCKFWObject *)NULL;
}
#endif /* NSSDEBUG */
*pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
if( CKR_OK != *pError ) {
return (NSSCKFWObject *)NULL;
}
if (fwFindObjects->mdfo1) {
if (fwFindObjects->mdfo1->Next) {
fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
fwFindObjects->mdToken, fwFindObjects->fwToken,
fwFindObjects->mdInstance, fwFindObjects->fwInstance,
arenaOpt, pError);
if (!mdObject) {
if( CKR_OK != *pError ) {
goto done;
}
/* All done. */
fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
fwFindObjects->mdSession, fwFindObjects->fwSession,
fwFindObjects->mdToken, fwFindObjects->fwToken,
fwFindObjects->mdInstance, fwFindObjects->fwInstance);
fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
} else {
goto wrap;
}
}
}
if (fwFindObjects->mdfo2) {
if (fwFindObjects->mdfo2->Next) {
fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
fwFindObjects->mdToken, fwFindObjects->fwToken,
fwFindObjects->mdInstance, fwFindObjects->fwInstance,
arenaOpt, pError);
if (!mdObject) {
if( CKR_OK != *pError ) {
goto done;
}
/* All done. */
fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
fwFindObjects->mdSession, fwFindObjects->fwSession,
fwFindObjects->mdToken, fwFindObjects->fwToken,
fwFindObjects->mdInstance, fwFindObjects->fwInstance);
fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
} else {
goto wrap;
}
}
}
/* No more objects */
*pError = CKR_OK;
goto done;
wrap:
/*
* This seems is less than ideal-- we should determine if it's a token
* object or a session object, and use the appropriate arena.
* But that duplicates logic in nssCKFWObject_IsTokenObject.
* Also we should lookup the real session the object was created on
* if the object was a session object... however this code is actually
* correct because nssCKFWObject_Create will return a cached version of
* the object from it's hash. This is necessary because 1) we don't want
* to create an arena style leak (where our arena grows with every search),
* and 2) we want the same object to always have the same ID. This means
* the only case the nssCKFWObject_Create() will need the objArena and the
* Session is in the case of token objects (session objects should already
* exist in the cache from their initial creation). So this code is correct,
* but it depends on nssCKFWObject_Create caching all objects.
*/
objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
if (!objArena) {
if( CKR_OK == *pError ) {
*pError = CKR_HOST_MEMORY;
}
goto done;
}
fwObject = nssCKFWObject_Create(objArena, mdObject,
NULL, fwFindObjects->fwToken,
fwFindObjects->fwInstance, pError);
if (!fwObject) {
if( CKR_OK == *pError ) {
*pError = CKR_GENERAL_ERROR;
}
}
done:
(void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
return fwObject;
}
/*
* nssCKFWObject_SetAttribute
*
*/
NSS_IMPLEMENT CK_RV
nssCKFWObject_SetAttribute
(
NSSCKFWObject *fwObject,
NSSCKFWSession *fwSession,
CK_ATTRIBUTE_TYPE attribute,
NSSItem *value
)
{
CK_RV error = CKR_OK;
#ifdef NSSDEBUG
error = nssCKFWObject_verifyPointer(fwObject);
if( CKR_OK != error ) {
return error;
}
#endif /* NSSDEBUG */
if( CKA_TOKEN == attribute ) {
/*
* We're changing from a session object to a token object or
* vice-versa.
*/
CK_ATTRIBUTE a;
NSSCKFWObject *newFwObject;
NSSCKFWObject swab;
a.type = CKA_TOKEN;
a.pValue = value->data;
a.ulValueLen = value->size;
newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject,
&a, 1, &error);
if( (NSSCKFWObject *)NULL == newFwObject ) {
if( CKR_OK == error ) {
error = CKR_GENERAL_ERROR;
}
return error;
}
/*
* Actually, I bet the locking is worse than this.. this part of
* the code could probably use some scrutiny and reworking.
*/
error = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != error ) {
nssCKFWObject_Destroy(newFwObject);
return error;
}
error = nssCKFWMutex_Lock(newFwObject->mutex);
if( CKR_OK != error ) {
nssCKFWMutex_Unlock(fwObject->mutex);
nssCKFWObject_Destroy(newFwObject);
return error;
}
/*
* Now, we have our new object, but it has a new fwObject pointer,
* while we have to keep the existing one. So quick swap the contents.
*/
swab = *fwObject;
*fwObject = *newFwObject;
*newFwObject = swab;
/* But keep the mutexes the same */
swab.mutex = fwObject->mutex;
fwObject->mutex = newFwObject->mutex;
newFwObject->mutex = swab.mutex;
(void)nssCKFWMutex_Unlock(newFwObject->mutex);
(void)nssCKFWMutex_Unlock(fwObject->mutex);
/*
* Either remove or add this to the list of session objects
*/
if( CK_FALSE == *(CK_BBOOL *)value->data ) {
/*
* New one is a session object, except since we "stole" the fwObject, it's
* not in the list. Add it.
*/
nssCKFWSession_RegisterSessionObject(fwSession, fwObject);
} else {
/*
* New one is a token object, except since we "stole" the fwObject, it's
* in the list. Remove it.
*/
if (fwObject->fwSession) {
nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
}
}
/*
* Now delete the old object. Remember the names have changed.
*/
nssCKFWObject_Destroy(newFwObject);
return CKR_OK;
} else {
/*
* An "ordinary" change.
*/
if( (void *)NULL == (void *)fwObject->mdObject->SetAttribute ) {
/* We could fake it with copying, like above.. later */
return CKR_ATTRIBUTE_READ_ONLY;
}
error = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != error ) {
return error;
}
error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
attribute, value);
(void)nssCKFWMutex_Unlock(fwObject->mutex);
return error;
}
}
/*
* nssCKFWObject_GetAttribute
*
* Usual NSS allocation rules:
* If itemOpt is not NULL, it will be returned; otherwise an NSSItem
* will be allocated. If itemOpt is not NULL but itemOpt->data is,
* the buffer will be allocated; otherwise, the buffer will be used.
* Any allocations will come from the optional arena, if one is
* specified.
*/
NSS_IMPLEMENT NSSItem *
nssCKFWObject_GetAttribute
(
NSSCKFWObject *fwObject,
CK_ATTRIBUTE_TYPE attribute,
NSSItem *itemOpt,
NSSArena *arenaOpt,
CK_RV *pError
)
{
NSSItem *rv = (NSSItem *)NULL;
NSSCKFWItem mdItem;
#ifdef NSSDEBUG
if( (CK_RV *)NULL == pError ) {
return (NSSItem *)NULL;
}
*pError = nssCKFWObject_verifyPointer(fwObject);
if( CKR_OK != *pError ) {
return (NSSItem *)NULL;
}
#endif /* NSSDEBUG */
if( (void *)NULL == (void *)fwObject->mdObject->GetAttribute ) {
*pError = CKR_GENERAL_ERROR;
return (NSSItem *)NULL;
}
*pError = nssCKFWMutex_Lock(fwObject->mutex);
if( CKR_OK != *pError ) {
return (NSSItem *)NULL;
}
mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
attribute, pError);
if( (NSSItem *)NULL == mdItem.item ) {
if( CKR_OK == *pError ) {
*pError = CKR_GENERAL_ERROR;
}
goto done;
}
if( (NSSItem *)NULL == itemOpt ) {
rv = nss_ZNEW(arenaOpt, NSSItem);
if( (NSSItem *)NULL == rv ) {
*pError = CKR_HOST_MEMORY;
goto done;
}
} else {
rv = itemOpt;
}
if( (void *)NULL == rv->data ) {
rv->size = mdItem.item->size;
rv->data = nss_ZAlloc(arenaOpt, rv->size);
if( (void *)NULL == rv->data ) {
*pError = CKR_HOST_MEMORY;
if( (NSSItem *)NULL == itemOpt ) {
nss_ZFreeIf(rv);
}
rv = (NSSItem *)NULL;
goto done;
}
} else {
if( rv->size >= mdItem.item->size ) {
rv->size = mdItem.item->size;
} else {
*pError = CKR_BUFFER_TOO_SMALL;
/* Should we set rv->size to mdItem->size? */
/* rv can't have been allocated */
rv = (NSSItem *)NULL;
goto done;
}
}
(void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
if (PR_TRUE == mdItem.needsFreeing) {
PR_ASSERT(fwObject->mdObject->FreeAttribute);
if (fwObject->mdObject->FreeAttribute) {
*pError = fwObject->mdObject->FreeAttribute(&mdItem);
}
}
done:
(void)nssCKFWMutex_Unlock(fwObject->mutex);
return rv;
}
