NSS_IMPLEMENT void * nssToken_GetCryptokiEPV ( NSSToken *token ) { return nssSlot_GetCryptokiEPV(token->slot); }
NSS_IMPLEMENT PRBool nssCKObject_IsAttributeTrue( CK_OBJECT_HANDLE object, CK_ATTRIBUTE_TYPE attribute, nssSession *session, NSSSlot *slot, PRStatus *rvStatus) { CK_BBOOL bool; CK_ATTRIBUTE_PTR attr; CK_ATTRIBUTE atemplate = { 0, NULL, 0 }; CK_RV ckrv; void *epv = nssSlot_GetCryptokiEPV(slot); attr = &atemplate; NSS_CK_SET_ATTRIBUTE_VAR(attr, attribute, bool); nssSession_EnterMonitor(session); ckrv = CKAPI(epv)->C_GetAttributeValue(session->handle, object, &atemplate, 1); nssSession_ExitMonitor(session); if (ckrv != CKR_OK) { *rvStatus = PR_FAILURE; return PR_FALSE; } *rvStatus = PR_SUCCESS; return (PRBool)(bool == CK_TRUE); }
NSS_IMPLEMENT PRStatus nssCKObject_SetAttributes( CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR obj_template, CK_ULONG count, nssSession *session, NSSSlot *slot) { CK_RV ckrv; void *epv = nssSlot_GetCryptokiEPV(slot); nssSession_EnterMonitor(session); ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle, object, obj_template, count); nssSession_ExitMonitor(session); if (ckrv == CKR_OK) { return PR_SUCCESS; } else { return PR_FAILURE; } }
NSS_IMPLEMENT PRStatus nssCKObject_GetAttributes( CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR obj_template, CK_ULONG count, NSSArena *arenaOpt, nssSession *session, NSSSlot *slot) { nssArenaMark *mark = NULL; CK_SESSION_HANDLE hSession; CK_ULONG i = 0; CK_RV ckrv; PRStatus nssrv; PRBool alloced = PR_FALSE; void *epv = nssSlot_GetCryptokiEPV(slot); hSession = session->handle; if (arenaOpt) { mark = nssArena_Mark(arenaOpt); if (!mark) { goto loser; } } nssSession_EnterMonitor(session); /* XXX kinda hacky, if the storage size is already in the first template * item, then skip the alloc portion */ if (obj_template[0].ulValueLen == 0) { /* Get the storage size needed for each attribute */ ckrv = CKAPI(epv)->C_GetAttributeValue(hSession, object, obj_template, count); if (ckrv != CKR_OK && ckrv != CKR_ATTRIBUTE_TYPE_INVALID && ckrv != CKR_ATTRIBUTE_SENSITIVE) { nssSession_ExitMonitor(session); nss_SetError(NSS_ERROR_DEVICE_ERROR); goto loser; } /* Allocate memory for each attribute. */ for (i = 0; i < count; i++) { CK_ULONG ulValueLen = obj_template[i].ulValueLen; if (ulValueLen == 0 || ulValueLen == (CK_ULONG)-1) { obj_template[i].pValue = NULL; obj_template[i].ulValueLen = 0; continue; } if (is_string_attribute(obj_template[i].type)) { ulValueLen++; } obj_template[i].pValue = nss_ZAlloc(arenaOpt, ulValueLen); if (!obj_template[i].pValue) { nssSession_ExitMonitor(session); goto loser; } } alloced = PR_TRUE; } /* Obtain the actual attribute values. */ ckrv = CKAPI(epv)->C_GetAttributeValue(hSession, object, obj_template, count); nssSession_ExitMonitor(session); if (ckrv != CKR_OK && ckrv != CKR_ATTRIBUTE_TYPE_INVALID && ckrv != CKR_ATTRIBUTE_SENSITIVE) { nss_SetError(NSS_ERROR_DEVICE_ERROR); goto loser; } if (alloced && arenaOpt) { nssrv = nssArena_Unmark(arenaOpt, mark); if (nssrv != PR_SUCCESS) { goto loser; } } if (count > 1 && ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) || (ckrv == CKR_ATTRIBUTE_SENSITIVE))) { /* old tokens would keep the length of '0' and not deal with any * of the attributes we passed. For those tokens read them one at * a time */ for (i = 0; i < count; i++) { if ((obj_template[i].ulValueLen == 0) || (obj_template[i].ulValueLen == -1)) { obj_template[i].ulValueLen = 0; (void)nssCKObject_GetAttributes(object, &obj_template[i], 1, arenaOpt, session, slot); } } } return PR_SUCCESS; loser: if (alloced) { if (arenaOpt) { /* release all arena memory allocated before the failure. */ (void)nssArena_Release(arenaOpt, mark); } else { CK_ULONG j; /* free each heap object that was allocated before the failure. */ for (j = 0; j < i; j++) { nss_ZFreeIf(obj_template[j].pValue); } } } return PR_FAILURE; }