Back to index

lightning-sunbird  0.9+nobinonly
Classes | Functions
session.c File Reference
#include "ck.h"

Go to the source code of this file.

Classes

struct  NSSCKFWSessionStr

Functions

NSS_IMPLEMENT NSSCKFWSession * nssCKFWSession_Create (NSSCKFWToken *fwToken, CK_BBOOL rw, CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_RV *pError)
static void nss_ckfw_session_object_destroy_iterator (const void *key, void *value, void *closure)
NSS_IMPLEMENT CK_RV nssCKFWSession_Destroy (NSSCKFWSession *fwSession, CK_BBOOL removeFromTokenHash)
NSS_IMPLEMENT NSSCKMDSession * nssCKFWSession_GetMDSession (NSSCKFWSession *fwSession)
NSS_IMPLEMENT NSSArena * nssCKFWSession_GetArena (NSSCKFWSession *fwSession, CK_RV *pError)
NSS_IMPLEMENT CK_RV nssCKFWSession_CallNotification (NSSCKFWSession *fwSession, CK_NOTIFICATION event)
NSS_IMPLEMENT CK_BBOOL nssCKFWSession_IsRWSession (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_BBOOL nssCKFWSession_IsSO (NSSCKFWSession *fwSession)
NSS_IMPLEMENT NSSCKFWSlot * nssCKFWSession_GetFWSlot (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_STATE nssCKFWSession_GetSessionState (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_RV nssCKFWSession_SetFWFindObjects (NSSCKFWSession *fwSession, NSSCKFWFindObjects *fwFindObjects)
NSS_IMPLEMENT NSSCKFWFindObjects * nssCKFWSession_GetFWFindObjects (NSSCKFWSession *fwSession, CK_RV *pError)
NSS_IMPLEMENT CK_RV nssCKFWSession_SetMDSession (NSSCKFWSession *fwSession, NSSCKMDSession *mdSession)
NSS_IMPLEMENT CK_RV nssCKFWSession_SetHandle (NSSCKFWSession *fwSession, CK_SESSION_HANDLE hSession)
NSS_IMPLEMENT CK_SESSION_HANDLE nssCKFWSession_GetHandle (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_RV nssCKFWSession_RegisterSessionObject (NSSCKFWSession *fwSession, NSSCKFWObject *fwObject)
NSS_IMPLEMENT CK_RV nssCKFWSession_DeregisterSessionObject (NSSCKFWSession *fwSession, NSSCKFWObject *fwObject)
NSS_IMPLEMENT CK_ULONG nssCKFWSession_GetDeviceError (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_RV nssCKFWSession_Login (NSSCKFWSession *fwSession, CK_USER_TYPE userType, NSSItem *pin)
NSS_IMPLEMENT CK_RV nssCKFWSession_Logout (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_RV nssCKFWSession_InitPIN (NSSCKFWSession *fwSession, NSSItem *pin)
NSS_IMPLEMENT CK_RV nssCKFWSession_SetPIN (NSSCKFWSession *fwSession, NSSItem *newPin, NSSItem *oldPin)
NSS_IMPLEMENT CK_ULONG nssCKFWSession_GetOperationStateLen (NSSCKFWSession *fwSession, CK_RV *pError)
NSS_IMPLEMENT CK_RV nssCKFWSession_GetOperationState (NSSCKFWSession *fwSession, NSSItem *buffer)
NSS_IMPLEMENT CK_RV nssCKFWSession_SetOperationState (NSSCKFWSession *fwSession, NSSItem *state, NSSCKFWObject *encryptionKey, NSSCKFWObject *authenticationKey)
static CK_BBOOL nss_attributes_form_token_object (CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
NSS_IMPLEMENT NSSCKFWObject * nssCKFWSession_CreateObject (NSSCKFWSession *fwSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError)
NSS_IMPLEMENT NSSCKFWObject * nssCKFWSession_CopyObject (NSSCKFWSession *fwSession, NSSCKFWObject *fwObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError)
NSS_IMPLEMENT NSSCKFWFindObjects * nssCKFWSession_FindObjectsInit (NSSCKFWSession *fwSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError)
NSS_IMPLEMENT CK_RV nssCKFWSession_SeedRandom (NSSCKFWSession *fwSession, NSSItem *seed)
NSS_IMPLEMENT CK_RV nssCKFWSession_GetRandom (NSSCKFWSession *fwSession, NSSItem *buffer)
NSS_IMPLEMENT NSSCKMDSession * NSSCKFWSession_GetMDSession (NSSCKFWSession *fwSession)
NSS_IMPLEMENT NSSArena * NSSCKFWSession_GetArena (NSSCKFWSession *fwSession, CK_RV *pError)
NSS_IMPLEMENT CK_RV NSSCKFWSession_CallNotification (NSSCKFWSession *fwSession, CK_NOTIFICATION event)
NSS_IMPLEMENT CK_BBOOL NSSCKFWSession_IsRWSession (NSSCKFWSession *fwSession)
NSS_IMPLEMENT CK_BBOOL NSSCKFWSession_IsSO (NSSCKFWSession *fwSession)

Class Documentation

struct NSSCKFWSessionStr

Definition at line 99 of file session.c.

Class Members
NSSArena * arena
NSSCKFWFindObjects * fwFindObjects
NSSCKFWInstance * fwInstance
NSSCKFWToken * fwToken
CK_SESSION_HANDLE hSession
NSSCKMDInstance * mdInstance
NSSCKMDSession * mdSession
NSSCKMDToken * mdToken
CK_NOTIFY Notify
CK_VOID_PTR pApplication
CK_BBOOL rw
nssCKFWHash * sessionObjectHash

Function Documentation

static CK_BBOOL nss_attributes_form_token_object ( CK_ATTRIBUTE_PTR  pTemplate,
CK_ULONG  ulAttributeCount 
) [static]

Definition at line 1237 of file session.c.

{
  CK_ULONG i;
  CK_BBOOL rv;

  for( i = 0; i < ulAttributeCount; i++ ) {
    if( CKA_TOKEN == pTemplate[i].type ) {
      /* If we sanity-check, we can remove this sizeof check */
      if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
        (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
        return rv;
      } else {
        return CK_FALSE;
      }
    }
  }

  return CK_FALSE;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void nss_ckfw_session_object_destroy_iterator ( const void key,
void value,
void closure 
) [static]

Definition at line 248 of file session.c.

{
  NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
  nssCKFWObject_Finalize(fwObject);
}

Here is the call graph for this function:

Here is the caller graph for this function:

NSS_IMPLEMENT CK_RV nssCKFWSession_CallNotification ( NSSCKFWSession *  fwSession,
CK_NOTIFICATION  event 
)

Definition at line 353 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_SESSION_HANDLE handle;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }
#endif /* NSSDEBUG */

  if( (CK_NOTIFY)NULL == fwSession->Notify ) {
    return CKR_OK;
  }

  handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
  if( (CK_SESSION_HANDLE)0 == handle ) {
    return CKR_GENERAL_ERROR;
  }

  error = fwSession->Notify(handle, event, fwSession->pApplication);

  return error;
}
NSS_IMPLEMENT CK_RV NSSCKFWSession_CallNotification ( NSSCKFWSession *  fwSession,
CK_NOTIFICATION  event 
)

Definition at line 1910 of file session.c.

{
#ifdef DEBUG
  CK_RV error = CKR_OK;

  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }
#endif /* DEBUG */

  return nssCKFWSession_CallNotification(fwSession, event);
}
NSS_IMPLEMENT NSSCKFWObject* nssCKFWSession_CopyObject ( NSSCKFWSession *  fwSession,
NSSCKFWObject *  fwObject,
CK_ATTRIBUTE_PTR  pTemplate,
CK_ULONG  ulAttributeCount,
CK_RV pError 
)

Definition at line 1399 of file session.c.

{
  CK_BBOOL oldIsToken;
  CK_BBOOL newIsToken;
  CK_ULONG i;
  NSSCKFWObject *rv;

#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSCKFWObject *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (NSSCKFWObject *)NULL;
  }

  *pError = nssCKFWObject_verifyPointer(fwObject);
  if( CKR_OK != *pError ) {
    return (NSSCKFWObject *)NULL;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    *pError = CKR_GENERAL_ERROR;
    return (NSSCKFWObject *)NULL;
  }
#endif /* NSSDEBUG */

  /*
   * Sanity-check object
   */

  oldIsToken = nssCKFWObject_IsTokenObject(fwObject);

  newIsToken = oldIsToken;
  for( i = 0; i < ulAttributeCount; i++ ) {
    if( CKA_TOKEN == pTemplate[i].type ) {
      /* Since we sanity-checked the object, we know this is the right size. */
      (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
      break;
    }
  }

  /*
   * If the Module handles its session objects, or if both the new
   * and old object are token objects, use CopyObject if it exists.
   */

  if( ((void *)NULL != (void *)fwSession->mdSession->CopyObject) &&
      (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
       (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
                     fwSession->fwInstance))) ) {
    /* use copy object */
    NSSArena *arena;
    NSSCKMDObject *mdOldObject;
    NSSCKMDObject *mdObject;

    mdOldObject = nssCKFWObject_GetMDObject(fwObject);

    if( CK_TRUE == newIsToken ) {
      arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
    } else {
      arena = nssCKFWSession_GetArena(fwSession, pError);
    }
    if( (NSSArena *)NULL == arena ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      return (NSSCKFWObject *)NULL;
    }

    mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
      fwSession, fwSession->mdToken, fwSession->fwToken,
      fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
      fwObject, arena, pTemplate, ulAttributeCount, pError);
    if( (NSSCKMDObject *)NULL == mdObject ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      return (NSSCKFWObject *)NULL;
    }

    rv = nssCKFWObject_Create(arena, mdObject, fwSession,
      fwSession->fwToken, fwSession->fwInstance, pError);
    if( (NSSCKFWObject *)NULL == fwObject ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }

      if( (void *)NULL != (void *)mdObject->Destroy ) {
        (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
          fwSession->mdSession, fwSession, fwSession->mdToken,
          fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
      }
    
      return (NSSCKFWObject *)NULL;
    }

    if( CK_FALSE == newIsToken ) {
      if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
        *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
        if( CKR_OK != *pError ) {
          nssCKFWObject_Finalize(rv);
          return (NSSCKFWObject *)NULL;
        }
      }
    }

    return rv;
  } else {
    /* use create object */
    NSSArena *tmpArena;
    CK_ATTRIBUTE_PTR newTemplate;
    CK_ULONG i, j, n, newLength, k;
    CK_ATTRIBUTE_TYPE_PTR oldTypes;
    NSSCKFWObject *rv;
    
    tmpArena = NSSArena_Create();
    if( (NSSArena *)NULL == tmpArena ) {
      *pError = CKR_HOST_MEMORY;
      return (NSSCKFWObject *)NULL;
    }

    n = nssCKFWObject_GetAttributeCount(fwObject, pError);
    if( (0 == n) && (CKR_OK != *pError) ) {
      return (NSSCKFWObject *)NULL;
    }

    oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
    if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
      NSSArena_Destroy(tmpArena);
      *pError = CKR_HOST_MEMORY;
      return (NSSCKFWObject *)NULL;
    }

    *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
    if( CKR_OK != *pError ) {
      NSSArena_Destroy(tmpArena);
      return (NSSCKFWObject *)NULL;
    }

    newLength = n;
    for( i = 0; i < ulAttributeCount; i++ ) {
      for( j = 0; j < n; j++ ) {
        if( oldTypes[j] == pTemplate[i].type ) {
          if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
            /* Removing the attribute */
            newLength--;
          }
          break;
        }
      }
      if( j == n ) {
        /* Not found */
        newLength++;
      }
    }

    newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
    if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
      NSSArena_Destroy(tmpArena);
      *pError = CKR_HOST_MEMORY;
      return (NSSCKFWObject *)NULL;
    }

    k = 0;
    for( j = 0; j < n; j++ ) {
      for( i = 0; i < ulAttributeCount; i++ ) {
        if( oldTypes[j] == pTemplate[i].type ) {
          if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
            /* This attribute is being deleted */
            ;
          } else {
            /* This attribute is being replaced */
            newTemplate[k].type = pTemplate[i].type;
            newTemplate[k].pValue = pTemplate[i].pValue;
            newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
            k++;
          }
          break;
        }
      }
      if( i == ulAttributeCount ) {
        /* This attribute is being copied over from the old object */
        NSSItem item, *it;
        item.size = 0;
        item.data = (void *)NULL;
        it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
          &item, tmpArena, pError);
        if( (NSSItem *)NULL == it ) {
          if( CKR_OK == *pError ) {
            *pError = CKR_GENERAL_ERROR;
          }
          NSSArena_Destroy(tmpArena);
          return (NSSCKFWObject *)NULL;
        }
        newTemplate[k].type = oldTypes[j];
        newTemplate[k].pValue = it->data;
        newTemplate[k].ulValueLen = it->size;
        k++;
      }
    }
    /* assert that k == newLength */

    rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
    if( (NSSCKFWObject *)NULL == rv ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      NSSArena_Destroy(tmpArena);
      return (NSSCKFWObject *)NULL;
    }

    NSSArena_Destroy(tmpArena);
    return rv;
  }
}
NSS_IMPLEMENT NSSCKFWSession* nssCKFWSession_Create ( NSSCKFWToken *  fwToken,
CK_BBOOL  rw,
CK_VOID_PTR  pApplication,
CK_NOTIFY  Notify,
CK_RV pError 
)

Definition at line 168 of file session.c.

{
  NSSArena *arena = (NSSArena *)NULL;
  NSSCKFWSession *fwSession;
  NSSCKFWSlot *fwSlot;

#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSCKFWSession *)NULL;
  }

  *pError = nssCKFWToken_verifyPointer(fwToken);
  if( CKR_OK != *pError ) {
    return (NSSCKFWSession *)NULL;
  }
#endif /* NSSDEBUG */

  arena = NSSArena_Create();
  if( (NSSArena *)NULL == arena ) {
    *pError = CKR_HOST_MEMORY;
    return (NSSCKFWSession *)NULL;
  }

  fwSession = nss_ZNEW(arena, NSSCKFWSession);
  if( (NSSCKFWSession *)NULL == fwSession ) {
    *pError = CKR_HOST_MEMORY;
    goto loser;
  }

  fwSession->arena = arena;
  fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
  fwSession->fwToken = fwToken;
  fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);

  fwSlot = nssCKFWToken_GetFWSlot(fwToken);
  fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
  fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);

  fwSession->rw = rw;
  fwSession->pApplication = pApplication;
  fwSession->Notify = Notify;

  fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;

  fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
  if( (nssCKFWHash *)NULL == fwSession->sessionObjectHash ) {
    if( CKR_OK == *pError ) {
      *pError = CKR_GENERAL_ERROR;
    }
    goto loser;
  }

#ifdef DEBUG
  *pError = session_add_pointer(fwSession);
  if( CKR_OK != *pError ) {
    goto loser;
  }
#endif /* DEBUG */

  return fwSession;

 loser:
  if( (NSSArena *)NULL != arena ) {
    if( fwSession && (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
      (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
    }
    NSSArena_Destroy(arena);
  }

  return (NSSCKFWSession *)NULL;
}
NSS_IMPLEMENT NSSCKFWObject* nssCKFWSession_CreateObject ( NSSCKFWSession *  fwSession,
CK_ATTRIBUTE_PTR  pTemplate,
CK_ULONG  ulAttributeCount,
CK_RV pError 
)

Definition at line 1266 of file session.c.

{
  NSSArena *arena;
  NSSCKMDObject *mdObject;
  NSSCKFWObject *fwObject;
  CK_BBOOL isTokenObject;

#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSCKFWObject *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != pError ) {
    return (NSSCKFWObject *)NULL;
  }

  if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
    *pError = CKR_ARGUMENTS_BAD;
    return (NSSCKFWObject *)NULL;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    *pError = CKR_GENERAL_ERROR;
    return (NSSCKFWObject *)NULL;
  }
#endif /* NSSDEBUG */

  /*
   * Here would be an excellent place to sanity-check the object.
   */

  isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
  if( CK_TRUE == isTokenObject ) {
    /* === TOKEN OBJECT === */

    if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
      *pError = CKR_TOKEN_WRITE_PROTECTED;
      return (NSSCKFWObject *)NULL;
    }

    arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
    if( (NSSArena *)NULL == arena ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      return (NSSCKFWObject *)NULL;
    }

    goto callmdcreateobject;
  } else {
    /* === SESSION OBJECT === */

    arena = nssCKFWSession_GetArena(fwSession, pError);
    if( (NSSArena *)NULL == arena ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      return (NSSCKFWObject *)NULL;
    }

    if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
                     fwSession->fwInstance) ) {
      /* --- module handles the session object -- */

      if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
        *pError = CKR_GENERAL_ERROR;
        return (NSSCKFWObject *)NULL;
      }
      
      goto callmdcreateobject;
    } else {
      /* --- framework handles the session object -- */
      mdObject = nssCKMDSessionObject_Create(fwSession->fwToken, 
        arena, pTemplate, ulAttributeCount, pError);
      goto gotmdobject;
    }
  }

 callmdcreateobject:
  mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
    fwSession, fwSession->mdToken, fwSession->fwToken,
    fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
    ulAttributeCount, pError);

 gotmdobject:
  if( (NSSCKMDObject *)NULL == mdObject ) {
    if( CKR_OK == *pError ) {
      *pError = CKR_GENERAL_ERROR;
    }
    return (NSSCKFWObject *)NULL;
  }

  fwObject = nssCKFWObject_Create(arena, mdObject, fwSession, 
    fwSession->fwToken, fwSession->fwInstance, pError);
  if( (NSSCKFWObject *)NULL == fwObject ) {
    if( CKR_OK == *pError ) {
      *pError = CKR_GENERAL_ERROR;
    }
    
    if( (void *)NULL != (void *)mdObject->Destroy ) {
      (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
        fwSession->mdSession, fwSession, fwSession->mdToken,
        fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
    }
    
    return (NSSCKFWObject *)NULL;
  }

  if( CK_FALSE == isTokenObject ) {
    if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
      *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
      if( CKR_OK != *pError ) {
        nssCKFWObject_Finalize(fwObject);
        return (NSSCKFWObject *)NULL;
      }
    }
  }
  
  return fwObject;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_DeregisterSessionObject ( NSSCKFWSession *  fwSession,
NSSCKFWObject *  fwObject 
)

Definition at line 652 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
    nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
  }

  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_Destroy ( NSSCKFWSession *  fwSession,
CK_BBOOL  removeFromTokenHash 
)

Definition at line 264 of file session.c.

{
  CK_RV error = CKR_OK;
  nssCKFWHash *sessionObjectHash;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }
#endif /* NSSDEBUG */

  if( removeFromTokenHash ) {
    error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
  }

  /*
   * Invalidate session objects
   */

  sessionObjectHash = fwSession->sessionObjectHash;
  fwSession->sessionObjectHash = (nssCKFWHash *)NULL;

  nssCKFWHash_Iterate(sessionObjectHash, 
                      nss_ckfw_session_object_destroy_iterator, 
                      (void *)NULL);

#ifdef DEBUG
  (void)session_remove_pointer(fwSession);
#endif /* DEBUG */
  (void)nssCKFWHash_Destroy(sessionObjectHash);
  NSSArena_Destroy(fwSession->arena);

  return error;
}
NSS_IMPLEMENT NSSCKFWFindObjects* nssCKFWSession_FindObjectsInit ( NSSCKFWSession *  fwSession,
CK_ATTRIBUTE_PTR  pTemplate,
CK_ULONG  ulAttributeCount,
CK_RV pError 
)

Definition at line 1629 of file session.c.

{
  NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
  NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;

#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSCKFWFindObjects *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (NSSCKFWFindObjects *)NULL;
  }

  if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
    *pError = CKR_ARGUMENTS_BAD;
    return (NSSCKFWFindObjects *)NULL;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    *pError = CKR_GENERAL_ERROR;
    return (NSSCKFWFindObjects *)NULL;
  }
#endif /* NSSDEBUG */

  if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
                   fwSession->fwInstance) ) {
    CK_ULONG i;

    /*
     * Does the search criteria restrict us to token or session
     * objects?
     */

    for( i = 0; i < ulAttributeCount; i++ ) {
      if( CKA_TOKEN == pTemplate[i].type ) {
        /* Yes, it does. */
        CK_BBOOL isToken;
        if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
          *pError = CKR_ATTRIBUTE_VALUE_INVALID;
          return (NSSCKFWFindObjects *)NULL;
        }
        (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));

        if( CK_TRUE == isToken ) {
          /* Pass it on to the module's search routine */
          if( (void *)NULL == (void *)fwSession->mdSession->FindObjectsInit ) {
            goto wrap;
          }

          mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
                    fwSession, fwSession->mdToken, fwSession->fwToken,
                    fwSession->mdInstance, fwSession->fwInstance, 
                    pTemplate, ulAttributeCount, pError);
        } else {
          /* Do the search ourselves */
          mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken, 
                    pTemplate, ulAttributeCount, pError);
        }

        if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
          if( CKR_OK == *pError ) {
            *pError = CKR_GENERAL_ERROR;
          }
          return (NSSCKFWFindObjects *)NULL;
        }
        
        goto wrap;
      }
    }

    if( i == ulAttributeCount ) {
      /* No, it doesn't.  Do a hybrid search. */
      mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
                fwSession, fwSession->mdToken, fwSession->fwToken,
                fwSession->mdInstance, fwSession->fwInstance, 
                pTemplate, ulAttributeCount, pError);

      if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
        if( CKR_OK == *pError ) {
          *pError = CKR_GENERAL_ERROR;
        }
        return (NSSCKFWFindObjects *)NULL;
      }

      mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
                pTemplate, ulAttributeCount, pError);
      if( (NSSCKMDFindObjects *)NULL == mdfo2 ) {
        if( CKR_OK == *pError ) {
          *pError = CKR_GENERAL_ERROR;
        }
        if( (void *)NULL != (void *)mdfo1->Final ) {
          mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
            fwSession, fwSession->mdToken, fwSession->fwToken, 
            fwSession->mdInstance, fwSession->fwInstance);
        }
        return (NSSCKFWFindObjects *)NULL;
      }

      goto wrap;
    }
    /*NOTREACHED*/
  } else {
    /* Module handles all its own objects.  Pass on to module's search */
    mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
              fwSession, fwSession->mdToken, fwSession->fwToken,
              fwSession->mdInstance, fwSession->fwInstance, 
              pTemplate, ulAttributeCount, pError);

    if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
      if( CKR_OK == *pError ) {
        *pError = CKR_GENERAL_ERROR;
      }
      return (NSSCKFWFindObjects *)NULL;
    }

    goto wrap;
  }

 wrap:
  return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
           fwSession->fwInstance, mdfo1, mdfo2, pError);
}
NSS_IMPLEMENT NSSArena* nssCKFWSession_GetArena ( NSSCKFWSession *  fwSession,
CK_RV pError 
)

Definition at line 328 of file session.c.

{
#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSArena *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (NSSArena *)NULL;
  }
#endif /* NSSDEBUG */

  return fwSession->arena;
}
NSS_IMPLEMENT NSSArena* NSSCKFWSession_GetArena ( NSSCKFWSession *  fwSession,
CK_RV pError 
)

Definition at line 1884 of file session.c.

{
#ifdef DEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSArena *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (NSSArena *)NULL;
  }
#endif /* DEBUG */

  return nssCKFWSession_GetArena(fwSession, pError);
}
NSS_IMPLEMENT CK_ULONG nssCKFWSession_GetDeviceError ( NSSCKFWSession *  fwSession)

Definition at line 676 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return (CK_ULONG)0;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return (CK_ULONG)0;
  }
#endif /* NSSDEBUG */

  if( (void *)NULL == (void *)fwSession->mdSession->GetDeviceError ) {
    return (CK_ULONG)0;
  }

  return fwSession->mdSession->GetDeviceError(fwSession->mdSession, 
    fwSession, fwSession->mdToken, fwSession->fwToken, 
    fwSession->mdInstance, fwSession->fwInstance);
}
NSS_IMPLEMENT NSSCKFWFindObjects* nssCKFWSession_GetFWFindObjects ( NSSCKFWSession *  fwSession,
CK_RV pError 
)

Definition at line 511 of file session.c.

{
#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (NSSCKFWFindObjects *)NULL;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (NSSCKFWFindObjects *)NULL;
  }
#endif /* NSSDEBUG */

  if( (NSSCKFWFindObjects *)NULL == fwSession->fwFindObjects ) {
    *pError = CKR_OPERATION_NOT_INITIALIZED;
    return (NSSCKFWFindObjects *)NULL;
  }

  return fwSession->fwFindObjects;
}
NSS_IMPLEMENT NSSCKFWSlot* nssCKFWSession_GetFWSlot ( NSSCKFWSession *  fwSession)

Definition at line 439 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return (NSSCKFWSlot *)NULL;
  }
#endif /* NSSDEBUG */

  return nssCKFWToken_GetFWSlot(fwSession->fwToken);
}
NSS_IMPLEMENT CK_SESSION_HANDLE nssCKFWSession_GetHandle ( NSSCKFWSession *  fwSession)

Definition at line 607 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return NULL;
  }
#endif /* NSSDEBUG */

  return fwSession->hSession;
}
NSS_IMPLEMENT NSSCKMDSession* nssCKFWSession_GetMDSession ( NSSCKFWSession *  fwSession)

Definition at line 309 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return (NSSCKMDSession *)NULL;
  }
#endif /* NSSDEBUG */

  return fwSession->mdSession;
}
NSS_IMPLEMENT NSSCKMDSession* NSSCKFWSession_GetMDSession ( NSSCKFWSession *  fwSession)

Definition at line 1864 of file session.c.

{
#ifdef DEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return (NSSCKMDSession *)NULL;
  }
#endif /* DEBUG */

  return nssCKFWSession_GetMDSession(fwSession);
}
NSS_IMPLEMENT CK_RV nssCKFWSession_GetOperationState ( NSSCKFWSession *  fwSession,
NSSItem *  buffer 
)

Definition at line 1056 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_ULONG fwAmt;
  CK_ULONG *ulBuffer;
  NSSItem i2;
  CK_ULONG n, i;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSItem *)NULL == buffer ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (void *)NULL == buffer->data ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  if( (void *)NULL == (void *)fwSession->mdSession->GetOperationState ) {
    return CKR_STATE_UNSAVEABLE;
  }

  /*
   * Sanity-check the caller's buffer.
   */

  error = CKR_OK;
  fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
  if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
    return error;
  }

  if( buffer->size < fwAmt ) {
    return CKR_BUFFER_TOO_SMALL;
  }

  ulBuffer = (CK_ULONG *)buffer->data;

  i2.size = buffer->size - 2*sizeof(CK_ULONG);
  i2.data = (void *)&ulBuffer[2];

  error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
    fwSession, fwSession->mdToken, fwSession->fwToken, 
    fwSession->mdInstance, fwSession->fwInstance, &i2);

  if( CKR_OK != error ) {
    return error;
  }

  /*
   * Add a little integrety/identity check.  
   * NOTE: right now, it's pretty stupid.  
   * A CRC or something would be better.
   */

  ulBuffer[0] = 0x434b4657; /* CKFW */
  ulBuffer[1] = 0;
  n = i2.size/sizeof(CK_ULONG);
  for( i = 0; i < n; i++ ) {
    ulBuffer[1] ^= ulBuffer[2+i];
  }

  return CKR_OK;
}
NSS_IMPLEMENT CK_ULONG nssCKFWSession_GetOperationStateLen ( NSSCKFWSession *  fwSession,
CK_RV pError 
)

Definition at line 1002 of file session.c.

{
  CK_ULONG mdAmt;
  CK_ULONG fwAmt;

#ifdef NSSDEBUG
  if( (CK_RV *)NULL == pError ) {
    return (CK_ULONG)0;
  }

  *pError = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != *pError ) {
    return (CK_ULONG)0;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    *pError = CKR_GENERAL_ERROR;
    return (CK_ULONG)0;
  }
#endif /* NSSDEBUG */

  if( (void *)NULL == (void *)fwSession->mdSession->GetOperationStateLen ) {
    *pError = CKR_STATE_UNSAVEABLE;
  }

  /*
   * We could check that the session is actually in some state..
   */

  mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
    fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, pError);

  if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
    return (CK_ULONG)0;
  }

  /*
   * Add a bit of sanity-checking
   */
  fwAmt = mdAmt + 2*sizeof(CK_ULONG);

  return fwAmt;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_GetRandom ( NSSCKFWSession *  fwSession,
NSSItem *  buffer 
)

Definition at line 1812 of file session.c.

{
  CK_RV error = CKR_OK;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSItem *)NULL == buffer ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (void *)NULL == buffer->data ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  if( (void *)NULL == (void *)fwSession->mdSession->GetRandom ) {
    if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
      return CKR_GENERAL_ERROR;
    } else {
      return CKR_RANDOM_NO_RNG;
    }
  }

  if( 0 == buffer->size ) {
    return CKR_OK;
  }

  error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, buffer);

  return error;
}
NSS_IMPLEMENT CK_STATE nssCKFWSession_GetSessionState ( NSSCKFWSession *  fwSession)

Definition at line 458 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CKS_RO_PUBLIC_SESSION; /* whatever */
  }
#endif /* NSSDEBUG */

  return nssCKFWToken_GetSessionState(fwSession->fwToken);
}
NSS_IMPLEMENT CK_RV nssCKFWSession_InitPIN ( NSSCKFWSession *  fwSession,
NSSItem *  pin 
)

Definition at line 897 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_STATE state;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
  if( CKS_RW_SO_FUNCTIONS != state ) {
    return CKR_USER_NOT_LOGGED_IN;
  }

  if( (NSSItem *)NULL == pin ) {
    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
    if( CK_TRUE != has ) {
      return CKR_ARGUMENTS_BAD;
    }
  }

  if( (void *)NULL == (void *)fwSession->mdSession->InitPIN ) {
    return CKR_TOKEN_WRITE_PROTECTED;
  }

  error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, pin);

  return error;
}
NSS_IMPLEMENT CK_BBOOL nssCKFWSession_IsRWSession ( NSSCKFWSession *  fwSession)

Definition at line 388 of file session.c.

{
#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CK_FALSE;
  }
#endif /* NSSDEBUG */

  return fwSession->rw;
}
NSS_IMPLEMENT CK_BBOOL NSSCKFWSession_IsRWSession ( NSSCKFWSession *  fwSession)

Definition at line 1934 of file session.c.

{
#ifdef DEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CK_FALSE;
  }
#endif /* DEBUG */

  return nssCKFWSession_IsRWSession(fwSession);
}
NSS_IMPLEMENT CK_BBOOL nssCKFWSession_IsSO ( NSSCKFWSession *  fwSession)

Definition at line 407 of file session.c.

{
  CK_STATE state;

#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CK_FALSE;
  }
#endif /* NSSDEBUG */

  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
  switch( state ) {
  case CKS_RO_PUBLIC_SESSION:
  case CKS_RO_USER_FUNCTIONS:
  case CKS_RW_PUBLIC_SESSION:
  case CKS_RW_USER_FUNCTIONS:
    return CK_FALSE;
  case CKS_RW_SO_FUNCTIONS:
    return CK_TRUE;
  default:
    return CK_FALSE;
  }
}
NSS_IMPLEMENT CK_BBOOL NSSCKFWSession_IsSO ( NSSCKFWSession *  fwSession)

Definition at line 1954 of file session.c.

{
#ifdef DEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CK_FALSE;
  }
#endif /* DEBUG */

  return nssCKFWSession_IsSO(fwSession);
}
NSS_IMPLEMENT CK_RV nssCKFWSession_Login ( NSSCKFWSession *  fwSession,
CK_USER_TYPE  userType,
NSSItem *  pin 
)

Definition at line 705 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_STATE oldState;
  CK_STATE newState;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  switch( userType ) {
  case CKU_SO:
  case CKU_USER:
    break;
  default:
    return CKR_USER_TYPE_INVALID;
  }

  if( (NSSItem *)NULL == pin ) {
    if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
      return CKR_ARGUMENTS_BAD;
    }
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);

  /*
   * It's not clear what happens when you're already logged in.
   * I'll just fail; but if we decide to change, the logic is
   * all right here.
   */

  if( CKU_SO == userType ) {
    switch( oldState ) {
    case CKS_RO_PUBLIC_SESSION:      
      /*
       * There's no such thing as a read-only security officer
       * session, so fail.  The error should be CKR_SESSION_READ_ONLY,
       * except that C_Login isn't defined to return that.  So we'll
       * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
       */
      return CKR_SESSION_READ_ONLY_EXISTS;
    case CKS_RO_USER_FUNCTIONS:
      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
    case CKS_RW_PUBLIC_SESSION:
      newState = CKS_RW_SO_FUNCTIONS;
      break;
    case CKS_RW_USER_FUNCTIONS:
      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
    case CKS_RW_SO_FUNCTIONS:
      return CKR_USER_ALREADY_LOGGED_IN;
    default:
      return CKR_GENERAL_ERROR;
    }
  } else /* CKU_USER == userType */ {
    switch( oldState ) {
    case CKS_RO_PUBLIC_SESSION:      
      newState = CKS_RO_USER_FUNCTIONS;
      break;
    case CKS_RO_USER_FUNCTIONS:
      return CKR_USER_ALREADY_LOGGED_IN;
    case CKS_RW_PUBLIC_SESSION:
      newState = CKS_RW_USER_FUNCTIONS;
      break;
    case CKS_RW_USER_FUNCTIONS:
      return CKR_USER_ALREADY_LOGGED_IN;
    case CKS_RW_SO_FUNCTIONS:
      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
    default:
      return CKR_GENERAL_ERROR;
    }
  }

  /*
   * So now we're in one of three cases:
   *
   * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
   * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
   * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
   */

  if( (void *)NULL == (void *)fwSession->mdSession->Login ) {
    /*
     * The Module doesn't want to be informed (or check the pin)
     * it'll just rely on the Framework as needed.
     */
    ;
  } else {
    error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
      fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
      fwSession->fwInstance, userType, pin, oldState, newState);
    if( CKR_OK != error ) {
      return error;
    }
  }

  (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_Logout ( NSSCKFWSession *  fwSession)

Definition at line 822 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_STATE oldState;
  CK_STATE newState;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);

  switch( oldState ) {
  case CKS_RO_PUBLIC_SESSION:
    return CKR_USER_NOT_LOGGED_IN;
  case CKS_RO_USER_FUNCTIONS:
    newState = CKS_RO_PUBLIC_SESSION;
    break;
  case CKS_RW_PUBLIC_SESSION:
    return CKR_USER_NOT_LOGGED_IN;
  case CKS_RW_USER_FUNCTIONS:
    newState = CKS_RW_PUBLIC_SESSION;
    break;
  case CKS_RW_SO_FUNCTIONS:
    newState = CKS_RW_PUBLIC_SESSION;
    break;
  default:
    return CKR_GENERAL_ERROR;
  }

  /*
   * So now we're in one of three cases:
   *
   * Old == CKS_RW_SO_FUNCTIONS,   New == CKS_RW_PUBLIC_SESSION;
   * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
   * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
   */

  if( (void *)NULL == (void *)fwSession->mdSession->Logout ) {
    /*
     * The Module doesn't want to be informed.  Okay.
     */
    ;
  } else {
    error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
      fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
      fwSession->fwInstance, oldState, newState);
    if( CKR_OK != error ) {
      /*
       * Now what?!  A failure really should end up with the Framework
       * considering it logged out, right?
       */
      ;
    }
  }

  (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
  return error;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_RegisterSessionObject ( NSSCKFWSession *  fwSession,
NSSCKFWObject *  fwObject 
)

Definition at line 626 of file session.c.

{
  CK_RV rv = CKR_OK;

#ifdef NSSDEBUG
  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
    rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
  }

  return rv;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SeedRandom ( NSSCKFWSession *  fwSession,
NSSItem *  seed 
)

Definition at line 1765 of file session.c.

{
  CK_RV error = CKR_OK;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSItem *)NULL == seed ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (void *)NULL == seed->data ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( 0 == seed->size ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  if( (void *)NULL == (void *)fwSession->mdSession->SeedRandom ) {
    return CKR_RANDOM_SEED_NOT_SUPPORTED;
  }

  error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, seed);

  return error;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SetFWFindObjects ( NSSCKFWSession *  fwSession,
NSSCKFWFindObjects *  fwFindObjects 
)

Definition at line 477 of file session.c.

{
#ifdef NSSDEBUG
  CK_RV error = CKR_OK;
#endif /* NSSDEBUG */

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  /* fwFindObjects may be null */
#endif /* NSSDEBUG */

  if( ((NSSCKFWFindObjects *)NULL != fwSession->fwFindObjects) &&
      ((NSSCKFWFindObjects *)NULL != fwFindObjects) ) {
    return CKR_OPERATION_ACTIVE;
  }

  fwSession->fwFindObjects = fwFindObjects;

  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SetHandle ( NSSCKFWSession *  fwSession,
CK_SESSION_HANDLE  hSession 
)

Definition at line 576 of file session.c.

{
#ifdef NSSDEBUG
  CK_RV error = CKR_OK;
#endif /* NSSDEBUG */

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }
#endif /* NSSDEBUG */

  if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
    return CKR_GENERAL_ERROR;
  }

  fwSession->hSession = hSession;

  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SetMDSession ( NSSCKFWSession *  fwSession,
NSSCKMDSession *  mdSession 
)

Definition at line 541 of file session.c.

{
#ifdef NSSDEBUG
  CK_RV error = CKR_OK;
#endif /* NSSDEBUG */

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSCKMDSession *)NULL == mdSession ) {
    return CKR_ARGUMENTS_BAD;
  }
#endif /* NSSDEBUG */

  if( (NSSCKMDSession *)NULL != fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }

  fwSession->mdSession = mdSession;

  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SetOperationState ( NSSCKFWSession *  fwSession,
NSSItem *  state,
NSSCKFWObject *  encryptionKey,
NSSCKFWObject *  authenticationKey 
)

Definition at line 1139 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_ULONG *ulBuffer;
  CK_ULONG n, i;
  CK_ULONG x;
  NSSItem s;
  NSSCKMDObject *mdek;
  NSSCKMDObject *mdak;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSItem *)NULL == state ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (void *)NULL == state->data ) {
    return CKR_ARGUMENTS_BAD;
  }

  if( (NSSCKFWObject *)NULL != encryptionKey ) {
    error = nssCKFWObject_verifyPointer(encryptionKey);
    if( CKR_OK != error ) {
      return error;
    }
  }

  if( (NSSCKFWObject *)NULL != authenticationKey ) {
    error = nssCKFWObject_verifyPointer(authenticationKey);
    if( CKR_OK != error ) {
      return error;
    }
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  ulBuffer = (CK_ULONG *)state->data;
  if( 0x43b4657 != ulBuffer[0] ) {
    return CKR_SAVED_STATE_INVALID;
  }
  n = (state->size / sizeof(CK_ULONG)) - 2;
  x = (CK_ULONG)0;
  for( i = 0; i < n; i++ ) {
    x ^= ulBuffer[2+i];
  }

  if( x != ulBuffer[1] ) {
    return CKR_SAVED_STATE_INVALID;
  }

  if( (void *)NULL == (void *)fwSession->mdSession->SetOperationState ) {
    return CKR_GENERAL_ERROR;
  }

  s.size = state->size - 2*sizeof(CK_ULONG);
  s.data = (void *)&ulBuffer[2];

  if( (NSSCKFWObject *)NULL != encryptionKey ) {
    mdek = nssCKFWObject_GetMDObject(encryptionKey);
  } else {
    mdek = (NSSCKMDObject *)NULL;
  }

  if( (NSSCKFWObject *)NULL != authenticationKey ) {
    mdak = nssCKFWObject_GetMDObject(authenticationKey);
  } else {
    mdak = (NSSCKMDObject *)NULL;
  }

  error = fwSession->mdSession->SetOperationState(fwSession->mdSession, 
    fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);

  if( CKR_OK != error ) {
    return error;
  }

  /*
   * Here'd we restore any session data
   */
  
  return CKR_OK;
}
NSS_IMPLEMENT CK_RV nssCKFWSession_SetPIN ( NSSCKFWSession *  fwSession,
NSSItem *  newPin,
NSSItem *  oldPin 
)

Definition at line 945 of file session.c.

{
  CK_RV error = CKR_OK;
  CK_STATE state;

#ifdef NSSDEBUG
  error = nssCKFWSession_verifyPointer(fwSession);
  if( CKR_OK != error ) {
    return error;
  }

  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
    return CKR_GENERAL_ERROR;
  }
#endif /* NSSDEBUG */

  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
  if( (CKS_RW_SO_FUNCTIONS != state) &&
      (CKS_RW_USER_FUNCTIONS != state) ) {
    return CKR_USER_NOT_LOGGED_IN;
  }

  if( (NSSItem *)NULL == newPin ) {
    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
    if( CK_TRUE != has ) {
      return CKR_ARGUMENTS_BAD;
    }
  }

  if( (NSSItem *)NULL == oldPin ) {
    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
    if( CK_TRUE != has ) {
      return CKR_ARGUMENTS_BAD;
    }
  }

  if( (void *)NULL == (void *)fwSession->mdSession->SetPIN ) {
    return CKR_TOKEN_WRITE_PROTECTED;
  }

  error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
    fwSession->fwInstance, newPin, oldPin);

  return error;
}