Coverage Report

Created: 2024-11-21 07:03

/src/nss-nspr/nss/lib/pk11wrap/dev3hack.c
Line
Count
Source (jump to first uncovered line)
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5
#ifndef PKIT_H
6
#include "pkit.h"
7
#endif /* PKIT_H */
8
9
#ifndef DEVM_H
10
#include "devm.h"
11
#endif /* DEVM_H */
12
13
#include "pki3hack.h"
14
#include "dev3hack.h"
15
#include "pkim.h"
16
17
#ifndef BASE_H
18
#include "base.h"
19
#endif /* BASE_H */
20
21
#include "pk11func.h"
22
#include "secmodti.h"
23
#include "secerr.h"
24
25
NSS_IMPLEMENT nssSession *
26
nssSession_ImportNSS3Session(NSSArena *arenaOpt,
27
                             CK_SESSION_HANDLE session,
28
                             PZLock *lock, PRBool rw)
29
4
{
30
4
    nssSession *rvSession = NULL;
31
4
    if (session != CK_INVALID_HANDLE) {
32
4
        rvSession = nss_ZNEW(arenaOpt, nssSession);
33
4
        if (rvSession) {
34
4
            rvSession->handle = session;
35
4
            rvSession->lock = lock;
36
4
            rvSession->ownLock = PR_FALSE;
37
4
            rvSession->isRW = rw;
38
4
        }
39
4
    }
40
4
    return rvSession;
41
4
}
42
43
NSS_IMPLEMENT nssSession *
44
nssSlot_CreateSession(
45
    NSSSlot *slot,
46
    NSSArena *arenaOpt,
47
    PRBool readWrite)
48
0
{
49
0
    nssSession *rvSession;
50
51
0
    if (!readWrite) {
52
        /* nss3hack version only returns rw swssions */
53
0
        return NULL;
54
0
    }
55
0
    rvSession = nss_ZNEW(arenaOpt, nssSession);
56
0
    if (!rvSession) {
57
0
        return (nssSession *)NULL;
58
0
    }
59
60
0
    rvSession->handle = PK11_GetRWSession(slot->pk11slot);
61
0
    if (rvSession->handle == CK_INVALID_HANDLE) {
62
0
        nss_ZFreeIf(rvSession);
63
0
        return NULL;
64
0
    }
65
0
    rvSession->isRW = PR_TRUE;
66
0
    rvSession->slot = slot;
67
    /*
68
     * The session doesn't need its own lock.  Here's why.
69
     * 1. If we are reusing the default RW session of the slot,
70
     *    the slot lock is already locked to protect the session.
71
     * 2. If the module is not thread safe, the slot (or rather
72
     *    module) lock is already locked.
73
     * 3. If the module is thread safe and we are using a new
74
     *    session, no higher-level lock has been locked and we
75
     *    would need a lock for the new session.  However, the
76
     *    current usage of the session is that it is always
77
     *    used and destroyed within the same function and never
78
     *    shared with another thread.
79
     * So the session is either already protected by another
80
     * lock or only used by one thread.
81
     */
82
0
    rvSession->lock = NULL;
83
0
    rvSession->ownLock = PR_FALSE;
84
0
    return rvSession;
85
0
}
86
87
NSS_IMPLEMENT PRStatus
88
nssSession_Destroy(nssSession *s)
89
0
{
90
0
    PRStatus rv = PR_SUCCESS;
91
0
    if (s) {
92
0
        if (s->isRW) {
93
0
            PK11_RestoreROSession(s->slot->pk11slot, s->handle);
94
0
        }
95
0
        rv = nss_ZFreeIf(s);
96
0
    }
97
0
    return rv;
98
0
}
99
100
static NSSSlot *
101
nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
102
4
{
103
4
    NSSSlot *rvSlot;
104
4
    NSSArena *arena;
105
4
    arena = nssArena_Create();
106
4
    if (!arena) {
107
0
        return NULL;
108
0
    }
109
4
    rvSlot = nss_ZNEW(arena, NSSSlot);
110
4
    if (!rvSlot) {
111
0
        nssArena_Destroy(arena);
112
0
        return NULL;
113
0
    }
114
4
    rvSlot->base.refCount = 1;
115
4
    rvSlot->base.lock = PZ_NewLock(nssILockOther);
116
4
    rvSlot->base.arena = arena;
117
4
    rvSlot->pk11slot = PK11_ReferenceSlot(nss3slot);
118
4
    rvSlot->epv = nss3slot->functionList;
119
4
    rvSlot->slotID = nss3slot->slotID;
120
    /* Grab the slot name from the PKCS#11 fixed-length buffer */
121
4
    rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name, td->arena);
122
4
    rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
123
4
    rvSlot->isPresentLock = PZ_NewLock(nssiLockOther);
124
4
    rvSlot->isPresentCondition = PR_NewCondVar(rvSlot->isPresentLock);
125
4
    rvSlot->isPresentThread = NULL;
126
4
    rvSlot->lastTokenPingState = nssSlotLastPingState_Reset;
127
4
    return rvSlot;
128
4
}
129
130
NSSToken *
131
nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
132
4
{
133
4
    NSSToken *rvToken;
134
4
    NSSArena *arena;
135
136
    /* Don't create a token object for a disabled slot */
137
4
    if (nss3slot->disabled) {
138
0
        PORT_SetError(SEC_ERROR_NO_TOKEN);
139
0
        return NULL;
140
0
    }
141
4
    arena = nssArena_Create();
142
4
    if (!arena) {
143
0
        return NULL;
144
0
    }
145
4
    rvToken = nss_ZNEW(arena, NSSToken);
146
4
    if (!rvToken) {
147
0
        nssArena_Destroy(arena);
148
0
        return NULL;
149
0
    }
150
4
    rvToken->base.refCount = 1;
151
4
    rvToken->base.lock = PZ_NewLock(nssILockOther);
152
4
    if (!rvToken->base.lock) {
153
0
        nssArena_Destroy(arena);
154
0
        return NULL;
155
0
    }
156
4
    rvToken->base.arena = arena;
157
4
    rvToken->pk11slot = PK11_ReferenceSlot(nss3slot);
158
4
    rvToken->epv = nss3slot->functionList;
159
4
    rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
160
4
                                                           nss3slot->session,
161
4
                                                           nss3slot->sessionLock,
162
4
                                                           nss3slot->defRWSession);
163
#if 0 /* we should do this instead of blindly continuing. */
164
    if (!rvToken->defaultSession) {
165
    PORT_SetError(SEC_ERROR_NO_TOKEN);
166
        goto loser;
167
    }
168
#endif
169
4
    if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
170
0
        rvToken->cache = nssTokenObjectCache_Create(rvToken,
171
0
                                                    PR_TRUE, PR_TRUE, PR_TRUE);
172
0
        if (!rvToken->cache)
173
0
            goto loser;
174
0
    }
175
4
    rvToken->trustDomain = td;
176
    /* Grab the token name from the PKCS#11 fixed-length buffer */
177
4
    rvToken->base.name = nssUTF8_Duplicate(nss3slot->token_name, td->arena);
178
4
    rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
179
4
    if (!rvToken->slot) {
180
0
        goto loser;
181
0
    }
182
4
    if (rvToken->defaultSession)
183
4
        rvToken->defaultSession->slot = rvToken->slot;
184
4
    return rvToken;
185
0
loser:
186
0
    PZ_DestroyLock(rvToken->base.lock);
187
0
    nssArena_Destroy(arena);
188
0
    return NULL;
189
4
}
190
191
NSS_IMPLEMENT void
192
nssToken_UpdateName(NSSToken *token)
193
4
{
194
4
    if (!token) {
195
4
        return;
196
4
    }
197
0
    token->base.name = nssUTF8_Duplicate(token->pk11slot->token_name, token->base.arena);
198
0
}
199
200
NSS_IMPLEMENT PRBool
201
nssSlot_IsPermanent(NSSSlot *slot)
202
0
{
203
0
    return slot->pk11slot->isPerm;
204
0
}
205
206
NSS_IMPLEMENT PRBool
207
nssSlot_IsFriendly(NSSSlot *slot)
208
0
{
209
0
    return PK11_IsFriendly(slot->pk11slot);
210
0
}
211
212
NSS_IMPLEMENT PRStatus
213
nssToken_Refresh(NSSToken *token)
214
4
{
215
4
    PK11SlotInfo *nss3slot;
216
217
4
    if (!token) {
218
4
        return PR_SUCCESS;
219
4
    }
220
0
    nss3slot = token->pk11slot;
221
0
    token->defaultSession =
222
0
        nssSession_ImportNSS3Session(token->slot->base.arena,
223
0
                                     nss3slot->session,
224
0
                                     nss3slot->sessionLock,
225
0
                                     nss3slot->defRWSession);
226
0
    return token->defaultSession ? PR_SUCCESS : PR_FAILURE;
227
4
}
228
229
NSS_IMPLEMENT PRStatus
230
nssToken_GetTrustOrder(NSSToken *tok)
231
0
{
232
0
    PK11SlotInfo *slot;
233
0
    SECMODModule *module;
234
0
    slot = tok->pk11slot;
235
0
    module = PK11_GetModule(slot);
236
0
    return module->trustOrder;
237
0
}
238
239
NSS_IMPLEMENT PRBool
240
nssSlot_IsLoggedIn(NSSSlot *slot)
241
0
{
242
0
    if (!slot->pk11slot->needLogin) {
243
0
        return PR_TRUE;
244
0
    }
245
0
    return PK11_IsLoggedIn(slot->pk11slot, NULL);
246
0
}
247
248
NSSTrustDomain *
249
nssToken_GetTrustDomain(NSSToken *token)
250
0
{
251
0
    return token->trustDomain;
252
0
}
253
254
NSS_EXTERN PRStatus
255
nssTrustDomain_RemoveTokenCertsFromCache(
256
    NSSTrustDomain *td,
257
    NSSToken *token);
258
259
NSS_IMPLEMENT PRStatus
260
nssToken_NotifyCertsNotVisible(
261
    NSSToken *tok)
262
0
{
263
0
    return nssTrustDomain_RemoveTokenCertsFromCache(tok->trustDomain, tok);
264
0
}