Coverage Report

Created: 2024-11-21 07:03

/src/nss-nspr/nss/lib/pk11wrap/pk11err.c
Line
Count
Source (jump to first uncovered line)
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
/*
5
 * this file maps PKCS11 Errors into SECErrors
6
 *  This is an information reducing process, since most errors are reflected
7
 *  back to the user (the user doesn't care about invalid flags, or active
8
 *  operations). If any of these errors need more detail in the upper layers
9
 *  which call PK11 library functions, we can add more SEC_ERROR_XXX functions
10
 *  and change there mappings here.
11
 *
12
 *  Some PKCS11 errors are mapped to SEC_ERROR_LIBRARY_FAILURE intentionally
13
 *  because they indicate that there is a bug in the library (either NSS or
14
 *  the token).
15
 */
16
#include "pkcs11t.h"
17
#include "pk11func.h"
18
#include "secerr.h"
19
#include "prerror.h"
20
21
#ifdef PK11_ERROR_USE_ARRAY
22
23
/*
24
 * build a static array of entries...
25
 */
26
static struct {
27
    CK_RV pk11_error;
28
    int sec_error;
29
} pk11_error_map = {
30
#define MAPERROR(x, y) { x, y },
31
32
#else
33
34
/* the default is to use a big switch statement */
35
int
36
PK11_MapError(CK_RV rv)
37
155
{
38
39
155
    switch (rv) {
40
0
#define MAPERROR(x, y) \
41
155
    case x:            \
42
155
        return y;
43
44
0
#endif
45
46
    /* the guts mapping */
47
    /* clang-format off */
48
0
    MAPERROR(CKR_OK, 0)
49
0
    MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
50
12
    MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
51
0
    MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
52
9
    MAPERROR(CKR_ARGUMENTS_BAD, SEC_ERROR_INVALID_ARGS)
53
0
    MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
54
0
    MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
55
0
    MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
56
0
    MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
57
2
    MAPERROR(CKR_BUFFER_TOO_SMALL, SEC_ERROR_OUTPUT_LEN)
58
0
    MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
59
10
    MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_INPUT_LEN)
60
0
    MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_PKCS11_DEVICE_ERROR)
61
0
    MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
62
0
    MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
63
1
    MAPERROR(CKR_DOMAIN_PARAMS_INVALID, SEC_ERROR_INVALID_KEY)
64
8
    MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
65
0
    MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
66
0
    MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
67
0
    MAPERROR(CKR_FUNCTION_FAILED, SEC_ERROR_PKCS11_FUNCTION_FAILED)
68
0
    MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
69
0
    MAPERROR(CKR_FUNCTION_NOT_SUPPORTED, PR_NOT_IMPLEMENTED_ERROR)
70
0
    MAPERROR(CKR_GENERAL_ERROR, SEC_ERROR_PKCS11_GENERAL_ERROR)
71
0
    MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
72
61
    MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
73
0
    MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
74
38
    MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_INVALID_ALGORITHM)
75
5
    MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
76
0
    MAPERROR(CKR_NO_EVENT, SEC_ERROR_NO_EVENT)
77
0
    MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
78
0
    MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
79
0
    MAPERROR(CKR_OPERATION_NOT_INITIALIZED, SEC_ERROR_LIBRARY_FAILURE)
80
0
    MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
81
0
    MAPERROR(CKR_PIN_INVALID, SEC_ERROR_INVALID_PASSWORD)
82
0
    MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_INVALID_PASSWORD)
83
0
    MAPERROR(CKR_PIN_EXPIRED, SEC_ERROR_EXPIRED_PASSWORD)
84
0
    MAPERROR(CKR_PIN_LOCKED, SEC_ERROR_LOCKED_PASSWORD)
85
0
    MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
86
0
    MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
87
0
    MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
88
0
    MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
89
0
    MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_READ_ONLY)
90
0
    MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
91
0
    MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
92
0
    MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
93
9
    MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
94
0
    MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
95
0
    MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
96
0
    MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
97
0
    MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
98
0
    MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
99
0
    MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
100
0
    MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
101
0
    MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_TOKEN_NOT_LOGGED_IN)
102
0
    MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
103
0
    MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
104
0
    MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
105
0
    MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
106
0
    MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
107
0
    MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
108
0
    MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
109
0
    MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
110
0
    MAPERROR(CKR_NSS_CERTDB_FAILED, SEC_ERROR_BAD_DATABASE)
111
0
    MAPERROR(CKR_NSS_KEYDB_FAILED, SEC_ERROR_BAD_DATABASE)
112
0
    MAPERROR(CKR_CANT_LOCK, SEC_ERROR_INCOMPATIBLE_PKCS11)
113
/* clang-format on */
114
115
#ifdef PK11_ERROR_USE_ARRAY
116
};
117
118
int
119
PK11_MapError(CK_RV rv)
120
{
121
    int size = sizeof(pk11_error_map) / sizeof(pk11_error_map[0]);
122
123
    for (i = 0; i < size; i++) {
124
        if (pk11_error_map[i].pk11_error == rv) {
125
            return pk11_error_map[i].sec_error;
126
        }
127
    }
128
    return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
129
}
130
131
#else
132
133
            /* clang-format off */
134
0
    default :
135
0
        break;
136
            /* clang-format on */
137
155
    }
138
0
    return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
139
155
}
140
141
#endif