summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/ckfw/builtins/bfind.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/ckfw/builtins/bfind.c')
-rw-r--r--security/nss/lib/ckfw/builtins/bfind.c261
1 files changed, 261 insertions, 0 deletions
diff --git a/security/nss/lib/ckfw/builtins/bfind.c b/security/nss/lib/ckfw/builtins/bfind.c
new file mode 100644
index 0000000000..3e5da1a558
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/bfind.c
@@ -0,0 +1,261 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BUILTINS_H
+#include "builtins.h"
+#endif /* BUILTINS_H */
+
+/*
+ * builtins/find.c
+ *
+ * This file implements the NSSCKMDFindObjects object for the
+ * "builtin objects" cryptoki module.
+ */
+
+struct builtinsFOStr {
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ builtinsInternalObject **objs;
+};
+
+static void
+builtins_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
+}
+
+static NSSCKMDObject *
+builtins_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ builtinsInternalObject *io;
+
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ io = fo->objs[fo->i];
+ fo->i++;
+
+ return nss_builtins_CreateMDObject(arena, io, pError);
+}
+
+static int
+builtins_derUnwrapInt(unsigned char *src, int size, unsigned char **dest)
+{
+ unsigned char *start = src;
+ int len = 0;
+
+ if (*src++ != 2) {
+ return 0;
+ }
+ len = *src++;
+ if (len & 0x80) {
+ int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return 0;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | *src++;
+ }
+ }
+ if (len + (src - start) != size) {
+ return 0;
+ }
+ *dest = src;
+ return len;
+}
+
+static CK_BBOOL
+builtins_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ const NSSItem *b)
+{
+ PRBool prb;
+
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ int len;
+ unsigned char *data = NULL;
+
+ len = builtins_derUnwrapInt(b->data, b->size, &data);
+ if (data &&
+ (len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
+
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ } else {
+ return CK_FALSE;
+ }
+}
+
+static CK_BBOOL
+builtins_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ builtinsInternalObject *o)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ CK_ULONG j;
+
+ for (j = 0; j < o->n; j++) {
+ if (o->types[j] == pTemplate[i].type) {
+ if (CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j])) {
+ return CK_FALSE;
+ } else {
+ break;
+ }
+ }
+ }
+
+ if (j == o->n) {
+ /* Loop ran to the end: no matching attribute */
+ return CK_FALSE;
+ }
+ }
+
+ /* Every attribute passed */
+ return CK_TRUE;
+}
+
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nss_builtins_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
+
+/*
+ * 99% of the time we get 0 or 1 matches. So we start with a small
+ * stack-allocated array to hold the matches and switch to a heap-allocated
+ * array later if the number of matches exceeds STACK_BUF_LENGTH.
+ */
+#define STACK_BUF_LENGTH 1
+ builtinsInternalObject *stackTemp[STACK_BUF_LENGTH];
+ builtinsInternalObject **temp = stackTemp;
+ PRBool tempIsHeapAllocated = PR_FALSE;
+ PRUint32 i;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct builtinsFOStr);
+ if ((struct builtinsFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = builtins_mdFindObjects_Final;
+ rv->Next = builtins_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ for (i = 0; i < nss_builtins_nObjects; i++) {
+ builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
+
+ if (CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o)) {
+ if (fo->n == STACK_BUF_LENGTH) {
+ /* Switch from the small stack array to a heap-allocated array large
+ * enough to handle matches in all remaining cases. */
+ temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
+ fo->n + nss_builtins_nObjects - i);
+ if ((builtinsInternalObject **)NULL == temp) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+ tempIsHeapAllocated = PR_TRUE;
+ (void)nsslibc_memcpy(temp, stackTemp,
+ sizeof(builtinsInternalObject *) * fo->n);
+ }
+
+ temp[fo->n] = o;
+ fo->n++;
+ }
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
+ if ((builtinsInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ temp = (builtinsInternalObject **)NULL;
+ }
+
+ return rv;
+
+loser:
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ }
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}