/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef BUILTINS_H
#include "builtins.h"
#endif /* BUILTINS_H */
/*
* builtins/find.c
*
* This file implements the NSSCKMDFindObjects object for the
* "builtin objects" cryptoki module.
*/
struct builtinsFOStr {
NSSArena *arena;
CK_ULONG n;
CK_ULONG i;
builtinsInternalObject **objs;
};
static void
builtins_mdFindObjects_Final(
NSSCKMDFindObjects *mdFindObjects,
NSSCKFWFindObjects *fwFindObjects,
NSSCKMDSession *mdSession,
NSSCKFWSession *fwSession,
NSSCKMDToken *mdToken,
NSSCKFWToken *fwToken,
NSSCKMDInstance *mdInstance,
NSSCKFWInstance *fwInstance)
{
struct builtinsFOStr *fo = (
struct builtinsFOStr *)mdFindObjects->etc;
NSSArena *arena = fo->arena;
nss_ZFreeIf(fo->objs);
nss_ZFreeIf(fo);
nss_ZFreeIf(mdFindObjects);
if ((NSSArena *)NULL != arena) {
NSSArena_Destroy(arena);
}
return;
}
static NSSCKMDObject *
builtins_mdFindObjects_Next(
NSSCKMDFindObjects *mdFindObjects,
NSSCKFWFindObjects *fwFindObjects,
NSSCKMDSession *mdSession,
NSSCKFWSession *fwSession,
NSSCKMDToken *mdToken,
NSSCKFWToken *fwToken,
NSSCKMDInstance *mdInstance,
NSSCKFWInstance *fwInstance,
NSSArena *arena,
CK_RV *pError)
{
struct builtinsFOStr *fo = (
struct builtinsFOStr *)mdFindObjects->etc;
builtinsInternalObject *io;
if (fo->i == fo->n) {
*pError = CKR_OK;
return (NSSCKMDObject *)NULL;
}
io = fo->objs[fo->i];
fo->i++;
return nss_builtins_CreateMDObject(arena, io, pError);
}
static int
builtins_derUnwrapInt(
unsigned char *src,
int size,
unsigned char **dest)
{
unsigned char *start = src;
int len = 0;
if (*src++ != 2) {
return 0;
}
len = *src++;
if (len & 0x80) {
int count = len & 0x7f;
len = 0;
if (count + 2 > size) {
return 0;
}
while (count-- > 0) {
len = (len << 8) | *src++;
}
}
if (len + (src - start) != size) {
return 0;
}
*dest = src;
return len;
}
static CK_BBOOL
builtins_attrmatch(
CK_ATTRIBUTE_PTR a,
const NSSItem *b)
{
PRBool prb;
if (a->ulValueLen != b->size) {
/* match a decoded serial number */
if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
int len;
unsigned char *data = NULL;
len = builtins_derUnwrapInt(b->data, b->size, &data);
if (data &&
(len == a->ulValueLen) &&
nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
return CK_TRUE;
}
}
return CK_FALSE;
}
prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
if (PR_TRUE == prb) {
return CK_TRUE;
}
else {
return CK_FALSE;
}
}
static CK_BBOOL
builtins_match(
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
builtinsInternalObject *o)
{
CK_ULONG i;
for (i = 0; i < ulAttributeCount; i++) {
CK_ULONG j;
for (j = 0; j < o->n; j++) {
if (o->types[j] == pTemplate[i].type) {
if (CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j])) {
return CK_FALSE;
}
else {
break;
}
}
}
if (j == o->n) {
/* Loop ran to the end: no matching attribute */
return CK_FALSE;
}
}
/* Every attribute passed */
return CK_TRUE;
}
NSS_IMPLEMENT NSSCKMDFindObjects *
nss_builtins_FindObjectsInit(
NSSCKFWSession *fwSession,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
CK_RV *pError)
{
/* This could be made more efficient. I'm rather rushed. */
NSSArena *arena;
NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
struct builtinsFOStr *fo = (
struct builtinsFOStr *)NULL;
/*
* 99% of the time we get 0 or 1 matches. So we start with a small
* stack-allocated array to hold the matches and switch to a heap-allocated
* array later if the number of matches exceeds STACK_BUF_LENGTH.
*/
#define STACK_BUF_LENGTH 1
builtinsInternalObject *stackTemp[STACK_BUF_LENGTH];
builtinsInternalObject **temp = stackTemp;
PRBool tempIsHeapAllocated = PR_FALSE;
PRUint32 i;
arena = NSSArena_Create();
if ((NSSArena *)NULL == arena) {
goto loser;
}
rv = nss_ZNEW(arena, NSSCKMDFindObjects);
if ((NSSCKMDFindObjects *)NULL == rv) {
*pError = CKR_HOST_MEMORY;
goto loser;
}
fo = nss_ZNEW(arena,
struct builtinsFOStr);
if ((
struct builtinsFOStr *)NULL == fo) {
*pError = CKR_HOST_MEMORY;
goto loser;
}
fo->arena = arena;
/* fo->n and fo->i are already zero */
rv->etc = (
void *)fo;
rv->Final = builtins_mdFindObjects_Final;
rv->Next = builtins_mdFindObjects_Next;
rv->null = (
void *)NULL;
for (i = 0; i < nss_builtins_nObjects; i++) {
builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
if (CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o)) {
if (fo->n == STACK_BUF_LENGTH) {
/* Switch from the small stack array to a heap-allocated array large
* enough to handle matches in all remaining cases. */
temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
fo->n + nss_builtins_nObjects - i);
if ((builtinsInternalObject **)NULL == temp) {
*pError =
CKR_HOST_MEMORY;
goto loser;
}
tempIsHeapAllocated = PR_TRUE;
(
void)nsslibc_memcpy(temp, stackTemp,
sizeof(builtinsInternalObject *) * fo->n);
}
temp[fo->n] = o;
fo->n++;
}
}
fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
if ((builtinsInternalObject **)NULL == fo->objs) {
*pError = CKR_HOST_MEMORY;
goto loser;
}
(
void)nsslibc_memcpy(fo->objs, temp,
sizeof(builtinsInternalObject *) * fo->n);
if (tempIsHeapAllocated) {
nss_ZFreeIf(temp);
temp = (builtinsInternalObject **)NULL;
}
return rv;
loser:
if (tempIsHeapAllocated) {
nss_ZFreeIf(temp);
}
nss_ZFreeIf(fo);
nss_ZFreeIf(rv);
if ((NSSArena *)NULL != arena) {
NSSArena_Destroy(arena);
}
return (NSSCKMDFindObjects *)NULL;
}
