Kezdőlap Felfedezés Súgó
Bejelentkezés
khronosschoty
/
palemoon-dev
Figyelés 2
Kedvenc 1
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: ac60e7ecec
Branch-ok Tag-ek
palemoon-dev
/
platform
/
security
/
nss
/
lib
/
ckfw
/
capi
/
cfind.c

cfind.c 18 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562 
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
    2. 

  2.  * License, v. 2.0. If a copy of the MPL was not distributed with this
    3. 

  3.  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
    4. 

  4. 

  5. #ifndef CKCAPI_H
    6. 

  6. #include "ckcapi.h"
    7. 

  7. #endif /* CKCAPI_H */
    8. 

  8. 

  9. /*
    10. 

  10.  * ckcapi/cfind.c
    11. 

  11.  *
    12. 

  12.  * This file implements the NSSCKMDFindObjects object for the
    13. 

  13.  * "capi" cryptoki module.
    14. 

  14.  */
    15. 

  15. 

  16. struct ckcapiFOStr {
    17. 

  17.     NSSArena *arena;
    18. 

  18.     CK_ULONG n;
    19. 

  19.     CK_ULONG i;
    20. 

  20.     ckcapiInternalObject **objs;
    21. 

  21. };
    22. 

  22. 

  23. static void
    24. 

  24. ckcapi_mdFindObjects_Final(
    25. 

  25.     NSSCKMDFindObjects *mdFindObjects,
    26. 

  26.     NSSCKFWFindObjects *fwFindObjects,
    27. 

  27.     NSSCKMDSession *mdSession,
    28. 

  28.     NSSCKFWSession *fwSession,
    29. 

  29.     NSSCKMDToken *mdToken,
    30. 

  30.     NSSCKFWToken *fwToken,
    31. 

  31.     NSSCKMDInstance *mdInstance,
    32. 

  32.     NSSCKFWInstance *fwInstance)
    33. 

  33. {
    34. 

  34.     struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
    35. 

  35.     NSSArena *arena = fo->arena;
    36. 

  36.     PRUint32 i;
    37. 

  37. 

  38.     /* walk down an free the unused 'objs' */
    39. 

  39.     for (i = fo->i; i < fo->n; i++) {
    40. 

  40.         nss_ckcapi_DestroyInternalObject(fo->objs[i]);
    41. 

  41.     }
    42. 

  42. 

  43.     nss_ZFreeIf(fo->objs);
    44. 

  44.     nss_ZFreeIf(fo);
    45. 

  45.     nss_ZFreeIf(mdFindObjects);
    46. 

  46.     if ((NSSArena *)NULL != arena) {
    47. 

  47.         NSSArena_Destroy(arena);
    48. 

  48.     }
    49. 

  49. 

  50.     return;
    51. 

  51. }
    52. 

  52. 

  53. static NSSCKMDObject *
    54. 

  54. ckcapi_mdFindObjects_Next(
    55. 

  55.     NSSCKMDFindObjects *mdFindObjects,
    56. 

  56.     NSSCKFWFindObjects *fwFindObjects,
    57. 

  57.     NSSCKMDSession *mdSession,
    58. 

  58.     NSSCKFWSession *fwSession,
    59. 

  59.     NSSCKMDToken *mdToken,
    60. 

  60.     NSSCKFWToken *fwToken,
    61. 

  61.     NSSCKMDInstance *mdInstance,
    62. 

  62.     NSSCKFWInstance *fwInstance,
    63. 

  63.     NSSArena *arena,
    64. 

  64.     CK_RV *pError)
    65. 

  65. {
    66. 

  66.     struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
    67. 

  67.     ckcapiInternalObject *io;
    68. 

  68. 

  69.     if (fo->i == fo->n) {
    70. 

  70.         *pError = CKR_OK;
    71. 

  71.         return (NSSCKMDObject *)NULL;
    72. 

  72.     }
    73. 

  73. 

  74.     io = fo->objs[fo->i];
    75. 

  75.     fo->i++;
    76. 

  76. 

  77.     return nss_ckcapi_CreateMDObject(arena, io, pError);
    78. 

  78. }
    79. 

  79. 

  80. static CK_BBOOL
    81. 

  81. ckcapi_attrmatch(
    82. 

  82.     CK_ATTRIBUTE_PTR a,
    83. 

  83.     ckcapiInternalObject *o)
    84. 

  84. {
    85. 

  85.     PRBool prb;
    86. 

  86.     const NSSItem *b;
    87. 

  87. 

  88.     b = nss_ckcapi_FetchAttribute(o, a->type);
    89. 

  89.     if (b == NULL) {
    90. 

  90.         return CK_FALSE;
    91. 

  91.     }
    92. 

  92. 

  93.     if (a->ulValueLen != b->size) {
    94. 

  94.         /* match a decoded serial number */
    95. 

  95.         if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
    96. 

  96.             unsigned int len;
    97. 

  97.             unsigned char *data;
    98. 

  98. 

  99.             data = nss_ckcapi_DERUnwrap(b->data, b->size, &len, NULL);
    100. 

  100.             if ((len == a->ulValueLen) &&
    101. 

  101.                 nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
    102. 

  102.                 return CK_TRUE;
    103. 

  103.             }
    104. 

  104.         }
    105. 

  105.         return CK_FALSE;
    106. 

  106.     }
    107. 

  107. 

  108.     prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
    109. 

  109. 

  110.     if (PR_TRUE == prb) {
    111. 

  111.         return CK_TRUE;
    112. 

  112.     } else {
    113. 

  113.         return CK_FALSE;
    114. 

  114.     }
    115. 

  115. }
    116. 

  116. 

  117. static CK_BBOOL
    118. 

  118. ckcapi_match(
    119. 

  119.     CK_ATTRIBUTE_PTR pTemplate,
    120. 

  120.     CK_ULONG ulAttributeCount,
    121. 

  121.     ckcapiInternalObject *o)
    122. 

  122. {
    123. 

  123.     CK_ULONG i;
    124. 

  124. 

  125.     for (i = 0; i < ulAttributeCount; i++) {
    126. 

  126.         if (CK_FALSE == ckcapi_attrmatch(&pTemplate[i], o)) {
    127. 

  127.             return CK_FALSE;
    128. 

  128.         }
    129. 

  129.     }
    130. 

  130. 

  131.     /* Every attribute passed */
    132. 

  132.     return CK_TRUE;
    133. 

  133. }
    134. 

  134. 

  135. #define CKAPI_ITEM_CHUNK 20
    136. 

  136. 

  137. #define PUT_Object(obj, err)                                                    \
    138. 

  138.     {                                                                           \
    139. 

  139.         if (count >= size) {                                                    \
    140. 

  140.             *listp = *listp ? nss_ZREALLOCARRAY(*listp, ckcapiInternalObject *, \
    141. 

  141.                                                 (size +                         \
    142. 

  142.                                                  CKAPI_ITEM_CHUNK))             \
    143. 

  143.                             : nss_ZNEWARRAY(NULL, ckcapiInternalObject *,       \
    144. 

  144.                                             (size +                             \
    145. 

  145.                                              CKAPI_ITEM_CHUNK));                \
    146. 

  146.             if ((ckcapiInternalObject **)NULL == *listp) {                      \
    147. 

  147.                 err = CKR_HOST_MEMORY;                                          \
    148. 

  148.                 goto loser;                                                     \
    149. 

  149.             }                                                                   \
    150. 

  150.             size += CKAPI_ITEM_CHUNK;                                           \
    151. 

  151.         }                                                                       \
    152. 

  152.         (*listp)[count] = (obj);                                                \
    153. 

  153.         count++;                                                                \
    154. 

  154.     }
    155. 

  155. 

  156. /*
    157. 

  157.  * pass parameters back through the callback.
    158. 

  158.  */
    159. 

  159. typedef struct BareCollectParamsStr {
    160. 

  160.     CK_OBJECT_CLASS objClass;
    161. 

  161.     CK_ATTRIBUTE_PTR pTemplate;
    162. 

  162.     CK_ULONG ulAttributeCount;
    163. 

  163.     ckcapiInternalObject ***listp;
    164. 

  164.     PRUint32 size;
    165. 

  165.     PRUint32 count;
    166. 

  166. } BareCollectParams;
    167. 

  167. 

  168. /* collect_bare's callback. Called for each object that
    169. 

  169.  * supposedly has a PROVINDER_INFO property */
    170. 

  170. static BOOL WINAPI
    171. 

  171. doBareCollect(
    172. 

  172.     const CRYPT_HASH_BLOB *msKeyID,
    173. 

  173.     DWORD flags,
    174. 

  174.     void *reserved,
    175. 

  175.     void *args,
    176. 

  176.     DWORD cProp,
    177. 

  177.     DWORD *propID,
    178. 

  178.     void **propData,
    179. 

  179.     DWORD *propSize)
    180. 

  180. {
    181. 

  181.     BareCollectParams *bcp = (BareCollectParams *)args;
    182. 

  182.     PRUint32 size = bcp->size;
    183. 

  183.     PRUint32 count = bcp->count;
    184. 

  184.     ckcapiInternalObject ***listp = bcp->listp;
    185. 

  185.     ckcapiInternalObject *io = NULL;
    186. 

  186.     DWORD i;
    187. 

  187.     CRYPT_KEY_PROV_INFO *keyProvInfo = NULL;
    188. 

  188.     void *idData;
    189. 

  189.     CK_RV error;
    190. 

  190. 

  191.     /* make sure there is a Key Provider Info property */
    192. 

  192.     for (i = 0; i < cProp; i++) {
    193. 

  193.         if (CERT_KEY_PROV_INFO_PROP_ID == propID[i]) {
    194. 

  194.             keyProvInfo = (CRYPT_KEY_PROV_INFO *)propData[i];
    195. 

  195.             break;
    196. 

  196.         }
    197. 

  197.     }
    198. 

  198.     if ((CRYPT_KEY_PROV_INFO *)NULL == keyProvInfo) {
    199. 

  199.         return 1;
    200. 

  200.     }
    201. 

  201. 

  202.     /* copy the key ID */
    203. 

  203.     idData = nss_ZNEWARRAY(NULL, char, msKeyID->cbData);
    204. 

  204.     if ((void *)NULL == idData) {
    205. 

  205.         goto loser;
    206. 

  206.     }
    207. 

  207.     nsslibc_memcpy(idData, msKeyID->pbData, msKeyID->cbData);
    208. 

  208. 

  209.     /* build a bare internal object */
    210. 

  210.     io = nss_ZNEW(NULL, ckcapiInternalObject);
    211. 

  211.     if ((ckcapiInternalObject *)NULL == io) {
    212. 

  212.         goto loser;
    213. 

  213.     }
    214. 

  214.     io->type = ckcapiBareKey;
    215. 

  215.     io->objClass = bcp->objClass;
    216. 

  216.     io->u.key.provInfo = *keyProvInfo;
    217. 

  217.     io->u.key.provInfo.pwszContainerName =
    218. 

  218.         nss_ckcapi_WideDup(keyProvInfo->pwszContainerName);
    219. 

  219.     io->u.key.provInfo.pwszProvName =
    220. 

  220.         nss_ckcapi_WideDup(keyProvInfo->pwszProvName);
    221. 

  221.     io->u.key.provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
    222. 

  222.     io->u.key.containerName =
    223. 

  223.         nss_ckcapi_WideToUTF8(keyProvInfo->pwszContainerName);
    224. 

  224.     io->u.key.hProv = 0;
    225. 

  225.     io->idData = idData;
    226. 

  226.     io->id.data = idData;
    227. 

  227.     io->id.size = msKeyID->cbData;
    228. 

  228.     idData = NULL;
    229. 

  229. 

  230.     /* see if it matches */
    231. 

  231.     if (CK_FALSE == ckcapi_match(bcp->pTemplate, bcp->ulAttributeCount, io)) {
    232. 

  232.         goto loser;
    233. 

  233.     }
    234. 

  234.     PUT_Object(io, error);
    235. 

  235.     bcp->size = size;
    236. 

  236.     bcp->count = count;
    237. 

  237.     return 1;
    238. 

  238. 

  239. loser:
    240. 

  240.     if (io) {
    241. 

  241.         nss_ckcapi_DestroyInternalObject(io);
    242. 

  242.     }
    243. 

  243.     nss_ZFreeIf(idData);
    244. 

  244.     return 1;
    245. 

  245. }
    246. 

  246. 

  247. /*
    248. 

  248.  * collect the bare keys running around
    249. 

  249.  */
    250. 

  250. static PRUint32
    251. 

  251. collect_bare(
    252. 

  252.     CK_OBJECT_CLASS objClass,
    253. 

  253.     CK_ATTRIBUTE_PTR pTemplate,
    254. 

  254.     CK_ULONG ulAttributeCount,
    255. 

  255.     ckcapiInternalObject ***listp,
    256. 

  256.     PRUint32 *sizep,
    257. 

  257.     PRUint32 count,
    258. 

  258.     CK_RV *pError)
    259. 

  259. {
    260. 

  260.     BOOL rc;
    261. 

  261.     BareCollectParams bareCollectParams;
    262. 

  262. 

  263.     bareCollectParams.objClass = objClass;
    264. 

  264.     bareCollectParams.pTemplate = pTemplate;
    265. 

  265.     bareCollectParams.ulAttributeCount = ulAttributeCount;
    266. 

  266.     bareCollectParams.listp = listp;
    267. 

  267.     bareCollectParams.size = *sizep;
    268. 

  268.     bareCollectParams.count = count;
    269. 

  269. 

  270.     rc = CryptEnumKeyIdentifierProperties(NULL, CERT_KEY_PROV_INFO_PROP_ID, 0,
    271. 

  271.                                           NULL, NULL, &bareCollectParams, doBareCollect);
    272. 

  272. 

  273.     *sizep = bareCollectParams.size;
    274. 

  274.     return bareCollectParams.count;
    275. 

  275. }
    276. 

  276. 

  277. /* find all the certs that represent the appropriate object (cert, priv key, or
    278. 

  278.  *  pub key) in the cert store.
    279. 

  279.  */
    280. 

  280. static PRUint32
    281. 

  281. collect_class(
    282. 

  282.     CK_OBJECT_CLASS objClass,
    283. 

  283.     LPCSTR storeStr,
    284. 

  284.     PRBool hasID,
    285. 

  285.     CK_ATTRIBUTE_PTR pTemplate,
    286. 

  286.     CK_ULONG ulAttributeCount,
    287. 

  287.     ckcapiInternalObject ***listp,
    288. 

  288.     PRUint32 *sizep,
    289. 

  289.     PRUint32 count,
    290. 

  290.     CK_RV *pError)
    291. 

  291. {
    292. 

  292.     PRUint32 size = *sizep;
    293. 

  293.     ckcapiInternalObject *next = NULL;
    294. 

  294.     HCERTSTORE hStore;
    295. 

  295.     PCCERT_CONTEXT certContext = NULL;
    296. 

  296.     PRBool isKey =
    297. 

  297.         (objClass == CKO_PUBLIC_KEY) | (objClass == CKO_PRIVATE_KEY);
    298. 

  298. 

  299.     hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
    300. 

  300.     if (NULL == hStore) {
    301. 

  301.         return count; /* none found does not imply an error */
    302. 

  302.     }
    303. 

  303. 

  304.     /* FUTURE: use CertFindCertificateInStore to filter better -- so we don't
    305. 

  305.    * have to enumerate all the certificates */
    306. 

  306.     while ((PCERT_CONTEXT)NULL !=
    307. 

  307.            (certContext = CertEnumCertificatesInStore(hStore, certContext))) {
    308. 

  308.         /* first filter out non user certs if we are looking for keys */
    309. 

  309.         if (isKey) {
    310. 

  310.             /* make sure there is a Key Provider Info property */
    311. 

  311.             CRYPT_KEY_PROV_INFO *keyProvInfo;
    312. 

  312.             DWORD size = 0;
    313. 

  313.             BOOL rv;
    314. 

  314.             rv = CertGetCertificateContextProperty(certContext,
    315. 

  315.                                                    CERT_KEY_PROV_INFO_PROP_ID, NULL, &size);
    316. 

  316.             if (!rv) {
    317. 

  317.                 int reason = GetLastError();
    318. 

  318.                 /* we only care if it exists, we don't really need to fetch it yet */
    319. 

  319.                 if (reason == CRYPT_E_NOT_FOUND) {
    320. 

  320.                     continue;
    321. 

  321.                 }
    322. 

  322.             }
    323. 

  323.             /* filter out the non-microsoft providers */
    324. 

  324.             keyProvInfo = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
    325. 

  325.             if (keyProvInfo) {
    326. 

  326.                 rv = CertGetCertificateContextProperty(certContext,
    327. 

  327.                                                        CERT_KEY_PROV_INFO_PROP_ID, keyProvInfo, &size);
    328. 

  328.                 if (rv) {
    329. 

  329.                     char *provName =
    330. 

  330.                         nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
    331. 

  331.                     nss_ZFreeIf(keyProvInfo);
    332. 

  332. 

  333.                     if (provName &&
    334. 

  334.                         (strncmp(provName, "Microsoft", sizeof("Microsoft") - 1) != 0)) {
    335. 

  335.                         continue;
    336. 

  336.                     }
    337. 

  337.                 } else {
    338. 

  338.                     int reason =
    339. 

  339.                         GetLastError();
    340. 

  340.                     /* we only care if it exists, we don't really need to fetch it yet */
    341. 

  341.                     nss_ZFreeIf(keyProvInfo);
    342. 

  342.                     if (reason ==
    343. 

  343.                         CRYPT_E_NOT_FOUND) {
    344. 

  344.                         continue;
    345. 

  345.                     }
    346. 

  346.                 }
    347. 

  347.             }
    348. 

  348.         }
    349. 

  349. 

  350.         if ((ckcapiInternalObject *)NULL == next) {
    351. 

  351.             next = nss_ZNEW(NULL, ckcapiInternalObject);
    352. 

  352.             if ((ckcapiInternalObject *)NULL == next) {
    353. 

  353.                 *pError = CKR_HOST_MEMORY;
    354. 

  354.                 goto loser;
    355. 

  355.             }
    356. 

  356.         }
    357. 

  357.         next->type = ckcapiCert;
    358. 

  358.         next->objClass = objClass;
    359. 

  359.         next->u.cert.certContext = certContext;
    360. 

  360.         next->u.cert.hasID = hasID;
    361. 

  361.         next->u.cert.certStore = storeStr;
    362. 

  362.         if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, next)) {
    363. 

  363.             /* clear cached values that may be dependent on our old certContext */
    364. 

  364.             memset(&next->u.cert, 0, sizeof(next->u.cert));
    365. 

  365.             /* get a 'permanent' context */
    366. 

  366.             next->u.cert.certContext = CertDuplicateCertificateContext(certContext);
    367. 

  367.             next->objClass = objClass;
    368. 

  368.             next->u.cert.certContext = certContext;
    369. 

  369.             next->u.cert.hasID = hasID;
    370. 

  370.             next->u.cert.certStore = storeStr;
    371. 

  371.             PUT_Object(next, *pError);
    372. 

  372.             next = NULL; /* need to allocate a new one now */
    373. 

  373.         } else {
    374. 

  374.             /* don't cache the values we just loaded */
    375. 

  375.             memset(&next->u.cert, 0, sizeof(next->u.cert));
    376. 

  376.         }
    377. 

  377.     }
    378. 

  378. loser:
    379. 

  379.     CertCloseStore(hStore, 0);
    380. 

  380.     nss_ZFreeIf(next);
    381. 

  381.     *sizep = size;
    382. 

  382.     return count;
    383. 

  383. }
    384. 

  384. 

  385. NSS_IMPLEMENT PRUint32
    386. 

  386. nss_ckcapi_collect_all_certs(
    387. 

  387.     CK_ATTRIBUTE_PTR pTemplate,
    388. 

  388.     CK_ULONG ulAttributeCount,
    389. 

  389.     ckcapiInternalObject ***listp,
    390. 

  390.     PRUint32 *sizep,
    391. 

  391.     PRUint32 count,
    392. 

  392.     CK_RV *pError)
    393. 

  393. {
    394. 

  394.     count = collect_class(CKO_CERTIFICATE, "My", PR_TRUE, pTemplate,
    395. 

  395.                           ulAttributeCount, listp, sizep, count, pError);
    396. 

  396.     /*count = collect_class(CKO_CERTIFICATE, "AddressBook", PR_FALSE, pTemplate,
    397. 

  397.                         ulAttributeCount, listp, sizep, count, pError); */
    398. 

  398.     count = collect_class(CKO_CERTIFICATE, "CA", PR_FALSE, pTemplate,
    399. 

  399.                           ulAttributeCount, listp, sizep, count, pError);
    400. 

  400.     count = collect_class(CKO_CERTIFICATE, "Root", PR_FALSE, pTemplate,
    401. 

  401.                           ulAttributeCount, listp, sizep, count, pError);
    402. 

  402.     count = collect_class(CKO_CERTIFICATE, "Trust", PR_FALSE, pTemplate,
    403. 

  403.                           ulAttributeCount, listp, sizep, count, pError);
    404. 

  404.     count = collect_class(CKO_CERTIFICATE, "TrustedPeople", PR_FALSE, pTemplate,
    405. 

  405.                           ulAttributeCount, listp, sizep, count, pError);
    406. 

  406.     count = collect_class(CKO_CERTIFICATE, "AuthRoot", PR_FALSE, pTemplate,
    407. 

  407.                           ulAttributeCount, listp, sizep, count, pError);
    408. 

  408.     return count;
    409. 

  409. }
    410. 

  410. 

  411. CK_OBJECT_CLASS
    412. 

  412. ckcapi_GetObjectClass(CK_ATTRIBUTE_PTR pTemplate,
    413. 

  413.                       CK_ULONG ulAttributeCount)
    414. 

  414. {
    415. 

  415.     CK_ULONG i;
    416. 

  416. 

  417.     for (i = 0; i < ulAttributeCount; i++) {
    418. 

  418.         if (pTemplate[i].type == CKA_CLASS) {
    419. 

  419.             return *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
    420. 

  420.         }
    421. 

  421.     }
    422. 

  422.     /* need to return a value that says 'fetch them all' */
    423. 

  423.     return CK_INVALID_HANDLE;
    424. 

  424. }
    425. 

  425. 

  426. static PRUint32
    427. 

  427. collect_objects(
    428. 

  428.     CK_ATTRIBUTE_PTR pTemplate,
    429. 

  429.     CK_ULONG ulAttributeCount,
    430. 

  430.     ckcapiInternalObject ***listp,
    431. 

  431.     CK_RV *pError)
    432. 

  432. {
    433. 

  433.     PRUint32 i;
    434. 

  434.     PRUint32 count = 0;
    435. 

  435.     PRUint32 size = 0;
    436. 

  436.     CK_OBJECT_CLASS objClass;
    437. 

  437. 

  438.     /*
    439. 

  439.      * first handle the static build in objects (if any)
    440. 

  440.      */
    441. 

  441.     for (i = 0; i < nss_ckcapi_nObjects; i++) {
    442. 

  442.         ckcapiInternalObject *o = (ckcapiInternalObject *)&nss_ckcapi_data[i];
    443. 

  443. 

  444.         if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, o)) {
    445. 

  445.             PUT_Object(o, *pError);
    446. 

  446.         }
    447. 

  447.     }
    448. 

  448. 

  449.     /*
    450. 

  450.      * now handle the various object types
    451. 

  451.      */
    452. 

  452.     objClass = ckcapi_GetObjectClass(pTemplate, ulAttributeCount);
    453. 

  453.     *pError = CKR_OK;
    454. 

  454.     switch (objClass) {
    455. 

  455.         case CKO_CERTIFICATE:
    456. 

  456.             count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
    457. 

  457.                                                  &size, count, pError);
    458. 

  458.             break;
    459. 

  459.         case CKO_PUBLIC_KEY:
    460. 

  460.             count = collect_class(objClass, "My", PR_TRUE, pTemplate,
    461. 

  461.                                   ulAttributeCount, listp, &size, count, pError);
    462. 

  462.             count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
    463. 

  463.                                  &size, count, pError);
    464. 

  464.             break;
    465. 

  465.         case CKO_PRIVATE_KEY:
    466. 

  466.             count = collect_class(objClass, "My", PR_TRUE, pTemplate,
    467. 

  467.                                   ulAttributeCount, listp, &size, count, pError);
    468. 

  468.             count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
    469. 

  469.                                  &size, count, pError);
    470. 

  470.             break;
    471. 

  471.         /* all of them */
    472. 

  472.         case CK_INVALID_HANDLE:
    473. 

  473.             count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
    474. 

  474.                                                  &size, count, pError);
    475. 

  475.             count = collect_class(CKO_PUBLIC_KEY, "My", PR_TRUE, pTemplate,
    476. 

  476.                                   ulAttributeCount, listp, &size, count, pError);
    477. 

  477.             count = collect_bare(CKO_PUBLIC_KEY, pTemplate, ulAttributeCount, listp,
    478. 

  478.                                  &size, count, pError);
    479. 

  479.             count = collect_class(CKO_PRIVATE_KEY, "My", PR_TRUE, pTemplate,
    480. 

  480.                                   ulAttributeCount, listp, &size, count, pError);
    481. 

  481.             count = collect_bare(CKO_PRIVATE_KEY, pTemplate, ulAttributeCount, listp,
    482. 

  482.                                  &size, count, pError);
    483. 

  483.             break;
    484. 

  484.         default:
    485. 

  485.             goto done; /* no other object types we understand in this module */
    486. 

  486.     }
    487. 

  487.     if (CKR_OK != *pError) {
    488. 

  488.         goto loser;
    489. 

  489.     }
    490. 

  490. 

  491. done:
    492. 

  492.     return count;
    493. 

  493. loser:
    494. 

  494.     nss_ZFreeIf(*listp);
    495. 

  495.     return 0;
    496. 

  496. }
    497. 

  497. 

  498. NSS_IMPLEMENT NSSCKMDFindObjects *
    499. 

  499. nss_ckcapi_FindObjectsInit(
    500. 

  500.     NSSCKFWSession *fwSession,
    501. 

  501.     CK_ATTRIBUTE_PTR pTemplate,
    502. 

  502.     CK_ULONG ulAttributeCount,
    503. 

  503.     CK_RV *pError)
    504. 

  504. {
    505. 

  505.     /* This could be made more efficient.  I'm rather rushed. */
    506. 

  506.     NSSArena *arena;
    507. 

  507.     NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
    508. 

  508.     struct ckcapiFOStr *fo = (struct ckcapiFOStr *)NULL;
    509. 

  509.     ckcapiInternalObject **temp = (ckcapiInternalObject **)NULL;
    510. 

  510. 

  511.     arena = NSSArena_Create();
    512. 

  512.     if ((NSSArena *)NULL == arena) {
    513. 

  513.         goto loser;
    514. 

  514.     }
    515. 

  515. 

  516.     rv = nss_ZNEW(arena, NSSCKMDFindObjects);
    517. 

  517.     if ((NSSCKMDFindObjects *)NULL == rv) {
    518. 

  518.         *pError = CKR_HOST_MEMORY;
    519. 

  519.         goto loser;
    520. 

  520.     }
    521. 

  521. 

  522.     fo = nss_ZNEW(arena, struct ckcapiFOStr);
    523. 

  523.     if ((struct ckcapiFOStr *)NULL == fo) {
    524. 

  524.         *pError = CKR_HOST_MEMORY;
    525. 

  525.         goto loser;
    526. 

  526.     }
    527. 

  527. 

  528.     fo->arena = arena;
    529. 

  529.     /* fo->n and fo->i are already zero */
    530. 

  530. 

  531.     rv->etc = (void *)fo;
    532. 

  532.     rv->Final = ckcapi_mdFindObjects_Final;
    533. 

  533.     rv->Next = ckcapi_mdFindObjects_Next;
    534. 

  534.     rv->null = (void *)NULL;
    535. 

  535. 

  536.     fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
    537. 

  537.     if (*pError != CKR_OK) {
    538. 

  538.         goto loser;
    539. 

  539.     }
    540. 

  540. 

  541.     fo->objs = nss_ZNEWARRAY(arena, ckcapiInternalObject *, fo->n);
    542. 

  542.     if ((ckcapiInternalObject **)NULL == fo->objs) {
    543. 

  543.         *pError = CKR_HOST_MEMORY;
    544. 

  544.         goto loser;
    545. 

  545.     }
    546. 

  546. 

  547.     (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckcapiInternalObject *) * fo->n);
    548. 

  548.     nss_ZFreeIf(temp);
    549. 

  549.     temp = (ckcapiInternalObject **)NULL;
    550. 

  550. 

  551.     return rv;
    552. 

  552. 

  553. loser:
    554. 

  554.     nss_ZFreeIf(temp);
    555. 

  555.     nss_ZFreeIf(fo);
    556. 

  556.     nss_ZFreeIf(rv);
    557. 

  557.     if ((NSSArena *)NULL != arena) {
    558. 

  558.         NSSArena_Destroy(arena);
    559. 

  559.     }
    560. 

  560.     return (NSSCKMDFindObjects *)NULL;
    561. 

  561. }
    562. 

  562.