/*----------------------------------------------------------------------- * File: CSM_CSPI.C * * Copyright (c) 1995-2000 Intel Corporation. All rights reserved. *----------------------------------------------------------------------- */ /* * OpenVMS History * * 13-Sep-2002 Carol Kelly * o Merge in V3_14 changes * */ #include "maf_include.h" #include "csm_cspi.h" #ifdef _DEBUG #define ASSERT_VALID_ERROR_CODE( _err ) \ assert( ( _err == CSSM_OK ) || \ ( ( _err > CSSM_BASE_ERROR ) && \ ( _err < MAF_INTERNAL_ERROR_BASE ) ) ) #else /* _DEBUG */ #define ASSERT_VALID_ERROR_CODE( _err ) #endif /* _DEBUG */ #define MASSAGE_ERROR_CODE( _err ) \ { \ if ( ( _err != CSSM_OK ) && \ ( ( _err / CSSM_ERRORCODE_MODULE_EXTENT ) == 0 ) ) \ { \ _err |= CSSM_CSP_BASE_ERROR; \ } \ } CSSM_RETURN CSSMAPI CSM_EventNotify( CSSM_MODULE_HANDLE Handle, CSSM_CONTEXT_EVENT Event, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT* pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, Handle, LockRef ); if ( rv == CSSM_OK ) { #ifndef CSM_TRUSTWAY /* Call the user defined functionality */ rv = ADDIN_CSM_EventNotify( Handle, Event, CCHandle, pContext ); #endif /* Handle "delete" events */ if ( Event != CSSM_CONTEXT_EVENT_CREATE ) { CSM_SESSION *pSession = NULL; void *SessionLockRef = NULL; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Find staged session state if it exists */ /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Check to see if we have a staged session in progress */ rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ); if ( rv == CSSM_OK ) { if ( Event == CSSM_CONTEXT_EVENT_DELETE ) { /* Clear the operation state */ switch ( pSession->SessionType ) { case CSM_ST_DIGEST: { ADDIN_CSM_DigestDataError( pSession ); break; } case CSM_ST_ENCRYPT: { ADDIN_CSM_EncryptDataError( pSession ); break; } case CSM_ST_DECRYPT: { ADDIN_CSM_DecryptDataError( pSession ); break; } case CSM_ST_GEN_MAC: { ADDIN_CSM_GenerateMacError( pSession ); break; } case CSM_ST_VERIFY_MAC: { ADDIN_CSM_VerifyMacError( pSession ); break; } default: { /* Not a staged operation, no need to clear state */ ; } } /* Release the context lock and delete it */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } else if ( Event == CSSM_CONTEXT_EVENT_UPDATE ) { /* duplicate context in the session */ rv = CSM_DuplicateContext( pContext, &pSession->pContext ); /* Release the context lock and delete it */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } } else { /* This is not an error. The context was not in use */ rv = CSSM_OK; } } /* Event != CREATE */ #ifdef CSM_TRUSTWAY /* Call the user defined functionality */ rv = ADDIN_CSM_EventNotify( Handle, Event, CCHandle, pContext ); #endif /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_QuerySize( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, CSSM_BOOL Encrypt, uint32 QuerySizeCount, CSSM_QUERY_SIZE_DATA *DataBlock ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION_TYPE SessionType; CSM_SESSION *pSession = NULL; MLC_LOCK_REF SessionLockRef = NULL; CSSM_BOOL bStaged = CSSM_FALSE; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Perform input parameter checks */ if ( DataBlock == NULL ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else if ( QuerySizeCount == 0 ) { ERR( rv = CSSMERR_CSP_INVALID_DATA_COUNT ); } else if ( port_IsBadWritePtr( DataBlock, QuerySizeCount * sizeof(CSSM_QUERY_SIZE_DATA) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Check to see if we have a staged session in progress */ if ( CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_READ_LOCK, &pSession, &SessionLockRef ) == CSSM_OK ) { bStaged = CSSM_TRUE; } else { /* Single part query. Create a temporary session */ bStaged = CSSM_FALSE; /* Get the correct session type */ if ( ( rv = CSM_GetSessionType( pContext->ContextType, Encrypt, &SessionType ) ) == CSSM_OK ) { /* Create a temporary session */ rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, SessionType, &pSession ); } } if ( rv == CSSM_OK ) { /* Call the user defined functionality */ rv = ADDIN_CSM_QuerySize( pSession, Encrypt, QuerySizeCount, DataBlock ); /* Delete the session if it is temporary, otherwise release locks */ if ( bStaged == CSSM_TRUE ) { CSM_UnlockStagedSession( MLC_READ_LOCK, SessionLockRef ); } else { CSM_DeleteSession( pSession ); } } } /* Valid parameters */ /* Clear the execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ /* Set return values and clear execution context */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_SignData( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *DataBufs, uint32 DataBufCount, CSSM_ALGORITHMS DigestAlgorithm, CSSM_DATA *Signature ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) && /* Validate the output buffers */ ( ( rv = CSM_ValidateOutputBuffers( Signature, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_SIGN, &pSession ) ) == CSSM_OK ) { rv = ADDIN_CSM_SignData( pSession, DataBufs, DataBufCount, DigestAlgorithm, Signature ); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_SignDataInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_SIGN, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_SignDataInit( pSession ); /* Clean up the session list */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_SignDataUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_SIGN ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SIGNATURE ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) { rv = ADDIN_CSM_SignDataUpdate( pSession, DataBufs, DataBufCount ); } /* Unlock the session since we are done */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_SignDataError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* Check session type */ } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_SignDataFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, CSSM_DATA *Signature ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_SIGN ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SIGNATURE ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the output buffers */ if ( ( rv = CSM_ValidateOutputBuffers( Signature, 1, CSSM_FALSE) ) == CSSM_OK ) { rv = ADDIN_CSM_SignDataFinal( pSession, Signature ); } /* Unlock the staged session since we are done with it */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in an error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_SignDataError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyData ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *DataBufs, uint32 DataBufCount, CSSM_ALGORITHMS DigestAlgorithm, const CSSM_DATA *Signature ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateInputBuffers( Signature, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_VERIFY, &pSession ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyData( pSession, DataBufs, DataBufCount, DigestAlgorithm, Signature ); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyDataInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_VERIFY, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyDataInit( pSession ); /* Clean up the session list */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyDataUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_VERIFY ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SIGNATURE ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyDataUpdate( pSession, DataBufs, DataBufCount ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_VerifyDataError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyDataFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *Signature ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_VERIFY ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SIGNATURE ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input buffers */ if ( ( rv = CSM_ValidateInputBuffers( Signature, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyDataFinal( pSession, Signature ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_VerifyDataError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DigestData ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *DataBufs, uint32 DataBufCount, CSSM_DATA *Digest ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( Digest, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { /* Create a temporary session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_DIGEST, &pSession ) ) == CSSM_OK ) { /* Call the CSP specific handler */ rv = ADDIN_CSM_DigestData( pSession, DataBufs, DataBufCount, Digest ); /* Tear down the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DigestDataInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_DIGEST, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_DigestDataInit( pSession ); /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list */ if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DigestDataUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_DIGEST ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_DIGEST ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) { rv = ADDIN_CSM_DigestDataUpdate( pSession, DataBufs, DataBufCount ); } /* Validation */ /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK) { /* Tell the service provider code to clear state */ ADDIN_CSM_DigestDataError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DigestDataClone ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE OldCCHandle, CSSM_CC_HANDLE NewCCHandle ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Duplicate the session state information */ rv = CSM_DuplicateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, OldCCHandle, NewCCHandle, ADDIN_CSM_DuplicateDigestState ); /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DigestDataFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, CSSM_DATA *Digest ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_DIGEST ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_DIGEST ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the output buffers */ if ( ( rv = CSM_ValidateOutputBuffers( Digest, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_DigestDataFinal( pSession, Digest ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_DigestDataError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateMac ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *DataBufs, uint32 DataBufCount, CSSM_DATA *Mac ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/ouput parameters */ if ( ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( Mac, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { /* Create a temporary session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_GEN_MAC, &pSession ) ) == CSSM_OK ) { /* Call the CSP specific handler */ rv = ADDIN_CSM_GenerateMac( pSession, DataBufs, DataBufCount, Mac ); /* Tear down the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateMacInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_GEN_MAC, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_GenerateMacInit( pSession ); /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list */ if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateMacUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_GEN_MAC ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_MAC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) { rv = ADDIN_CSM_GenerateMacUpdate( pSession, DataBufs, DataBufCount ); } /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_GenerateMacError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateMacFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, CSSM_DATA *Mac ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_GEN_MAC ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_MAC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the output buffers */ if ( ( rv = CSM_ValidateOutputBuffers( Mac, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_GenerateMacFinal( pSession, Mac ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_GenerateMacError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyMac ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *DataBufs, uint32 DataBufCount, const CSSM_DATA *Mac ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateInputBuffers( Mac, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { /* Create a temporary session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_VERIFY_MAC, &pSession ) ) == CSSM_OK ) { /* Call the CSP specific handler */ rv = ADDIN_CSM_VerifyMac( pSession, DataBufs, DataBufCount, Mac ); /* Tear down the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyMacInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_VERIFY_MAC, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyMacInit( pSession ); /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list */ if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyMacUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_VERIFY_MAC ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_MAC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputBuffers( DataBufs, DataBufCount, CSSM_TRUE ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyMacUpdate( pSession, DataBufs, DataBufCount ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_VerifyMacError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyMacFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *Mac ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_VERIFY_MAC ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_MAC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input buffers */ if ( ( rv = CSM_ValidateInputBuffers( Mac, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_VerifyMacFinal( pSession, Mac ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_VerifyMacError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_EncryptData ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *ClearBufs, uint32 ClearBufCount, CSSM_DATA *CipherBufs, uint32 CipherBufCount, uint32 *bytesEncrypted, CSSM_DATA *RemData, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ if ( port_IsBadWritePtr( bytesEncrypted, sizeof(*bytesEncrypted) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else if ( ( ( rv = CSM_ValidateInputBuffers( ClearBufs, ClearBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( CipherBufs, CipherBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( RemData, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_ENCRYPT, &pSession ) ) == CSSM_OK ) { rv = ADDIN_CSM_EncryptData( pSession, ClearBufs, ClearBufCount, CipherBufs, CipherBufCount, bytesEncrypted, RemData, Privilege ); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_EncryptDataInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_ENCRYPT, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_EncryptDataInit( pSession, Privilege ); /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list in error case */ if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_EncryptDataUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA *ClearBufs, uint32 ClearBufCount, CSSM_DATA *CipherBufs, uint32 CipherBufCount, uint32 *bytesEncrypted ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_ENCRYPT ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SYMMETRIC && pSession->pContext->ContextType != CSSM_ALGCLASS_ASYMMETRIC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input/output parameters */ if ( port_IsBadWritePtr( bytesEncrypted, sizeof(*bytesEncrypted) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else if ( ( ( rv = CSM_ValidateInputBuffers( ClearBufs, ClearBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( CipherBufs, CipherBufCount, CSSM_TRUE ) ) == CSSM_OK ) ) { rv = ADDIN_CSM_EncryptDataUpdate( pSession, ClearBufs, ClearBufCount, CipherBufs, CipherBufCount, bytesEncrypted ); } /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list for error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_EncryptDataError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagesSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_EncryptDataFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, CSSM_DATA *RemData ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_ENCRYPT ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SYMMETRIC && pSession->pContext->ContextType != CSSM_ALGCLASS_ASYMMETRIC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the output buffers */ if ( ( rv = CSM_ValidateOutputBuffers( RemData, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_EncryptDataFinal( pSession, RemData ); } /* Unlock the staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list for error case*/ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_EncryptDataError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DecryptData ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_DATA *CipherBufs, uint32 CipherBufCount, CSSM_DATA *ClearBufs, uint32 ClearBufCount, uint32 *bytesDecrypted, CSSM_DATA *RemData, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ if ( port_IsBadWritePtr( bytesDecrypted, sizeof(*bytesDecrypted) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else if ( ( ( rv = CSM_ValidateInputBuffers( CipherBufs, CipherBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( ClearBufs, ClearBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( RemData, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_DECRYPT, &pSession ) ) == CSSM_OK ) { rv = ADDIN_CSM_DecryptData( pSession, CipherBufs, CipherBufCount, ClearBufs, ClearBufCount, bytesDecrypted, RemData, Privilege ); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DecryptDataInit ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_CreateStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, CSPHandle, CCHandle, pContext, CSM_ST_DECRYPT, &pSession, &SessionLockRef ) ) == CSSM_OK ) { rv = ADDIN_CSM_DecryptDataInit( pSession, Privilege ); /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list for error case*/ if ( rv != CSSM_OK ) { CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_CreateStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DecryptDataUpdate ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_DATA* CipherBufs, uint32 CipherBufCount, CSSM_DATA *ClearBufs, uint32 ClearBufCount, uint32 *bytesDecrypted ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_DECRYPT ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SYMMETRIC && pSession->pContext->ContextType != CSSM_ALGCLASS_ASYMMETRIC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the input/output parameters */ if ( port_IsBadWritePtr( bytesDecrypted, sizeof(*bytesDecrypted) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } else if ( ( ( rv = CSM_ValidateInputBuffers( CipherBufs, CipherBufCount, CSSM_TRUE ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputBuffers( ClearBufs, ClearBufCount, CSSM_TRUE ) ) == CSSM_OK ) ) { rv = ADDIN_CSM_DecryptDataUpdate( pSession, CipherBufs, CipherBufCount, ClearBufs, ClearBufCount, bytesDecrypted ); } /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list for error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_DecryptDataError( pSession ); CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DecryptDataFinal ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, CSSM_DATA_PTR RemData ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; MLC_LOCK_REF SessionLockRef; #if (ADDIN_NEED_ATTACH_WRITER_LOCK == 0) const #endif ADDIN_ATTACH_DATA *pAttachData = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Fetch the current attach data */ pAttachData = Addin_GetAttachData(); assert( pAttachData ); /* Create a staged session */ if ( ( rv = CSM_FindStagedSession( &pAttachData->slSessions, CCHandle, MLC_WRITE_LOCK, &pSession, &SessionLockRef ) ) == CSSM_OK ) { /* Check to make sure the session type is valid */ if ( ( pSession->SessionType != CSM_ST_DECRYPT ) || ( pSession->pContext->ContextType != CSSM_ALGCLASS_SYMMETRIC && pSession->pContext->ContextType != CSSM_ALGCLASS_ASYMMETRIC ) ) { ERR( rv = CSSMERR_CSP_INVALID_CONTEXT ); CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); } else { /* Validate the output buffers */ if ( ( rv = CSM_ValidateOutputBuffers( RemData, 1, CSSM_FALSE ) ) == CSSM_OK ) { rv = ADDIN_CSM_DecryptDataFinal( pSession, RemData ); } /* Unlock staged session */ CSM_UnlockStagedSession( MLC_WRITE_LOCK, SessionLockRef ); /* Clean up the session list for error case */ if ( rv != CSSM_OK ) { /* Tell the service provider code to clear state */ ADDIN_CSM_DecryptDataError( pSession ); } /* We are done with the staged session */ CSM_DeleteStagedSession( (CSM_SESSION_LIST*)&pAttachData->slSessions, pSession ); } } /* CSM_FindStagedSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_QueryKeySizeInBits ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *Context, const CSSM_KEY *Key, CSSM_KEY_SIZE *KeySize ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; const CSSM_CONTEXT_ATTRIBUTE *pAttr = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the key source parameters */ if ( CCHandle != CSSM_INVALID_HANDLE ) { /* The CSSM must always make this true. * If not we've found a bug. */ assert( Context ); pAttr = CSM_GetContextAttribute( Context, CSSM_ATTRIBUTE_KEY ); if ( !pAttr ) { ERR( rv = CSSMERR_CSP_MISSING_ATTR_KEY ); } else { /* Redirect the local parameter value to the real key */ Key = pAttr->Attribute.Key; if ( Key == NULL ) { ERR( rv = CSSMERR_CSP_INVALID_ATTR_KEY ); } } } if ( rv == CSSM_OK ) { /* Validate output parameters */ if ( port_IsBadWritePtr( KeySize, sizeof(CSSM_KEY_SIZE) ) ) { ERR( rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER ); } /* Make sure the key (wherever it came from) is valid */ else if ( ( rv = CSM_ValidateInputKey( Key ) ) == CSSM_OK ) { /* Make sure that the key format is supported */ if ((rv = CSM_ValidateInputKeyFormat(Key)) == CSSM_OK) { /* Call user defined functionality */ rv = ADDIN_CSM_QueryKeySizeInBits( CSPHandle, CCHandle, Context, Key, KeySize ); } } } /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateKey ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, uint32 KeyUsage, uint32 KeyAttr, const CSSM_DATA *KeyLabel, const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, CSSM_KEY *Key, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( !CSM_IsValidKeyAttributes( KeyAttr ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEYATTR_MASK ); } else if ( !CSM_IsValidKeyReturnType( KeyAttr ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEY_FORMAT ); } /* Validate usage flags */ else if ( !CSM_IsValidKeyUsage( KeyUsage, CSM_VALID_SYMMETRIC_KEY_USES ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEYUSAGE_MASK ); } /* Validate label and output key structure */ else if ( ( ( KeyLabel != NULL ) && ( ( rv = CSM_ValidateInputBuffers( KeyLabel, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( ( KeyAttr & CSSM_KEYATTR_RETURN_NONE ) == 0 ) && ( ( rv = CSM_ValidateOutputKey( Key ) ) != CSSM_OK ) ) ) { /* Return code already set; do nothing */ ; } else { /* Create the CSM session */ if( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_KEYGEN, &pSession ) ) == CSSM_OK ) { /* Call the user defined functionality */ rv = ADDIN_CSM_GenerateKey( pSession, KeyUsage, KeyAttr, KeyLabel, CredAndAclEntry, Key, Privilege); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateKeyPair ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, uint32 PublicKeyUsage, uint32 PublicKeyAttr, const CSSM_DATA *PublicKeyLabel, CSSM_KEY *PublicKey, uint32 PrivateKeyUsage, uint32 PrivateKeyAttr, const CSSM_DATA *PrivateKeyLabel, const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, CSSM_KEY *PrivateKey, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( !CSM_IsValidKeyAttributes( PublicKeyAttr ) || !CSM_IsValidKeyAttributes( PrivateKeyAttr ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEYATTR_MASK ); } else if ( !CSM_IsValidKeyReturnType( PublicKeyAttr ) || !CSM_IsValidKeyReturnType( PrivateKeyAttr ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEY_FORMAT ); } /* Validate key usage flags */ else if ( !CSM_IsValidKeyUsage( PublicKeyUsage, CSM_VALID_PUBLIC_KEY_USES ) || !CSM_IsValidKeyUsage( PrivateKeyUsage, CSM_VALID_PRIVATE_KEY_USES ) ) { ERR( rv = CSSMERR_CSP_INVALID_KEYUSAGE_MASK ); } /* Validate key labels and output key structures */ else if ( ( ( PublicKeyLabel != NULL ) && ( ( rv = CSM_ValidateInputBuffers( PublicKeyLabel, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( ( PublicKeyAttr & CSSM_KEYATTR_RETURN_NONE ) == 0 ) && ( ( rv = CSM_ValidateOutputKey( PublicKey ) ) != CSSM_OK ) ) || ( ( PrivateKeyLabel != NULL ) && ( ( rv = CSM_ValidateInputBuffers( PrivateKeyLabel, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( ( PrivateKeyAttr & CSSM_KEYATTR_RETURN_NONE ) == 0 ) && ( ( rv = CSM_ValidateOutputKey( PrivateKey ) ) != CSSM_OK ) ) ) { /* Return code already set; do nothing */ ; } else { /* Create the CSM session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_KEYGEN, &pSession ) ) == CSSM_OK ) { /* Call the user defined functionality */ rv = ADDIN_CSM_GenerateKeyPair( pSession, PublicKeyUsage, PublicKeyAttr, PublicKeyLabel, PublicKey, PrivateKeyUsage, PrivateKeyAttr, PrivateKeyLabel, CredAndAclEntry, PrivateKey, Privilege ); CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateRandom ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, CSSM_DATA *RandomNumber ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameters */ if ( ( rv = CSM_ValidateOutputBuffers( RandomNumber, 1, CSSM_FALSE ) ) == CSSM_OK ) { /* Create a temporary session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_RANDOMGEN, &pSession ) ) == CSSM_OK ) { /* Call the CSP specific handler */ rv = ADDIN_CSM_GenerateRandom( pSession, RandomNumber ); /* Tear down the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GenerateAlgorithmParams ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, uint32 ParamBits, CSSM_DATA_PTR Param, uint32 *NumberOfUpdatedAttributes, CSSM_CONTEXT_ATTRIBUTE_PTR *UpdatedAttributes ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION_TYPE SessionType; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Check the non-user specified parameters using asserts. If an assert * is triggered, then we have found a bug in the CSSM. */ assert( !port_IsBadWritePtr( NumberOfUpdatedAttributes, sizeof(uint32) ) ); assert( !port_IsBadWritePtr( UpdatedAttributes, sizeof(CSSM_CONTEXT_ATTRIBUTE*) ) ); /* Validate the input parameters */ if ( ( Param != NULL ) && ( ( rv = CSM_ValidateInputBuffers( Param, 1, CSSM_FALSE ) ) != CSSM_OK ) ) { /* Return code already set; do nothing */ ; } else { /* Create the session for the operation */ if ( ( rv = CSM_GetSessionType( pContext->ContextType, CSSM_TRUE, /* Assume "Forward" operation */ &SessionType ) ) == CSSM_OK ) { if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, SessionType, &pSession ) ) == CSSM_OK ) { /* Call the user defined code */ rv = ADDIN_CSM_GenerateAlgorithmParams( pSession, ParamBits, Param, NumberOfUpdatedAttributes, UpdatedAttributes ); /* Delete the session for the operation */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* CSM_GetSessionType */ } /* Validation */ /* Clear Execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_WrapKey ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_KEY *Key, const CSSM_DATA *DescriptiveData, CSSM_WRAP_KEY *WrappedKey, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ if ( ( ( DescriptiveData != NULL ) && ( ( rv = CSM_ValidateInputBuffers( DescriptiveData, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( rv = CSM_ValidateInputKey( Key ) ) != CSSM_OK ) || ( ( rv = CSM_ValidateOutputKey( WrappedKey ) ) != CSSM_OK ) ) { /* Return code already set; do nothing */ ; } else { /* Create the CSM session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_WRAP, &pSession ) ) == CSSM_OK ) { /* Perform the wrap operation */ rv = ADDIN_CSM_WrapKey( pSession, AccessCred, Key, DescriptiveData, WrappedKey, Privilege ); /* Delete the CSM session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_UnwrapKey ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, const CSSM_KEY *PublicKey, const CSSM_WRAP_KEY *WrappedKey, uint32 KeyUsage, uint32 KeyAttr, const CSSM_DATA *KeyLabel, const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, CSSM_KEY *UnwrappedKey, CSSM_DATA *DescriptiveData, CSSM_PRIVILEGE Privilege ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ /* Input */ if ( ( ( KeyLabel != NULL ) && ( ( rv = CSM_ValidateInputBuffers( KeyLabel, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( PublicKey != NULL ) && ( ( rv = CSM_ValidateInputKey( PublicKey ) ) != CSSM_OK ) ) || ( ( rv = CSM_ValidateInputKey( WrappedKey ) ) != CSSM_OK ) || /* Output */ ( ( rv = CSM_ValidateOutputKey( UnwrappedKey ) ) != CSSM_OK ) || ( ( DescriptiveData != NULL ) && ( ( rv = CSM_ValidateOutputBuffers( DescriptiveData, 1, CSSM_FALSE ) ) != CSSM_OK ) ) ) { /* Return code is already set; do nothing */ ; } else if ( !CSM_IsValidKeyReturnType( KeyAttr ) ) { rv = CSSMERR_CSP_INVALID_KEY_FORMAT; } else if ( !CSM_IsValidKeyUsage( KeyUsage, CSM_VALID_SYMMETRIC_KEY_USES ) ) { rv = CSSMERR_CSP_INVALID_KEYUSAGE_MASK; } else { /* Create the CSM session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_UNWRAP, &pSession ) ) == CSSM_OK ) { /* Perform the unwrap operation */ rv = ADDIN_CSM_UnwrapKey( pSession, PublicKey, WrappedKey, KeyUsage, KeyAttr, KeyLabel, CredAndAclEntry, UnwrappedKey, DescriptiveData, Privilege ); /* Delete the CSM session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Cancel execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_DeriveKey ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, CSSM_DATA *Param, uint32 KeyUsage, uint32 KeyAttr, const CSSM_DATA *KeyLabel, const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, CSSM_KEY *DerivedKey ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ if ( !CSM_IsValidKeyUsage( KeyUsage, CSM_VALID_SYMMETRIC_KEY_USES ) ) { rv = CSSMERR_CSP_INVALID_KEYUSAGE_MASK; } else if ( !CSM_IsValidKeyReturnType( KeyAttr ) ) { rv = CSSMERR_CSP_INVALID_KEY_FORMAT; } else if ( !DerivedKey ) { rv = CSSMERR_CSP_INVALID_KEY_POINTER; } else if ( ( ( Param != NULL ) && ( ( rv = CSM_ValidateInputBuffers( Param, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( KeyLabel != NULL ) && ( ( rv = CSM_ValidateInputBuffers( KeyLabel, 1, CSSM_FALSE ) ) != CSSM_OK ) ) || ( ( pContext->AlgorithmType != CSSM_ALGID_SSL3KeyAndMacDerive) && ( ( KeyAttr & CSSM_KEYATTR_RETURN_NONE ) == 0 ) && ( ( rv = CSM_ValidateOutputKey( DerivedKey ) ) != CSSM_OK ) ) || ( ( pContext->AlgorithmType != CSSM_ALGID_SSL3KeyAndMacDerive) && ( ( rv = CSM_ValidateOutputKey( DerivedKey ) ) != CSSM_OK ) ) ) { /* Return code is already set; do nothing */ ; } else { /* Create the CSM session */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_DERIVE, &pSession ) ) == CSSM_OK ) { /* Call the custom functionality */ rv = ADDIN_CSM_DeriveKey( pSession, Param, KeyUsage, KeyAttr, KeyLabel, CredAndAclEntry, DerivedKey ); /* Delete the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_FreeKey ( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, CSSM_KEY *KeyPtr, CSSM_BOOL Delete ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate input parameters */ if ( ( rv = CSM_ValidateInputKey( KeyPtr ) ) == CSSM_OK ) { /* Call the custom functionality */ rv = ADDIN_CSM_FreeKey( CSPHandle, AccessCred, KeyPtr, Delete ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_PassThrough ( CSSM_CSP_HANDLE CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *pContext, uint32 PassThroughId, const void *InData, void **OutData ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; CSM_SESSION *pSession = NULL; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Create a passthrough context */ if ( ( rv = CSM_CreateSession( CSPHandle, CCHandle, pContext, CSM_ST_CUSTOM, &pSession ) ) == CSSM_OK ) { /* Call custom functionality */ rv = ADDIN_CSM_PassThrough( pSession, PassThroughId, InData, OutData ); /* Delete the session */ CSM_DeleteSession( pSession ); } /* CSM_CreateSession */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_Login ( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_DATA *LoginName, const void *Reserved ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( LoginName == NULL ) || ( ( rv = CSM_ValidateInputBuffers( LoginName, 1, CSSM_FALSE ) ) == CSSM_OK ) ) { rv = ADDIN_CSM_Login( CSPHandle, AccessCred, LoginName, Reserved ); } /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ return rv; } CSSM_RETURN CSSMAPI CSM_Logout ( CSSM_CSP_HANDLE CSPHandle ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Call service provider functionality */ rv = ADDIN_CSM_Logout( CSPHandle ); /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_ChangeLoginAcl( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_ACL_EDIT *AclEdit ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_ChangeLoginAcl( CSPHandle, AccessCred, AclEdit ); /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ return rv; } CSSM_RETURN CSSMAPI CSM_ObtainPrivateKeyFromPublicKey( CSSM_CSP_HANDLE CSPHandle, const CSSM_KEY *PublicKey, CSSM_KEY *PrivateKey ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate input/output parameters */ if ( ( ( rv = CSM_ValidateInputKey( PublicKey ) ) == CSSM_OK ) && ( ( rv = CSM_ValidateOutputKey( PrivateKey ) ) == CSSM_OK ) ) { /* Call the user defined functionality */ rv = ADDIN_CSM_ObtainPrivateKeyFromPublicKey( CSPHandle, PublicKey, PrivateKey ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_RetrieveUniqueId ( CSSM_CSP_HANDLE CSPHandle, CSSM_DATA *UniqueID ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameter */ if ( ( rv = CSM_ValidateOutputBuffers( UniqueID, 1, CSSM_FALSE ) ) == CSSM_OK ) { /* Call the custom functionality */ rv = ADDIN_CSM_RetrieveUniqueId( CSPHandle, UniqueID ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_RetrieveCounter ( CSSM_CSP_HANDLE CSPHandle, CSSM_DATA *Counter ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameter */ if ( ( rv = CSM_ValidateOutputBuffers( Counter, 1, CSSM_FALSE ) ) == CSSM_OK ) { /* Call the custom functionality */ rv = ADDIN_CSM_RetrieveCounter( CSPHandle, Counter ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_VerifyDevice ( CSSM_CSP_HANDLE CSPHandle, const CSSM_DATA *DeviceCert ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Perform a self-check */ if ( ( rv = Addin_SelfCheck() ) == CSSM_OK ) { /* Validate the input data */ if ( ( DeviceCert != NULL ) && ( ( rv = CSM_ValidateInputBuffers( DeviceCert, 1, CSSM_FALSE ) ) != CSSM_OK ) ) { /* Return code is already set; do nothing */ ; } else { /* Call the user validation */ rv = ADDIN_CSM_VerifyDevice( CSPHandle, DeviceCert ); } /* Validation */ } /* Addin_SelfCheck */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GetTimeValue ( CSSM_CSP_HANDLE CSPHandle, CSSM_ALGORITHMS TimeAlgorithm, CSSM_DATA *TimeData ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameters */ if ( ( rv = CSM_ValidateOutputBuffers( TimeData, 1, CSSM_FALSE ) ) == CSSM_OK ) { /* Call the custom functionality */ rv = ADDIN_CSM_GetTimeValue( CSPHandle, TimeAlgorithm, TimeData ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ return rv; } CSSM_RETURN CSSMAPI CSM_GetOperationalStatistics( CSSM_CSP_HANDLE CSPHandle, CSSM_CSP_OPERATIONAL_STATISTICS *Statistics ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( port_IsBadWritePtr( Statistics, sizeof(CSSM_CSP_OPERATIONAL_STATISTICS) ) == CSSM_TRUE ) { rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER; } else { rv = ADDIN_CSM_GetOperationalStatistics( CSPHandle, Statistics ); } /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GetLoginAcl( CSSM_CSP_HANDLE CSPHandle, const CSSM_STRING *SelectionTag, uint32 *NumberOfAclInfos, CSSM_ACL_ENTRY_INFO_PTR *AclInfos ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameters */ if ( port_IsBadWritePtr( AclInfos, sizeof(CSSM_ACL_ENTRY_INFO_PTR) ) || port_IsBadWritePtr( NumberOfAclInfos, sizeof(uint32) ) ) { rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER; } /* Validate the input parameters */ else if ( ( SelectionTag != NULL ) && port_IsBadReadPtr( SelectionTag, sizeof(CSSM_STRING) ) ) { rv = CSSMERR_CSP_INVALID_INPUT_POINTER; } else { /* Call the user defined SPI handler */ rv = ADDIN_CSM_GetLoginAcl( CSPHandle, SelectionTag, NumberOfAclInfos, AclInfos ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GetKeyAcl( CSSM_CSP_HANDLE CSPHandle, const CSSM_KEY *Key, const CSSM_STRING *SelectionTag, uint32 *NumberOfAclInfos, CSSM_ACL_ENTRY_INFO_PTR *AclInfos ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the output parameters */ if ( port_IsBadWritePtr( AclInfos, sizeof(CSSM_ACL_ENTRY_INFO_PTR) ) || port_IsBadWritePtr( NumberOfAclInfos, sizeof(uint32) ) ) { rv = CSSMERR_CSP_INVALID_OUTPUT_POINTER; } /* Validate the input parameters */ else if ( ( SelectionTag != NULL ) && port_IsBadReadPtr( SelectionTag, sizeof(CSSM_STRING) ) ) { rv = CSSMERR_CSP_INVALID_INPUT_POINTER; } else if ( ( rv = CSM_ValidateInputKey( Key ) ) == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_GetKeyAcl( CSPHandle, Key, SelectionTag, NumberOfAclInfos, AclInfos ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_ChangeKeyAcl( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_ACL_EDIT *AclEdit, const CSSM_KEY *Key ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputKey( Key ) ) == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_ChangeKeyAcl( CSPHandle, AccessCred, AclEdit, Key ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ return rv; } CSSM_RETURN CSSMAPI CSM_GetKeyOwner( CSSM_CSP_HANDLE CSPHandle, const CSSM_KEY *Key, CSSM_ACL_OWNER_PROTOTYPE_PTR Owner ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input/output parameters */ if ( ( rv = CSM_ValidateInputKey( Key ) ) == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_GetKeyOwner( CSPHandle, Key, Owner ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_ChangeKeyOwner( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_KEY *Key, const CSSM_ACL_OWNER_PROTOTYPE *NewOwner ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Validate the input parameters */ if ( ( rv = CSM_ValidateInputKey( Key ) ) == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_ChangeKeyOwner( CSPHandle, AccessCred, Key, NewOwner ); } /* Validation */ /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; } CSSM_RETURN CSSMAPI CSM_GetLoginOwner( CSSM_CSP_HANDLE CSPHandle, CSSM_ACL_OWNER_PROTOTYPE_PTR Owner ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_GetLoginOwner( CSPHandle, Owner ); /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ return rv; } CSSM_RETURN CSSMAPI CSM_ChangeLoginOwner( CSSM_CSP_HANDLE CSPHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_ACL_OWNER_PROTOTYPE *NewOwner ) { CSSM_RETURN rv; MLC_LOCK_REF LockRef; /* Setup the current execution context */ ADDIN_SPI_BEGIN( rv, CSPHandle, LockRef ); if ( rv == CSSM_OK ) { /* Call the user defined SPI handler */ rv = ADDIN_CSM_ChangeLoginOwner( CSPHandle, AccessCred, NewOwner ); /* Clear execution context */ Addin_SPIEnd( LockRef ); } /* Addin_SPIBegin */ MASSAGE_ERROR_CODE( rv ); ASSERT_VALID_ERROR_CODE( rv ); return rv; }