506966 - NSS does not support CKR_PIN_LOCKED from C_Login

Status: RESOLVED FIXED

(NSS :: Libraries, enhancement)

Description

[Martin Paljak]

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; et-ee) AppleWebKit/530.19.2 (KHTML, like Gecko) Version/4.0.2 Safari/530.19
Build Identifier: 

NSS translates CKR_PIN_LOCKED to a generic NSS return code for Firefox and Firefox can not react on the locked state. A new return code should be returned so that Firefox could display a information window.

Reproducible: Always

Comment 1

[Nelson Bolyard (seldom reads bugmail)]

Bob, I suggested this RFE.  
It certainly is reasonable for an application to stop asking for a password
and instead say "you cannot login to this token because it is locked".

Comment 2

[Robert Relyea]

This is clearly a pre-req for Firefox do present some useful message in this as well.

bob

Comment 3

[Pierre Ossman]

Attachment: nss-3.12.4-pk11locked.patch

We need this as well for our use of NSS. Attached is a patch that makes sure the error code is propagated back to the app.

Comment 4

[Kai Engert (:KaiE:)]

Comment on attachment 412200 [details] [diff] [review]
nss-3.12.4-pk11locked.patch

Bob should probably review this patch, and a NSS engineer should check it in (if r+'ed)

Comment 5

[Robert Relyea]

Comment on attachment 412200 [details] [diff] [review]
nss-3.12.4-pk11locked.patch

r+ rrelyea

Comment 6

[Kai Engert (:KaiE:)]

thanks for your contribution, checked in


Checking in pk11wrap/pk11err.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11err.c,v  <--  pk11err.c
new revision: 1.11; previous revision: 1.10
done
Checking in util/secerr.h;
/cvsroot/mozilla/security/nss/lib/util/secerr.h,v  <--  secerr.h
new revision: 1.26; previous revision: 1.25
done