Open
Bug 339278
Opened 18 years ago
Updated 2 years ago
NSC_OpenSession should return CKR_SESSION_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set.
Categories
(NSS :: Libraries, defect, P4)
Tracking
(Not tracked)
NEW
People
(Reporter: wtc, Unassigned)
Details
Right now NSC_OpenSession sets the CKF_SERIAL_SESSION bit flag for the caller if the bit is not set. PKCS #11 v2.20 says that if a call to C_OpenSession does not have the CKF_SERIAL_SESSION bit set, the call should return unsuccessfully with the error code CKR_PARALLEL_NOT_SUPPORTED.
Reporter | ||
Comment 1•18 years ago
|
||
Some more info. 1. The error code should be CKR_SESSION_PARALLEL_NOT_SUPPORTED. CKR_PARALLEL_NOT_SUPPORTED is a typo. 2. I believe all the ckfw-based tokens do this correctly. See lib/ckfw/wrap.c, function NSSCKFWC_OpenSession: if( flags & CKF_SERIAL_SESSION ) { ; } else { error = CKR_SESSION_PARALLEL_NOT_SUPPORTED; goto loser; } ... loser: switch( error ) { case CKR_SESSION_CLOSED: /* destroy session? */ break; case CKR_DEVICE_REMOVED: /* (void)nssCKFWToken_Destroy(fwToken); */ break; case CKR_CRYPTOKI_NOT_INITIALIZED: case CKR_DEVICE_ERROR: case CKR_DEVICE_MEMORY: case CKR_FUNCTION_FAILED: case CKR_GENERAL_ERROR: case CKR_HOST_MEMORY: case CKR_SESSION_COUNT: case CKR_SESSION_EXISTS: case CKR_SESSION_PARALLEL_NOT_SUPPORTED: case CKR_SESSION_READ_WRITE_SO_EXISTS: case CKR_SLOT_ID_INVALID: case CKR_TOKEN_NOT_PRESENT: case CKR_TOKEN_NOT_RECOGNIZED: case CKR_TOKEN_WRITE_PROTECTED: break; default: case CKR_OK: error = CKR_GENERAL_ERROR; break; } return error;
Summary: NSC_OpenSession should return CKR_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set. → NSC_OpenSession should return CKR_SESSION_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set.
Updated•18 years ago
|
Priority: -- → P4
Updated•2 years ago
|
Severity: trivial → S4
You need to log in
before you can comment on or make changes to this bug.
Description
•