Open
Bug 339278
Opened 18 years ago
Updated 2 years ago
NSC_OpenSession should return CKR_SESSION_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set.
Categories
(NSS :: Libraries, defect, P4)
Tracking
(Not tracked)
NEW
People
(Reporter: wtc, Unassigned)
Details
Right now NSC_OpenSession sets the CKF_SERIAL_SESSION bit flag for the caller if the bit is not set. PKCS #11 v2.20 says that if a call to C_OpenSession does not have the CKF_SERIAL_SESSION bit set, the call should return unsuccessfully with the error code CKR_PARALLEL_NOT_SUPPORTED.
|
Reporter | |
Comment 1•18 years ago
|
||
Some more info.
1. The error code should be CKR_SESSION_PARALLEL_NOT_SUPPORTED.
CKR_PARALLEL_NOT_SUPPORTED is a typo.
2. I believe all the ckfw-based tokens do this correctly. See
lib/ckfw/wrap.c, function NSSCKFWC_OpenSession:
if( flags & CKF_SERIAL_SESSION ) {
;
} else {
error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
goto loser;
}
...
loser:
switch( error ) {
case CKR_SESSION_CLOSED:
/* destroy session? */
break;
case CKR_DEVICE_REMOVED:
/* (void)nssCKFWToken_Destroy(fwToken); */
break;
case CKR_CRYPTOKI_NOT_INITIALIZED:
case CKR_DEVICE_ERROR:
case CKR_DEVICE_MEMORY:
case CKR_FUNCTION_FAILED:
case CKR_GENERAL_ERROR:
case CKR_HOST_MEMORY:
case CKR_SESSION_COUNT:
case CKR_SESSION_EXISTS:
case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
case CKR_SESSION_READ_WRITE_SO_EXISTS:
case CKR_SLOT_ID_INVALID:
case CKR_TOKEN_NOT_PRESENT:
case CKR_TOKEN_NOT_RECOGNIZED:
case CKR_TOKEN_WRITE_PROTECTED:
break;
default:
case CKR_OK:
error = CKR_GENERAL_ERROR;
break;
}
return error;Summary: NSC_OpenSession should return CKR_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set. → NSC_OpenSession should return CKR_SESSION_PARALLEL_NOT_SUPPORTED if the CKF_SERIAL_SESSION bit flag is not set.
|
||
Updated•18 years ago
|
Priority: -- → P4
|
||
Updated•2 years ago
|
Severity: trivial → S4
You need to log in
before you can comment on or make changes to this bug.
Description
•