pk11err.c (5700B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* 5 * this file maps PKCS11 Errors into SECErrors 6 * This is an information reducing process, since most errors are reflected 7 * back to the user (the user doesn't care about invalid flags, or active 8 * operations). If any of these errors need more detail in the upper layers 9 * which call PK11 library functions, we can add more SEC_ERROR_XXX functions 10 * and change there mappings here. 11 * 12 * Some PKCS11 errors are mapped to SEC_ERROR_LIBRARY_FAILURE intentionally 13 * because they indicate that there is a bug in the library (either NSS or 14 * the token). 15 */ 16 #include "pkcs11t.h" 17 #include "pk11func.h" 18 #include "secerr.h" 19 #include "prerror.h" 20 21 #ifdef PK11_ERROR_USE_ARRAY 22 23 /* 24 * build a static array of entries... 25 */ 26 static struct { 27 CK_RV pk11_error; 28 int sec_error; 29 } pk11_error_map = { 30 #define MAPERROR(x, y) { x, y }, 31 32 #else 33 34 /* the default is to use a big switch statement */ 35 int 36 PK11_MapError(CK_RV rv) 37 { 38 39 switch (rv) { 40 #define MAPERROR(x, y) \ 41 case x: \ 42 return y; 43 44 #endif 45 46 /* the guts mapping */ 47 /* clang-format off */ 48 MAPERROR(CKR_OK, 0) 49 MAPERROR(CKR_CANCEL, SEC_ERROR_IO) 50 MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY) 51 MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA) 52 MAPERROR(CKR_ARGUMENTS_BAD, SEC_ERROR_INVALID_ARGS) 53 MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY) 54 MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */ 55 MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA) 56 MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA) 57 MAPERROR(CKR_BUFFER_TOO_SMALL, SEC_ERROR_OUTPUT_LEN) 58 MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA) 59 MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_INPUT_LEN) 60 MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_PKCS11_DEVICE_ERROR) 61 MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY) 62 MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN) 63 MAPERROR(CKR_DOMAIN_PARAMS_INVALID, SEC_ERROR_INVALID_KEY) 64 MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA) 65 MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA) 66 MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE) 67 MAPERROR(CKR_FUNCTION_FAILED, SEC_ERROR_PKCS11_FUNCTION_FAILED) 68 MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE) 69 MAPERROR(CKR_FUNCTION_NOT_SUPPORTED, PR_NOT_IMPLEMENTED_ERROR) 70 MAPERROR(CKR_GENERAL_ERROR, SEC_ERROR_PKCS11_GENERAL_ERROR) 71 MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY) 72 MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY) 73 MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY) 74 MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_INVALID_ALGORITHM) 75 MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA) 76 MAPERROR(CKR_NO_EVENT, SEC_ERROR_NO_EVENT) 77 MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA) 78 MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE) 79 MAPERROR(CKR_OPERATION_NOT_INITIALIZED, SEC_ERROR_LIBRARY_FAILURE) 80 MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD) 81 MAPERROR(CKR_PIN_INVALID, SEC_ERROR_INVALID_PASSWORD) 82 MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_INVALID_PASSWORD) 83 MAPERROR(CKR_PIN_EXPIRED, SEC_ERROR_EXPIRED_PASSWORD) 84 MAPERROR(CKR_PIN_LOCKED, SEC_ERROR_LOCKED_PASSWORD) 85 MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE) 86 MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */ 87 MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA) 88 MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE) 89 MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_READ_ONLY) 90 MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE) 91 MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE) 92 MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA) 93 MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA) 94 MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN) 95 MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO) 96 MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY) 97 MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY) 98 MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY) 99 MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY) 100 MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0) 101 MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_TOKEN_NOT_LOGGED_IN) 102 MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN) 103 MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE) 104 MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY) 105 MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY) 106 MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY) 107 MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY) 108 MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY) 109 MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE) 110 MAPERROR(CKR_NSS_CERTDB_FAILED, SEC_ERROR_BAD_DATABASE) 111 MAPERROR(CKR_NSS_KEYDB_FAILED, SEC_ERROR_BAD_DATABASE) 112 MAPERROR(CKR_CANT_LOCK, SEC_ERROR_INCOMPATIBLE_PKCS11) 113 /* clang-format on */ 114 115 #ifdef PK11_ERROR_USE_ARRAY 116 }; 117 118 int 119 PK11_MapError(CK_RV rv) 120 { 121 int size = sizeof(pk11_error_map) / sizeof(pk11_error_map[0]); 122 123 for (i = 0; i < size; i++) { 124 if (pk11_error_map[i].pk11_error == rv) { 125 return pk11_error_map[i].sec_error; 126 } 127 } 128 return SEC_ERROR_UNKNOWN_PKCS11_ERROR; 129 } 130 131 #else 132 133 /* clang-format off */ 134 default : 135 break; 136 /* clang-format on */ 137 } 138 return SEC_ERROR_UNKNOWN_PKCS11_ERROR; 139 } 140 141 #endif