summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/softoken/fipstokn.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/softoken/fipstokn.c')
-rw-r--r--security/nss/lib/softoken/fipstokn.c33
1 files changed, 8 insertions, 25 deletions
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
index ca7d7998a..fd4fd4207 100644
--- a/security/nss/lib/softoken/fipstokn.c
+++ b/security/nss/lib/softoken/fipstokn.c
@@ -540,10 +540,7 @@ FC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
crv = NSC_GetTokenInfo(slotID, pInfo);
if (crv == CKR_OK) {
- /* use the global database to figure out if we are running in
- * FIPS 140 Level 1 or Level 2 */
- if (slotID == FIPS_SLOT_ID &&
- (pInfo->flags & CKF_LOGIN_REQUIRED) == 0) {
+ if ((pInfo->flags & CKF_LOGIN_REQUIRED) == 0) {
isLevel2 = PR_FALSE;
}
}
@@ -619,8 +616,7 @@ FC_InitPIN(CK_SESSION_HANDLE hSession,
* we need to make sure the pin meets FIPS requirements */
if ((ulPinLen == 0) || ((rv = sftk_newPinCheck(pPin, ulPinLen)) == CKR_OK)) {
rv = NSC_InitPIN(hSession, pPin, ulPinLen);
- if ((rv == CKR_OK) &&
- (sftk_SlotIDFromSessionHandle(hSession) == FIPS_SLOT_ID)) {
+ if (rv == CKR_OK) {
isLevel2 = (ulPinLen > 0) ? PR_TRUE : PR_FALSE;
}
}
@@ -648,8 +644,7 @@ FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
if ((rv = sftk_fipsCheck()) == CKR_OK &&
(rv = sftk_newPinCheck(pNewPin, usNewLen)) == CKR_OK) {
rv = NSC_SetPIN(hSession, pOldPin, usOldLen, pNewPin, usNewLen);
- if ((rv == CKR_OK) &&
- (sftk_SlotIDFromSessionHandle(hSession) == FIPS_SLOT_ID)) {
+ if (rv == CKR_OK) {
/* if we set the password in level1 we now go
* to level2. NOTE: we don't allow the user to
* go from level2 to level1 */
@@ -710,23 +705,11 @@ FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
rv = NSC_GetSessionInfo(hSession, pInfo);
if (rv == CKR_OK) {
- /* handle the case where the auxilary slot doesn't require login.
- * piggy back on the main token's login state */
- if (isLoggedIn &&
- ((pInfo->state == CKS_RO_PUBLIC_SESSION) ||
- (pInfo->state == CKS_RW_PUBLIC_SESSION))) {
- CK_RV crv;
- CK_TOKEN_INFO tInfo;
- crv = NSC_GetTokenInfo(sftk_SlotIDFromSessionHandle(hSession),
- &tInfo);
- /* if the token doesn't login, use our global login state */
- if ((crv == CKR_OK) && ((tInfo.flags & CKF_LOGIN_REQUIRED) == 0)) {
- if (pInfo->state == CKS_RO_PUBLIC_SESSION) {
- pInfo->state = CKS_RO_USER_FUNCTIONS;
- } else {
- pInfo->state = CKS_RW_USER_FUNCTIONS;
- }
- }
+ if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
+ pInfo->state = CKS_RO_USER_FUNCTIONS;
+ }
+ if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
+ pInfo->state = CKS_RW_USER_FUNCTIONS;
}
}
return rv;