--- jss-4.2.6.org/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2011-02-21 15:19:55.728600000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2011-02-21 16:05:40.686598000 -0800
@@ -94,11 +94,20 @@ JSS_PK11_wrapPK11Token(JNIEnv *env, PK11
jobject Token=NULL;
jboolean internal;
jboolean keyStorage;
+ PK11SlotInfo *pk11slot;
PR_ASSERT(env!=NULL && slot!=NULL && *slot!=NULL);
- internal = (*slot == PK11_GetInternalSlot());
- keyStorage = (*slot == PK11_GetInternalKeySlot());
+ pk11slot = PK11_GetInternalSlot();
+ internal = (*slot == pk11slot);
+ if (pk11slot) {
+ PK11_FreeSlot(pk11slot);
+ }
+ pk11slot = PK11_GetInternalKeySlot();
+ keyStorage = (*slot == pk11slot);
+ if (pk11slot) {
+ PK11_FreeSlot(pk11slot);
+ }
byteArray = JSS_ptrToByteArray(env, (void*)*slot);
@@ -461,6 +470,7 @@ JNIEXPORT jboolean JNICALL Java_org_mozi
(JNIEnv *env, jobject this)
{
PK11SlotInfo *slot=NULL;
+ PK11SlotInfo *pk11slot=NULL;
jboolean initable=JNI_FALSE;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -475,7 +485,8 @@ JNIEXPORT jboolean JNICALL Java_org_mozi
}
PR_ASSERT(slot!=NULL);
- if(slot != PK11_GetInternalKeySlot()) {
+ pk11slot = PK11_GetInternalKeySlot();
+ if(slot != pk11slot) {
/* We don't know about other tokens */
initable = JNI_TRUE;
} else {
@@ -487,6 +498,9 @@ JNIEXPORT jboolean JNICALL Java_org_mozi
initable = JNI_FALSE;
}
}
+ if (pk11slot) {
+ PK11_FreeSlot(pk11slot);
+ }
finish:
return initable;
@@ -501,6 +515,7 @@ JNIEXPORT void JNICALL Java_org_mozilla_
(JNIEnv *env, jobject this, jbyteArray ssopw, jbyteArray userpw)
{
PK11SlotInfo *slot=NULL;
+ PK11SlotInfo *pk11slot=NULL;
char *szSsopw=NULL, *szUserpw=NULL;
jboolean ssoIsCopy, userIsCopy;
SECStatus initResult;
@@ -524,7 +539,8 @@ JNIEXPORT void JNICALL Java_org_mozilla_
* If we're on the internal module, make sure we can still be
* initialized.
*/
- if(slot == PK11_GetInternalKeySlot() && !PK11_NeedUserInit(slot)) {
+ pk11slot = PK11_GetInternalKeySlot();
+ if(slot == pk11slot && !PK11_NeedUserInit(slot)) {
JSS_nativeThrowMsg(env, ALREADY_INITIALIZED_EXCEPTION,
"Netscape Internal Key Token is already initialized");
goto finish;
@@ -561,6 +577,9 @@ finish:
/*
* Free native objects
*/
+ if (pk11slot) {
+ PK11_FreeSlot(pk11slot);
+ }
if(szSsopw) {
if(ssoIsCopy) {
JSS_wipeCharArray(szSsopw);
@@ -590,6 +609,7 @@ Java_org_mozilla_jss_pkcs11_PK11Token_pa
(JNIEnv *env, jobject this)
{
PK11SlotInfo *slot=NULL;
+ PK11SlotInfo *pk11slot=NULL;
jboolean isInitialized = JNI_FALSE;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -603,12 +623,16 @@ Java_org_mozilla_jss_pkcs11_PK11Token_pa
}
PR_ASSERT(slot != NULL);
- if(slot == PK11_GetInternalKeySlot()) {
+ pk11slot = PK11_GetInternalKeySlot();
+ if(slot == pk11slot) {
/* special case for our Key slot */
isInitialized = ! PK11_NeedPWInit();
} else {
isInitialized = ! PK11_NeedUserInit(slot);
}
+ if (pk11slot) {
+ PK11_FreeSlot(pk11slot);
+ }
finish:
return isInitialized;
--- jss-4.2.6.org/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2011-02-21 15:19:55.746599000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2011-02-21 15:53:37.453599000 -0800
@@ -183,6 +183,8 @@ Java_org_mozilla_jss_pkcs11_PK11PubKey_v
SECKEYPublicKey *key = NULL;
PK11SlotInfo *slot = NULL;
PK11SlotInfo *keySlot = NULL;
+ PK11SlotInfo *pk11KeySlot = NULL;
+ PK11SlotInfo *internalSlot = NULL;
pThread = PR_AttachThread(PR_SYSTEM_THREAD, 0, NULL);
PR_ASSERT(pThread != NULL);
@@ -202,9 +204,11 @@ Java_org_mozilla_jss_pkcs11_PK11PubKey_v
#else
keySlot = PK11_ReferenceSlot(key->pkcs11Slot);
#endif
- if(keySlot == PK11_GetInternalKeySlot()) {
+ pk11KeySlot = PK11_GetInternalKeySlot();
+ if(keySlot == pk11KeySlot) {
/* hack for internal module */
- if(slot != keySlot && slot != PK11_GetInternalSlot()) {
+ internalSlot = PK11_GetInternalSlot();
+ if(slot != keySlot && slot != internalSlot) {
JSS_throwMsg(env, NO_SUCH_ITEM_ON_TOKEN_EXCEPTION,
"Key is not present on this token");
goto finish;
@@ -216,6 +220,12 @@ Java_org_mozilla_jss_pkcs11_PK11PubKey_v
}
finish:
+ if(internalSlot != NULL) {
+ PK11_FreeSlot(internalSlot);
+ }
+ if(pk11KeySlot != NULL) {
+ PK11_FreeSlot(pk11KeySlot);
+ }
if(keySlot != NULL) {
PK11_FreeSlot(keySlot);
}
--- jss-4.2.6.org/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-02-21 15:19:55.792599000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-02-21 14:44:18.202598000 -0800
@@ -245,6 +245,7 @@ constructSHA1PBAKey(JNIEnv *env, SECItem
PBEBitGenContext* pbeCtxt=NULL;
SECItem *keyBits=NULL;
PK11SymKey *key=NULL;
+ PK11SlotInfo *slot=NULL;
pbeCtxt = PBE_CreateContext( SEC_OID_SHA1, pbeBitGenIntegrityKey,
pwitem, salt, 160 /* SHA1 key length */, iterationCount);
@@ -260,8 +261,12 @@ constructSHA1PBAKey(JNIEnv *env, SECItem
goto finish;
}
- key = PK11_ImportSymKey( PK11_GetInternalSlot(), CKM_SHA_1,
+ slot = PK11_GetInternalSlot();
+ key = PK11_ImportSymKey( slot, CKM_SHA_1,
PK11_OriginGenerated, CKA_SIGN, keyBits, NULL);
+ if (slot != NULL) {
+ PK11_FreeSlot(slot);
+ }
if( key == NULL ) {
JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to import PBA key from"
" PBA-generated bits");