d795e80599
- ocki-3.5-icsf-reasoncode72-support.patch - ocki-3.5-icsf-coverity-memoryleakfix.patch - ocki-3.5-downgrade-syslogerror.patch - ocki-3.5-icsf-sessionhandle-missing-fix.patch - ocki-3.5-icsf-reasoncode-2028-added.patch - ocki-3.5-added-NULLreturn-check.patch OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=37
419 lines
15 KiB
Diff
419 lines
15 KiB
Diff
commit 2d03c609981cd3bf5cefb7d3188878f68b33f722
|
|
Author: Vineetha Pai <vpishar@us.ibm.com>
|
|
Date: Tue Jun 21 16:43:53 2016 -0400
|
|
|
|
Fix for session handle not set in session issue.
|
|
bz142186
|
|
icsf token uses the session handle for a session as the session_id in
|
|
its own internal session state structure. The session handle is an
|
|
index into the session btree and is not set in the SESSION structure
|
|
after a new session is created. This causes session_handle to be always 0 and
|
|
session_id to be always set to 0, causing issues when multiple sessions are active.
|
|
This affects icsf token as it stores and uses session handle internally
|
|
unlike other tokens. This patch sets the session handle into the session
|
|
structure for all SC_API calls.
|
|
Signed-off-by: Vineetha Pai <vpishar@us.ibm.com>
|
|
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/new_host.c b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
index 4923a77..9863d52 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
@@ -703,6 +703,9 @@ CK_RV SC_InitPIN(ST_SESSION_HANDLE *sSession, CK_CHAR_PTR pPin,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle here as handle is never set into session during creation
|
|
+ sess->handle = sSession->sessionh;
|
|
+
|
|
if (pin_locked(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_LOCKED));
|
|
rc = CKR_PIN_LOCKED;
|
|
@@ -746,6 +749,9 @@ CK_RV SC_SetPIN(ST_SESSION_HANDLE *sSession, CK_CHAR_PTR pOldPin,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle here as handle is never set into session during creation
|
|
+ sess->handle = sSession->sessionh;
|
|
+
|
|
if (pin_locked(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_LOCKED));
|
|
@@ -807,6 +813,7 @@ CK_RV SC_OpenSession(CK_SLOT_ID sid, CK_FLAGS flags,
|
|
}
|
|
|
|
sess = session_mgr_find(*phSession);
|
|
+ sess->handle = *phSession;
|
|
rc = icsftok_open_session(sess);
|
|
done:
|
|
if (locked)
|
|
@@ -828,6 +835,8 @@ CK_RV SC_CloseSession(ST_SESSION_HANDLE *sSession)
|
|
}
|
|
|
|
sess = session_mgr_find(sSession->sessionh);
|
|
+ //set the handle here as handle is never set into session during creation
|
|
+ sess->handle = sSession->sessionh;
|
|
rc = icsftok_close_session(sess);
|
|
if (rc)
|
|
goto done;
|
|
@@ -923,6 +932,8 @@ CK_RV SC_GetOperationState(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = session_mgr_get_op_state(sess, length_only, pOperationState,
|
|
pulOperationStateLen);
|
|
@@ -962,6 +973,8 @@ CK_RV SC_SetOperationState(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = session_mgr_set_op_state(sess, hEncryptionKey, hAuthenticationKey,
|
|
pOperationState, ulOperationStateLen);
|
|
@@ -1000,6 +1013,9 @@ CK_RV SC_Login(ST_SESSION_HANDLE *sSession, CK_USER_TYPE userType,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
+
|
|
flags = &nv_token_data->token_info.flags;
|
|
|
|
if (!pPin || ulPinLen > MAX_PIN_LEN) {
|
|
@@ -1113,6 +1129,8 @@ CK_RV SC_Logout(ST_SESSION_HANDLE *sSession)
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
/* all sessions have the same state so we just have to check one */
|
|
if (session_mgr_public_session_exists()) {
|
|
@@ -1155,6 +1173,8 @@ CK_RV SC_CreateObject(ST_SESSION_HANDLE *sSession, CK_ATTRIBUTE_PTR pTemplate,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags)) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1204,6 +1224,8 @@ CK_RV SC_CopyObject(ST_SESSION_HANDLE *sSession, CK_OBJECT_HANDLE hObject,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1240,6 +1262,8 @@ CK_RV SC_DestroyObject(ST_SESSION_HANDLE *sSession, CK_OBJECT_HANDLE hObject)
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1285,6 +1309,8 @@ CK_RV SC_GetObjectSize(ST_SESSION_HANDLE *sSession, CK_OBJECT_HANDLE hObject,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = icsftok_get_attribute_value(sess, hObject, pTemplate,
|
|
ulCount, pulSize);
|
|
@@ -1319,6 +1345,8 @@ CK_RV SC_GetAttributeValue(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = icsftok_get_attribute_value(sess, hObject, pTemplate,
|
|
ulCount, NULL);
|
|
@@ -1369,6 +1397,8 @@ CK_RV SC_SetAttributeValue(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = icsftok_set_attribute_value(sess, hObject, pTemplate, ulCount);
|
|
if (rc != CKR_OK)
|
|
@@ -1416,6 +1446,8 @@ CK_RV SC_FindObjectsInit(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1480,6 +1512,8 @@ CK_RV SC_FindObjects(ST_SESSION_HANDLE *sSession, CK_OBJECT_HANDLE_PTR phObject,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->find_active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1525,6 +1559,8 @@ CK_RV SC_FindObjectsFinal(ST_SESSION_HANDLE *sSession)
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->find_active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1576,6 +1612,8 @@ CK_RV SC_EncryptInit(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1626,6 +1664,8 @@ CK_RV SC_Encrypt(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->encr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1677,6 +1717,8 @@ CK_RV SC_EncryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->encr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1726,6 +1768,8 @@ CK_RV SC_EncryptFinal(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->encr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1780,6 +1824,8 @@ CK_RV SC_DecryptInit(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -1832,6 +1878,8 @@ CK_RV SC_Decrypt(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pEncryptedData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->decr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1884,6 +1932,8 @@ CK_RV SC_DecryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pEncryptedPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->decr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1933,6 +1983,8 @@ CK_RV SC_DecryptFinal(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pLastPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->decr_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -1984,6 +2036,8 @@ CK_RV SC_DigestInit(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism)
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info, nv_token_data->token_info.flags) == TRUE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_PIN_EXPIRED));
|
|
@@ -2039,6 +2093,8 @@ CK_RV SC_Digest(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->digest_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2086,6 +2142,8 @@ CK_RV SC_DigestUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->digest_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2125,6 +2183,8 @@ CK_RV SC_DigestKey(ST_SESSION_HANDLE *sSession, CK_OBJECT_HANDLE hKey)
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->digest_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2169,6 +2229,8 @@ CK_RV SC_DigestFinal(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pDigest,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->digest_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2216,6 +2278,8 @@ CK_RV SC_SignInit(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = valid_mech(pMechanism, CKF_SIGN);
|
|
if (rc != CKR_OK)
|
|
@@ -2271,6 +2335,8 @@ CK_RV SC_Sign(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->sign_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2318,6 +2384,8 @@ CK_RV SC_SignUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->sign_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2363,6 +2431,8 @@ CK_RV SC_SignFinal(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pSignature,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->sign_ctx.active == FALSE) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_OPERATION_NOT_INITIALIZED));
|
|
@@ -2440,6 +2510,8 @@ CK_RV SC_VerifyInit(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -2492,6 +2564,8 @@ CK_RV SC_Verify(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->verify_ctx.active == FALSE) {
|
|
rc = CKR_OPERATION_NOT_INITIALIZED;
|
|
@@ -2537,6 +2611,8 @@ CK_RV SC_VerifyUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->verify_ctx.active == FALSE) {
|
|
rc = CKR_OPERATION_NOT_INITIALIZED;
|
|
@@ -2583,6 +2659,8 @@ CK_RV SC_VerifyFinal(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pSignature,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (sess->verify_ctx.active == FALSE) {
|
|
rc = CKR_OPERATION_NOT_INITIALIZED;
|
|
@@ -2718,6 +2796,8 @@ CK_RV SC_GenerateKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -2791,6 +2871,8 @@ CK_RV SC_GenerateKeyPair(ST_SESSION_HANDLE *sSession,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -2875,6 +2957,8 @@ CK_RV SC_WrapKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -2929,6 +3013,8 @@ CK_RV SC_UnwrapKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -2998,6 +3084,8 @@ CK_RV SC_DeriveKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
if (pin_expired(&sess->session_info,
|
|
nv_token_data->token_info.flags) == TRUE) {
|
|
@@ -3104,6 +3192,8 @@ CK_RV SC_GenerateRandom(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pRandomData,
|
|
rc = CKR_SESSION_HANDLE_INVALID;
|
|
goto done;
|
|
}
|
|
+ //set the handle into the session.
|
|
+ sess->handle = sSession->sessionh;
|
|
|
|
rc = rng_generate(pRandomData, ulRandomLen);
|
|
if (rc != CKR_OK)
|