Fix for 269581 - cache the value of CKA_PRIVATE on private keys to avoid unnecessary C_GetAttributeValue . Also fix incorrect logic in attribute tests. r=rrelyea,wtchang

2005-02-24 00:35:51 +00:00 · 2005-02-24 00:35:51 +00:00 · b555cccb97
--- a/security/nss/lib/cryptohi/keyhi.h
+++ b/security/nss/lib/cryptohi/keyhi.h
@ -35,7 +35,7 @@
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
-/* $Id: keyhi.h,v 1.11 2004-04-27 23:04:35 gerv%gerv.net Exp $ */
+/* $Id: keyhi.h,v 1.12 2005-02-24 00:35:51 julien.pierre.bugs%sun.com Exp $ */

 #ifndef _KEYHI_H_
 #define _KEYHI_H_
@ -221,6 +221,9 @@ SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
 			  SECKEYPrivateKeyInfo *to,
 			  SECKEYPrivateKeyInfo *from);

+extern SECStatus
+SECKEY_CacheStaticFlags(SECKEYPrivateKey* key);
+
 /* Copy encrypted private key info structure.  
 *  poolp is the arena into which the contents of from is to be copied.
 *	NULL is a valid entry.
--- a/security/nss/lib/cryptohi/keythi.h
+++ b/security/nss/lib/cryptohi/keythi.h
@ -202,6 +202,25 @@ struct SECKEYPublicKeyStr {
 };
 typedef struct SECKEYPublicKeyStr SECKEYPublicKey;

+#define CachedAttribute(attribute,setbit) \
+static const PRUint32 SECKEY_##attribute = 1 << setbit;
+
+/* bit flag definitions for staticflags */
+#define SECKEY_Attributes_Cached 0x1    /* bit 0 states
+                                           whether attributes are cached */
+CachedAttribute(CKA_PRIVATE,1) /* bit 1 is the value of CKA_PRIVATE */
+
+#define SECKEY_ATTRIBUTES_CACHED(key) \
+     (0 != (key->staticflags & SECKEY_Attributes_Cached))
+
+#define SECKEY_ATTRIBUTE_VALUE(key,attribute) \
+     (0 != (key->staticflags & SECKEY_##attribute))
+
+#define SECKEY_HAS_ATTRIBUTE_SET(key,attribute) \
+    (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? \
+    (0 != (key->staticflags & SECKEY_##attribute)) : \
+    PK11_HasAttributeSet(key->pkcs11Slot,key->pkcs11ID,attribute)
+
 /*
 ** A generic key structure
 */ 
@ -212,6 +231,7 @@ struct SECKEYPrivateKeyStr {
    CK_OBJECT_HANDLE pkcs11ID;  /* ID of pkcs11 object */
    PRBool pkcs11IsTemp;	/* temp pkcs11 object, delete it when done */
    void *wincx;		/* context for errors and pw prompts */
+    PRUint32 staticflags;       /* bit flag of cached PKCS#11 attributes */
 };
 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;

--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@ -1379,6 +1379,7 @@ SECKEY_CopyPrivateKey(SECKEYPrivateKey *privk)
 	}
 	copyk->pkcs11IsTemp = privk->pkcs11IsTemp;
 	copyk->wincx = privk->wincx;
+	copyk->staticflags = privk->staticflags;
 	return copyk;
    } else {
 	PORT_SetError (SEC_ERROR_NO_MEMORY);
@ -2314,3 +2315,22 @@ SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
 loser:
    return(SECFailure);
 }
+
+#define SECKEY_CacheAttribute(key, attribute) \
+    if (CK_TRUE == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute)) { \
+        key->staticflags |= SECKEY_##attribute; \
+    } else { \
+        key->staticflags &= (~SECKEY_##attribute); \
+    }
+
+SECStatus
+SECKEY_CacheStaticFlags(SECKEYPrivateKey* key)
+{
+    SECStatus rv = SECFailure;
+    if (key && key->pkcs11Slot && key->pkcs11ID) {
+        key->staticflags |= SECKEY_Attributes_Cached;
+        SECKEY_CacheAttribute(key, CKA_PRIVATE);
+        rv = SECSuccess;
+    }
+    return rv;
+}