trust: Clarify C_Login behavior that returns an error

author: Daiki Ueno <dueno@redhat.com> 2018-07-19 11:01:31 +0200
committer: Daiki Ueno <dueno@redhat.com> 2018-07-19 11:12:09 +0200
commit: 19aaf573580e52265f57f9b7af7a03bfdfaf71e0 (patch)
tree: b10381dd8372ee33bb540383e7a1b50a4fa41cfb /trust/module.c
parent: ab27346ceb5d4e856671a033ac1f6521c86514a1 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/trust/module.c b/trust/module.c
index 5b73ad7..82a3fdf 100644
--- a/trust/module.c
+++ b/trust/module.c
@@ -844,6 +844,17 @@ sys_C_Login (CK_SESSION_HANDLE handle,
 	p11_lock ();
 
 		rv = lookup_session (handle, NULL);
+		/* Since the trust module is designed as a replacement
+		 * of nssckbi, it works as a general access device as
+		 * described in the table 1.1 of:
+		 * <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Implement>.
+		 *
+		 * That means that the tokens provided by this module
+		 * shall be accessed without login, and if the caller
+		 * tries to login, the attempt should fail with an
+		 * explicit error (otherwise, the caller cannot
+		 * distinguish the user's login status, see also
+		 * C_Logout below). */
 		if (rv == CKR_OK)
 			rv = CKR_USER_TYPE_INVALID;
author	Daiki Ueno <dueno@redhat.com>	2018-07-19 11:01:31 +0200
committer	Daiki Ueno <dueno@redhat.com>	2018-07-19 11:12:09 +0200
commit	19aaf573580e52265f57f9b7af7a03bfdfaf71e0 (patch)
tree	b10381dd8372ee33bb540383e7a1b50a4fa41cfb /trust/module.c
parent	ab27346ceb5d4e856671a033ac1f6521c86514a1 (diff)