Beispiel #1
0
void
nsPKCS11Slot::refreshSlotInfo()
{
  CK_SLOT_INFO slot_info;
  if (PK11_GetSlotInfo(mSlot, &slot_info) == SECSuccess) {
    // Set the Description field
    const char *ccDesc = (const char*)slot_info.slotDescription;
    const nsACString &cDesc = Substring(
      ccDesc, 
      ccDesc+PL_strnlen(ccDesc, sizeof(slot_info.slotDescription)));
    mSlotDesc = NS_ConvertUTF8toUTF16(cDesc);
    mSlotDesc.Trim(" ", false, true);
    // Set the Manufacturer field
    const char *ccManID = (const char*)slot_info.manufacturerID;
    const nsACString &cManID = Substring(
      ccManID, 
      ccManID+PL_strnlen(ccManID, sizeof(slot_info.manufacturerID)));
    mSlotManID = NS_ConvertUTF8toUTF16(cManID);
    mSlotManID.Trim(" ", false, true);
    // Set the Hardware Version field
    mSlotHWVersion = EmptyString();
    mSlotHWVersion.AppendInt(slot_info.hardwareVersion.major);
    mSlotHWVersion.Append('.');
    mSlotHWVersion.AppendInt(slot_info.hardwareVersion.minor);
    // Set the Firmware Version field
    mSlotFWVersion = EmptyString();
    mSlotFWVersion.AppendInt(slot_info.firmwareVersion.major);
    mSlotFWVersion.Append('.');
    mSlotFWVersion.AppendInt(slot_info.firmwareVersion.minor);
  }

}
Beispiel #2
0
int find_slot_by_number(pkcs11_handle_t *h, unsigned int slot_num, unsigned int *slotID)
{
  SECMODModule *module = h->module;
  int i;

  /* if module is null,
   * any of the PKCS #11 modules specified in the system config
   * is available, find one */
  if (module == NULL) {
    PK11SlotList *list;
    PK11SlotListElement *le;
    PK11SlotInfo *slot = NULL;

    /* find a slot, we haven't specifically selected a module,
     * so find an appropriate one. */
    /* get them all */
    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_TRUE, NULL);
    if (list == NULL) {
	return -1;
    }
    for (le = list->head; le; le = le->next) {
      CK_SLOT_INFO slInfo;
      SECStatus rv;

      slInfo.flags = 0;
      rv = PK11_GetSlotInfo(le->slot, &slInfo);
      if (rv == SECSuccess && (slInfo.flags & CKF_REMOVABLE_DEVICE)) {
	slot = PK11_ReferenceSlot(le->slot);
	module = SECMOD_ReferenceModule(PK11_GetModule(le->slot));
	break;
      }
    }
    PK11_FreeSlotList(list);
    if (slot == NULL) {
	return -1;
    }
    h->slot = slot;
    h->module = module;
    *slotID = PK11_GetSlotID(slot);
    return 0;
  }

  /*
   * we're configured with a specific module, look for a present slot
   * on that module. */
  if (slot_num == 0) {
    /* threaded applications should also acquire the
     * DefaultModuleListLock */
    for (i=0; i < module->slotCount; i++) {
      if (module->slots[i] && PK11_IsPresent(module->slots[i])) {
        h->slot = PK11_ReferenceSlot(module->slots[i]);
        *slotID = PK11_GetSlotID(h->slot);
        return 0;
      }
    }
  }
  /* we're configured for a specific module and token, see if it's present */
  slot_num--;
  if (slot_num < module->slotCount && module->slots &&
      module->slots[slot_num] && PK11_IsPresent(module->slots[slot_num])) {
    h->slot = PK11_ReferenceSlot(module->slots[slot_num]);
    *slotID = PK11_GetSlotID(h->slot);
    return 0;
  }
  return -1;
}
Beispiel #3
0
/***********************************************************************
 *
 * L i s t M o d u l e
 *
 * Lists detailed information about the named module.
 */
Error
ListModule(char *moduleName)
{
    SECMODModule *module = NULL;
    PK11SlotInfo *slot;
    int slotnum;
    CK_INFO modinfo;
    CK_SLOT_INFO slotinfo;
    CK_TOKEN_INFO tokeninfo;
    char *ciphers, *mechanisms;
    size_t reasonIdx;
    Error rv = SUCCESS;

    if (!moduleName) {
        return SUCCESS;
    }

    module = SECMOD_FindModule(moduleName);
    if (!module) {
        PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
        rv = NO_SUCH_MODULE_ERR;
        goto loser;
    }

    if ((module->loaded) &&
        (PK11_GetModInfo(module, &modinfo) != SECSuccess)) {
        PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
        rv = MOD_INFO_ERR;
        goto loser;
    }

    /* Module info */
    PR_fprintf(PR_STDOUT,
               "\n-----------------------------------------------------------\n");
    PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
    if (module->internal || !module->dllName) {
        PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
    } else {
        PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
    }

    if (module->loaded) {
        PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
        PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
        PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
                   modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
        PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
                   modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
    } else {
        PR_fprintf(PR_STDOUT, "* Module not loaded\n");
    }
    /* Get cipher and mechanism flags */
    ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
                                 numCipherStrings);
    if (ciphers[0] == '\0') {
        ciphers = "None";
    }
    PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
    mechanisms = NULL;
    if (module->slotCount > 0) {
        mechanisms = getStringFromFlags(
            PK11_GetDefaultFlags(module->slots[0]),
            mechanismStrings, numMechanismStrings);
    }
    if ((mechanisms == NULL) || (mechanisms[0] == '\0')) {
        mechanisms = "None";
    }
    PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);

#define PAD "  "

    /* Loop over each slot */
    for (slotnum = 0; slotnum < module->slotCount; slotnum++) {
        slot = module->slots[slotnum];
        if (PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
            PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
                       PK11_GetSlotName(slot));
            rv = SLOT_INFO_ERR;
            continue;
        }

        /* Slot Info */
        PR_fprintf(PR_STDOUT, "\n" PAD "Slot: %s\n", PK11_GetSlotName(slot));
        mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot),
                                        mechanismStrings, numMechanismStrings);
        if (mechanisms[0] == '\0') {
            mechanisms = "None";
        }
        PR_fprintf(PR_STDOUT, PAD "Slot Mechanism Flags: %s\n", mechanisms);
        PR_fprintf(PR_STDOUT, PAD "Manufacturer: %.32s\n",
                   slotinfo.manufacturerID);
        if (PK11_IsHW(slot)) {
            PR_fprintf(PR_STDOUT, PAD "Type: Hardware\n");
        } else {
            PR_fprintf(PR_STDOUT, PAD "Type: Software\n");
        }
        PR_fprintf(PR_STDOUT, PAD "Version Number: %d.%d\n",
                   slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
        PR_fprintf(PR_STDOUT, PAD "Firmware Version: %d.%d\n",
                   slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
        if (PK11_IsDisabled(slot)) {
            reasonIdx = PK11_GetDisabledReason(slot);
            if (reasonIdx < numDisableReasonStr) {
                PR_fprintf(PR_STDOUT, PAD "Status: DISABLED (%s)\n",
                           disableReasonStr[reasonIdx]);
            } else {
                PR_fprintf(PR_STDOUT, PAD "Status: DISABLED\n");
            }
        } else {
            PR_fprintf(PR_STDOUT, PAD "Status: Enabled\n");
        }

        if (PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
            PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
                       PK11_GetTokenName(slot));
            rv = TOKEN_INFO_ERR;
            continue;
        }

        /* Token Info */
        PR_fprintf(PR_STDOUT, PAD "Token Name: %.32s\n",
                   tokeninfo.label);
        PR_fprintf(PR_STDOUT, PAD "Token Manufacturer: %.32s\n",
                   tokeninfo.manufacturerID);
        PR_fprintf(PR_STDOUT, PAD "Token Model: %.16s\n", tokeninfo.model);
        PR_fprintf(PR_STDOUT, PAD "Token Serial Number: %.16s\n",
                   tokeninfo.serialNumber);
        PR_fprintf(PR_STDOUT, PAD "Token Version: %d.%d\n",
                   tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
        PR_fprintf(PR_STDOUT, PAD "Token Firmware Version: %d.%d\n",
                   tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
        if (tokeninfo.flags & CKF_WRITE_PROTECTED) {
            PR_fprintf(PR_STDOUT, PAD "Access: Write Protected\n");
        } else {
            PR_fprintf(PR_STDOUT, PAD "Access: NOT Write Protected\n");
        }
        if (tokeninfo.flags & CKF_LOGIN_REQUIRED) {
            PR_fprintf(PR_STDOUT, PAD "Login Type: Login required\n");
        } else {
            PR_fprintf(PR_STDOUT, PAD
                       "Login Type: Public (no login required)\n");
        }
        if (tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
            PR_fprintf(PR_STDOUT, PAD "User Pin: Initialized\n");
        } else {
            PR_fprintf(PR_STDOUT, PAD "User Pin: NOT Initialized\n");
        }
    }
    PR_fprintf(PR_STDOUT,
               "\n-----------------------------------------------------------\n");
loser:
    if (module) {
        SECMOD_DestroyModule(module);
    }
    return rv;
}