CK_RV pkcs11h_token_enumTokenIds ( IN const unsigned method, OUT pkcs11h_token_id_list_t * const p_token_id_list ) { #if defined(ENABLE_PKCS11H_THREADING) PKCS11H_BOOL mutex_locked = FALSE; #endif pkcs11h_token_id_list_t token_id_list = NULL; _pkcs11h_provider_t current_provider; CK_RV rv = CKR_FUNCTION_FAILED; _PKCS11H_ASSERT (_g_pkcs11h_data!=NULL); _PKCS11H_ASSERT (_g_pkcs11h_data->initialized); _PKCS11H_ASSERT (p_token_id_list!=NULL); _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: pkcs11h_token_enumTokenIds entry method=%u, p_token_id_list=%p", method, (void *)p_token_id_list ); *p_token_id_list = NULL; #if defined(ENABLE_PKCS11H_THREADING) if ((rv = _pkcs11h_threading_mutexLock (&_g_pkcs11h_data->mutexes.global)) != CKR_OK) { goto cleanup; } mutex_locked = TRUE; #endif for ( current_provider = _g_pkcs11h_data->providers; current_provider != NULL; current_provider = current_provider->next ) { CK_SLOT_ID_PTR slots = NULL; CK_ULONG slotnum; CK_SLOT_ID slot_index; /* * Skip disabled providers */ if (!current_provider->enabled) { continue; } if ( (rv = _pkcs11h_session_getSlotList ( current_provider, CK_TRUE, &slots, &slotnum )) != CKR_OK ) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Cannot get slot list for provider '%s' rv=%lu-'%s'", current_provider->manufacturerID, rv, pkcs11h_getMessage (rv) ); goto retry1; } for ( slot_index=0; slot_index < slotnum; slot_index++ ) { pkcs11h_token_id_list_t entry = NULL; CK_TOKEN_INFO info; if ( (rv = _pkcs11h_mem_malloc ( (void *)&entry, sizeof (struct pkcs11h_token_id_list_s) )) != CKR_OK || (rv = current_provider->f->C_GetTokenInfo ( slots[slot_index], &info )) != CKR_OK || (rv = _pkcs11h_token_getTokenId ( &info, &entry->token_id )) ) { goto retry11; } entry->next = token_id_list; token_id_list = entry; entry = NULL; rv = CKR_OK; retry11: if (entry != NULL) { pkcs11h_token_freeTokenIdList (entry); entry = NULL; } } retry1: if (slots != NULL) { _pkcs11h_mem_free ((void *)&slots); slots = NULL; } } if (method == PKCS11H_ENUM_METHOD_CACHE) { _pkcs11h_session_t session = NULL; for ( session = _g_pkcs11h_data->sessions; session != NULL; session = session->next ) { pkcs11h_token_id_list_t entry = NULL; PKCS11H_BOOL found = FALSE; for ( entry = token_id_list; entry != NULL && !found; entry = entry->next ) { if ( pkcs11h_token_sameTokenId ( session->token_id, entry->token_id ) ) { found = TRUE; } } if (!found) { entry = NULL; if ( (rv = _pkcs11h_mem_malloc ( (void *)&entry, sizeof (struct pkcs11h_token_id_list_s) )) != CKR_OK || (rv = pkcs11h_token_duplicateTokenId ( &entry->token_id, session->token_id )) != CKR_OK ) { goto retry12; } entry->next = token_id_list; token_id_list = entry; entry = NULL; retry12: if (entry != NULL) { if (entry->token_id != NULL) { pkcs11h_token_freeTokenId (entry->token_id); } _pkcs11h_mem_free ((void *)&entry); } } } } *p_token_id_list = token_id_list; token_id_list = NULL; rv = CKR_OK; cleanup: if (token_id_list != NULL) { pkcs11h_token_freeTokenIdList (token_id_list); token_id_list = NULL; } #if defined(ENABLE_PKCS11H_THREADING) if (mutex_locked) { rv = _pkcs11h_threading_mutexRelease (&_g_pkcs11h_data->mutexes.global); mutex_locked = FALSE; } #endif _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: pkcs11h_token_enumTokenIds return rv=%lu-'%s', *p_token_id_list=%p", rv, pkcs11h_getMessage (rv), (void *)p_token_id_list ); return rv; }
static void * __pkcs11h_slotevent_provider ( IN void *p ) { _pkcs11h_provider_t provider = (_pkcs11h_provider_t)p; CK_SLOT_ID slot; CK_RV rv = CKR_FUNCTION_FAILED; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: __pkcs11h_slotevent_provider provider='%s' entry", provider->manufacturerID ); if (!provider->enabled) { rv = CKR_OPERATION_NOT_INITIALIZED; goto cleanup; } if (provider->slot_poll_interval == 0) { provider->slot_poll_interval = _PKCS11H_DEFAULT_SLOTEVENT_POLL; } /* * If we cannot finalize, we cannot cause * WaitForSlotEvent to terminate */ if (!provider->should_finalize) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Setup slotevent provider='%s' mode hardset to poll", provider->manufacturerID ); provider->slot_event_method = PKCS11H_SLOTEVENT_METHOD_POLL; } if ( provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO || provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_TRIGGER ) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Setup slotevent provider='%s' checking trigger", provider->manufacturerID ); while ( !_g_pkcs11h_data->slotevent.should_terminate && provider->enabled && (rv = provider->f->C_WaitForSlotEvent ( 0, &slot, NULL_PTR )) == CKR_OK ) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Slotevent provider='%s' event", provider->manufacturerID ); _pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event); } if (rv != CKR_FUNCTION_NOT_SUPPORTED) { goto cleanup; } } if ( provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO || provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_POLL ) { PKCS11H_BOOL had_sleep = TRUE; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Setup slotevent provider='%s' checking poll", provider->manufacturerID ); while ( !_g_pkcs11h_data->slotevent.should_terminate && provider->enabled && ( (rv = provider->f->C_WaitForSlotEvent ( CKF_DONT_BLOCK, &slot, NULL_PTR )) == CKR_OK || rv == CKR_NO_EVENT ) ) { if (rv == CKR_OK) { if (had_sleep) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Slotevent provider='%s' event", provider->manufacturerID ); had_sleep = FALSE; /* Mask out seq events */ _pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event); } } else { _pkcs11h_threading_sleep (provider->slot_poll_interval); had_sleep = TRUE; } } if (rv != CKR_FUNCTION_NOT_SUPPORTED) { goto cleanup; } } if ( provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO || provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_FETCH ) { unsigned long last_checksum = 0; PKCS11H_BOOL is_first_time = TRUE; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Setup slotevent provider='%s' checking fetch", provider->manufacturerID ); while ( !_g_pkcs11h_data->slotevent.should_terminate && provider->enabled ) { unsigned long current_checksum = 0; CK_ULONG i; CK_SLOT_ID_PTR slots = NULL; CK_ULONG slotnum; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Slotevent provider='%s' poll", provider->manufacturerID ); if ( (rv = _pkcs11h_session_getSlotList ( provider, TRUE, &slots, &slotnum )) != CKR_OK ) { goto cleanup1; } for (i=0;i<slotnum;i++) { CK_TOKEN_INFO info; if (provider->f->C_GetTokenInfo (slots[i], &info) == CKR_OK) { current_checksum += ( __pkcs11h_slotevent_checksum ( info.label, sizeof (info.label) ) + __pkcs11h_slotevent_checksum ( info.manufacturerID, sizeof (info.manufacturerID) ) + __pkcs11h_slotevent_checksum ( info.model, sizeof (info.model) ) + __pkcs11h_slotevent_checksum ( info.serialNumber, sizeof (info.serialNumber) ) ); } } if (is_first_time) { is_first_time = FALSE; } else { if (last_checksum != current_checksum) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Slotevent provider='%s' event", provider->manufacturerID ); _pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event); } } last_checksum = current_checksum; rv = CKR_OK; cleanup1: if (slots != NULL) { _pkcs11h_mem_free ((void *)&slots); } if (rv != CKR_OK) { goto cleanup; } if (!_g_pkcs11h_data->slotevent.should_terminate) { _pkcs11h_threading_sleep (provider->slot_poll_interval); } } } cleanup: _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: __pkcs11h_slotevent_provider provider='%s' return", provider->manufacturerID ); return NULL; }
CK_RV _pkcs11h_session_reset ( IN const _pkcs11h_session_t session, IN void * const user_data, IN const unsigned mask_prompt, OUT CK_SLOT_ID * const p_slot ) { PKCS11H_BOOL found = FALSE; CK_RV rv = CKR_FUNCTION_FAILED; unsigned nRetry = 0; _PKCS11H_ASSERT (session!=NULL); /*_PKCS11H_ASSERT (user_data) NOT NEEDED */ _PKCS11H_ASSERT (p_slot!=NULL); _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_session_reset entry session=%p, user_data=%p, mask_prompt=%08x, p_slot=%p", (void *)session, user_data, mask_prompt, (void *)p_slot ); *p_slot = _PKCS11H_INVALID_SLOT_ID; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_session_reset Expected token manufacturerID='%s' model='%s', serialNumber='%s', label='%s'", session->token_id->manufacturerID, session->token_id->model, session->token_id->serialNumber, session->token_id->label ); while (!found) { _pkcs11h_provider_t current_provider = NULL; for ( current_provider = _g_pkcs11h_data->providers; ( current_provider != NULL && !found ); current_provider = current_provider->next ) { CK_SLOT_ID_PTR slots = NULL; CK_ULONG slotnum; CK_SLOT_ID slot_index; /* * Skip all other providers, * if one was set in the past */ if ( session->provider != NULL && session->provider != current_provider ) { continue; } if ( (rv = _pkcs11h_session_getSlotList ( current_provider, CK_TRUE, &slots, &slotnum )) != CKR_OK ) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Cannot get slot list for provider '%s' rv=%lu-'%s'", current_provider->manufacturerID, rv, pkcs11h_getMessage (rv) ); goto retry1; } for ( slot_index=0; ( slot_index < slotnum && !found ); slot_index++ ) { pkcs11h_token_id_t token_id = NULL; CK_TOKEN_INFO info; if ( (rv = current_provider->f->C_GetTokenInfo ( slots[slot_index], &info )) != CKR_OK || (rv = _pkcs11h_token_getTokenId ( &info, &token_id )) != CKR_OK ) { goto retry11; } _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_session_reset Found token manufacturerID='%s' model='%s', serialNumber='%s', label='%s'", token_id->manufacturerID, token_id->model, token_id->serialNumber, token_id->label ); if ( pkcs11h_token_sameTokenId ( session->token_id, token_id ) ) { found = TRUE; *p_slot = slots[slot_index]; if (session->provider == NULL) { session->provider = current_provider; session->allow_protected_auth_supported = (info.flags & CKF_PROTECTED_AUTHENTICATION_PATH) != 0; } } rv = CKR_OK; retry11: if (rv != CKR_OK) { _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Cannot get token information for provider '%s' slot %ld rv=%lu-'%s'", current_provider->manufacturerID, slots[slot_index], rv, pkcs11h_getMessage (rv) ); } if (token_id != NULL) { pkcs11h_token_freeTokenId (token_id); } } retry1: if (slots != NULL) { _pkcs11h_mem_free ((void *)&slots); slots = NULL; } } if (!found && (mask_prompt & PKCS11H_PROMPT_MASK_ALLOW_TOKEN_PROMPT) == 0) { rv = CKR_TOKEN_NOT_PRESENT; goto cleanup; } if (!found) { PKCS11H_BOOL canceled; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: Calling token_prompt hook for '%s'", session->token_id->display ); canceled = !_g_pkcs11h_data->hooks.token_prompt ( _g_pkcs11h_data->hooks.token_prompt_data, user_data, session->token_id, nRetry++ ); _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG1, "PKCS#11: token_prompt returned %d", canceled ? 0 : 1 ); if (canceled) { rv = CKR_CANCEL; goto cleanup; } } } rv = CKR_OK; cleanup: _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_session_reset return rv=%lu-'%s', *p_slot=%ld", rv, pkcs11h_getMessage (rv), *p_slot ); return rv; }