CK_RV
pkcs11h_token_enumTokenIds (
IN const unsigned method,
OUT pkcs11h_token_id_list_t * const p_token_id_list
) {
#if defined(ENABLE_PKCS11H_THREADING)
PKCS11H_BOOL mutex_locked = FALSE;
#endif
pkcs11h_token_id_list_t token_id_list = NULL;
_pkcs11h_provider_t current_provider;
CK_RV rv = CKR_FUNCTION_FAILED;
_PKCS11H_ASSERT (_g_pkcs11h_data!=NULL);
_PKCS11H_ASSERT (_g_pkcs11h_data->initialized);
_PKCS11H_ASSERT (p_token_id_list!=NULL);
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: pkcs11h_token_enumTokenIds entry method=%u, p_token_id_list=%p",
method,
(void *)p_token_id_list
);
*p_token_id_list = NULL;
#if defined(ENABLE_PKCS11H_THREADING)
if ((rv = _pkcs11h_threading_mutexLock (&_g_pkcs11h_data->mutexes.global)) != CKR_OK) {
goto cleanup;
}
mutex_locked = TRUE;
#endif
for (
current_provider = _g_pkcs11h_data->providers;
current_provider != NULL;
current_provider = current_provider->next
) {
CK_SLOT_ID_PTR slots = NULL;
CK_ULONG slotnum;
CK_SLOT_ID slot_index;
/*
* Skip disabled providers
*/
if (!current_provider->enabled) {
continue;
}
if (
(rv = _pkcs11h_session_getSlotList (
current_provider,
CK_TRUE,
&slots,
&slotnum
)) != CKR_OK
) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Cannot get slot list for provider '%s' rv=%lu-'%s'",
current_provider->manufacturerID,
rv,
pkcs11h_getMessage (rv)
);
goto retry1;
}
for (
slot_index=0;
slot_index < slotnum;
slot_index++
) {
pkcs11h_token_id_list_t entry = NULL;
CK_TOKEN_INFO info;
if (
(rv = _pkcs11h_mem_malloc (
(void *)&entry,
sizeof (struct pkcs11h_token_id_list_s)
)) != CKR_OK ||
(rv = current_provider->f->C_GetTokenInfo (
slots[slot_index],
&info
)) != CKR_OK ||
(rv = _pkcs11h_token_getTokenId (
&info,
&entry->token_id
))
) {
goto retry11;
}
entry->next = token_id_list;
token_id_list = entry;
entry = NULL;
rv = CKR_OK;
retry11:
if (entry != NULL) {
pkcs11h_token_freeTokenIdList (entry);
entry = NULL;
}
}
retry1:
if (slots != NULL) {
_pkcs11h_mem_free ((void *)&slots);
slots = NULL;
}
}
if (method == PKCS11H_ENUM_METHOD_CACHE) {
_pkcs11h_session_t session = NULL;
for (
session = _g_pkcs11h_data->sessions;
session != NULL;
session = session->next
) {
pkcs11h_token_id_list_t entry = NULL;
PKCS11H_BOOL found = FALSE;
for (
entry = token_id_list;
entry != NULL && !found;
entry = entry->next
) {
if (
pkcs11h_token_sameTokenId (
session->token_id,
entry->token_id
)
) {
found = TRUE;
}
}
if (!found) {
entry = NULL;
if (
(rv = _pkcs11h_mem_malloc (
(void *)&entry,
sizeof (struct pkcs11h_token_id_list_s)
)) != CKR_OK ||
(rv = pkcs11h_token_duplicateTokenId (
&entry->token_id,
session->token_id
)) != CKR_OK
) {
goto retry12;
}
entry->next = token_id_list;
token_id_list = entry;
entry = NULL;
retry12:
if (entry != NULL) {
if (entry->token_id != NULL) {
pkcs11h_token_freeTokenId (entry->token_id);
}
_pkcs11h_mem_free ((void *)&entry);
}
}
}
}
*p_token_id_list = token_id_list;
token_id_list = NULL;
rv = CKR_OK;
cleanup:
if (token_id_list != NULL) {
pkcs11h_token_freeTokenIdList (token_id_list);
token_id_list = NULL;
}
#if defined(ENABLE_PKCS11H_THREADING)
if (mutex_locked) {
rv = _pkcs11h_threading_mutexRelease (&_g_pkcs11h_data->mutexes.global);
mutex_locked = FALSE;
}
#endif
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: pkcs11h_token_enumTokenIds return rv=%lu-'%s', *p_token_id_list=%p",
rv,
pkcs11h_getMessage (rv),
(void *)p_token_id_list
);
return rv;
}
static
void *
__pkcs11h_slotevent_provider (
IN void *p
) {
_pkcs11h_provider_t provider = (_pkcs11h_provider_t)p;
CK_SLOT_ID slot;
CK_RV rv = CKR_FUNCTION_FAILED;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_slotevent_provider provider='%s' entry",
provider->manufacturerID
);
if (!provider->enabled) {
rv = CKR_OPERATION_NOT_INITIALIZED;
goto cleanup;
}
if (provider->slot_poll_interval == 0) {
provider->slot_poll_interval = _PKCS11H_DEFAULT_SLOTEVENT_POLL;
}
/*
* If we cannot finalize, we cannot cause
* WaitForSlotEvent to terminate
*/
if (!provider->should_finalize) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Setup slotevent provider='%s' mode hardset to poll",
provider->manufacturerID
);
provider->slot_event_method = PKCS11H_SLOTEVENT_METHOD_POLL;
}
if (
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO ||
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_TRIGGER
) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Setup slotevent provider='%s' checking trigger",
provider->manufacturerID
);
while (
!_g_pkcs11h_data->slotevent.should_terminate &&
provider->enabled &&
(rv = provider->f->C_WaitForSlotEvent (
0,
&slot,
NULL_PTR
)) == CKR_OK
) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Slotevent provider='%s' event",
provider->manufacturerID
);
_pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event);
}
if (rv != CKR_FUNCTION_NOT_SUPPORTED) {
goto cleanup;
}
}
if (
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO ||
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_POLL
) {
PKCS11H_BOOL had_sleep = TRUE;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Setup slotevent provider='%s' checking poll",
provider->manufacturerID
);
while (
!_g_pkcs11h_data->slotevent.should_terminate &&
provider->enabled &&
(
(rv = provider->f->C_WaitForSlotEvent (
CKF_DONT_BLOCK,
&slot,
NULL_PTR
)) == CKR_OK ||
rv == CKR_NO_EVENT
)
) {
if (rv == CKR_OK) {
if (had_sleep) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Slotevent provider='%s' event",
provider->manufacturerID
);
had_sleep = FALSE; /* Mask out seq events */
_pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event);
}
}
else {
_pkcs11h_threading_sleep (provider->slot_poll_interval);
had_sleep = TRUE;
}
}
if (rv != CKR_FUNCTION_NOT_SUPPORTED) {
goto cleanup;
}
}
if (
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_AUTO ||
provider->slot_event_method == PKCS11H_SLOTEVENT_METHOD_FETCH
) {
unsigned long last_checksum = 0;
PKCS11H_BOOL is_first_time = TRUE;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Setup slotevent provider='%s' checking fetch",
provider->manufacturerID
);
while (
!_g_pkcs11h_data->slotevent.should_terminate &&
provider->enabled
) {
unsigned long current_checksum = 0;
CK_ULONG i;
CK_SLOT_ID_PTR slots = NULL;
CK_ULONG slotnum;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Slotevent provider='%s' poll",
provider->manufacturerID
);
if (
(rv = _pkcs11h_session_getSlotList (
provider,
TRUE,
&slots,
&slotnum
)) != CKR_OK
) {
goto cleanup1;
}
for (i=0;i<slotnum;i++) {
CK_TOKEN_INFO info;
if (provider->f->C_GetTokenInfo (slots[i], &info) == CKR_OK) {
current_checksum += (
__pkcs11h_slotevent_checksum (
info.label,
sizeof (info.label)
) +
__pkcs11h_slotevent_checksum (
info.manufacturerID,
sizeof (info.manufacturerID)
) +
__pkcs11h_slotevent_checksum (
info.model,
sizeof (info.model)
) +
__pkcs11h_slotevent_checksum (
info.serialNumber,
sizeof (info.serialNumber)
)
);
}
}
if (is_first_time) {
is_first_time = FALSE;
}
else {
if (last_checksum != current_checksum) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Slotevent provider='%s' event",
provider->manufacturerID
);
_pkcs11h_threading_condSignal (&_g_pkcs11h_data->slotevent.cond_event);
}
}
last_checksum = current_checksum;
rv = CKR_OK;
cleanup1:
if (slots != NULL) {
_pkcs11h_mem_free ((void *)&slots);
}
if (rv != CKR_OK) {
goto cleanup;
}
if (!_g_pkcs11h_data->slotevent.should_terminate) {
_pkcs11h_threading_sleep (provider->slot_poll_interval);
}
}
}
cleanup:
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_slotevent_provider provider='%s' return",
provider->manufacturerID
);
return NULL;
}
CK_RV
_pkcs11h_session_reset (
IN const _pkcs11h_session_t session,
IN void * const user_data,
IN const unsigned mask_prompt,
OUT CK_SLOT_ID * const p_slot
) {
PKCS11H_BOOL found = FALSE;
CK_RV rv = CKR_FUNCTION_FAILED;
unsigned nRetry = 0;
_PKCS11H_ASSERT (session!=NULL);
/*_PKCS11H_ASSERT (user_data) NOT NEEDED */
_PKCS11H_ASSERT (p_slot!=NULL);
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: _pkcs11h_session_reset entry session=%p, user_data=%p, mask_prompt=%08x, p_slot=%p",
(void *)session,
user_data,
mask_prompt,
(void *)p_slot
);
*p_slot = _PKCS11H_INVALID_SLOT_ID;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: _pkcs11h_session_reset Expected token manufacturerID='%s' model='%s', serialNumber='%s', label='%s'",
session->token_id->manufacturerID,
session->token_id->model,
session->token_id->serialNumber,
session->token_id->label
);
while (!found) {
_pkcs11h_provider_t current_provider = NULL;
for (
current_provider = _g_pkcs11h_data->providers;
(
current_provider != NULL &&
!found
);
current_provider = current_provider->next
) {
CK_SLOT_ID_PTR slots = NULL;
CK_ULONG slotnum;
CK_SLOT_ID slot_index;
/*
* Skip all other providers,
* if one was set in the past
*/
if (
session->provider != NULL &&
session->provider != current_provider
) {
continue;
}
if (
(rv = _pkcs11h_session_getSlotList (
current_provider,
CK_TRUE,
&slots,
&slotnum
)) != CKR_OK
) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Cannot get slot list for provider '%s' rv=%lu-'%s'",
current_provider->manufacturerID,
rv,
pkcs11h_getMessage (rv)
);
goto retry1;
}
for (
slot_index=0;
(
slot_index < slotnum &&
!found
);
slot_index++
) {
pkcs11h_token_id_t token_id = NULL;
CK_TOKEN_INFO info;
if (
(rv = current_provider->f->C_GetTokenInfo (
slots[slot_index],
&info
)) != CKR_OK ||
(rv = _pkcs11h_token_getTokenId (
&info,
&token_id
)) != CKR_OK
) {
goto retry11;
}
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: _pkcs11h_session_reset Found token manufacturerID='%s' model='%s', serialNumber='%s', label='%s'",
token_id->manufacturerID,
token_id->model,
token_id->serialNumber,
token_id->label
);
if (
pkcs11h_token_sameTokenId (
session->token_id,
token_id
)
) {
found = TRUE;
*p_slot = slots[slot_index];
if (session->provider == NULL) {
session->provider = current_provider;
session->allow_protected_auth_supported = (info.flags & CKF_PROTECTED_AUTHENTICATION_PATH) != 0;
}
}
rv = CKR_OK;
retry11:
if (rv != CKR_OK) {
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Cannot get token information for provider '%s' slot %ld rv=%lu-'%s'",
current_provider->manufacturerID,
slots[slot_index],
rv,
pkcs11h_getMessage (rv)
);
}
if (token_id != NULL) {
pkcs11h_token_freeTokenId (token_id);
}
}
retry1:
if (slots != NULL) {
_pkcs11h_mem_free ((void *)&slots);
slots = NULL;
}
}
if (!found && (mask_prompt & PKCS11H_PROMPT_MASK_ALLOW_TOKEN_PROMPT) == 0) {
rv = CKR_TOKEN_NOT_PRESENT;
goto cleanup;
}
if (!found) {
PKCS11H_BOOL canceled;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: Calling token_prompt hook for '%s'",
session->token_id->display
);
canceled = !_g_pkcs11h_data->hooks.token_prompt (
_g_pkcs11h_data->hooks.token_prompt_data,
user_data,
session->token_id,
nRetry++
);
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG1,
"PKCS#11: token_prompt returned %d",
canceled ? 0 : 1
);
if (canceled) {
rv = CKR_CANCEL;
goto cleanup;
}
}
}
rv = CKR_OK;
cleanup:
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: _pkcs11h_session_reset return rv=%lu-'%s', *p_slot=%ld",
rv,
pkcs11h_getMessage (rv),
*p_slot
);
return rv;
}
