NS_IMETHODIMP nsPKCS11Slot::GetStatus(uint32_t *_retval) { nsNSSShutDownPreventionLock locker; if (isAlreadyShutDown()) return NS_ERROR_NOT_AVAILABLE; if (PK11_IsDisabled(mSlot)) *_retval = SLOT_DISABLED; else if (!PK11_IsPresent(mSlot)) *_retval = SLOT_NOT_PRESENT; else if (PK11_NeedLogin(mSlot) && PK11_NeedUserInit(mSlot)) *_retval = SLOT_UNINITIALIZED; else if (PK11_NeedLogin(mSlot) && !PK11_IsLoggedIn(mSlot, nullptr)) *_retval = SLOT_NOT_LOGGED_IN; else if (PK11_NeedLogin(mSlot)) *_retval = SLOT_LOGGED_IN; else *_retval = SLOT_READY; return NS_OK; }
NSS_IMPLEMENT PRBool nssSlot_IsTokenPresent ( NSSSlot *slot ) { CK_RV ckrv; PRStatus nssrv; /* XXX */ nssSession *session; CK_SLOT_INFO slotInfo; void *epv; /* permanent slots are always present unless they're disabled */ if (nssSlot_IsPermanent(slot)) { return !PK11_IsDisabled(slot->pk11slot); } /* avoid repeated calls to check token status within set interval */ if (within_token_delay_period(slot)) { return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0); } /* First obtain the slot info */ epv = slot->epv; if (!epv) { return PR_FALSE; } nssSlot_EnterMonitor(slot); ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo); nssSlot_ExitMonitor(slot); if (ckrv != CKR_OK) { slot->token->base.name[0] = 0; /* XXX */ return PR_FALSE; } slot->ckFlags = slotInfo.flags; /* check for the presence of the token */ if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) { if (!slot->token) { /* token was never present */ return PR_FALSE; } session = nssToken_GetDefaultSession(slot->token); if (session) { nssSession_EnterMonitor(session); /* token is not present */ if (session->handle != CK_INVALID_SESSION) { /* session is valid, close and invalidate it */ CKAPI(epv)->C_CloseSession(session->handle); session->handle = CK_INVALID_SESSION; } nssSession_ExitMonitor(session); } if (slot->token->base.name[0] != 0) { /* notify the high-level cache that the token is removed */ slot->token->base.name[0] = 0; /* XXX */ nssToken_NotifyCertsNotVisible(slot->token); } slot->token->base.name[0] = 0; /* XXX */ /* clear the token cache */ nssToken_Remove(slot->token); return PR_FALSE; } /* token is present, use the session info to determine if the card * has been removed and reinserted. */ session = nssToken_GetDefaultSession(slot->token); if (session) { PRBool isPresent = PR_FALSE; nssSession_EnterMonitor(session); if (session->handle != CK_INVALID_SESSION) { CK_SESSION_INFO sessionInfo; ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo); if (ckrv != CKR_OK) { /* session is screwy, close and invalidate it */ CKAPI(epv)->C_CloseSession(session->handle); session->handle = CK_INVALID_SESSION; } } isPresent = session->handle != CK_INVALID_SESSION; nssSession_ExitMonitor(session); /* token not removed, finished */ if (isPresent) return PR_TRUE; } /* the token has been removed, and reinserted, or the slot contains * a token it doesn't recognize. invalidate all the old * information we had on this token, if we can't refresh, clear * the present flag */ nssToken_NotifyCertsNotVisible(slot->token); nssToken_Remove(slot->token); /* token has been removed, need to refresh with new session */ nssrv = nssSlot_Refresh(slot); if (nssrv != PR_SUCCESS) { slot->token->base.name[0] = 0; /* XXX */ slot->ckFlags &= ~CKF_TOKEN_PRESENT; return PR_FALSE; } return PR_TRUE; }
/*********************************************************************** * * L i s t M o d u l e * * Lists detailed information about the named module. */ Error ListModule(char *moduleName) { SECMODModule *module = NULL; PK11SlotInfo *slot; int slotnum; CK_INFO modinfo; CK_SLOT_INFO slotinfo; CK_TOKEN_INFO tokeninfo; char *ciphers, *mechanisms; size_t reasonIdx; Error rv = SUCCESS; if (!moduleName) { return SUCCESS; } module = SECMOD_FindModule(moduleName); if (!module) { PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); rv = NO_SUCH_MODULE_ERR; goto loser; } if ((module->loaded) && (PK11_GetModInfo(module, &modinfo) != SECSuccess)) { PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName); rv = MOD_INFO_ERR; goto loser; } /* Module info */ PR_fprintf(PR_STDOUT, "\n-----------------------------------------------------------\n"); PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName); if (module->internal || !module->dllName) { PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n"); } else { PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName); } if (module->loaded) { PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID); PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription); PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n", modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor); PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n", modinfo.libraryVersion.major, modinfo.libraryVersion.minor); } else { PR_fprintf(PR_STDOUT, "* Module not loaded\n"); } /* Get cipher and mechanism flags */ ciphers = getStringFromFlags(module->ssl[0], cipherStrings, numCipherStrings); if (ciphers[0] == '\0') { ciphers = "None"; } PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers); mechanisms = NULL; if (module->slotCount > 0) { mechanisms = getStringFromFlags( PK11_GetDefaultFlags(module->slots[0]), mechanismStrings, numMechanismStrings); } if ((mechanisms == NULL) || (mechanisms[0] == '\0')) { mechanisms = "None"; } PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms); #define PAD " " /* Loop over each slot */ for (slotnum = 0; slotnum < module->slotCount; slotnum++) { slot = module->slots[slotnum]; if (PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) { PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR], PK11_GetSlotName(slot)); rv = SLOT_INFO_ERR; continue; } /* Slot Info */ PR_fprintf(PR_STDOUT, "\n" PAD "Slot: %s\n", PK11_GetSlotName(slot)); mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot), mechanismStrings, numMechanismStrings); if (mechanisms[0] == '\0') { mechanisms = "None"; } PR_fprintf(PR_STDOUT, PAD "Slot Mechanism Flags: %s\n", mechanisms); PR_fprintf(PR_STDOUT, PAD "Manufacturer: %.32s\n", slotinfo.manufacturerID); if (PK11_IsHW(slot)) { PR_fprintf(PR_STDOUT, PAD "Type: Hardware\n"); } else { PR_fprintf(PR_STDOUT, PAD "Type: Software\n"); } PR_fprintf(PR_STDOUT, PAD "Version Number: %d.%d\n", slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor); PR_fprintf(PR_STDOUT, PAD "Firmware Version: %d.%d\n", slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor); if (PK11_IsDisabled(slot)) { reasonIdx = PK11_GetDisabledReason(slot); if (reasonIdx < numDisableReasonStr) { PR_fprintf(PR_STDOUT, PAD "Status: DISABLED (%s)\n", disableReasonStr[reasonIdx]); } else { PR_fprintf(PR_STDOUT, PAD "Status: DISABLED\n"); } } else { PR_fprintf(PR_STDOUT, PAD "Status: Enabled\n"); } if (PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) { PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR], PK11_GetTokenName(slot)); rv = TOKEN_INFO_ERR; continue; } /* Token Info */ PR_fprintf(PR_STDOUT, PAD "Token Name: %.32s\n", tokeninfo.label); PR_fprintf(PR_STDOUT, PAD "Token Manufacturer: %.32s\n", tokeninfo.manufacturerID); PR_fprintf(PR_STDOUT, PAD "Token Model: %.16s\n", tokeninfo.model); PR_fprintf(PR_STDOUT, PAD "Token Serial Number: %.16s\n", tokeninfo.serialNumber); PR_fprintf(PR_STDOUT, PAD "Token Version: %d.%d\n", tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor); PR_fprintf(PR_STDOUT, PAD "Token Firmware Version: %d.%d\n", tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor); if (tokeninfo.flags & CKF_WRITE_PROTECTED) { PR_fprintf(PR_STDOUT, PAD "Access: Write Protected\n"); } else { PR_fprintf(PR_STDOUT, PAD "Access: NOT Write Protected\n"); } if (tokeninfo.flags & CKF_LOGIN_REQUIRED) { PR_fprintf(PR_STDOUT, PAD "Login Type: Login required\n"); } else { PR_fprintf(PR_STDOUT, PAD "Login Type: Public (no login required)\n"); } if (tokeninfo.flags & CKF_USER_PIN_INITIALIZED) { PR_fprintf(PR_STDOUT, PAD "User Pin: Initialized\n"); } else { PR_fprintf(PR_STDOUT, PAD "User Pin: NOT Initialized\n"); } } PR_fprintf(PR_STDOUT, "\n-----------------------------------------------------------\n"); loser: if (module) { SECMOD_DestroyModule(module); } return rv; }