/*
* Create a new context
*/
PKCS11_CTX *pkcs11_CTX_new(void)
{
PKCS11_CTX_private *cpriv = NULL;
PKCS11_CTX *ctx = NULL;
/* Load error strings */
ERR_load_PKCS11_strings();
cpriv = OPENSSL_malloc(sizeof(PKCS11_CTX_private));
if (cpriv == NULL)
goto fail;
memset(cpriv, 0, sizeof(PKCS11_CTX_private));
ctx = OPENSSL_malloc(sizeof(PKCS11_CTX));
if (ctx == NULL)
goto fail;
memset(ctx, 0, sizeof(PKCS11_CTX));
ctx->_private = cpriv;
cpriv->forkid = _P11_get_forkid();
cpriv->rwlock = CRYPTO_THREAD_lock_new();
return ctx;
fail:
OPENSSL_free(cpriv);
OPENSSL_free(ctx);
return NULL;
}
/*
* Unload the shared library
*/
void pkcs11_CTX_unload(PKCS11_CTX * ctx)
{
PKCS11_CTX_private *cpriv;
cpriv = PRIVCTX(ctx);
/* Tell the PKCS11 library to shut down */
if (cpriv->forkid == _P11_get_forkid())
cpriv->method->C_Finalize(NULL);
/* Unload the module */
C_UnloadModule(cpriv->handle);
}
static int pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE obj,
CK_OBJECT_CLASS type, PKCS11_KEY ** ret)
{
PKCS11_TOKEN_private *tpriv = PRIVTOKEN(token);
PKCS11_keys *keys = (type == CKO_PRIVATE_KEY) ? &tpriv->prv : &tpriv->pub;
PKCS11_KEY_private *kpriv;
PKCS11_KEY *key, *tmp;
CK_KEY_TYPE key_type;
PKCS11_KEY_ops *ops;
size_t size;
(void)ctx;
(void)session;
size = sizeof(key_type);
if (pkcs11_getattr_var(token, obj, CKA_KEY_TYPE, (CK_BYTE *)&key_type, &size))
return -1;
switch (key_type) {
case CKK_RSA:
ops = &pkcs11_rsa_ops;
break;
case CKK_EC:
ops = pkcs11_ec_ops;
if (ops == NULL)
return 0; /* not supported */
break;
default:
/* Ignore any keys we don't understand */
return 0;
}
tmp = OPENSSL_realloc(keys->keys, (keys->num + 1) * sizeof(PKCS11_KEY));
if (tmp == NULL) {
OPENSSL_free(keys->keys);
keys->keys = NULL;
return -1;
}
keys->keys = tmp;
key = keys->keys + keys->num++;
memset(key, 0, sizeof(PKCS11_KEY));
kpriv = OPENSSL_malloc(sizeof(PKCS11_KEY_private));
if (kpriv)
memset(kpriv, 0, sizeof(PKCS11_KEY_private));
key->_private = kpriv;
kpriv->object = obj;
kpriv->parent = token;
pkcs11_getattr_alloc(token, obj, CKA_LABEL, (CK_BYTE **)&key->label, NULL);
key->id_len = 0;
pkcs11_getattr_alloc(token, obj, CKA_ID, &key->id, &key->id_len);
key->isPrivate = (type == CKO_PRIVATE_KEY);
/* Initialize internal information */
kpriv->id_len = sizeof(kpriv->id);
if (pkcs11_getattr_var(token, obj, CKA_ID, kpriv->id, &kpriv->id_len))
kpriv->id_len = 0;
kpriv->ops = ops;
kpriv->forkid = _P11_get_forkid();
if (ret)
*ret = key;
return 0;
}