isc_result_t pk11_initialize(isc_mem_t *mctx, const char *engine) { isc_result_t result; CK_RV rv; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); LOCK(&alloclock); if ((mctx != NULL) && (pk11_mctx == NULL) && (allocsize == 0)) isc_mem_attach(mctx, &pk11_mctx); if (initialized) { UNLOCK(&alloclock); return (ISC_R_SUCCESS); } else { LOCK(&sessionlock); initialized = ISC_TRUE; UNLOCK(&alloclock); } ISC_LIST_INIT(tokens); ISC_LIST_INIT(actives); if (engine != NULL) lib_name = engine; /* Initialize the CRYPTOKI library */ rv = pkcs_C_Initialize((CK_VOID_PTR) &pk11_init_args); if (rv == 0xfe) { result = PK11_R_NOPROVIDER; goto unlock; } if (rv != CKR_OK) { result = PK11_R_INITFAILED; goto unlock; } choose_slots(); #ifdef PKCS11CRYPTO if (rand_token == NULL) { result = PK11_R_NORANDOMSERVICE; goto unlock; } if (digest_token == NULL) { result = PK11_R_NODIGESTSERVICE; goto unlock; } #if defined(ISC_PLATFORM_USESIT) && defined(AES_SIT) if (aes_token == NULL) { result = PK11_R_NOAESSERVICE; goto unlock; } #endif #endif /* PKCS11CRYPTO */ result = ISC_R_SUCCESS; unlock: UNLOCK(&sessionlock); return (result); }
void dst__pkcs11_init(isc_mem_t *mctx, const char *engine) { CK_RV rv; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); LOCK(&alloclock); if ((mctx != NULL) && (pk11_mctx == NULL) && (allocsize == 0)) isc_mem_attach(mctx, &pk11_mctx); if (initialized) { UNLOCK(&alloclock); return; } else { LOCK(&sessionlock); initialized = ISC_TRUE; UNLOCK(&alloclock); } if (engine != NULL) lib_name = engine; /* Initialize the CRYPTOKI library */ rv = pkcs_C_Initialize((CK_VOID_PTR) &pk11_init_args); if (rv != CKR_OK) { if (rv == 0xfe) FATAL_ERROR(__FILE__, __LINE__, "Can't load or link module \"%s\"", lib_name); else FATAL_ERROR(__FILE__, __LINE__, "pkcs_C_Initialize: Error = 0x%.8lX", rv); } ISC_LIST_INIT(tokens); ISC_LIST_INIT(actives); choose_slots(); #ifdef PKCS11CRYPTO if (rand_token == NULL) FATAL_ERROR(__FILE__, __LINE__, "Can't find random service"); if (digest_token == NULL) FATAL_ERROR(__FILE__, __LINE__, "Can't find digest service"); #endif /* PKCS11CRYPTO */ UNLOCK(&sessionlock); }