CK_RV slot_get_token(CK_SLOT_ID id, struct sc_pkcs11_slot ** slot)
{
CK_RV rv;
sc_log(context, "Slot(id=0x%lX): get token", id);
rv = slot_get_slot(id, slot);
if (rv != CKR_OK)
return rv;
if (!((*slot)->slot_info.flags & CKF_TOKEN_PRESENT)) {
if ((*slot)->reader == NULL)
return CKR_TOKEN_NOT_PRESENT;
sc_log(context, "Slot(id=0x%lX): get token: now detect card", id);
rv = card_detect((*slot)->reader);
if (rv != CKR_OK)
return rv;
}
if (!((*slot)->slot_info.flags & CKF_TOKEN_PRESENT)) {
sc_log(context, "card detected, but slot not presenting token");
return CKR_TOKEN_NOT_PRESENT;
}
sc_log(context, "Slot-get-token returns OK");
return CKR_OK;
}
CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
{
struct sc_pkcs11_slot *slot;
sc_timestamp_t now;
CK_RV rv;
if (pInfo == NULL_PTR)
return CKR_ARGUMENTS_BAD;
rv = sc_pkcs11_lock();
if (rv != CKR_OK)
return rv;
sc_log(context, "C_GetSlotInfo(0x%lx)", slotID);
if (sc_pkcs11_conf.init_sloppy) {
/* Most likely virtual_slots only contains the hotplug slot and has not
* been initialized because the caller has *not* called C_GetSlotList
* before C_GetSlotInfo, as required by PKCS#11. Initialize
* virtual_slots to make things work and hope the caller knows what
* it's doing... */
card_detect_all();
}
rv = slot_get_slot(slotID, &slot);
sc_log(context, "C_GetSlotInfo() get slot rv %lu", rv);
if (rv == CKR_OK) {
if (slot->reader == NULL) {
rv = CKR_TOKEN_NOT_PRESENT;
}
else {
now = get_current_time();
if (now >= slot->slot_state_expires || now == 0) {
/* Update slot status */
rv = card_detect(slot->reader);
sc_log(context, "C_GetSlotInfo() card detect rv 0x%lX", rv);
if (rv == CKR_TOKEN_NOT_RECOGNIZED || rv == CKR_OK)
slot->slot_info.flags |= CKF_TOKEN_PRESENT;
/* Don't ask again within the next second */
slot->slot_state_expires = now + 1000;
}
}
}
if (rv == CKR_TOKEN_NOT_PRESENT || rv == CKR_TOKEN_NOT_RECOGNIZED)
rv = CKR_OK;
if (rv == CKR_OK)
memcpy(pInfo, &slot->slot_info, sizeof(CK_SLOT_INFO));
sc_log(context, "C_GetSlotInfo() flags 0x%lX", pInfo->flags);
sc_log(context, "C_GetSlotInfo(0x%lx) = %s", slotID, lookup_enum( RV_T, rv));
sc_pkcs11_unlock();
return rv;
}
CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
{
struct sc_pkcs11_slot *slot;
sc_timestamp_t now;
CK_RV rv;
if (pInfo == NULL_PTR)
return CKR_ARGUMENTS_BAD;
rv = sc_pkcs11_lock();
if (rv != CKR_OK)
return rv;
sc_log(context, "C_GetSlotInfo(0x%lx)", slotID);
rv = slot_get_slot(slotID, &slot);
sc_log(context, "C_GetSlotInfo() get slot rv %i", rv);
if (rv == CKR_OK) {
if (slot->reader == NULL) {
rv = CKR_TOKEN_NOT_PRESENT;
}
else {
now = get_current_time();
if (now >= slot->slot_state_expires || now == 0) {
/* Update slot status */
rv = card_detect(slot->reader);
sc_log(context, "C_GetSlotInfo() card detect rv 0x%X", rv);
if (rv == CKR_TOKEN_NOT_RECOGNIZED || rv == CKR_OK)
slot->slot_info.flags |= CKF_TOKEN_PRESENT;
/* Don't ask again within the next second */
slot->slot_state_expires = now + 1000;
}
}
}
if (rv == CKR_TOKEN_NOT_PRESENT || rv == CKR_TOKEN_NOT_RECOGNIZED)
rv = CKR_OK;
if (rv == CKR_OK)
memcpy(pInfo, &slot->slot_info, sizeof(CK_SLOT_INFO));
sc_log(context, "C_GetSlotInfo() flags 0x%X", pInfo->flags);
sc_log(context, "C_GetSlotInfo(0x%lx) = %s", slotID, lookup_enum( RV_T, rv));
sc_pkcs11_unlock();
return rv;
}
static CK_RV
pkcs15init_initialize(struct sc_pkcs11_card *p11card, void *ptr,
CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen,
CK_UTF8CHAR_PTR pLabel)
{
struct sc_profile *profile = (struct sc_profile *) p11card->fws_data[0];
struct sc_pkcs15init_initargs args;
struct sc_pkcs11_slot *slot;
int rc, rv, id;
memset(&args, 0, sizeof(args));
args.so_pin = pPin;
args.so_pin_len = ulPinLen;
args.so_puk = pPin;
args.so_puk_len = ulPinLen;
args.label = (const char *) pLabel;
rc = sc_pkcs15init_add_app(p11card->card, profile, &args);
if (rc < 0)
return sc_to_cryptoki_error(rc, NULL);
/* Change the binding from the pkcs15init framework
* to the pkcs15 framework on the fly.
* First, try to bind pkcs15 framework */
if ((rv = framework_pkcs15.bind(p11card, NULL)) != CKR_OK) {
/* whoops, bad */
p11card->fws_data[0] = profile;
return rv;
}
/* Change the function vector to the standard pkcs15 ops */
p11card->framework = &framework_pkcs15;
/* Loop over all slots belonging to this card, and fix up
* the flags.
*/
for (id = 0; slot_get_slot(id, &slot) == CKR_OK; id++) {
if (slot->card == p11card)
slot->token_info.flags |= CKF_TOKEN_INITIALIZED;
if (slot->card->card->caps & SC_CARD_CAP_RNG)
slot->token_info.flags |= CKF_RNG;
}
sc_pkcs15init_unbind(profile);
return CKR_OK;
}
CK_RV slot_token_removed(CK_SLOT_ID id)
{
CK_RV rv;
int token_was_present;
struct sc_pkcs11_slot *slot;
struct sc_pkcs11_object *object;
sc_log(context, "slot_token_removed(0x%lx)", id);
rv = slot_get_slot(id, &slot);
if (rv != CKR_OK)
return rv;
token_was_present = (slot->slot_info.flags & CKF_TOKEN_PRESENT);
/* Terminate active sessions */
sc_pkcs11_close_all_sessions(id);
while ((object = list_fetch(&slot->objects))) {
if (object->ops->release)
object->ops->release(object);
}
/* Release framework stuff */
if (slot->p11card != NULL) {
if (slot->fw_data != NULL &&
slot->p11card->framework != NULL && slot->p11card->framework->release_token != NULL) {
slot->p11card->framework->release_token(slot->p11card, slot->fw_data);
slot->fw_data = NULL;
}
slot->p11card = NULL;
}
/* Reset relevant slot properties */
slot->slot_info.flags &= ~CKF_TOKEN_PRESENT;
slot->login_user = -1;
pop_all_login_states(slot);
if (token_was_present)
slot->events = SC_EVENT_CARD_REMOVED;
memset(&slot->token_info, 0, sizeof slot->token_info);
return CKR_OK;
}
CK_RV slot_get_token(CK_SLOT_ID id, struct sc_pkcs11_slot ** slot)
{
int rv;
rv = slot_get_slot(id, slot);
if (rv != CKR_OK)
return rv;
if (!((*slot)->slot_info.flags & CKF_TOKEN_PRESENT)) {
if ((*slot)->reader == NULL)
return CKR_TOKEN_NOT_PRESENT;
rv = card_detect((*slot)->reader);
if (rv != CKR_OK)
return rv;
}
if (!((*slot)->slot_info.flags & CKF_TOKEN_PRESENT)) {
sc_debug(context, SC_LOG_DEBUG_NORMAL, "card detected, but slot not presenting token");
return CKR_TOKEN_NOT_PRESENT;
}
return CKR_OK;
}
