isc_result_t pk11_initialize(isc_mem_t *mctx, const char *engine) { isc_result_t result; CK_RV rv; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); LOCK(&alloclock); if ((mctx != NULL) && (pk11_mctx == NULL) && (allocsize == 0)) isc_mem_attach(mctx, &pk11_mctx); if (initialized) { UNLOCK(&alloclock); return (ISC_R_SUCCESS); } else { LOCK(&sessionlock); initialized = ISC_TRUE; UNLOCK(&alloclock); } ISC_LIST_INIT(tokens); ISC_LIST_INIT(actives); if (engine != NULL) lib_name = engine; /* Initialize the CRYPTOKI library */ rv = pkcs_C_Initialize((CK_VOID_PTR) &pk11_init_args); if (rv == 0xfe) { result = PK11_R_NOPROVIDER; goto unlock; } if (rv != CKR_OK) { result = PK11_R_INITFAILED; goto unlock; } choose_slots(); #ifdef PKCS11CRYPTO if (rand_token == NULL) { result = PK11_R_NORANDOMSERVICE; goto unlock; } if (digest_token == NULL) { result = PK11_R_NODIGESTSERVICE; goto unlock; } #if defined(ISC_PLATFORM_USESIT) && defined(AES_SIT) if (aes_token == NULL) { result = PK11_R_NOAESSERVICE; goto unlock; } #endif #endif /* PKCS11CRYPTO */ result = ISC_R_SUCCESS; unlock: UNLOCK(&sessionlock); return (result); }
void dst__pkcs11_init(isc_mem_t *mctx, const char *engine) { CK_RV rv; RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); LOCK(&alloclock); if ((mctx != NULL) && (pk11_mctx == NULL) && (allocsize == 0)) isc_mem_attach(mctx, &pk11_mctx); if (initialized) { UNLOCK(&alloclock); return; } else { LOCK(&sessionlock); initialized = ISC_TRUE; UNLOCK(&alloclock); } if (engine != NULL) lib_name = engine; /* Initialize the CRYPTOKI library */ rv = pkcs_C_Initialize((CK_VOID_PTR) &pk11_init_args); if (rv != CKR_OK) { if (rv == 0xfe) FATAL_ERROR(__FILE__, __LINE__, "Can't load or link module \"%s\"", lib_name); else FATAL_ERROR(__FILE__, __LINE__, "pkcs_C_Initialize: Error = 0x%.8lX", rv); } ISC_LIST_INIT(tokens); ISC_LIST_INIT(actives); choose_slots(); #ifdef PKCS11CRYPTO if (rand_token == NULL) FATAL_ERROR(__FILE__, __LINE__, "Can't find random service"); if (digest_token == NULL) FATAL_ERROR(__FILE__, __LINE__, "Can't find digest service"); #endif /* PKCS11CRYPTO */ UNLOCK(&sessionlock); }
int main(int argc, char *argv[]) { CK_RV rv; CK_SLOT_ID slot = 0; CK_SESSION_HANDLE *hSession; char *lib_name = NULL; int error = 0; int c, errflg = 0; unsigned int count = 1000; unsigned int i; struct timespec starttime; struct timespec endtime; while ((c = isc_commandline_parse(argc, argv, ":m:s:n:")) != -1) { switch (c) { case 'm': lib_name = isc_commandline_argument; break; case 's': slot = atoi(isc_commandline_argument); break; case 'n': count = atoi(isc_commandline_argument); break; case ':': fprintf(stderr, "Option -%c requires an operand\n", isc_commandline_option); errflg++; break; case '?': default: fprintf(stderr, "Unrecognised option: -%c\n", isc_commandline_option); errflg++; } } if (errflg) { fprintf(stderr, "Usage:\n"); fprintf(stderr, "\tsession [-m module] [-s slot] [-n count]\n"); exit(1); } /* Allocate sessions */ hSession = (CK_SESSION_HANDLE *) malloc(count * sizeof(CK_SESSION_HANDLE)); if (hSession == NULL) { perror("malloc"); exit(1); } for (i = 0; i < count; i++) hSession[i] = CK_INVALID_HANDLE; /* Initialize the CRYPTOKI library */ if (lib_name != NULL) pk11_set_lib_name(lib_name); rv = pkcs_C_Initialize(NULL_PTR); if (rv != CKR_OK) { if (rv == 0xfe) fprintf(stderr, "Can't load or link module \"%s\"\n", pk11_get_lib_name()); else fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv); free(hSession); exit(1); } if (clock_gettime(CLOCK_REALTIME, &starttime) < 0) { perror("clock_gettime(start)"); goto exit_program; } /* loop */ for (i = 0; i < count; i++) { /* Open sessions */ rv = pkcs_C_OpenSession(slot, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession[i]); if (rv != CKR_OK) { fprintf(stderr, "C_OpenSession[%u]: Error = 0x%.8lX\n", i, rv); error = 1; if (i == 0) goto exit_program; break; } } if (clock_gettime(CLOCK_REALTIME, &endtime) < 0) { perror("clock_gettime(end)"); goto exit_program; } endtime.tv_sec -= starttime.tv_sec; endtime.tv_nsec -= starttime.tv_nsec; while (endtime.tv_nsec < 0) { endtime.tv_sec -= 1; endtime.tv_nsec += 1000000000; } printf("%u sessions in %ld.%09lds\n", i, endtime.tv_sec, endtime.tv_nsec); if (i > 0) printf("%g sessions/s\n", i / ((double) endtime.tv_sec + (double) endtime.tv_nsec / 1000000000.)); for (i = 0; i < count; i++) { /* Close sessions */ if (hSession[i] == CK_INVALID_HANDLE) continue; rv = pkcs_C_CloseSession(hSession[i]); if ((rv != CKR_OK) && !errflg) { fprintf(stderr, "C_CloseSession[%u]: Error = 0x%.8lX\n", i, rv); errflg = 1; } } exit_program: free(hSession); rv = pkcs_C_Finalize(NULL_PTR); if (rv != CKR_OK) fprintf(stderr, "C_Finalize: Error = 0x%.8lX\n", rv); exit(error); }