2002-01-16 22:49:03 +00:00
|
|
|
|
/*
|
|
|
|
|
* pkcs11-session.c: PKCS#11 functions for session management
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2001 Timo Ter<EFBFBD>s <timo.teras@iki.fi>
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
2002-03-21 09:36:38 +00:00
|
|
|
|
#include <string.h>
|
2002-03-25 12:39:35 +00:00
|
|
|
|
#include "sc-pkcs11.h"
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
CK_RV C_OpenSession(CK_SLOT_ID slotID, /* the slot's ID */
|
|
|
|
|
CK_FLAGS flags, /* defined in CK_SESSION_INFO */
|
|
|
|
|
CK_VOID_PTR pApplication, /* pointer passed to callback */
|
|
|
|
|
CK_NOTIFY Notify, /* notification callback function */
|
|
|
|
|
CK_SESSION_HANDLE_PTR phSession) /* receives new session handle */
|
|
|
|
|
{
|
|
|
|
|
struct sc_pkcs11_slot *slot;
|
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
int rv;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "Opening new session for slot %d\n", slotID);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (!(flags & CKF_SERIAL_SESSION)) {
|
|
|
|
|
rv = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-02-21 12:47:30 +00:00
|
|
|
|
if (flags & ~(CKF_SERIAL_SESSION | CKF_RW_SESSION)) {
|
2003-02-19 21:10:39 +00:00
|
|
|
|
rv = CKR_ARGUMENTS_BAD;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-16 22:49:03 +00:00
|
|
|
|
rv = slot_get_token(slotID, &slot);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
/* Check that no conflictions sessions exist */
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (!(flags & CKF_RW_SESSION) && (slot->login_user == CKU_SO)) {
|
|
|
|
|
rv = CKR_SESSION_READ_WRITE_SO_EXISTS;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
session = (struct sc_pkcs11_session*) malloc(sizeof(struct sc_pkcs11_session));
|
|
|
|
|
memset(session, 0, sizeof(struct sc_pkcs11_session));
|
|
|
|
|
session->slot = slot;
|
|
|
|
|
session->notify_callback = Notify;
|
|
|
|
|
session->notify_data = pApplication;
|
|
|
|
|
session->flags = flags;
|
|
|
|
|
|
|
|
|
|
rv = pool_insert(&session_pool, session, phSession);
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
free(session);
|
2002-03-12 14:35:50 +00:00
|
|
|
|
else
|
|
|
|
|
slot->nsessions++;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
out: sc_pkcs11_unlock();
|
2002-01-16 22:49:03 +00:00
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_CloseSession(CK_SESSION_HANDLE hSession) /* the session's handle */
|
|
|
|
|
{
|
2002-03-12 14:35:50 +00:00
|
|
|
|
struct sc_pkcs11_slot *slot;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
struct sc_pkcs11_session *session;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
int rv;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
rv = pool_find_and_delete(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "C_CloseSession(slot %d)\n", session->slot->id);
|
2002-03-18 11:05:21 +00:00
|
|
|
|
|
2002-03-12 14:35:50 +00:00
|
|
|
|
/* If we're the last session using this slot, make sure
|
|
|
|
|
* we log out */
|
|
|
|
|
slot = session->slot;
|
|
|
|
|
slot->nsessions--;
|
|
|
|
|
if (slot->nsessions == 0 && slot->login_user >= 0) {
|
|
|
|
|
slot->login_user = -1;
|
|
|
|
|
slot->card->framework->logout(slot->card, slot->fw_data);
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-16 22:49:03 +00:00
|
|
|
|
free(session);
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
|
|
|
|
out: sc_pkcs11_unlock();
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
/* Internal version of C_CloseAllSessions that gets called with
|
|
|
|
|
* the global lock held */
|
|
|
|
|
CK_RV sc_pkcs11_close_all_sessions(CK_SLOT_ID slotID)
|
2002-01-16 22:49:03 +00:00
|
|
|
|
{
|
2002-01-24 16:27:09 +00:00
|
|
|
|
struct sc_pkcs11_pool_item *item, *next;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "C_CloseAllSessions().\n");
|
2002-01-24 16:27:09 +00:00
|
|
|
|
for (item = session_pool.head; item != NULL; item = next) {
|
2002-01-16 22:49:03 +00:00
|
|
|
|
session = (struct sc_pkcs11_session*) item->item;
|
2002-01-24 16:27:09 +00:00
|
|
|
|
next = item->next;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
if (session->slot->id == slotID) {
|
|
|
|
|
C_CloseSession(item->handle);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return CKR_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
CK_RV C_CloseAllSessions(CK_SLOT_ID slotID) /* the token's slot */
|
|
|
|
|
{
|
2003-02-19 21:10:39 +00:00
|
|
|
|
struct sc_pkcs11_slot *slot;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
int rv;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
|
|
|
|
|
2003-02-19 21:10:39 +00:00
|
|
|
|
rv = slot_get_token(slotID, &slot);
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
goto out;
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
rv = sc_pkcs11_close_all_sessions(slotID);
|
2003-02-19 13:44:36 +00:00
|
|
|
|
|
2003-02-19 21:10:39 +00:00
|
|
|
|
out: sc_pkcs11_unlock();
|
2003-02-17 14:21:38 +00:00
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-16 22:49:03 +00:00
|
|
|
|
CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
|
|
|
CK_SESSION_INFO_PTR pInfo) /* receives session information */
|
|
|
|
|
{
|
|
|
|
|
struct sc_pkcs11_session *session;
|
2003-05-15 15:27:33 +00:00
|
|
|
|
struct sc_pkcs11_slot *slot;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
int rv;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-02-20 18:55:35 +00:00
|
|
|
|
if (pInfo == NULL_PTR) {
|
|
|
|
|
rv = CKR_ARGUMENTS_BAD;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-16 22:49:03 +00:00
|
|
|
|
rv = pool_find(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "C_GetSessionInfo(slot %d).\n", session->slot->id);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
pInfo->slotID = session->slot->id;
|
|
|
|
|
pInfo->flags = session->flags;
|
|
|
|
|
pInfo->ulDeviceError = 0;
|
|
|
|
|
|
2003-05-15 15:27:33 +00:00
|
|
|
|
slot = session->slot;
|
|
|
|
|
if (slot->login_user == CKU_SO) {
|
|
|
|
|
pInfo->state = CKS_RW_SO_FUNCTIONS;
|
|
|
|
|
} else
|
|
|
|
|
if (slot->login_user == CKU_USER
|
|
|
|
|
|| (!(slot->token_info.flags & CKF_LOGIN_REQUIRED))) {
|
2002-01-16 22:49:03 +00:00
|
|
|
|
pInfo->state = (session->flags & CKF_RW_SESSION)
|
|
|
|
|
? CKS_RW_USER_FUNCTIONS : CKS_RO_USER_FUNCTIONS;
|
2003-05-15 15:27:33 +00:00
|
|
|
|
} else {
|
2002-01-16 22:49:03 +00:00
|
|
|
|
pInfo->state = (session->flags & CKF_RW_SESSION)
|
|
|
|
|
? CKS_RW_PUBLIC_SESSION : CKS_RO_PUBLIC_SESSION;
|
|
|
|
|
}
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
out: sc_pkcs11_unlock();
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
|
|
|
CK_BYTE_PTR pOperationState, /* location receiving state */
|
|
|
|
|
CK_ULONG_PTR pulOperationStateLen) /* location receiving state length */
|
|
|
|
|
{
|
|
|
|
|
return CKR_FUNCTION_NOT_SUPPORTED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
|
|
|
CK_BYTE_PTR pOperationState, /* the location holding the state */
|
|
|
|
|
CK_ULONG ulOperationStateLen, /* location holding state length */
|
|
|
|
|
CK_OBJECT_HANDLE hEncryptionKey, /* handle of en/decryption key */
|
|
|
|
|
CK_OBJECT_HANDLE hAuthenticationKey) /* handle of sign/verify key */
|
|
|
|
|
{
|
|
|
|
|
return CKR_FUNCTION_NOT_SUPPORTED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
|
|
|
CK_USER_TYPE userType, /* the user type */
|
|
|
|
|
CK_CHAR_PTR pPin, /* the user's PIN */
|
|
|
|
|
CK_ULONG ulPinLen) /* the length of the PIN */
|
|
|
|
|
{
|
|
|
|
|
int rv;
|
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
struct sc_pkcs11_slot *slot;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
|
|
|
|
if (userType != CKU_USER && userType != CKU_SO) {
|
|
|
|
|
rv = CKR_USER_TYPE_INVALID;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
rv = pool_find(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "Login for session %d\n", hSession);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
slot = session->slot;
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (!(slot->token_info.flags & CKF_USER_PIN_INITIALIZED)) {
|
|
|
|
|
rv = CKR_USER_PIN_NOT_INITIALIZED;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-11-29 10:54:12 +00:00
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (slot->login_user >= 0) {
|
|
|
|
|
rv = CKR_USER_ALREADY_LOGGED_IN;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
rv = slot->card->framework->login(slot->card,
|
|
|
|
|
slot->fw_data,
|
2002-04-08 15:51:19 +00:00
|
|
|
|
userType, pPin, ulPinLen);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
if (rv == CKR_OK)
|
|
|
|
|
slot->login_user = userType;
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
out: sc_pkcs11_unlock();
|
2002-01-16 22:49:03 +00:00
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_Logout(CK_SESSION_HANDLE hSession) /* the session's handle */
|
|
|
|
|
{
|
|
|
|
|
int rv;
|
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
struct sc_pkcs11_slot *slot;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
2002-01-16 22:49:03 +00:00
|
|
|
|
rv = pool_find(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "Logout for session %d\n", hSession);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
|
|
|
|
slot = session->slot;
|
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (slot->login_user >= 0) {
|
|
|
|
|
slot->login_user = -1;
|
|
|
|
|
rv = slot->card->framework->logout(slot->card, slot->fw_data);
|
|
|
|
|
}
|
2003-02-21 12:29:14 +00:00
|
|
|
|
else
|
|
|
|
|
rv = CKR_USER_NOT_LOGGED_IN;
|
2002-03-20 15:04:14 +00:00
|
|
|
|
|
2003-02-17 14:21:38 +00:00
|
|
|
|
out: sc_pkcs11_unlock();
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_InitPIN(CK_SESSION_HANDLE hSession,
|
|
|
|
|
CK_CHAR_PTR pPin,
|
|
|
|
|
CK_ULONG ulPinLen)
|
|
|
|
|
{
|
2002-04-08 15:51:19 +00:00
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
struct sc_pkcs11_slot *slot;
|
|
|
|
|
int rv;
|
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
2002-04-08 15:51:19 +00:00
|
|
|
|
rv = pool_find(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-04-08 15:51:19 +00:00
|
|
|
|
|
|
|
|
|
slot = session->slot;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (slot->login_user != CKU_SO) {
|
|
|
|
|
rv = CKR_USER_NOT_LOGGED_IN;
|
|
|
|
|
} else
|
|
|
|
|
if (slot->card->framework->init_pin == NULL) {
|
|
|
|
|
rv = CKR_FUNCTION_NOT_SUPPORTED;
|
|
|
|
|
} else {
|
|
|
|
|
rv = slot->card->framework->init_pin(slot->card, slot,
|
2002-04-08 15:51:19 +00:00
|
|
|
|
pPin, ulPinLen);
|
2003-02-17 14:21:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
out: sc_pkcs11_unlock();
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
CK_RV C_SetPIN(CK_SESSION_HANDLE hSession,
|
|
|
|
|
CK_CHAR_PTR pOldPin,
|
|
|
|
|
CK_ULONG ulOldLen,
|
|
|
|
|
CK_CHAR_PTR pNewPin,
|
|
|
|
|
CK_ULONG ulNewLen)
|
|
|
|
|
{
|
2002-03-20 15:04:14 +00:00
|
|
|
|
int rv;
|
|
|
|
|
struct sc_pkcs11_session *session;
|
|
|
|
|
struct sc_pkcs11_slot *slot;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-02-19 13:44:36 +00:00
|
|
|
|
rv = sc_pkcs11_lock();
|
|
|
|
|
if (rv != CKR_OK)
|
|
|
|
|
return rv;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
2002-03-20 15:04:14 +00:00
|
|
|
|
rv = pool_find(&session_pool, hSession, (void**) &session);
|
|
|
|
|
if (rv != CKR_OK)
|
2003-02-17 14:21:38 +00:00
|
|
|
|
goto out;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
|
2003-08-25 14:21:18 +00:00
|
|
|
|
sc_debug(context, "Changing PIN (session %d)\n", hSession);
|
2002-01-16 22:49:03 +00:00
|
|
|
|
#if 0
|
2003-02-17 14:21:38 +00:00
|
|
|
|
if (!(ses->flags & CKF_RW_SESSION)) {
|
|
|
|
|
rv = CKR_SESSION_READ_ONLY;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2002-01-16 22:49:03 +00:00
|
|
|
|
#endif
|
|
|
|
|
|
2002-03-20 15:04:14 +00:00
|
|
|
|
slot = session->slot;
|
2003-02-17 14:21:38 +00:00
|
|
|
|
rv = slot->card->framework->change_pin(slot->card, slot->fw_data,
|
2002-03-20 15:04:14 +00:00
|
|
|
|
pOldPin, ulOldLen,
|
|
|
|
|
pNewPin, ulNewLen);
|
2003-02-17 14:21:38 +00:00
|
|
|
|
|
|
|
|
|
out: sc_pkcs11_unlock();
|
|
|
|
|
return rv;
|
2002-01-16 22:49:03 +00:00
|
|
|
|
}
|