- Allow the admin to configure how many slots are used per card
(opensc.conf; pkcs11.num_slots) git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@804 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
3b7ebc7c02
commit
0babb91194
|
@ -141,3 +141,19 @@ app scam {
|
|||
use_caching = false;
|
||||
}
|
||||
}
|
||||
|
||||
# Parameters for the OpenSC PKCS11 module
|
||||
app opensc-pkcs11 {
|
||||
pkcs11 {
|
||||
# Maxmimum number of slots per smart card.
|
||||
# If the card has fewer keys than defined here,
|
||||
# the remaining number of slots will be empty.
|
||||
# Setting this value to 0 will cause the pkcs11
|
||||
# module to allocate just as many slots as needed.
|
||||
#
|
||||
# Note that there is currently a compile time
|
||||
# maximum on the overall number of slots
|
||||
# the pkcs11 module is able to handle.
|
||||
num_slots = 4;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -389,10 +389,12 @@ static CK_RV pkcs15_create_tokens(struct sc_pkcs11_card *p11card)
|
|||
}
|
||||
|
||||
/* Create read/write slots */
|
||||
if (sc_pkcs11_conf.num_slots != 0) {
|
||||
while (slot_allocate(&slot, p11card) == CKR_OK) {
|
||||
pkcs15_init_token_info(card, &slot->token_info);
|
||||
slot->token_info.flags = CKF_TOKEN_INITIALIZED;
|
||||
}
|
||||
}
|
||||
|
||||
debug(context, "All tokens created\n");
|
||||
return CKR_OK;
|
||||
|
|
|
@ -297,3 +297,25 @@ CK_RV attr_find_var(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
|
|||
return attr_extract(pTemplate, ptr, sizep);
|
||||
}
|
||||
|
||||
void load_pkcs11_parameters(struct sc_pkcs11_config *conf, struct sc_context *ctx)
|
||||
{
|
||||
scconf_block *conf_block = NULL, **blocks;
|
||||
int i;
|
||||
|
||||
/* Set defaults */
|
||||
conf->num_slots = SC_PKCS11_MAX_VIRTUAL_SLOTS;
|
||||
|
||||
for (i = 0; ctx->conf_blocks[i] != NULL; i++) {
|
||||
blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i],
|
||||
"pkcs11", NULL);
|
||||
conf_block = blocks[0];
|
||||
free(blocks);
|
||||
if (conf_block != NULL)
|
||||
break;
|
||||
}
|
||||
|
||||
if (!conf_block)
|
||||
return;
|
||||
|
||||
conf->num_slots = scconf_get_int(conf_block, "num_slots", conf->num_slots);
|
||||
}
|
||||
|
|
|
@ -26,6 +26,7 @@ struct sc_context *context = NULL;
|
|||
struct sc_pkcs11_pool session_pool;
|
||||
struct sc_pkcs11_slot virtual_slots[SC_PKCS11_MAX_VIRTUAL_SLOTS];
|
||||
struct sc_pkcs11_card card_table[SC_PKCS11_MAX_READERS];
|
||||
struct sc_pkcs11_config sc_pkcs11_conf;
|
||||
|
||||
extern CK_FUNCTION_LIST pkcs11_function_list;
|
||||
|
||||
|
@ -41,6 +42,9 @@ CK_RV C_Initialize(CK_VOID_PTR pReserved)
|
|||
if (rc != 0)
|
||||
return CKR_DEVICE_ERROR;
|
||||
|
||||
/* Load configuration */
|
||||
load_pkcs11_parameters(&sc_pkcs11_conf, context);
|
||||
|
||||
pool_initialize(&session_pool, POOL_TYPE_SESSION);
|
||||
for (i=0; i<SC_PKCS11_MAX_VIRTUAL_SLOTS; i++)
|
||||
slot_initialize(i, &virtual_slots[i]);
|
||||
|
|
|
@ -50,7 +50,7 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define SC_PKCS11_MAX_VIRTUAL_SLOTS 4
|
||||
#define SC_PKCS11_MAX_VIRTUAL_SLOTS 8
|
||||
#define SC_PKCS11_MAX_READERS 2
|
||||
|
||||
struct sc_pkcs11_session;
|
||||
|
@ -78,6 +78,9 @@ struct sc_pkcs11_pool {
|
|||
struct sc_pkcs11_pool_item *tail;
|
||||
};
|
||||
|
||||
struct sc_pkcs11_config {
|
||||
unsigned int num_slots;
|
||||
};
|
||||
|
||||
/*
|
||||
* PKCS#11 Object abstraction layer
|
||||
|
@ -160,6 +163,10 @@ struct sc_pkcs11_card {
|
|||
struct sc_pkcs11_framework_ops *framework;
|
||||
void *fw_data;
|
||||
|
||||
/* Number of slots owned by this card object */
|
||||
unsigned int num_slots;
|
||||
unsigned int max_slots;
|
||||
|
||||
/* List of supported mechanisms */
|
||||
struct sc_pkcs11_mechanism_type **mechanisms;
|
||||
unsigned int nmechanisms;
|
||||
|
@ -261,6 +268,7 @@ extern struct sc_context *context;
|
|||
extern struct sc_pkcs11_pool session_pool;
|
||||
extern struct sc_pkcs11_slot virtual_slots[SC_PKCS11_MAX_VIRTUAL_SLOTS];
|
||||
extern struct sc_pkcs11_card card_table[SC_PKCS11_MAX_READERS];
|
||||
extern struct sc_pkcs11_config sc_pkcs11_conf;
|
||||
|
||||
/* Framework definitions */
|
||||
extern struct sc_pkcs11_framework_ops framework_pkcs15;
|
||||
|
@ -341,6 +349,9 @@ CK_RV sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *,
|
|||
CK_MECHANISM_TYPE, CK_MECHANISM_TYPE,
|
||||
sc_pkcs11_mechanism_type_t *);
|
||||
|
||||
/* Load configuration defaults */
|
||||
void load_pkcs11_parameters(struct sc_pkcs11_config *, struct sc_context *);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -78,6 +78,13 @@ CK_RV card_detect(int reader)
|
|||
debug(context, "%d: Detecting Framework\n", reader);
|
||||
|
||||
card = &card_table[reader];
|
||||
|
||||
if (sc_pkcs11_conf.num_slots == 0)
|
||||
card->max_slots = SC_PKCS11_MAX_VIRTUAL_SLOTS;
|
||||
else
|
||||
card->max_slots = sc_pkcs11_conf.num_slots;
|
||||
card->num_slots = 0;
|
||||
|
||||
for (i = 0; frameworks[i]; i++) {
|
||||
if (frameworks[i]->bind == NULL)
|
||||
continue;
|
||||
|
@ -142,6 +149,10 @@ CK_RV slot_initialize(int id, struct sc_pkcs11_slot *slot)
|
|||
CK_RV slot_allocate(struct sc_pkcs11_slot **slot, struct sc_pkcs11_card *card)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (card->num_slots >= card->max_slots)
|
||||
return CKR_FUNCTION_FAILED;
|
||||
|
||||
for (i=0; i<SC_PKCS11_MAX_VIRTUAL_SLOTS; i++) {
|
||||
if (!(virtual_slots[i].slot_info.flags & CKF_TOKEN_PRESENT)) {
|
||||
debug(context, "Allocated slot %d\n", i);
|
||||
|
@ -149,6 +160,7 @@ CK_RV slot_allocate(struct sc_pkcs11_slot **slot, struct sc_pkcs11_card *card)
|
|||
virtual_slots[i].slot_info.flags |= CKF_TOKEN_PRESENT;
|
||||
virtual_slots[i].card = card;
|
||||
*slot = &virtual_slots[i];
|
||||
card->num_slots++;
|
||||
return CKR_OK;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue