fortpk11.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 2,331 行 · 第 1/5 页

 *
 * In order to get this to work on 68K, we have to do some special tricks,
 * First trick is that we need to make the module a Code Resource, and
 * all Code Resources on 68K have to have a main function.  So we 
 * define main to be a wrapper for C_GetFunctionList which will be the
 * first funnction called by any software that uses the PKCS11 module.
 *
 * The second trick is that whenever you access a global variable from
 * the Code Resource, it does funny things to the stack on 68K, so we 
 * need to call some macros that handle the stack for us.  First thing
 * you do is call EnterCodeResource() first thing in a function that 
 * accesses a global, right before you leave that function, you call 
 * ExitCodeResource.  This will take care of stack management.
 *
 * Third trick is to call __InitCode__() when we first enter the module
 * so that all of the global variables get initialized properly.
 *
 **********************************************************************/ 
 
#if defined(XP_MAC) && !defined(__POWERPC__)

#define FORT11_RETURN(exp)  {ExitCodeResource(); return (exp);}
#define FORT11_ENTER() EnterCodeResource();

#else /*XP_MAC*/

#define FORT11_RETURN(exp)  return (exp);
#define FORT11_ENTER() 

#endif /*XP_MAC*/

#define CARD_OK(rv)   if ((rv) != CI_OK) FORT11_RETURN (CKR_DEVICE_ERROR); 
#define SLOT_OK(slot) if ((slot) > kNumSockets) FORT11_RETURN (CKR_SLOT_ID_INVALID);
 
#ifdef XP_MAC 
/* This is not a 4.0 project, so I can't depend on
 * 4.0 defines, so instead I depend on CodeWarrior 
 * defines.
 */
#if __POWERPC__
#elif __CFM68K__
#else
/* To get this to work on 68K, we need to have
 * the symbol main.  So we just make it a wrapper for C_GetFunctionList.
 */
PR_PUBLIC_API(CK_RV) main(CK_FUNCTION_LIST_PTR *pFunctionList) {
    FORT11_ENTER()
    CK_RV rv;
  
    __InitCode__();
  
    rv = C_GetFunctionList(pFunctionList);
    FORT11_RETURN (rv);
}
#endif

#endif /*XP_MAC*/

/* Return the function list */
PR_PUBLIC_API(CK_RV) C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
    /* No need to do a FORT11_RETURN as this function will never be directly
     * called in the case where we need to do stack management.  
     * The main function will call this after taking care of stack stuff.
     */
    *pFunctionList = &fort11_funcList;
    return CKR_OK;
}


/* C_Initialize initializes the Cryptoki library. */
PR_PUBLIC_API(CK_RV) C_Initialize(CK_VOID_PTR pReserved) {
    FORT11_ENTER()
    int i,j, tempNumSockets;
    int rv = 1;
    CK_C_INITIALIZE_ARGS_PTR pArgs = (CK_C_INITIALIZE_ARGS_PTR)pReserved;
    CK_RV mrv;

    /* intialize all the slots */
    if (!init) {
      init = PR_TRUE;

      /* need to initialize locks before MACI_Initialize is called in
       * software fortezza. */
      if (pArgs) {
	  if (!fort11_InArgCheck(pArgs)) {
	      FORT11_RETURN (CKR_ARGUMENTS_BAD);
	  }
	  if (pArgs->flags & CKF_OS_LOCKING_OK){
	      if (!fort11_NotAllFuncsNULL(pArgs)) {
		  FORT11_RETURN (CKR_CANT_LOCK);
	      }
	  }
	  if (fort11_NotAllFuncsNULL(pArgs)) {
	      mrv = FMUTEX_Init(pArgs);
	      if (mrv != CKR_OK) {
		  return CKR_GENERAL_ERROR;
	      }
	  }
      }
      rv = MACI_Initialize (&tempNumSockets);
      kNumSockets = (CK_ULONG)tempNumSockets;
      
      CARD_OK (rv);
      for (i=0; i < (int) kNumSockets; i++) {
	if (FMUTEX_MutexEnabled()) {
	    mrv = FMUTEX_Create(&fort11_slot[i].sessionLock);
	    if (mrv != CKR_OK) {
	        FORT11_RETURN (CKR_GENERAL_ERROR);
	    }
	    mrv = FMUTEX_Create(&fort11_slot[i].objectLock);
	    if (mrv != CKR_OK) {
	        FMUTEX_Destroy(fort11_slot[i].sessionLock);
	        FORT11_RETURN (CKR_GENERAL_ERROR);
	    }
	} else {
	    fort11_slot[i].sessionLock = NULL;
	    fort11_slot[i].objectLock  = NULL;
	}
	for(j=0; j < SESSION_HASH_SIZE; j++) {
	  fort11_slot[i].head[j] = NULL;
	}
	for(j=0; j < HASH_SIZE; j++) {
	  fort11_slot[i].tokObjects[j] = NULL;
	}
	fort11_slot[i].password = NULL;
	fort11_slot[i].hasTokens = PR_FALSE;
	fort11_slot[i].sessionIDCount = fort11_firstSessionID (i);
	fort11_slot[i].sessionCount = 0;
	fort11_slot[i].rwSessionCount = 0;
	fort11_slot[i].tokenIDCount = 1;
	fort11_slot[i].needLogin = PR_TRUE;
	fort11_slot[i].isLoggedIn = PR_FALSE;
	fort11_slot[i].ssoLoggedIn = PR_FALSE;
	fort11_slot[i].DB_loaded = PR_FALSE;
	fort11_slot[i].slotID= i+1;
	InitSocket(&fortezzaSockets[i], i+1);
      }
    }
    FORT11_RETURN (CKR_OK);
}

/*C_Finalize indicates that an application is done with the Cryptoki library.*/
PR_PUBLIC_API(CK_RV) C_Finalize (CK_VOID_PTR pReserved) {
    FORT11_ENTER()
    int i;

    for (i=0; i< (int) kNumSockets; i++) {
        FreeSocket(&fortezzaSockets[i]);
    }
    MACI_Terminate(fortezzaSockets[0].maciSession);
    init = PR_FALSE;
    FORT11_RETURN (CKR_OK);
}




/* C_GetInfo returns general information about Cryptoki. */
PR_PUBLIC_API(CK_RV)  C_GetInfo(CK_INFO_PTR pInfo) {
    FORT11_ENTER()
    pInfo->cryptokiVersion = fort11_funcList.version;
    PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
    pInfo->libraryVersion.major = 1;
    pInfo->libraryVersion.minor = 7;
    PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
    pInfo->flags = 0;
    FORT11_RETURN (CKR_OK);
}

/* C_GetSlotList obtains a list of slots in the system. */
PR_PUBLIC_API(CK_RV) C_GetSlotList(CK_BBOOL	   tokenPresent,
				   CK_SLOT_ID_PTR pSlotList, 
				   CK_ULONG_PTR   pulCount) {
    FORT11_ENTER()
    int i;

    if (pSlotList != NULL) {
      if (*pulCount >= kNumSockets) {
	for (i=0; i < (int) kNumSockets; i++) {
	  pSlotList[i] = i+1; 
	}
      } else {
	FORT11_RETURN (CKR_BUFFER_TOO_SMALL); 
      }
    } else {
      *pulCount = kNumSockets;
    }
    FORT11_RETURN (CKR_OK);
}
	
/* C_GetSlotInfo obtains information about a particular slot in the system. */
PR_PUBLIC_API(CK_RV) C_GetSlotInfo(CK_SLOT_ID       slotID, 
				   CK_SLOT_INFO_PTR pInfo) {
  FORT11_ENTER()
    int        rv;
    CI_CONFIG  ciConfig;
    CI_STATE   ciState;
    HSESSION   maciSession;
    char       slotDescription[65];
    FortezzaSocket *socket;
    

    SLOT_OK(slotID);
    
    socket = &fortezzaSockets[slotID-1];
    if (!socket->isOpen) {
        InitSocket(socket, slotID);
    }
    maciSession = socket->maciSession;

    rv = MACI_Select(maciSession, slotID);

    CARD_OK (rv)

    rv = MACI_GetConfiguration (maciSession, &ciConfig);


    pInfo->firmwareVersion.major = 0;
    pInfo->firmwareVersion.minor = 0;
#ifdef SWFORT
    PORT_Memcpy (pInfo->manufacturerID,"Netscape Communications Corp    ",32);
    PORT_Memcpy (slotDescription,"Netscape Software Slot #        ",32);
#define _local_BASE 24
#else
    PORT_Memcpy (pInfo->manufacturerID,"LITRONIC                        ",32);
    PORT_Memcpy (slotDescription,"Litronic MACI Slot #            ",32);
#define _local_BASE 20
#endif
    slotDescription[_local_BASE] = (char )((slotID < 10) ? slotID : 
							slotID/10) + '0';
    if (slotID >= 10) slotDescription[_local_BASE+1] = 
						(char)(slotID % 10) + '0';
    PORT_Memcpy (&slotDescription[32],"                                ",32);
    PORT_Memcpy (pInfo->slotDescription, slotDescription          , 64);
    if (rv == CI_OK) {
        pInfo->hardwareVersion.major = 
	    (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
	pInfo->hardwareVersion.minor = 
	    ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
	pInfo->flags = CKF_TOKEN_PRESENT;
    } else {
       pInfo->hardwareVersion.major = 0;
       pInfo->hardwareVersion.minor = 0;
       pInfo->flags = 0;
    }
#ifdef SWFORT
    /* do we need to make it a removable device as well?? */
    pInfo->flags |= CKF_REMOVABLE_DEVICE;
#else
    pInfo->flags |= (CKF_REMOVABLE_DEVICE | CKF_HW_SLOT);
#endif
    
    rv = MACI_GetState(maciSession, &ciState);
 
    if (rv == CI_OK) {
        switch (ciState) {
	case CI_ZEROIZE:
	case CI_INTERNAL_FAILURE:
	    pInfo->flags &= (~CKF_TOKEN_PRESENT);
	default:
	    break;
	}
    } else {
        pInfo->flags &= (~CKF_TOKEN_PRESENT);
    }

    FORT11_RETURN (CKR_OK);
}

#define CKF_THREAD_SAFE 0x8000 

/* C_GetTokenInfo obtains information about a particular token
   in the system. */
PR_PUBLIC_API(CK_RV) C_GetTokenInfo(CK_SLOT_ID        slotID,
				    CK_TOKEN_INFO_PTR pInfo) {
	FORT11_ENTER()
    CI_STATUS cardStatus;
    CI_CONFIG ciConfig;
    PK11Slot *slot;
    int rv, i;
    char tmp[33];
    FortezzaSocket *socket;

    SLOT_OK (slotID);
    
    slot = &fort11_slot[slotID-1];
    
    socket = &fortezzaSockets[slotID-1];
    if (!socket->isOpen) {
        InitSocket(socket, slotID);
    }

    rv = MACI_Select (socket->maciSession, slotID);
    rv = MACI_GetStatus (socket->maciSession, &cardStatus);
    if (rv != CI_OK) {
        FORT11_RETURN (CKR_DEVICE_ERROR);
    }

#ifdef SWFORT
    sprintf (tmp, "Software FORTEZZA Slot #%d", slotID);
#else
    sprintf (tmp, "FORTEZZA Slot #%d", slotID);
#endif
    
    PORT_Memcpy (pInfo->label, tmp, PORT_Strlen(tmp)+1);

    for (i=0; i<8; i++) {
        int serNum;

	serNum = (int)cardStatus.SerialNumber[i];
	sprintf ((char*)&pInfo->serialNumber[2*i], "%.2x", serNum);
    }

    rv = MACI_GetTime (fortezzaSockets[slotID-1].maciSession, pInfo->utcTime);
    if (rv == CI_OK) {
      pInfo->flags = CKF_CLOCK_ON_TOKEN;  
    } else {
      switch (rv) {
      case CI_LIB_NOT_INIT:
      case CI_INV_POINTER:
      case CI_NO_CARD:
      case CI_NO_SOCKET:
	FORT11_RETURN (CKR_DEVICE_ERROR);
      default:
	pInfo->flags = 0;
	break;
      }
    }
    
    rv = MACI_GetConfiguration (fortezzaSockets[slotID-1].maciSession, 
				&ciConfig);

    if (rv == CI_OK) {
        PORT_Memcpy(pInfo->manufacturerID,ciConfig.ManufacturerName,
		    PORT_Strlen(ciConfig.ManufacturerName));
	for (i=PORT_Strlen(ciConfig.ManufacturerName); i<32; i++) {
	    pInfo->manufacturerID[i] = ' ';
	}
	PORT_Memcpy(pInfo->model,ciConfig.ProcessorType,16);    
    }
    pInfo->ulMaxPinLen = CI_PIN_SIZE;
    pInfo->ulMinPinLen = 0;
    pInfo->ulTotalPublicMemory = 0;
    pInfo->ulFreePublicMemory  = 0;
    pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED| CKF_USER_PIN_INITIALIZED | 
                    CKF_THREAD_SAFE | CKF_WRITE_PROTECTED;

    pInfo->ulMaxSessionCount = 0; 
    pInfo->ulSessionCount = slot->sessionCount; 
    pInfo->ulMaxRwSessionCount = 0; 
    pInfo->ulRwSessionCount = slot->rwSessionCount; 

    if (rv == CI_OK) {    
        pInfo->firmwareVersion.major = 
	    (ciConfig.ManufacturerSWVer & MAJOR_VERSION_MASK) >> 8; 
	pInfo->firmwareVersion.minor = 
	    ciConfig.ManufacturerSWVer & MINOR_VERSION_MASK;
	pInfo->hardwareVersion.major = 
	    (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
	pInfo->hardwareVersion.minor = 
	    ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
    }
    FORT11_RETURN (CKR_OK);
}



/* C_GetMechanismList obtains a list of mechanism types supported by a 
   token. */
PR_PUBLIC_API(CK_RV) C_GetMechanismList(CK_SLOT_ID            slotID,
					CK_MECHANISM_TYPE_PTR pMechanismList, 
					CK_ULONG_PTR          pulCount) {
  FORT11_ENTER()
  CK_RV rv = CKR_OK;
  int i;
  
  SLOT_OK (slotID);

  if (pMechanismList == NULL) {
    *pulCount = mechanismCount;
  } else {
    if (*pulCount >= mechanismCount) {
      *pulCount = mechanismCount;
      for (i=0; i< (int)mechanismCount; i++) {
	pMechanismList[i] = mechanisms[i].type;
      }
    } else {
      rv = CKR_BUFFER_TOO_SMALL;
    }
  }
  FORT11_RETURN (rv);
}


/* C_GetMechanismInfo obtains information about a particular mechanism 
 * possibly supported by a token. */
PR_PUBLIC_API(CK_RV) C_GetMechanismInfo(CK_SLOT_ID            slotID, 
					CK_MECHANISM_TYPE     type,
					CK_MECHANISM_INFO_PTR pInfo) {
  int i;
  FORT11_ENTER()
  SLOT_OK (slotID);

  for (i=0; i< (int)mechanismCount; i++) {
    if (type == mechanisms[i].type) {
      PORT_Memcpy (pInfo, &mechanisms[i].domestic, sizeof (CK_MECHANISM_INFO));
      FORT11_RETURN (CKR_OK);
    }
  }
  FORT11_RETURN (CKR_MECHANISM_INVALID);
}


/* C_InitToken initializes a token. */
PR_PUBLIC_API(CK_RV) C_InitToken(CK_SLOT_ID  slotID,
				 CK_CHAR_PTR pPin,
				 CK_ULONG    ulPinLen,
				 CK_CHAR_PTR pLabel) {
  /* For functions that don't access globals, we don't have to worry about the
   * stack.
   */	
  return CKR_FUNCTION_NOT_SUPPORTED;
}


/* C_InitPIN initializes the normal user's PIN. */
PR_PUBLIC_API(CK_RV) C_InitPIN(CK_SESSION_HANDLE hSession,
			       CK_CHAR_PTR       pPin, 
			       CK_ULONG          ulPinLen) {
  /* For functions that don't access globals, we don't have to worry about the
   * stack.
   */	
  return CKR_FUNCTION_NOT_SUPPORTED;
}


/* C_SetPIN modifies the PIN of user that is currently logged in. */
/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
PR_PUBLIC_API(CK_RV) C_SetPIN(CK_SESSION_HANDLE hSession, 
			      CK_CHAR_PTR       pOldPin,
			      CK_ULONG          ulOldLen, 
			      CK_CHAR_PTR       pNewPin, 
			      CK_ULONG          ulNewLen) {
  FORT11_ENTER()
#ifndef SWFORT
  CI_PIN       ciOldPin, ciNewPin;
#endif
  PK11Session *session;
  PK11Slot    *slot;
  int          rv;

  session = fort11_SessionFromHandle (hSession, PR_FALSE);

  slot = fort11_SlotFromSession (session);
  SLOT_OK(slot->slotID)

  if (session == NULL) {
      session = fort11_SessionFromHandle (hSession, PR_TRUE);
      fort11_TokenRemoved(slot, session);
      FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
  }

  rv = MACI_Select (fortezzaSockets[slot->slotID-1].maciSession, slot->sl