host_api.c

IBM的Linux上的PKCS#11实现

{
   WaitForSingleObject( pkcs_mutex, INFINITE );
   return CKR_OK;
}

CK_RV
MY_UnlockMutex(void)
{
   ReleaseMutex(pkcs_mutex);
   return CKR_OK;
}


#ifdef PKCS64
CK_ULONG_32 long_reverse( CK_ULONG_32 x )
#else
CK_ULONG long_reverse( CK_ULONG x )
#endif
{
#ifdef _BIG_ENDIAN   // Power Architecture requires reversal to talk to adapter
      return (
         ((0x000000FF & x)<<24) |
         ((0x0000FF00 & x)<<8) |
         ((0x00FF0000 & x)>>8) |
         ((0xFF000000 & x)>>24) );
#else
      return (x); // Others don't require  reversal.

#endif
}

// SAB FIXME Added for 64bit
uint32
get_attrib_len(CK_ATTRIBUTE *attr)
{

   switch(attr->type){
      case CKA_CLASS:
      case CKA_KEY_TYPE:
      case CKA_MODULUS_BITS:
      case CKA_VALUE_BITS:
      case CKA_VALUE_LEN:
      case CKA_CERTIFICATE_TYPE:  // SAB FIXME 64bit
         // These are unsigned longs, which in 64bit need
         // to be made into 32bit values to be passed to the
         // card.
         return(sizeof(unsigned int));
         break;
      default:
         return (attr->ulValueLen);
         break;
   }

}

void
copy_attribute_value(void *source, void *dest, CK_ATTRIBUTE *attr)
{

#if PKCS64
   CK_ULONG_32  d;
#else
   CK_ULONG  d;
#endif
   CK_ULONG  *p;

   switch(attr->type){
      case CKA_CLASS:
      case CKA_KEY_TYPE:
      case CKA_MODULUS_BITS:
      case CKA_VALUE_BITS:
      case CKA_VALUE_LEN:
      case CKA_CERTIFICATE_TYPE:  // SAB FIXME 64bit
         // These are unsigned longs, which in 64bit need
         // to be made into 32bit values to be passed to the
         // card.
         
         p = (CK_ULONG *)(attr->pValue);
         d  = *p;
         //printf("copy attribute value d = %x  p %x\n",d,*p);
          *((CK_ULONG_32 *)dest) = d;
         //*((CK_ULONG_32 *)dest) = *((CK_ULONG *)(attr->pValue));
         
         break;
      default:
         bcopy(source,dest,attr->ulValueLen);
         break;
   }

}

// SAB FIXME END Added for 64bit
#ifdef _BIG_ENDIAN
   // Routine to modify a template attribute if necessary
void
ModifyAttribute(type,val)
   CK_ATTRIBUTE_TYPE  type;

#ifdef PKCS64
   CK_ULONG_PTR_32       val;
{
   CK_ULONG_32   tval;
#else
   CK_ULONG_PTR       val;
{
   CK_ULONG   tval;
#endif


   switch (type){
      case CKA_CLASS:
      case CKA_KEY_TYPE:
      case CKA_MODULUS_BITS:
      case CKA_VALUE_BITS:
      case CKA_VALUE_LEN:
      case CKA_CERTIFICATE_TYPE:  // SAB FIXME 64bit
         // These are the ones which need to be swapped

#ifdef PKCS64
        tval =  HTOCL((CK_ULONG_32)*val);
	*val = tval; 
        // bcopy(&tval,val,sizeof(CK_ULONG_32));
#else
        tval =  HTOCL((CK_ULONG)*val);
        bcopy(&tval,val,sizeof(CK_ULONG));
#endif

      default:
         break;
   }
}
#else
// NOTE FIXME  intel 64bit systems will have a problem here
// and need to be adjusted properly
void
ModifyAttribute(type,val)
   CK_ATTRIBUTE_TYPE  type;
   CK_ULONG_PTR       val;
{
   // This is a no op function for Intel AIX based systems
}

#endif




#ifndef SOCKET
// Function:  communicate()
//
// Specialized communicate routine for use with Encryption/Decryption.  The
// data to be encrypted/decrypted is sent in a separate buffer.  This allows
// the mechanisms to take advantage of external-to-external buffer transfers
// where possible.  Everything else is the same (LEEDS_REQUEST/LEEDS_REPLY
// still occurs on buffer #0, etc).
//
// Args:    pReq:    the 'normal' request structure
//          pRep:    the 'normal' reply structure
//          pOut:    the cleartext/ciphertext to be sent TO the card
//          pIn      the cleartext/ciphertext to be received FROM the card
//

//
// Assemble a request packet for the 4758, send it across, and unmarshal the
// reply.
//
// cmd_id   - Command identifier (specifies which function to invoke)
// slot_id  - Slot number of 4758 to which request is addressed
// pReq     - -> buffer containing data (args, etc.) associated with request
// req_len  - Length in bytes of *pReq
// pRep     - -> buffer that is to hold the reply
// repl_len - -> length in bytes of *pRep
// pOut     - -> buffer containing additional data to be supplied with the
//            command (e.g., address of buffer of data to encrypt)
// out_len  - Length in bytes of *pOut
// pIn      - -> buffer that is to hold additional data returned by the
//            coprocessor (e.g., address of buffer to hold encrypted data)
// in_len   - Length in bytes of *pIn
//
// Any of the buffer pointers may be NULL (in which case the corresponding
// length must be 0).
//
// cmd_id is sent in the UserDefined field of the sccRequest structure.
// The buffers defined by pReq and pOut are passed in pOutBuffer[0] and
// pOutBuffer[1], respectively.  The buffers defined by pRep and pIn are
// passed in pInBuffer[0] and pInBuffer[1], respectively.
//
// Data in the buffers must be in the proper byte order.  Other fields (e.g.,
// cmd_id) are handled automatically.
//
// On successful return, *repl_len contains the actual length in bytes of the
// reply.
//
CK_RV communicate( CK_ULONG cmd_id, CK_SLOT_ID   slot_id,
                   CK_VOID_PTR pReq,   CK_ULONG     req_len,
                   CK_VOID_PTR pRep,   CK_ULONG_PTR repl_len,
                   CK_BYTE_PTR pOut,   CK_ULONG     outlen,
                   CK_BYTE_PTR pIn,    CK_ULONG     inlen )
{
   union
   {
      double  d;
      CK_BYTE b[1024];
   } alignedBuffers[2];

   LEEDS_REQUEST  * send_packet = (LEEDS_REQUEST *)&(alignedBuffers[0]);
   LEEDS_REPLY    * recv_packet = (LEEDS_REPLY   *)&(alignedBuffers[1]);
   CK_BYTE        * ptr         = NULL;
   CK_BYTE        * in_buf      = pIn;
   CK_BYTE        * out_buf     = pOut;
   CK_ULONG         send_len, recv_len;
   CK_ULONG         out_len = outlen;
   CK_ULONG         in_len = inlen;
   CK_ULONG         in_buf_len = in_len, out_buf_len = out_len;

   CK_RV            rc;
   sccRB_t          request_block;


   int i; // XXX WJH

   //LARGE_INTEGER    start,end;

   if (repl_len == NULL)
      return CKR_GENERAL_ERROR;

   if (slot_id > MAX_SLOT_ID)
      return CKR_FUNCTION_FAILED;

   if (pReq == NULL && req_len != 0)
      return CKR_FUNCTION_FAILED;

   if (pRep == NULL && *repl_len != 0)
      return CKR_FUNCTION_FAILED;

   if (pOut == NULL && out_len != 0) {
      out_len = 0;
      in_buf_len = in_len, out_buf_len = out_len;
      //return CKR_FUNCTION_FAILED;
   }

   if (pIn == NULL && in_len != 0) {
        in_len = 0;
        in_buf_len = in_len, out_buf_len = out_len;
      //return CKR_FUNCTION_FAILED;
   }


   // ensure the buffer lengths are multiples of 4 and that the buffers we
   // have are big enough
   //
   send_len = (sizeof(LEEDS_REQUEST) + req_len + 3) & ~3;
   recv_len = (sizeof(LEEDS_REPLY) + *repl_len + 3) & ~3;

   if (send_len > sizeof(alignedBuffers[0]))
      send_packet = (LEEDS_REQUEST *)malloc( send_len );

   if (recv_len > sizeof(alignedBuffers[1]))
      recv_packet = (LEEDS_REPLY *)malloc( recv_len );

   if ((out_len & 3) != 0)
   {
      out_buf_len = (out_len + 3) & ~3;
      out_buf = (CK_BYTE *)malloc( out_buf_len );
      memcpy( out_buf, pOut, out_len );
   }

   if ((in_len & 3) != 0)
   {
      in_buf_len = (in_len + 3) & ~3;
      in_buf = (CK_BYTE *)malloc( in_buf_len );
   }

   // If we couldn't allocate something we needed, die
   //
   if (send_packet == NULL ||
       recv_packet == NULL ||
      (out_buf     == NULL && out_buf_len != 0) ||
      (in_buf      == NULL && in_buf_len  != 0))
   {
      if (send_len > sizeof(alignedBuffers[0]) && send_packet != NULL)
         free( send_packet );

      if (recv_len > sizeof(alignedBuffers[1]) && recv_packet != NULL)
         free( recv_packet );

      if (out_buf != NULL && out_buf != pOut)
         free( out_buf );

      if (in_buf != NULL && in_buf != pIn)
         free( in_buf );

      return CKR_HOST_MEMORY;
   }

   memset( send_packet, 0x0, send_len );
   memset( recv_packet, 0x0, recv_len );

   memset( &request_block,         0x00,      sizeof(request_block) );
   memcpy( &request_block.AgentID, &leeds_id, sizeof(leeds_id) );

   send_packet->pid     = HTOCL( pid_list[slot_id - 1] );
   send_packet->req_len = HTOCL( req_len );

   send_packet->repl_max[0] = HTOCL( *repl_len );
   send_packet->repl_max[1] = HTOCL( in_len );
   send_packet->repl_max[2] = 0;      // we don't currently use these buffers
   send_packet->repl_max[3] = 0;      // but maybe in the future...


 


   // Skip request header
   //
   ptr = (CK_BYTE *)send_packet + sizeof(LEEDS_REQUEST);

   if (pReq != NULL)
      memcpy( ptr, pReq, req_len );

   request_block.pOutBuffer[0] = (UCHAR *)send_packet;
   request_block.pInBuffer [0] = (UCHAR *)recv_packet;
   request_block.pOutBuffer[1] = (UCHAR *)out_buf;
   request_block.pInBuffer [1] = (UCHAR *)in_buf;

   // I don't know if the following needs to be adjusted for endianness or not
   // (the device driver could in principle take care of the swapping)
   //
   request_block.UserDefined = cmd_id;

   request_block.OutBufferLength[0] = send_len;
   request_block.InBufferLength [0] = recv_len;
   request_block.OutBufferLength[1] = out_buf_len;
   request_block.InBufferLength [1] = in_buf_len;

#if 0
   printf("\n\nRequest Block Dump:\n\n");

   printf("request_block.AgentID.DeveloperID[0] %X\n", 
         	  request_block.AgentID.DeveloperID[0]);
   printf("request_block.AgentID.DeveloperID[1] %X\n", 
         	  request_block.AgentID.DeveloperID[1]);

   for ( i=0;i<11;i++) {
        printf("request_block.AgentID.ProgramID[%X] %X\n", 
         	  i, request_block.AgentID.ProgramID[i]);
   }
   printf("request_block.AgentID.Version[0] %X\n", 
         	  request_block.AgentID.Version[0]); 

   printf("request_block.AgentID.Instance[0] %X\n", 
         	  request_block.AgentID.Instance[0]); 

   printf("request_block.AgentID.Queue[0] %X\n", 
         	  request_block.AgentID.Instance[0]); 

   printf("request_block.reserved %X\n", request_block.reserved);

   printf("request_block.UserDefined %X\n", request_block.UserDefined);

   for (i=0;i<4;i++){
      printf("request_block.OutBufferLength[%X] %X\n", 
	     i, request_block.OutBufferLength[i]);
   }

   for (i=0;i<4;i++){
      printf("request_block.InBufferLength[%X] %X\n", 
	     i, request_block.InBufferLength[i]);
   }

   for (i=0;i<4;i++){
      printf("request_block.pOutBuffer[%X] %X\n", 
	     i, request_block.pOutBuffer[i]);
   }
   for (i=0;i<4;i++){
      printf("request_block.pInBuffer[%X] %X\n", 
	     i, request_block.pInBuffer[i]);
   }

   printf("request_block.Status %X\n", request_block.Status);

   printf("\nLEEDS_REQUEST Dump:\n\n");


   printf("send_packet->pid %d\n", send_packet->pid);
   printf("send_packet->req_len %d\n", send_packet->req_len );
   printf("send_packet->repl_max[0] %x\n", send_packet->repl_max[0]);
   printf("send_packet->repl_max[1] %x\n",send_packet->repl_max[1]);