📄 sess_mgr.c
字号:
if (sess->decr_ctx.active == TRUE) { if (op_data != NULL){ st_err_log(71, __FILE__, __LINE__); return CKR_STATE_UNSAVEABLE; } op_data_len = sizeof(OP_STATE_DATA) + sizeof(ENCR_DECR_CONTEXT) + sess->decr_ctx.context_len + sess->decr_ctx.mech.ulParameterLen; if (length_only == FALSE) { op_data = (OP_STATE_DATA *)data; op_data->data_len = op_data_len - sizeof(OP_STATE_DATA); op_data->session_state = sess->session_info.state; op_data->active_operation = STATE_DECR; offset = sizeof(OP_STATE_DATA); memcpy( (CK_BYTE *)op_data + offset, &sess->decr_ctx, sizeof(ENCR_DECR_CONTEXT) ); offset += sizeof(ENCR_DECR_CONTEXT); if (sess->decr_ctx.context_len != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->decr_ctx.context, sess->decr_ctx.context_len ); offset += sess->decr_ctx.context_len; } if (sess->decr_ctx.mech.ulParameterLen != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->decr_ctx.mech.pParameter, sess->decr_ctx.mech.ulParameterLen ); } } } if (sess->digest_ctx.active == TRUE) { if (op_data != NULL){ st_err_log(71, __FILE__, __LINE__); return CKR_STATE_UNSAVEABLE; } op_data_len = sizeof(OP_STATE_DATA) + sizeof(DIGEST_CONTEXT) + sess->digest_ctx.context_len + sess->digest_ctx.mech.ulParameterLen; if (length_only == FALSE) { op_data = (OP_STATE_DATA *)data; op_data->data_len = op_data_len - sizeof(OP_STATE_DATA); op_data->session_state = sess->session_info.state; op_data->active_operation = STATE_DIGEST; offset = sizeof(OP_STATE_DATA); memcpy( (CK_BYTE *)op_data + offset, &sess->digest_ctx, sizeof(DIGEST_CONTEXT) ); offset += sizeof(DIGEST_CONTEXT); if (sess->digest_ctx.context_len != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->digest_ctx.context, sess->digest_ctx.context_len ); offset += sess->digest_ctx.context_len; } if (sess->digest_ctx.mech.ulParameterLen != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->digest_ctx.mech.pParameter, sess->digest_ctx.mech.ulParameterLen ); } } } if (sess->sign_ctx.active == TRUE) { if (op_data != NULL){ st_err_log(71, __FILE__, __LINE__); return CKR_STATE_UNSAVEABLE; } op_data_len = sizeof(OP_STATE_DATA) + sizeof(SIGN_VERIFY_CONTEXT) + sess->sign_ctx.context_len + sess->sign_ctx.mech.ulParameterLen; if (length_only == FALSE) { op_data = (OP_STATE_DATA *)data; op_data->data_len = op_data_len - sizeof(OP_STATE_DATA); op_data->session_state = sess->session_info.state; op_data->active_operation = STATE_SIGN; offset = sizeof(OP_STATE_DATA); memcpy( (CK_BYTE *)op_data + offset, &sess->sign_ctx, sizeof(SIGN_VERIFY_CONTEXT) ); offset += sizeof(SIGN_VERIFY_CONTEXT); if (sess->sign_ctx.context_len != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->sign_ctx.context, sess->sign_ctx.context_len ); offset += sess->sign_ctx.context_len; } if (sess->sign_ctx.mech.ulParameterLen != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->sign_ctx.mech.pParameter, sess->sign_ctx.mech.ulParameterLen ); } } } if (sess->verify_ctx.active == TRUE) { if (op_data != NULL){ st_err_log(71, __FILE__, __LINE__); return CKR_STATE_UNSAVEABLE; } op_data_len = sizeof(OP_STATE_DATA) + sizeof(SIGN_VERIFY_CONTEXT) + sess->verify_ctx.context_len + sess->verify_ctx.mech.ulParameterLen; if (length_only == FALSE) { op_data = (OP_STATE_DATA *)data; op_data->data_len = op_data_len - sizeof(OP_STATE_DATA); op_data->session_state = sess->session_info.state; op_data->active_operation = STATE_SIGN; offset = sizeof(OP_STATE_DATA); memcpy( (CK_BYTE *)op_data + offset, &sess->verify_ctx, sizeof(SIGN_VERIFY_CONTEXT) ); offset += sizeof(SIGN_VERIFY_CONTEXT); if (sess->verify_ctx.context_len != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->verify_ctx.context, sess->verify_ctx.context_len ); offset += sess->verify_ctx.context_len; } if (sess->verify_ctx.mech.ulParameterLen != 0) { memcpy( (CK_BYTE *)op_data + offset, sess->verify_ctx.mech.pParameter, sess->verify_ctx.mech.ulParameterLen ); } } } *data_len = op_data_len; return CKR_OK;}////CK_RVsession_mgr_set_op_state( SESSION * sess, CK_OBJECT_HANDLE encr_key, CK_OBJECT_HANDLE auth_key, CK_BYTE * data, CK_ULONG data_len ){ OP_STATE_DATA *op_data = NULL; CK_BYTE *mech_param = NULL; CK_BYTE *context = NULL; CK_BYTE *ptr1 = NULL; CK_BYTE *ptr2 = NULL; CK_BYTE *ptr3 = NULL; CK_ULONG len; if (!sess || !data){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } op_data = (OP_STATE_DATA *)data; // make sure the session states are compatible // if (sess->session_info.state != op_data->session_state){ st_err_log(69, __FILE__, __LINE__); return CKR_SAVED_STATE_INVALID; } // validate the new state information. don't touch the session // until the new state is valid. // switch (op_data->active_operation) { case STATE_ENCR: case STATE_DECR: { ENCR_DECR_CONTEXT *ctx = (ENCR_DECR_CONTEXT *)(data + sizeof(OP_STATE_DATA)); len = sizeof(ENCR_DECR_CONTEXT) + ctx->context_len + ctx->mech.ulParameterLen; if (len != op_data->data_len){ st_err_log(69, __FILE__, __LINE__); return CKR_SAVED_STATE_INVALID; } if (auth_key != 0){ st_err_log(21, __FILE__, __LINE__); return CKR_KEY_NOT_NEEDED; } if (encr_key == 0){ st_err_log(23, __FILE__, __LINE__); return CKR_KEY_NEEDED; } ptr1 = (CK_BYTE *)ctx; ptr2 = ptr1 + sizeof(ENCR_DECR_CONTEXT); ptr3 = ptr2 + ctx->context_len; if (ctx->context_len) { context = (CK_BYTE *)malloc( ctx->context_len ); if (!context){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( context, ptr2, ctx->context_len ); } if (ctx->mech.ulParameterLen) { mech_param = (CK_BYTE *)malloc( ctx->mech.ulParameterLen ); if (!mech_param) { if (context) free( context ); st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( mech_param, ptr3, ctx->mech.ulParameterLen ); } } break; case STATE_SIGN: case STATE_VERIFY: { SIGN_VERIFY_CONTEXT *ctx = (SIGN_VERIFY_CONTEXT *)(data + sizeof(OP_STATE_DATA)); len = sizeof(SIGN_VERIFY_CONTEXT) + ctx->context_len + ctx->mech.ulParameterLen; if (len != op_data->data_len){ st_err_log(69, __FILE__, __LINE__); return CKR_SAVED_STATE_INVALID; } if (auth_key == 0){ st_err_log(23, __FILE__, __LINE__); return CKR_KEY_NEEDED; } if (encr_key != 0){ st_err_log(21, __FILE__, __LINE__); return CKR_KEY_NOT_NEEDED; } ptr1 = (CK_BYTE *)ctx; ptr2 = ptr1 + sizeof(SIGN_VERIFY_CONTEXT); ptr3 = ptr2 + ctx->context_len; if (ctx->context_len) { context = (CK_BYTE *)malloc( ctx->context_len ); if (!context){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( context, ptr2, ctx->context_len ); } if (ctx->mech.ulParameterLen) { mech_param = (CK_BYTE *)malloc( ctx->mech.ulParameterLen ); if (!mech_param) { if (context) free( context ); st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( mech_param, ptr3, ctx->mech.ulParameterLen ); } } break; case STATE_DIGEST: { DIGEST_CONTEXT *ctx = (DIGEST_CONTEXT *)(data + sizeof(OP_STATE_DATA)); len = sizeof(DIGEST_CONTEXT) + ctx->context_len + ctx->mech.ulParameterLen; if (len != op_data->data_len){ st_err_log(69, __FILE__, __LINE__); return CKR_SAVED_STATE_INVALID; } if (auth_key != 0){ st_err_log(23, __FILE__, __LINE__); return CKR_KEY_NOT_NEEDED; } if (encr_key != 0){ st_err_log(23, __FILE__, __LINE__); return CKR_KEY_NOT_NEEDED; } ptr1 = (CK_BYTE *)ctx; ptr2 = ptr1 + sizeof(DIGEST_CONTEXT); ptr3 = ptr2 + ctx->context_len; if (ctx->context_len) { context = (CK_BYTE *)malloc( ctx->context_len ); if (!context){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( context, ptr2, ctx->context_len ); } if (ctx->mech.ulParameterLen) { mech_param = (CK_BYTE *)malloc( ctx->mech.ulParameterLen ); if (!mech_param) { if (context) free( context ); st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( mech_param, ptr3, ctx->mech.ulParameterLen ); } } break; default: st_err_log(69, __FILE__, __LINE__); return CKR_SAVED_STATE_INVALID; } // state information looks okay. cleanup the current session state, first // if (sess->encr_ctx.active) encr_mgr_cleanup( &sess->encr_ctx ); if (sess->decr_ctx.active) decr_mgr_cleanup( &sess->decr_ctx ); if (sess->digest_ctx.active) digest_mgr_cleanup( &sess->digest_ctx ); if (sess->sign_ctx.active) sign_mgr_cleanup( &sess->sign_ctx ); if (sess->verify_ctx.active) verify_mgr_cleanup( &sess->verify_ctx ); // copy the new state information // switch (op_data->active_operation) { case STATE_ENCR: memcpy( &sess->encr_ctx, ptr1, sizeof(ENCR_DECR_CONTEXT) ); sess->encr_ctx.key = encr_key; sess->encr_ctx.context = context; sess->encr_ctx.mech.pParameter = mech_param; break; case STATE_DECR: memcpy( &sess->decr_ctx, ptr1, sizeof(ENCR_DECR_CONTEXT) ); sess->decr_ctx.key = encr_key; sess->decr_ctx.context = context; sess->decr_ctx.mech.pParameter = mech_param; break; case STATE_SIGN: memcpy( &sess->sign_ctx, ptr1, sizeof(SIGN_VERIFY_CONTEXT) ); sess->sign_ctx.key = auth_key; sess->sign_ctx.context = context; sess->sign_ctx.mech.pParameter = mech_param; break; case STATE_VERIFY: memcpy( &sess->verify_ctx, ptr1, sizeof(SIGN_VERIFY_CONTEXT) ); sess->verify_ctx.key = auth_key; sess->verify_ctx.context = context; sess->verify_ctx.mech.pParameter = mech_param; break; case STATE_DIGEST: memcpy( &sess->digest_ctx, ptr1, sizeof(DIGEST_CONTEXT) ); sess->digest_ctx.context = context; sess->digest_ctx.mech.pParameter = mech_param; break; } return CKR_OK;}// Return TRUE if the session we're in has its PIN// expired.CK_BBOOL pin_expired(CK_SESSION_INFO *si){ // If this is an SO session if ( (si->flags & CKF_SO_PIN_TO_BE_CHANGED) && (si->state == CKS_RW_SO_FUNCTIONS) ) return TRUE; // Else we're a User session return( (si->flags & CKF_USER_PIN_TO_BE_CHANGED) && ((si->state == CKS_RO_USER_FUNCTIONS) || (si->state == CKS_RW_USER_FUNCTIONS)) );} // Return TRUE if the session we're in has its PIN// locked.CK_BBOOL pin_locked(CK_SESSION_INFO *si){ // If this is an SO session if ( (si->flags & CKF_SO_PIN_LOCKED) && (si->state == CKS_RW_SO_FUNCTIONS) ) return TRUE; // Else we're a User session return( (si->flags & CKF_USER_PIN_LOCKED) && ((si->state == CKS_RO_USER_FUNCTIONS) || (si->state == CKS_RW_USER_FUNCTIONS)) );}// Increment the login flags after an incorrect password// has been passed to C_Login. New for v2.11. - KEYvoid set_login_flags(CK_USER_TYPE userType, CK_FLAGS_32 *flags){ if(userType == CKU_USER) { if(*flags & CKF_USER_PIN_FINAL_TRY) { *flags |= CKF_USER_PIN_LOCKED; *flags &= ~(CKF_USER_PIN_FINAL_TRY); } else if (*flags & CKF_USER_PIN_COUNT_LOW) { *flags |= CKF_USER_PIN_FINAL_TRY; *flags &= ~(CKF_USER_PIN_COUNT_LOW); } else { *flags |= CKF_USER_PIN_COUNT_LOW; } } else { if(*flags & CKF_SO_PIN_FINAL_TRY) { *flags |= CKF_SO_PIN_LOCKED; *flags &= ~(CKF_SO_PIN_FINAL_TRY); } else if (*flags & CKF_SO_PIN_COUNT_LOW) { *flags |= CKF_SO_PIN_FINAL_TRY; *flags &= ~(CKF_SO_PIN_COUNT_LOW); } else { *flags |= CKF_SO_PIN_COUNT_LOW; } }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -