utility.c

IBM的Linux上的PKCS#11实现

   // special case:  removing head of the list
   //
   if (list == node)
   {
      temp = list->next;
      if (temp)
         temp->prev = NULL;

      free( list );
      return temp;
   }

   // we have no guarantee that the node is in the list
   // so search through the list to find it
   //
   while ((temp != NULL) && (temp->next != node))
      temp = temp->next;

   if (temp != NULL)
   {
      DL_NODE *next = node->next;

      temp->next = next;
      if (next)
         next->prev = temp;

      free( node );
   }

   return list;
}


// NOTE about Mutexes and cross process locking....
//
// The code uses 2 types of locks... internal locks to prevent threads within the same
// process space from stomping on each other  (pthread_mutex's suffice for 
// this).... and Cross Process Locks....
// On AIX we use it's variation of Posix semaphores for this.... Idealy on other
// platforms either POSIXSEMaphores or PTHREADXPL (pthreads xprocess lock) would
// be used.  On Linux unfortunatly  neither of these are available so we need to
// use the old standby of  SYSV semaphores (YECH.... GAG....)....  The only
// pieces which have been tested are the AIX and SYSV portions although 
// we expect that the others work correctly.
//
// we use alot more mutexes in the redesign than we did in the original
// design.  so instead of just the single global "pkcs_mutex" we have to
// deal with a number of mutexes.  so we'll make the mutex routines a
// bit more generic.
//

CK_RV
_CreateMutex( MUTEX *mutex )
{
   CK_RV  rc;

      // on AIX we make this a no-op since we assume that
      // the mutex was created in the initialization
      pthread_mutex_init( mutex, NULL );
      return CKR_OK;
}

CK_RV
#if defined(AIX)
_CreateMsem( msemaphore *msem )
#endif
#if defined(LINUX)
_CreateMsem( sem_t *msem )
#endif
{
#if defined(AIX)
   if (!msem_init( msem, MSEM_UNLOCKED))
#endif
#if defined(LINUX)
   if (!sem_init( msem,0, 1)) // parm 2 non-0 means pshared  1 is unlocked 0 is locked
   //if (!sem_init( msem,1, 1)) // parm 2 non-0 means pshared  1 is unlocked 0 is locked
#endif
      return CKR_OK;
   else{
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
}

CK_RV
_DestroyMutex( MUTEX *mutex )
{
   CK_RV  rc;

     // no-op in AIX
     pthread_mutex_destroy((pthread_mutex_t *)mutex);
     return CKR_OK;

}

CK_RV
#if defined(AIX)
_DestroyMsem( msemaphore *msem )
#endif
#if defined(LINUX)
_DestroyMsem( sem_t *msem )
#endif
{
#if defined(AIX)
   if (!msem_remove(msem))
#endif
#if defined(LINUX)
   if (!sem_destroy(msem))
#endif
      return CKR_OK;
   else{
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
}


CK_RV
_LockMutex( MUTEX *mutex )
{
   CK_RV  rc;
#if !(defined(AIX) || defined(LINUX))
   if (!mutex){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (cinit_args.flags & CKF_OS_LOCKING_OK) {
      WaitForSingleObject( mutex->handle, INFINITE );
      return CKR_OK;
   }

   if (cinit_args.pfLockMutex == NULL)
      return CKR_OK;

   rc = cinit_args.pfLockMutex( mutex->pmutex );
   return rc;
#else
      pthread_mutex_lock( mutex);
      return CKR_OK;
#endif

}

CK_RV
#if defined(AIX)
_LockMsem( msemaphore *msem )
#endif
#if defined(LINUX)
_LockMsem( sem_t *msem )
#endif
{
   if (!msem){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
#if defined(AIX)
   if(!msem_lock(msem, 0)) // block until the semaphore is free
#endif
#if defined(LINUX)
   if(!sem_wait(msem)) // block until the semaphore is free
#endif
      return CKR_OK;
   else{
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
}

CK_RV
_UnlockMutex( MUTEX *mutex )
{
   CK_RV  rc;
#if !(defined(AIX) || defined(LINUX))
   if (!mutex){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (cinit_args.flags & CKF_OS_LOCKING_OK) {
      ReleaseMutex( mutex->handle );
      return CKR_OK;
   }

   if (cinit_args.pfUnlockMutex == NULL)
      return CKR_OK;

   rc = cinit_args.pfUnlockMutex( mutex->pmutex );
   return rc;
#else
   pthread_mutex_unlock(mutex);
   return CKR_OK;
#endif

}

CK_RV
#if defined(AIX)
_UnlockMsem( msemaphore *msem )
#endif
#if defined(LINUX)
_UnlockMsem( sem_t *msem )
#endif
{
   if (!msem){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
#if defined(AIX)
   if (!msem_unlock(msem, 0))
#endif
#if defined(LINUX)
   if (!sem_post(msem))
#endif
      return CKR_OK;
   else{
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
}

#if SYSVSEM
#include <sys/sem.h>
// These structures are needed to effect a lock
// using SYS V semaphores...
static struct sembuf xlock_lock[2]={
         0,0,0,
         0,1,SEM_UNDO
};

static struct sembuf xlock_unlock[1] = {
         0,-1,(IPC_NOWAIT | SEM_UNDO)
};

static pthread_mutex_t  semmtx = PTHREAD_MUTEX_INITIALIZER;

#endif


int spinxplfd=-1;
int spin_created=0;

extern void set_perm(int);

CK_RV
CreateXProcLock(void *xproc)
{

#if (AIX)
	return _CreateMsem((msemaphore *)xproc);
#elif (SPINXPL)
    // open the file that we will do the locking on...
  spinxplfd = open("/tmp/.pkcs11spinloc",O_CREAT|O_APPEND|O_RDWR,
        S_IRWXU|S_IRWXG|S_IRWXO);
   if (spinxplfd) {
	   	
	set_perm(spinxplfd);
	fchmod(spinxplfd,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH | S_IWOTH);
	spin_created=1;
   } else {
	   perror("XPROC CREATE file :");
   }
    return CKR_OK;
#elif  SYSVSEM
   int  semid;
   int *psem;
   key_t  tok;

   tok  = ftok( pk_dir, 'c' );
  
//printf("creating semaphore %x \n",tok);

   psem = (int *)xproc;
if ( *psem < 0 ) {
   if ( (semid = semget(tok,1,IPC_CREAT | 0666)) < 0 ){
      if (errno == EEXIST) {
	  if ( (semid = semget(tok,0,0)) < 0) {
		pthread_mutex_unlock(&semmtx);
                st_err_log(4, __FILE__, __LINE__, __FUNCTION__); 
	        return CKR_FUNCTION_FAILED;
	  }
      } else {
	      pthread_mutex_unlock(&semmtx);
              st_err_log(4, __FILE__, __LINE__, __FUNCTION__); 
	      return CKR_FUNCTION_FAILED;
      }
   }
}
   psem = (int *)xproc;
   *psem = semid;
//pthread_mutex_unlock(&semmtx);
   return CKR_OK;

   // we know that semaphores are created unlocked
#elif POSIXSEM 
	return _CreateMsem((sem_t *)xproc);
#elif PTHREADXPL
	pthread_mutex_attr_t  mtxattr;

 	pthread_mutexattr_init(&mtxattr);
	pthread_mutexattr_setpshared(&mtxattr,PTHREAD_PROCESS_SHARED);
	pthread_mutex_init((pthread_mutex_t *)xproc,&mtxattr);

#elif  NOXPROCLOCK
   return CKR_OK;
#else
#error "Define XPROC LOCKS"
  
#endif
}
CK_RV
DestroyXProcLock(void *xproc)
{
#if (AIX)
	return _DestroyMsem((msemaphore *)xproc);
#elif SPINXPL
	return CKR_OK;
#elif SYSVSEM
   int semid,*psem;

//printf("Destroying semaphore %x \n",xproc);

pthread_mutex_lock(&semmtx);
   psem = (int *)xproc;
   semid = *psem;

   semctl(semid,1,IPC_RMID,0);
pthread_mutex_unlock(&semmtx);

   return CKR_OK;
#elif POSIXSEM 
	return _DestroyMsem((sem_t *)xproc);
#elif  PTHREADXPL
	return pthread_mutex_destroy((pthread_mutex_t *)xproc);
#elif  NOXPROCLOCK
   return CKR_OK;
#else
#error "Define XPROC LOCKS"
#endif
}

CK_RV
XProcLock(void *xproc)
{
#if (AIX)
	return _LockMsem((msemaphore *)xproc);
#elif SPINXPL
	if (!spin_created) {
	  spinxplfd = open("/tmp/.pkcs11spinloc",O_CREAT|O_APPEND|O_RDWR,
		S_IRWXU|S_IRWXG|S_IRWXO);
	  fchmod(spinxplfd,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH | S_IWOTH);
	  spin_created=1;
	}
	if (spinxplfd){
		flock(spinxplfd,LOCK_EX);
	}
	return CKR_OK;
#elif SYSVSEM
   int semid,*psem;
   pthread_mutex_lock(&semmtx);
   return CKR_OK;

   pthread_mutex_lock(&semmtx);
   psem = (int *)xproc;
   semid = *psem;
   semop(semid,&xlock_lock[0],2);
   pthread_mutex_unlock(&semmtx);
   return CKR_OK;

#elif POSIXSEM 
	return _LockMsem((sem_t *)xproc);
#elif PTHREADXPL
	return _LockMutex((MUTEX *)xproc);
#elif  NOXPROCLOCK
   return CKR_OK;
#else
#error "Define XPROC LOCKS"

#endif
}
CK_RV
XProcUnLock(void *xproc)
{
#if (AIX)
	return _UnlockMsem((msemaphore *)xproc);
#elif SPINXPL
	if (!spin_created) {
	  spinxplfd = open("/tmp/.pkcs11spinloc",O_CREAT|O_APPEND|O_RDWR,
		S_IRWXU|S_IRWXG|S_IRWXO);
	  fchmod(spinxplfd,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH | S_IWOTH);
	  spin_created=1;
	}
	if (spinxplfd) {
		flock(spinxplfd,LOCK_UN);
	}
	return CKR_OK;
#elif SYSVSEM
   int semid,*psem;
   pthread_mutex_unlock(&semmtx);
   return CKR_OK;

   pthread_mutex_lock(&semmtx);
   psem = (int *)xproc;
   semid = *psem;
   semop(semid,&xlock_unlock[0],1);
   pthread_mutex_unlock(&semmtx);
   return CKR_OK;
#elif POSIXSEM 
	return _UnlockMsem((sem_t *)xproc);
#elif PTHREADXPL
	return _UnlockMutex((MUTEX *)xproc);
#elif  NOXPROCLOCK
   return CKR_OK;
#else
#error "Define XPROC LOCKS"
#endif
}


//
//

// is_attribute_defined()
//
// determine whether the specified attribute is defined by Cryptoki
//
CK_BBOOL
is_attribute_defined( CK_ATTRIBUTE_TYPE type )
{
   if (type >= CKA_VENDOR_DEFINED)
      return TRUE;

   switch (type)
   {
      case  CKA_CLASS:
      case  CKA_TOKEN:
      case  CKA_PRIVATE:
      case  CKA_LABEL:
      case  CKA_APPLICATION:
      case  CKA_VALUE:
      case  CKA_CERTIFICATE_TYPE:
      case  CKA_ISSUER:
      case  CKA_SERIAL_NUMBER:
      case  CKA_KEY_TYPE:
      case  CKA_SUBJECT:
      case  CKA_ID:
      case  CKA_SENSITIVE:
      case  CKA_ENCRYPT:
      case  CKA_DECRYPT:
      case  CKA_WRAP:
      case  CKA_UNWRAP:
      case  CKA_SIGN:
      case  CKA_SIGN_RECOVER:
      case  CKA_VERIFY:
      case  CKA_VERIFY_RECOVER:
      case  CKA_DERIVE:
      case  CKA_START_DATE:
      case  CKA_END_DATE:
      case  CKA_MODULUS:
      case  CKA_MODULUS_BITS:
      case  CKA_PUBLIC_EXPONENT:
      case  CKA_PRIVATE_EXPONENT:
      case  CKA_PRIME_1:
      case  CKA_PRIME_2:
      case  CKA_EXPONENT_1:
      case  CKA_EXPONENT_2:
      case  CKA_COEFFICIENT:
      case  CKA_PRIME:
      case  CKA_SUBPRIME:
      case  CKA_BASE:
      case  CKA_VALUE_BITS:
      case  CKA_VALUE_LEN:
      case  CKA_EXTRACTABLE:
      case  CKA_LOCAL:
      case  CKA_NEVER_EXTRACTABLE:
      case  CKA_ALWAYS_SENSITIVE:
      case  CKA_MODIFIABLE:
      case  CKA_ECDSA_PARAMS:
      case  CKA_EC_POINT:
      case  CKA_HW_FEATURE_TYPE:
      case  CKA_HAS_RESET:
      case  CKA_RESET_ON_INIT:
      case  CKA_KEY_GEN_MECHANISM:
      case  CKA_PRIME_BITS:
      case  CKA_SUBPRIME_BITS:
      case  CKA_OBJECT_ID:
      case  CKA_AC_ISSUER:
      case  CKA_OWNER:
      case  CKA_ATTR_TYPES:
      case  CKA_TRUSTED:
         return TRUE;
   }

   return FALSE;
}


extern CK_CHAR manuf[];
extern CK_CHAR model[];
extern CK_CHAR descr[];
extern CK_CHAR label[];


//
//
void
init_slotInfo( void )
{
   memset( &slot_info.slotDescription, ' ', sizeof(slot_info.slotDescription) );
   memset( &slot_info.manufacturerID,  ' ', sizeof(slot_info.manufacturerID)  );

   memcpy( &slot_info.slotDescription, descr, strlen(descr) );