Diff

Differences From Artifact [806bbf2a79]:

To Artifact [86c9a91f33]:


   516    516   
   517    517   	int pcsc_card_connected;
   518    518   	SCARDHANDLE pcsc_card;
   519    519   
   520    520   	int transaction_depth;
   521    521   
   522    522   	int slot_reset;
          523  +
          524  +	CK_FLAGS token_flags;
   523    525   };
   524    526   
   525    527   typedef enum {
   526    528   	CACKEY_TLV_APP_GENERIC = 0x01,
   527    529   	CACKEY_TLV_APP_SKI     = 0x02,
   528    530   	CACKEY_TLV_APP_PKI     = 0x04
   529    531   } cackey_tlv_apptype;
................................................................................
  2807   2809   	}
  2808   2810   
  2809   2811   	for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {
  2810   2812   		cackey_slots[idx].active = 0;
  2811   2813   		cackey_slots[idx].pcsc_reader = NULL;
  2812   2814   		cackey_slots[idx].transaction_depth = 0;
  2813   2815   		cackey_slots[idx].slot_reset = 0;
         2816  +		cackey_slots[idx].token_flags = 0;
  2814   2817   	}
  2815   2818   
  2816   2819   	cackey_initialized = 1;
  2817   2820   
  2818   2821   	if (!cackey_biglock_init) {
  2819   2822   		mutex_init_ret = cackey_mutex_create(&cackey_biglock);
  2820   2823   
................................................................................
  2999   3002   					/* Only update the list of slots if we are actually being supply the slot information */
  3000   3003   					if (pSlotList) {
  3001   3004   						cackey_slots[currslot].active = 1;
  3002   3005   						cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers);
  3003   3006   						cackey_slots[currslot].pcsc_card_connected = 0;
  3004   3007   						cackey_slots[currslot].transaction_depth = 0;
  3005   3008   						cackey_slots[currslot].slot_reset = 1;
         3009  +						cackey_slots[currslot].token_flags = CKF_LOGIN_REQUIRED;
  3006   3010   					}
  3007   3011   					currslot++;
  3008   3012   
  3009   3013   					pcsc_readers += curr_reader_len + 1;
  3010   3014   				}
  3011   3015   
  3012   3016   				if (currslot > 0) {
................................................................................
  3224   3228   
  3225   3229   	pInfo->hardwareVersion.major = (cackey_getversion() >> 16) & 0xff;
  3226   3230   	pInfo->hardwareVersion.minor = (cackey_getversion() >> 8) & 0xff;
  3227   3231   
  3228   3232   	pInfo->firmwareVersion.major = 0x00;
  3229   3233   	pInfo->firmwareVersion.minor = 0x00;
  3230   3234   
  3231         -	pInfo->flags = CKF_WRITE_PROTECTED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED | CKF_LOGIN_REQUIRED;
         3235  +	pInfo->flags = CKF_WRITE_PROTECTED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED | cackey_slots[slotID].token_flags;
  3232   3236   
  3233   3237   	pInfo->ulMaxSessionCount = (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])) - 1;
  3234   3238   	pInfo->ulSessionCount = CK_UNAVAILABLE_INFORMATION;
  3235   3239   	pInfo->ulMaxRwSessionCount = 0;
  3236   3240   	pInfo->ulRwSessionCount = CK_UNAVAILABLE_INFORMATION;
  3237   3241   	pInfo->ulMaxPinLen = 128;
  3238   3242   	pInfo->ulMinPinLen = 0;
................................................................................
  3743   3747   	login_ret = cackey_login(&cackey_slots[cackey_sessions[hSession].slotID], pPin, ulPinLen, NULL);
  3744   3748   	if (login_ret != CACKEY_PCSC_S_OK) {
  3745   3749   		cackey_mutex_unlock(cackey_biglock);
  3746   3750   
  3747   3751   		if (login_ret == CACKEY_PCSC_E_LOCKED) {
  3748   3752   			CACKEY_DEBUG_PRINTF("Error.  Token is locked.");
  3749   3753   
         3754  +			cackey_slots[cackey_sessions[hSession].slotID].token_flags |= CKF_USER_PIN_LOCKED;
         3755  +
  3750   3756   			return(CKR_PIN_LOCKED);
  3751   3757   		} else if (login_ret == CACKEY_PCSC_E_BADPIN) {
  3752   3758   			CACKEY_DEBUG_PRINTF("Error.  Invalid PIN.");
         3759  +
         3760  +			cackey_slots[cackey_sessions[hSession].slotID].token_flags |= CKF_USER_PIN_COUNT_LOW;
  3753   3761   
  3754   3762   			return(CKR_PIN_INCORRECT);
  3755   3763   		}
  3756   3764   
  3757   3765   		CACKEY_DEBUG_PRINTF("Error.  Unknown error returned from cackey_login() (%i)", login_ret);
  3758   3766   
  3759   3767   		return(CKR_GENERAL_ERROR);
  3760   3768   	}
         3769  +
         3770  +	cackey_slots[cackey_sessions[hSession].slotID].token_flags &= ~(CKF_USER_PIN_LOCKED | CKF_USER_PIN_COUNT_LOW | CKF_LOGIN_REQUIRED);
  3761   3771   
  3762   3772   	cackey_sessions[hSession].state = CKS_RO_USER_FUNCTIONS;
  3763   3773   
  3764   3774   	mutex_retval = cackey_mutex_unlock(cackey_biglock);
  3765   3775   	if (mutex_retval != 0) {
  3766   3776   		CACKEY_DEBUG_PRINTF("Error.  Unlocking failed.");
  3767   3777   
................................................................................
  4057   4067   			cackey_free_identities(cackey_sessions[hSession].identities, cackey_sessions[hSession].identities_count);
  4058   4068   
  4059   4069   			cackey_sessions[hSession].identities = NULL;
  4060   4070   			cackey_sessions[hSession].identities_count = 0;
  4061   4071   		}
  4062   4072   
  4063   4073   		cackey_slots[cackey_sessions[hSession].slotID].slot_reset = 0;
         4074  +		cackey_slots[cackey_sessions[hSession].slotID].token_flags = CKF_LOGIN_REQUIRED;
  4064   4075   	}
  4065   4076   
  4066   4077   	if (cackey_sessions[hSession].identities == NULL) {
  4067   4078   		cackey_sessions[hSession].identities = cackey_read_identities(&cackey_slots[cackey_sessions[hSession].slotID], &cackey_sessions[hSession].identities_count);
  4068   4079   	}
  4069   4080   
  4070   4081   	if (pTemplate != NULL) {
................................................................................
  4916   4927   
  4917   4928   			memcpy(cackey_sessions[hSession].sign_buf + cackey_sessions[hSession].sign_bufused, pPart, ulPartLen);
  4918   4929   
  4919   4930   			cackey_sessions[hSession].sign_bufused += ulPartLen;
  4920   4931   
  4921   4932   			break;
  4922   4933   		case CKM_SHA1_RSA_PKCS:
  4923         -			/* Accumulate into a SHA1 hash */
         4934  +			/* XXX: Accumulate into a SHA1 hash */
  4924   4935   			cackey_mutex_unlock(cackey_biglock);
  4925   4936   
  4926   4937   			CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
  4927   4938   
  4928   4939   			return(CKR_FUNCTION_NOT_SUPPORTED);
  4929   4940   			break;
  4930   4941   	}
................................................................................
  5019   5030   				*pulSignatureLen = sigbuflen;
  5020   5031   
  5021   5032   				retval = CKR_OK;
  5022   5033   			}
  5023   5034   
  5024   5035   			break;
  5025   5036   		case CKM_SHA1_RSA_PKCS:
  5026         -			/* Accumulate into a SHA1 hash */
         5037  +			/* XXX: Accumulate into a SHA1 hash */
  5027   5038   			cackey_mutex_unlock(cackey_biglock);
  5028   5039   
  5029   5040   			CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
  5030   5041   
  5031   5042   			return(CKR_FUNCTION_NOT_SUPPORTED);
  5032   5043   			break;
  5033   5044   	}