Changes On Branch 0058a3b41b4de5a7

Changes In Branch wait-for-slot-event Through [0058a3b41b] Excluding Merge-Ins

This is equivalent to a diff from 8a76f09a85 to 0058a3b41b

2013-08-19
03:19
Fixed memory leak when checking PIV certificates check-in: 182c88b988 user: rkeene tags: piv
03:14
Improved waiting for slot event to allow C_Finalize to terminate any waiting Leaf check-in: d52881feec user: rkeene tags: wait-for-slot-event
2013-08-18
07:02
Added support for CKF_DONT_BLOCK check-in: 0058a3b41b user: rkeene tags: wait-for-slot-event
06:53
First work towards implementing C_WaitForSlotEvent check-in: 4d4946cc1f user: rkeene tags: wait-for-slot-event
2013-08-14
05:53
If using Protected Authentication Path, don't set the LOGIN_REQUIRED flag check-in: 14d49a499f user: rkeene tags: protected-auth-path
04:54
Added support for enabling the PROTECTED_AUTHENTICATION_PATH flag for the token if a command to provide the PIN is configured check-in: 8a76f09a85 user: rkeene tags: piv
04:49
Merged trunk check-in: 2e12e46ded user: rkeene tags: piv
04:22
Merged in updates check-in: 5469f9a4d0 user: rkeene tags: protected-auth-path

Modified cackey.c from [ce38432e82] to [5d076538a2].

782
783
784
785
786
787
788


789
790
791
792
793
794
795

796
797
798
799
800
801
802
	CK_MECHANISM_TYPE decrypt_mechanism;
	CK_VOID_PTR decrypt_mech_parm;
	CK_ULONG decrypt_mech_parmlen;
	struct cackey_identity *decrypt_identity;
};

struct cackey_slot {


	int active;
	int internal;

	char *pcsc_reader;

	int pcsc_card_connected;
	SCARDHANDLE pcsc_card;


	int transaction_depth;
	int transaction_need_hw_lock;

	int slot_reset;

	CK_FLAGS token_flags;







>
>







>







782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
	CK_MECHANISM_TYPE decrypt_mechanism;
	CK_VOID_PTR decrypt_mech_parm;
	CK_ULONG decrypt_mech_parmlen;
	struct cackey_identity *decrypt_identity;
};

struct cackey_slot {
	unsigned int id;

	int active;
	int internal;

	char *pcsc_reader;

	int pcsc_card_connected;
	SCARDHANDLE pcsc_card;
	DWORD pcsc_state;

	int transaction_depth;
	int transaction_need_hw_lock;

	int slot_reset;

	CK_FLAGS token_flags;
1115
1116
1117
1118
1119
1120
1121

1122
1123
1124
1125
1126
1127
1128
	if (slot->pcsc_card_connected) {
		SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD);
	}

	slot->slot_reset = 1;
	slot->pcsc_card_connected = 0;
	slot->token_flags = CKF_LOGIN_REQUIRED;


	CACKEY_DEBUG_PRINTF("Returning.");

	return;
}

/*







>







1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
	if (slot->pcsc_card_connected) {
		SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD);
	}

	slot->slot_reset = 1;
	slot->pcsc_card_connected = 0;
	slot->token_flags = CKF_LOGIN_REQUIRED;
	slot->pcsc_state = SCARD_STATE_UNAWARE;

	CACKEY_DEBUG_PRINTF("Returning.");

	return;
}

/*
4109
4110
4111
4112
4113
4114
4115

4116
4117

4118
4119
4120
4121
4122
4123
4124
	}

	for (idx = 0; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) {
		cackey_sessions[idx].active = 0;
	}

	for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {

		cackey_slots[idx].active = 0;
		cackey_slots[idx].pcsc_reader = NULL;

		cackey_slots[idx].transaction_depth = 0;
		cackey_slots[idx].transaction_need_hw_lock = 0;
		cackey_slots[idx].slot_reset = 0;
		cackey_slots[idx].token_flags = 0;
		cackey_slots[idx].label = NULL;
		cackey_slots[idx].internal = 0;
	}







>


>







4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
	}

	for (idx = 0; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) {
		cackey_sessions[idx].active = 0;
	}

	for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {
		cackey_slots[idx].id = idx;
		cackey_slots[idx].active = 0;
		cackey_slots[idx].pcsc_reader = NULL;
		cackey_slots[idx].pcsc_state = SCARD_STATE_UNAWARE;
		cackey_slots[idx].transaction_depth = 0;
		cackey_slots[idx].transaction_need_hw_lock = 0;
		cackey_slots[idx].slot_reset = 0;
		cackey_slots[idx].token_flags = 0;
		cackey_slots[idx].label = NULL;
		cackey_slots[idx].internal = 0;
	}
4720
4721
4722
4723
4724
4725
4726









4727
4728
4729
4730
4731
4732
4733






4734
4735
4736
4737
4738
4739
4740




























































4741
























4742
4743
4744









4745
4746
4747
4748
4749
4750
4751

	CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);

	return(CKR_OK);
}

CK_DEFINE_FUNCTION(CK_RV, C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR pSlotID, CK_VOID_PTR pReserved) {









	CACKEY_DEBUG_PRINTF("Called.");

	if (pReserved != NULL) {
		CACKEY_DEBUG_PRINTF("Error. pReserved is not NULL.");

		return(CKR_ARGUMENTS_BAD);
	}







	if (!cackey_initialized) {
		CACKEY_DEBUG_PRINTF("Error.  Not initialized.");

		return(CKR_CRYPTOKI_NOT_INITIALIZED);
	}





























































	/* XXX: TODO: Implement this... */
























	CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);

	return(CKR_FUNCTION_NOT_SUPPORTED);









}

CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount) {
	CACKEY_DEBUG_PRINTF("Called.");

	if (!cackey_initialized) {
		CACKEY_DEBUG_PRINTF("Error.  Not initialized.");







>
>
>
>
>
>
>
>
>







>
>
>
>
>
>







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|

|
>
>
>
>
>
>
>
>
>







4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865

	CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);

	return(CKR_OK);
}

CK_DEFINE_FUNCTION(CK_RV, C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR pSlotID, CK_VOID_PTR pReserved) {
	SCARD_READERSTATE reader_states[(sizeof(cackey_slots) / sizeof(cackey_slots[0])) + 1];
	SCARDCONTEXT pcsc_handle;
	LONG scard_getstatchng_ret;
	LONG scard_est_context_ret;
	struct cackey_slot *cackey_slot;
	unsigned int currslot, reader_state_slot;
	int pcsc_connect_ret;
	int slot_changed;

	CACKEY_DEBUG_PRINTF("Called.");

	if (pReserved != NULL) {
		CACKEY_DEBUG_PRINTF("Error. pReserved is not NULL.");

		return(CKR_ARGUMENTS_BAD);
	}

	if (pSlotID == NULL) {
		CACKEY_DEBUG_PRINTF("Error. pSlotID is NULL.");

		return(CKR_ARGUMENTS_BAD);
	}

	if (!cackey_initialized) {
		CACKEY_DEBUG_PRINTF("Error.  Not initialized.");

		return(CKR_CRYPTOKI_NOT_INITIALIZED);
	}

	pcsc_connect_ret = cackey_pcsc_connect();
	if (pcsc_connect_ret != CACKEY_PCSC_S_OK) {
		CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, returning in failure");

		return(CKR_GENERAL_ERROR);
	}

	for (reader_state_slot = currslot = 0; currslot < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); currslot++) {
		if (cackey_slots[currslot].internal) {
			continue;
		}

		if (cackey_slots[currslot].active == 0) {
			continue;
		}

		reader_states[reader_state_slot].szReader = cackey_slots[currslot].pcsc_reader;
		reader_states[reader_state_slot].pvUserData = &cackey_slots[currslot];

		if ((flags & CKF_DONT_BLOCK) == CKF_DONT_BLOCK) {
			reader_states[reader_state_slot].dwCurrentState = SCARD_STATE_UNAWARE;
		} else {
			reader_states[reader_state_slot].dwCurrentState = cackey_slots[currslot].pcsc_state;
		}

		reader_state_slot++;
	}

	reader_states[reader_state_slot].szReader = "\\\\?PnP?\\Notification";
	reader_states[reader_state_slot].pvUserData = NULL;
	reader_states[reader_state_slot].dwCurrentState = SCARD_STATE_UNAWARE;
	reader_state_slot++;

	scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &pcsc_handle);
	if (scard_est_context_ret != SCARD_S_SUCCESS) {
		CACKEY_DEBUG_PRINTF("Returning CKR_GENERAL_ERROR (%i) because SCardEstablishContext failed: %lx", CKR_GENERAL_ERROR, scard_est_context_ret);

		return(CKR_GENERAL_ERROR);
	}

	scard_getstatchng_ret = SCardGetStatusChange(pcsc_handle, INFINITE, reader_states, reader_state_slot);

	SCardReleaseContext(pcsc_handle);

	if (scard_getstatchng_ret != SCARD_S_SUCCESS) {
		CACKEY_DEBUG_PRINTF("Returning CKR_GENERAL_ERROR (%i) because SCardGetStatusChange failed: %lx", CKR_GENERAL_ERROR, scard_getstatchng_ret);

		return(CKR_GENERAL_ERROR);
	}

	for (currslot = 0; currslot < reader_state_slot; currslot++) {
		CACKEY_DEBUG_PRINTF("[slot = %u] CurrentState = %lx, EventState = %lx",
		    currslot,
		    reader_states[currslot].dwCurrentState & 0xffff,
		    reader_states[currslot].dwEventState & 0xffff
		);

		cackey_slot = (struct cackey_slot *) reader_states[currslot].pvUserData;

		if (cackey_slot == NULL) {
			/* XXX: TODO: Someone plugged in a new slot */
			continue;
		}

		slot_changed = 0;

		if ((flags & CKF_DONT_BLOCK) == CKF_DONT_BLOCK) {
			if (cackey_slot->pcsc_state != reader_states[currslot].dwEventState) {
				slot_changed = 1;
			}
		} else {
			if (reader_states[currslot].dwCurrentState != reader_states[currslot].dwEventState) {
				slot_changed = 1;
			}
		}

		if (slot_changed == 0) {
			continue;
		}

		CACKEY_DEBUG_PRINTF("Returning slot changed: %u", (unsigned int) cackey_slot->id);

		cackey_slot->pcsc_state = reader_states[currslot].dwEventState;
		*pSlotID = (CK_SLOT_ID) cackey_slot->id;

		CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);

		return(CKR_OK);
	}

	if ((flags & CKF_DONT_BLOCK) != CKF_DONT_BLOCK) {
		CACKEY_DEBUG_PRINTF("Returning CKR_NO_EVENT (%i), but asked to block !? BUG ENCOUNTERED.", CKR_NO_EVENT);
	} else {
		CACKEY_DEBUG_PRINTF("Returning CKR_NO_EVENT (%i)", CKR_NO_EVENT);
	}

	return(CKR_NO_EVENT);
}

CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount) {
	CACKEY_DEBUG_PRINTF("Called.");

	if (!cackey_initialized) {
		CACKEY_DEBUG_PRINTF("Error.  Not initialized.");

Modified test.c from [47338c5b52] to [ef0e023dd5].

226
227
228
229
230
231
232
















233
234
235
236
237
238
239
	slots = malloc(sizeof(*slots) * numSlots);

	chk_rv = C_GetSlotList(FALSE, slots, &numSlots);
	if (chk_rv != CKR_OK) {
		return(1);
	}

















	for (currSlot = 0; currSlot < numSlots; currSlot++) {
		printf("  Slot %lu:\n", currSlot);

		chk_rv = C_GetSlotInfo(slots[currSlot], &slotInfo);
		if (chk_rv != CKR_OK) {
			return(1);
		}







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
	slots = malloc(sizeof(*slots) * numSlots);

	chk_rv = C_GetSlotList(FALSE, slots, &numSlots);
	if (chk_rv != CKR_OK) {
		return(1);
	}

	/* Test waiting for slot events */
	currSlot = 0;
	printf("Please insert a card now.\n");

	/* Initially, every slot has changed state (but probably should not) */
	chk_rv = C_WaitForSlotEvent(0, &currSlot, NULL);

	/* This actually waits */
	chk_rv = C_WaitForSlotEvent(0, &currSlot, NULL);
	if (chk_rv != CKR_OK) {
		printf("Failed to wait for slot event.\n");
	}

	/* This just ensures DONT_BLOCK works */
	chk_rv = C_WaitForSlotEvent(CKF_DONT_BLOCK, &currSlot, NULL);

	for (currSlot = 0; currSlot < numSlots; currSlot++) {
		printf("  Slot %lu:\n", currSlot);

		chk_rv = C_GetSlotInfo(slots[currSlot], &slotInfo);
		if (chk_rv != CKR_OK) {
			return(1);
		}