Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
From 44d103635eacd3c372a56b481407ce3d0323ddff Mon Sep 17 00:00:00 2001
Bug 1162897, Add CK_TOKEN_INFO to the PK11SlotInfo struct for caching the token info, r=rrelyea
  • Loading branch information
varunnaganathan committed Aug 16, 2016
1 parent b1d074b commit 2007935
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 22 deletions.
43 changes: 21 additions & 22 deletions lib/pk11wrap/pk11slot.c
Expand Up @@ -409,6 +409,7 @@ PK11_NewSlotInfo(SECMODModule *mod)
slot->slot_name[0] = 0;
slot->token_name[0] = 0;
PORT_Memset(slot->serial, ' ', sizeof(slot->serial));
PORT_Memset(&slot->tokenInfo, 0, sizeof(slot->tokenInfo));
slot->module = NULL;
slot->authTransact = 0;
slot->authTime = LL_ZERO;
Expand Down Expand Up @@ -1163,15 +1164,14 @@ PK11_ReadMechanismList(PK11SlotInfo *slot)
SECStatus
PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
{
CK_TOKEN_INFO tokenInfo;
CK_RV crv;
SECStatus rv;
PRStatus status;

/* set the slot flags to the current token values */
if (!slot->isThreadSafe)
PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo);
crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &slot->tokenInfo);
if (!slot->isThreadSafe)
PK11_ExitSlotMonitor(slot);
if (crv != CKR_OK) {
Expand All @@ -1182,13 +1182,13 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
/* set the slot flags to the current token values */
slot->series++; /* allow other objects to detect that the
* slot is different */
slot->flags = tokenInfo.flags;
slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);
slot->flags = slot->tokenInfo.flags;
slot->needLogin = ((slot->tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
slot->readOnly = ((slot->tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);

slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
slot->hasRandom = ((slot->tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
slot->protectedAuthPath =
((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
((slot->tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
? PR_TRUE
: PR_FALSE);
slot->lastLoginCheck = 0;
Expand All @@ -1199,15 +1199,15 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
slot->protectedAuthPath = PR_FALSE;
}
(void)PK11_MakeString(NULL, slot->token_name,
(char *)tokenInfo.label, sizeof(tokenInfo.label));
slot->minPassword = tokenInfo.ulMinPinLen;
slot->maxPassword = tokenInfo.ulMaxPinLen;
PORT_Memcpy(slot->serial, tokenInfo.serialNumber, sizeof(slot->serial));
(char *)slot->tokenInfo.label, sizeof(slot->tokenInfo.label));
slot->minPassword = slot->tokenInfo.ulMinPinLen;
slot->maxPassword = slot->tokenInfo.ulMaxPinLen;
PORT_Memcpy(slot->serial, slot->tokenInfo.serialNumber, sizeof(slot->serial));

nssToken_UpdateName(slot->nssToken);

slot->defRWSession = (PRBool)((!slot->readOnly) &&
(tokenInfo.ulMaxSessionCount == 1));
(slot->tokenInfo.ulMaxSessionCount == 1));
rv = PK11_ReadMechanismList(slot);
if (rv != SECSuccess)
return rv;
Expand All @@ -1216,13 +1216,13 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
slot->RSAInfoFlags = 0;

/* initialize the maxKeyCount value */
if (tokenInfo.ulMaxSessionCount == 0) {
if (slot->tokenInfo.ulMaxSessionCount == 0) {
slot->maxKeyCount = 800; /* should be #define or a config param */
} else if (tokenInfo.ulMaxSessionCount < 20) {
} else if (slot->tokenInfo.ulMaxSessionCount < 20) {
/* don't have enough sessions to keep that many keys around */
slot->maxKeyCount = 0;
} else {
slot->maxKeyCount = tokenInfo.ulMaxSessionCount / 2;
slot->maxKeyCount = slot->tokenInfo.ulMaxSessionCount / 2;
}

/* Make sure our session handle is valid */
Expand Down Expand Up @@ -1354,26 +1354,25 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
SECStatus
PK11_TokenRefresh(PK11SlotInfo *slot)
{
CK_TOKEN_INFO tokenInfo;
CK_RV crv;

/* set the slot flags to the current token values */
if (!slot->isThreadSafe)
PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo);
crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &slot->tokenInfo);
if (!slot->isThreadSafe)
PK11_ExitSlotMonitor(slot);
if (crv != CKR_OK) {
PORT_SetError(PK11_MapError(crv));
return SECFailure;
}

slot->flags = tokenInfo.flags;
slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);
slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
slot->flags = slot->tokenInfo.flags;
slot->needLogin = ((slot->tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
slot->readOnly = ((slot->tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);
slot->hasRandom = ((slot->tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
slot->protectedAuthPath =
((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
((slot->tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
? PR_TRUE
: PR_FALSE);
/* on some platforms Active Card incorrectly sets the
Expand Down
2 changes: 2 additions & 0 deletions lib/pk11wrap/secmodti.h
Expand Up @@ -107,6 +107,8 @@ struct PK11SlotInfoStr {
unsigned int lastState;
/* for Stan */
NSSToken *nssToken;
/* the tokeninfo struct */
CK_TOKEN_INFO tokenInfo;
/* fast mechanism lookup */
char mechanismBits[256];
};
Expand Down

0 comments on commit 2007935

Please sign in to comment.