From 20079356ada86838b62bc917715029bcf2241eab Mon Sep 17 00:00:00 2001 From: varunnaganathan Date: Wed, 17 Aug 2016 02:15:45 +0530 Subject: [PATCH] From 44d103635eacd3c372a56b481407ce3d0323ddff Mon Sep 17 00:00:00 2001 Bug 1162897, Add CK_TOKEN_INFO to the PK11SlotInfo struct for caching the token info, r=rrelyea --- lib/pk11wrap/pk11slot.c | 43 ++++++++++++++++++++--------------------- lib/pk11wrap/secmodti.h | 2 ++ 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/lib/pk11wrap/pk11slot.c b/lib/pk11wrap/pk11slot.c index f58394b77d..cc8d426975 100644 --- a/lib/pk11wrap/pk11slot.c +++ b/lib/pk11wrap/pk11slot.c @@ -409,6 +409,7 @@ PK11_NewSlotInfo(SECMODModule *mod) slot->slot_name[0] = 0; slot->token_name[0] = 0; PORT_Memset(slot->serial, ' ', sizeof(slot->serial)); + PORT_Memset(&slot->tokenInfo, 0, sizeof(slot->tokenInfo)); slot->module = NULL; slot->authTransact = 0; slot->authTime = LL_ZERO; @@ -1163,7 +1164,6 @@ PK11_ReadMechanismList(PK11SlotInfo *slot) SECStatus PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) { - CK_TOKEN_INFO tokenInfo; CK_RV crv; SECStatus rv; PRStatus status; @@ -1171,7 +1171,7 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) /* set the slot flags to the current token values */ if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo); + crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &slot->tokenInfo); if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot); if (crv != CKR_OK) { @@ -1182,13 +1182,13 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) /* set the slot flags to the current token values */ slot->series++; /* allow other objects to detect that the * slot is different */ - slot->flags = tokenInfo.flags; - slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE); - slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE); + slot->flags = slot->tokenInfo.flags; + slot->needLogin = ((slot->tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE); + slot->readOnly = ((slot->tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE); - slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE); + slot->hasRandom = ((slot->tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE); slot->protectedAuthPath = - ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) + ((slot->tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) ? PR_TRUE : PR_FALSE); slot->lastLoginCheck = 0; @@ -1199,15 +1199,15 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) slot->protectedAuthPath = PR_FALSE; } (void)PK11_MakeString(NULL, slot->token_name, - (char *)tokenInfo.label, sizeof(tokenInfo.label)); - slot->minPassword = tokenInfo.ulMinPinLen; - slot->maxPassword = tokenInfo.ulMaxPinLen; - PORT_Memcpy(slot->serial, tokenInfo.serialNumber, sizeof(slot->serial)); + (char *)slot->tokenInfo.label, sizeof(slot->tokenInfo.label)); + slot->minPassword = slot->tokenInfo.ulMinPinLen; + slot->maxPassword = slot->tokenInfo.ulMaxPinLen; + PORT_Memcpy(slot->serial, slot->tokenInfo.serialNumber, sizeof(slot->serial)); nssToken_UpdateName(slot->nssToken); slot->defRWSession = (PRBool)((!slot->readOnly) && - (tokenInfo.ulMaxSessionCount == 1)); + (slot->tokenInfo.ulMaxSessionCount == 1)); rv = PK11_ReadMechanismList(slot); if (rv != SECSuccess) return rv; @@ -1216,13 +1216,13 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) slot->RSAInfoFlags = 0; /* initialize the maxKeyCount value */ - if (tokenInfo.ulMaxSessionCount == 0) { + if (slot->tokenInfo.ulMaxSessionCount == 0) { slot->maxKeyCount = 800; /* should be #define or a config param */ - } else if (tokenInfo.ulMaxSessionCount < 20) { + } else if (slot->tokenInfo.ulMaxSessionCount < 20) { /* don't have enough sessions to keep that many keys around */ slot->maxKeyCount = 0; } else { - slot->maxKeyCount = tokenInfo.ulMaxSessionCount / 2; + slot->maxKeyCount = slot->tokenInfo.ulMaxSessionCount / 2; } /* Make sure our session handle is valid */ @@ -1354,13 +1354,12 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) SECStatus PK11_TokenRefresh(PK11SlotInfo *slot) { - CK_TOKEN_INFO tokenInfo; CK_RV crv; /* set the slot flags to the current token values */ if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo); + crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &slot->tokenInfo); if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot); if (crv != CKR_OK) { @@ -1368,12 +1367,12 @@ PK11_TokenRefresh(PK11SlotInfo *slot) return SECFailure; } - slot->flags = tokenInfo.flags; - slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE); - slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE); - slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE); + slot->flags = slot->tokenInfo.flags; + slot->needLogin = ((slot->tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE); + slot->readOnly = ((slot->tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE); + slot->hasRandom = ((slot->tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE); slot->protectedAuthPath = - ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) + ((slot->tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) ? PR_TRUE : PR_FALSE); /* on some platforms Active Card incorrectly sets the diff --git a/lib/pk11wrap/secmodti.h b/lib/pk11wrap/secmodti.h index 5201655731..63c2079297 100644 --- a/lib/pk11wrap/secmodti.h +++ b/lib/pk11wrap/secmodti.h @@ -107,6 +107,8 @@ struct PK11SlotInfoStr { unsigned int lastState; /* for Stan */ NSSToken *nssToken; + /* the tokeninfo struct */ + CK_TOKEN_INFO tokenInfo; /* fast mechanism lookup */ char mechanismBits[256]; };