| blob | a28da4d392dd0fd849e6f2a7094682d133c24110 |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
26 #include <fcntl.h>
27 #include <pthread.h>
28 #include <strings.h>
30 #include <errno.h>
31 #include <security/cryptoki.h>
36 #pragma init(kernel_init)
37 #pragma fini(kernel_fini)
41 C_Initialize,
42 C_Finalize,
43 C_GetInfo,
44 C_GetFunctionList,
45 C_GetSlotList,
46 C_GetSlotInfo,
47 C_GetTokenInfo,
48 C_GetMechanismList,
49 C_GetMechanismInfo,
50 C_InitToken,
51 C_InitPIN,
52 C_SetPIN,
53 C_OpenSession,
54 C_CloseSession,
55 C_CloseAllSessions,
56 C_GetSessionInfo,
57 C_GetOperationState,
58 C_SetOperationState,
59 C_Login,
60 C_Logout,
61 C_CreateObject,
62 C_CopyObject,
63 C_DestroyObject,
64 C_GetObjectSize,
65 C_GetAttributeValue,
66 C_SetAttributeValue,
67 C_FindObjectsInit,
68 C_FindObjects,
69 C_FindObjectsFinal,
70 C_EncryptInit,
71 C_Encrypt,
72 C_EncryptUpdate,
73 C_EncryptFinal,
74 C_DecryptInit,
75 C_Decrypt,
76 C_DecryptUpdate,
77 C_DecryptFinal,
78 C_DigestInit,
79 C_Digest,
80 C_DigestUpdate,
81 C_DigestKey,
82 C_DigestFinal,
83 C_SignInit,
84 C_Sign,
85 C_SignUpdate,
86 C_SignFinal,
87 C_SignRecoverInit,
88 C_SignRecover,
89 C_VerifyInit,
90 C_Verify,
91 C_VerifyUpdate,
92 C_VerifyFinal,
93 C_VerifyRecoverInit,
94 C_VerifyRecover,
95 C_DigestEncryptUpdate,
96 C_DecryptDigestUpdate,
97 C_SignEncryptUpdate,
98 C_DecryptVerifyUpdate,
99 C_GenerateKey,
100 C_GenerateKeyPair,
101 C_WrapKey,
102 C_UnwrapKey,
103 C_DeriveKey,
104 C_SeedRandom,
105 C_GenerateRandom,
106 C_GetFunctionStatus,
107 C_CancelFunction,
108 C_WaitForSlotEvent
109 };
119 /* protects kernel_initialized and entrance to C_Initialize/Finalize */
122 ses_to_be_freed_list_t ses_delay_freed;
123 object_to_be_freed_list_t obj_delay_freed;
133 CK_RV
135 {
137 boolean_t supplied_ok;
140 /*
141 * Grab lock to insure that only one thread enters this
142 * function at a time.
143 */
149 /*
150 * This process has called C_Initialize already
151 */
155 /*
156 * A fork has happened and the child is
157 * reinitializing. Do a cleanup_library to close
158 * out any state from the parent, and then
159 * continue on.
160 */
162 }
163 }
169 /* pReserved must be NULL */
173 }
175 /*
176 * ALL supplied function pointers need to have the value
177 * either NULL or non-NULL.
178 */
191 }
193 /*
194 * When the CKF_OS_LOCKING_OK flag isn't set and mutex
195 * function pointers are supplied by an application,
196 * return an error. We must be able to use our own locks.
197 */
202 }
203 }
208 }
212 }
214 /* Mark kernel_fd "close on exec" */
217 /* Create the hash table */
223 }
225 /* Initialize the slot table */
232 }
234 /* Initialize the object_to_be_freed list */
240 /* Initialize the session_to_be_freed list */
253 }
256 /*
257 * C_Finalize is a wrapper around finalize_common. The
258 * globalmutex should be locked by C_Finalize().
259 */
260 CK_RV
262 {
270 }
272 /* Check to see if pReseved is NULL */
276 }
278 /*
279 * Delete all the sessions for each slot and release the allocated
280 * resources
281 */
284 }
291 }
293 /*
294 * finalize_common() does the work for C_Finalize. globalmutex
295 * must be held before calling this function.
296 */
297 static void
305 /*
306 * Free the resources allocated for the slot table and reset
307 * slot_count to 0.
308 */
313 }
316 }
318 /* Close CRYPTO_DEVICE */
321 }
323 /* Walk the hash table and free all entries */
330 }
331 }
339 /*
340 * free all entries in the delay_freed list
341 */
347 }
355 }
357 }
359 /*
360 * This function cleans up all the resources in the library (user space only)
361 */
362 static void
364 {
367 /*
368 * Delete all the sessions for each slot and release the allocated
369 * resources from the library. The boolean argument TRUE indicates
370 * that we only wants to clean up the resource in the library only.
371 * We don't want to clean up the corresponding kernel part of
372 * resources, because they are used by the parent process still.
373 */
377 }
380 }
382 static void
384 {
386 kernel_fork_after);
387 }
389 /*
390 * kernel_fini() function required to make sure complete cleanup
391 * is done if pkcs11_kernel is ever unloaded without
392 * a C_Finalize() call.
393 */
394 static void
396 {
400 /* if we're not initilized, do not attempt to finalize */
404 }
409 }
411 CK_RV
413 {
419 }
421 /* Check if the cryptoki was initialized */
434 }
436 CK_RV
438 {
441 }
446 }
448 /*
449 * PKCS#11 states that C_GetFunctionStatus should always return
450 * CKR_FUNCTION_NOT_PARALLEL
451 */
452 /*ARGSUSED*/
453 CK_RV
455 {
457 }
459 /*
460 * Take out all mutexes before fork.
461 * Order:
462 * 1. globalmutex
463 * 2. all slots mutexes (and all their sessions) via
464 * kernel_acquire_all_slots_mutexes()
465 * 3. obj_delay_freed.obj_to_be_free_mutex;
466 * 4. ses_delay_freed.ses_to_be_free_mutex
467 */
468 void
470 {
479 }
480 }
482 /*
483 * Release in opposite order to kernel_fork_prepare().
484 * Function is used for parent and child.
485 */
486 void
488 {
496 }
498 }
500 /*
501 * PKCS#11 states that C_CancelFunction should always return
502 * CKR_FUNCTION_NOT_PARALLEL
503 */
504 /*ARGSUSED*/
505 CK_RV
507 {
509 }