/security/nss/lib/dev/devslot.c
http://github.com/zpao/v8monkey · C · 296 lines · 209 code · 27 blank · 60 comment · 34 complexity · a8178ff6e269d456b61a0d9f39d9c9b9 MD5 · raw file
- /* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
- #ifdef DEBUG
- static const char CVS_ID[] = "@(#) $RCSfile: devslot.c,v $ $Revision: 1.27 $ $Date: 2010/04/03 18:27:30 $";
- #endif /* DEBUG */
- #include "pkcs11.h"
- #ifndef DEVM_H
- #include "devm.h"
- #endif /* DEVM_H */
- #ifndef CKHELPER_H
- #include "ckhelper.h"
- #endif /* CKHELPER_H */
- #include "pk11pub.h"
- /* measured in seconds */
- #define NSSSLOT_TOKEN_DELAY_TIME 1
- /* this should track global and per-transaction login information */
- #define NSSSLOT_IS_FRIENDLY(slot) \
- (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
- /* measured as interval */
- static PRIntervalTime s_token_delay_time = 0;
- /* The flags needed to open a read-only session. */
- static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
- NSS_IMPLEMENT PRStatus
- nssSlot_Destroy (
- NSSSlot *slot
- )
- {
- if (slot) {
- if (PR_ATOMIC_DECREMENT(&slot->base.refCount) == 0) {
- PZ_DestroyLock(slot->base.lock);
- return nssArena_Destroy(slot->base.arena);
- }
- }
- return PR_SUCCESS;
- }
- void
- nssSlot_EnterMonitor(NSSSlot *slot)
- {
- if (slot->lock) {
- PZ_Lock(slot->lock);
- }
- }
- void
- nssSlot_ExitMonitor(NSSSlot *slot)
- {
- if (slot->lock) {
- PZ_Unlock(slot->lock);
- }
- }
- NSS_IMPLEMENT void
- NSSSlot_Destroy (
- NSSSlot *slot
- )
- {
- (void)nssSlot_Destroy(slot);
- }
- NSS_IMPLEMENT NSSSlot *
- nssSlot_AddRef (
- NSSSlot *slot
- )
- {
- PR_ATOMIC_INCREMENT(&slot->base.refCount);
- return slot;
- }
- NSS_IMPLEMENT NSSUTF8 *
- nssSlot_GetName (
- NSSSlot *slot
- )
- {
- return slot->base.name;
- }
- NSS_IMPLEMENT NSSUTF8 *
- nssSlot_GetTokenName (
- NSSSlot *slot
- )
- {
- return nssToken_GetName(slot->token);
- }
- NSS_IMPLEMENT void
- nssSlot_ResetDelay (
- NSSSlot *slot
- )
- {
- slot->lastTokenPing = 0;
- }
- static PRBool
- within_token_delay_period(NSSSlot *slot)
- {
- PRIntervalTime time, lastTime;
- /* Set the delay time for checking the token presence */
- if (s_token_delay_time == 0) {
- s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
- }
- time = PR_IntervalNow();
- lastTime = slot->lastTokenPing;
- if ((lastTime) && ((time - lastTime) < s_token_delay_time)) {
- return PR_TRUE;
- }
- slot->lastTokenPing = time;
- return PR_FALSE;
- }
- NSS_IMPLEMENT PRBool
- nssSlot_IsTokenPresent (
- NSSSlot *slot
- )
- {
- CK_RV ckrv;
- PRStatus nssrv;
- /* XXX */
- nssSession *session;
- CK_SLOT_INFO slotInfo;
- void *epv;
- /* permanent slots are always present unless they're disabled */
- if (nssSlot_IsPermanent(slot)) {
- return !PK11_IsDisabled(slot->pk11slot);
- }
- /* avoid repeated calls to check token status within set interval */
- if (within_token_delay_period(slot)) {
- return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
- }
- /* First obtain the slot info */
- epv = slot->epv;
- if (!epv) {
- return PR_FALSE;
- }
- nssSlot_EnterMonitor(slot);
- ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
- nssSlot_ExitMonitor(slot);
- if (ckrv != CKR_OK) {
- slot->token->base.name[0] = 0; /* XXX */
- return PR_FALSE;
- }
- slot->ckFlags = slotInfo.flags;
- /* check for the presence of the token */
- if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
- if (!slot->token) {
- /* token was never present */
- return PR_FALSE;
- }
- session = nssToken_GetDefaultSession(slot->token);
- if (session) {
- nssSession_EnterMonitor(session);
- /* token is not present */
- if (session->handle != CK_INVALID_SESSION) {
- /* session is valid, close and invalidate it */
- CKAPI(epv)->C_CloseSession(session->handle);
- session->handle = CK_INVALID_SESSION;
- }
- nssSession_ExitMonitor(session);
- }
- if (slot->token->base.name[0] != 0) {
- /* notify the high-level cache that the token is removed */
- slot->token->base.name[0] = 0; /* XXX */
- nssToken_NotifyCertsNotVisible(slot->token);
- }
- slot->token->base.name[0] = 0; /* XXX */
- /* clear the token cache */
- nssToken_Remove(slot->token);
- return PR_FALSE;
- }
- /* token is present, use the session info to determine if the card
- * has been removed and reinserted.
- */
- session = nssToken_GetDefaultSession(slot->token);
- if (session) {
- PRBool isPresent = PR_FALSE;
- nssSession_EnterMonitor(session);
- if (session->handle != CK_INVALID_SESSION) {
- CK_SESSION_INFO sessionInfo;
- ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
- if (ckrv != CKR_OK) {
- /* session is screwy, close and invalidate it */
- CKAPI(epv)->C_CloseSession(session->handle);
- session->handle = CK_INVALID_SESSION;
- }
- }
- isPresent = session->handle != CK_INVALID_SESSION;
- nssSession_ExitMonitor(session);
- /* token not removed, finished */
- if (isPresent)
- return PR_TRUE;
- }
- /* the token has been removed, and reinserted, or the slot contains
- * a token it doesn't recognize. invalidate all the old
- * information we had on this token, if we can't refresh, clear
- * the present flag */
- nssToken_NotifyCertsNotVisible(slot->token);
- nssToken_Remove(slot->token);
- /* token has been removed, need to refresh with new session */
- nssrv = nssSlot_Refresh(slot);
- if (nssrv != PR_SUCCESS) {
- slot->token->base.name[0] = 0; /* XXX */
- slot->ckFlags &= ~CKF_TOKEN_PRESENT;
- return PR_FALSE;
- }
- return PR_TRUE;
- }
- NSS_IMPLEMENT void *
- nssSlot_GetCryptokiEPV (
- NSSSlot *slot
- )
- {
- return slot->epv;
- }
- NSS_IMPLEMENT NSSToken *
- nssSlot_GetToken (
- NSSSlot *slot
- )
- {
- if (nssSlot_IsTokenPresent(slot)) {
- return nssToken_AddRef(slot->token);
- }
- return (NSSToken *)NULL;
- }
- NSS_IMPLEMENT PRStatus
- nssSession_EnterMonitor (
- nssSession *s
- )
- {
- if (s->lock) PZ_Lock(s->lock);
- return PR_SUCCESS;
- }
- NSS_IMPLEMENT PRStatus
- nssSession_ExitMonitor (
- nssSession *s
- )
- {
- return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
- }
- NSS_EXTERN PRBool
- nssSession_IsReadWrite (
- nssSession *s
- )
- {
- return s->isRW;
- }