PageRenderTime 29ms CodeModel.GetById 13ms app.highlight 13ms RepoModel.GetById 1ms app.codeStats 0ms

/security/nss/lib/dev/devslot.c

http://github.com/zpao/v8monkey
C | 296 lines | 209 code | 27 blank | 60 comment | 34 complexity | a8178ff6e269d456b61a0d9f39d9c9b9 MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is the Netscape security libraries.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * Netscape Communications Corporation.
 18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 19 * the Initial Developer. All Rights Reserved.
 20 *
 21 * Contributor(s):
 22 *
 23 * Alternatively, the contents of this file may be used under the terms of
 24 * either the GNU General Public License Version 2 or later (the "GPL"), or
 25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 26 * in which case the provisions of the GPL or the LGPL are applicable instead
 27 * of those above. If you wish to allow use of your version of this file only
 28 * under the terms of either the GPL or the LGPL, and not to allow others to
 29 * use your version of this file under the terms of the MPL, indicate your
 30 * decision by deleting the provisions above and replace them with the notice
 31 * and other provisions required by the GPL or the LGPL. If you do not delete
 32 * the provisions above, a recipient may use your version of this file under
 33 * the terms of any one of the MPL, the GPL or the LGPL.
 34 *
 35 * ***** END LICENSE BLOCK ***** */
 36
 37#ifdef DEBUG
 38static const char CVS_ID[] = "@(#) $RCSfile: devslot.c,v $ $Revision: 1.27 $ $Date: 2010/04/03 18:27:30 $";
 39#endif /* DEBUG */
 40
 41#include "pkcs11.h"
 42
 43#ifndef DEVM_H
 44#include "devm.h"
 45#endif /* DEVM_H */
 46
 47#ifndef CKHELPER_H
 48#include "ckhelper.h"
 49#endif /* CKHELPER_H */
 50
 51#include "pk11pub.h"
 52
 53/* measured in seconds */
 54#define NSSSLOT_TOKEN_DELAY_TIME 1
 55
 56/* this should track global and per-transaction login information */
 57
 58#define NSSSLOT_IS_FRIENDLY(slot) \
 59  (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
 60
 61/* measured as interval */
 62static PRIntervalTime s_token_delay_time = 0;
 63
 64/* The flags needed to open a read-only session. */
 65static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
 66
 67NSS_IMPLEMENT PRStatus
 68nssSlot_Destroy (
 69  NSSSlot *slot
 70)
 71{
 72    if (slot) {
 73	if (PR_ATOMIC_DECREMENT(&slot->base.refCount) == 0) {
 74	    PZ_DestroyLock(slot->base.lock);
 75	    return nssArena_Destroy(slot->base.arena);
 76	}
 77    }
 78    return PR_SUCCESS;
 79}
 80
 81void
 82nssSlot_EnterMonitor(NSSSlot *slot)
 83{
 84    if (slot->lock) {
 85	PZ_Lock(slot->lock);
 86    }
 87}
 88
 89void
 90nssSlot_ExitMonitor(NSSSlot *slot)
 91{
 92    if (slot->lock) {
 93	PZ_Unlock(slot->lock);
 94    }
 95}
 96
 97NSS_IMPLEMENT void
 98NSSSlot_Destroy (
 99  NSSSlot *slot
100)
101{
102    (void)nssSlot_Destroy(slot);
103}
104
105NSS_IMPLEMENT NSSSlot *
106nssSlot_AddRef (
107  NSSSlot *slot
108)
109{
110    PR_ATOMIC_INCREMENT(&slot->base.refCount);
111    return slot;
112}
113
114NSS_IMPLEMENT NSSUTF8 *
115nssSlot_GetName (
116  NSSSlot *slot
117)
118{
119    return slot->base.name;
120}
121
122NSS_IMPLEMENT NSSUTF8 *
123nssSlot_GetTokenName (
124  NSSSlot *slot
125)
126{
127    return nssToken_GetName(slot->token);
128}
129
130NSS_IMPLEMENT void
131nssSlot_ResetDelay (
132  NSSSlot *slot
133)
134{
135    slot->lastTokenPing = 0;
136}
137
138static PRBool
139within_token_delay_period(NSSSlot *slot)
140{
141    PRIntervalTime time, lastTime;
142    /* Set the delay time for checking the token presence */
143    if (s_token_delay_time == 0) {
144	s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
145    }
146    time = PR_IntervalNow();
147    lastTime = slot->lastTokenPing;
148    if ((lastTime) && ((time - lastTime) < s_token_delay_time)) {
149	return PR_TRUE;
150    }
151    slot->lastTokenPing = time;
152    return PR_FALSE;
153}
154
155NSS_IMPLEMENT PRBool
156nssSlot_IsTokenPresent (
157  NSSSlot *slot
158)
159{
160    CK_RV ckrv;
161    PRStatus nssrv;
162    /* XXX */
163    nssSession *session;
164    CK_SLOT_INFO slotInfo;
165    void *epv;
166    /* permanent slots are always present unless they're disabled */
167    if (nssSlot_IsPermanent(slot)) {
168	return !PK11_IsDisabled(slot->pk11slot);
169    }
170    /* avoid repeated calls to check token status within set interval */
171    if (within_token_delay_period(slot)) {
172	return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
173    }
174
175    /* First obtain the slot info */
176    epv = slot->epv;
177    if (!epv) {
178	return PR_FALSE;
179    }
180    nssSlot_EnterMonitor(slot);
181    ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
182    nssSlot_ExitMonitor(slot);
183    if (ckrv != CKR_OK) {
184	slot->token->base.name[0] = 0; /* XXX */
185	return PR_FALSE;
186    }
187    slot->ckFlags = slotInfo.flags;
188    /* check for the presence of the token */
189    if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
190	if (!slot->token) {
191	    /* token was never present */
192	    return PR_FALSE;
193	}
194	session = nssToken_GetDefaultSession(slot->token);
195	if (session) {
196	    nssSession_EnterMonitor(session);
197	    /* token is not present */
198	    if (session->handle != CK_INVALID_SESSION) {
199		/* session is valid, close and invalidate it */
200		CKAPI(epv)->C_CloseSession(session->handle);
201		session->handle = CK_INVALID_SESSION;
202	    }
203	    nssSession_ExitMonitor(session);
204	}
205	if (slot->token->base.name[0] != 0) {
206	    /* notify the high-level cache that the token is removed */
207	    slot->token->base.name[0] = 0; /* XXX */
208	    nssToken_NotifyCertsNotVisible(slot->token);
209	}
210	slot->token->base.name[0] = 0; /* XXX */
211	/* clear the token cache */
212	nssToken_Remove(slot->token);
213	return PR_FALSE;
214    }
215    /* token is present, use the session info to determine if the card
216     * has been removed and reinserted.
217     */
218    session = nssToken_GetDefaultSession(slot->token);
219    if (session) {
220	PRBool isPresent = PR_FALSE;
221	nssSession_EnterMonitor(session);
222	if (session->handle != CK_INVALID_SESSION) {
223	    CK_SESSION_INFO sessionInfo;
224	    ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
225	    if (ckrv != CKR_OK) {
226		/* session is screwy, close and invalidate it */
227		CKAPI(epv)->C_CloseSession(session->handle);
228		session->handle = CK_INVALID_SESSION;
229	    }
230	}
231	isPresent = session->handle != CK_INVALID_SESSION;
232	nssSession_ExitMonitor(session);
233	/* token not removed, finished */
234	if (isPresent)
235	    return PR_TRUE;
236    } 
237    /* the token has been removed, and reinserted, or the slot contains
238     * a token it doesn't recognize. invalidate all the old
239     * information we had on this token, if we can't refresh, clear
240     * the present flag */
241    nssToken_NotifyCertsNotVisible(slot->token);
242    nssToken_Remove(slot->token);
243    /* token has been removed, need to refresh with new session */
244    nssrv = nssSlot_Refresh(slot);
245    if (nssrv != PR_SUCCESS) {
246        slot->token->base.name[0] = 0; /* XXX */
247        slot->ckFlags &= ~CKF_TOKEN_PRESENT;
248        return PR_FALSE;
249    }
250    return PR_TRUE;
251}
252
253NSS_IMPLEMENT void *
254nssSlot_GetCryptokiEPV (
255  NSSSlot *slot
256)
257{
258    return slot->epv;
259}
260
261NSS_IMPLEMENT NSSToken *
262nssSlot_GetToken (
263  NSSSlot *slot
264)
265{
266    if (nssSlot_IsTokenPresent(slot)) {
267	return nssToken_AddRef(slot->token);
268    }
269    return (NSSToken *)NULL;
270}
271
272NSS_IMPLEMENT PRStatus
273nssSession_EnterMonitor (
274  nssSession *s
275)
276{
277    if (s->lock) PZ_Lock(s->lock);
278    return PR_SUCCESS;
279}
280
281NSS_IMPLEMENT PRStatus
282nssSession_ExitMonitor (
283  nssSession *s
284)
285{
286    return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
287}
288
289NSS_EXTERN PRBool
290nssSession_IsReadWrite (
291  nssSession *s
292)
293{
294    return s->isRW;
295}
296