TclPKCS11

Check-in [250660270e]
Login

Check-in [250660270e]

Overview
Comment:Changed session management functions to use an active flag rather than a special session value
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 250660270eda454d36b766a541e7add49dccb3b12011bc7100737edb0e5f9519
User & Date: rkeene on 2010-10-11 13:54:19
Other Links: manifest | tags
Context
2010-10-11
13:55
Updated local testing scripts to building using verbose errors check-in: 768c073914 user: rkeene tags: trunk
13:54
Changed session management functions to use an active flag rather than a special session value check-in: 250660270e user: rkeene tags: trunk
13:41
Updated to use pragma pack on Win32 fixing issues experienced with C_GetFunctionList returning unusable data Updated to unload all active PKCS#11 modules on exit check-in: fcc22c8809 user: rkeene tags: trunk
Changes

Modified tclpkcs11.c from [671cc071b5] to [2e5a3ac01f].

55
56
57
58
59
60
61

62
63
64
65
66
67
68

struct tclpkcs11_handle {
	/* PKCS11 Module Pointers */
	void *base;
	CK_FUNCTION_LIST_PTR pkcs11;

	/* Session Management */

	CK_SLOT_ID session_slot;
	CK_SESSION_HANDLE session;
};

/*
 * Tcl <--> PKCS11 Bridge Functions
 */ 







>







55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

struct tclpkcs11_handle {
	/* PKCS11 Module Pointers */
	void *base;
	CK_FUNCTION_LIST_PTR pkcs11;

	/* Session Management */
	int session_active;
	CK_SLOT_ID session_slot;
	CK_SESSION_HANDLE session;
};

/*
 * Tcl <--> PKCS11 Bridge Functions
 */ 
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394

395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
}

/* Convience function to start a session if one is not already active */
MODULE_SCOPE int tclpkcs11_start_session(struct tclpkcs11_handle *handle, CK_SLOT_ID slot) {
	CK_SESSION_HANDLE tmp_session;
	CK_RV chk_rv;

	if (handle->session != -1) {
		if (handle->session_slot == slot) {
			return(CKR_OK);
		}

		/* Close the existing session and create a new one */
		chk_rv = handle->pkcs11->C_CloseSession(handle->session);
		handle->session = -1;
		handle->session_slot = -1;
		if (chk_rv != CKR_OK) {
			return(chk_rv);
		}
	}

	chk_rv = handle->pkcs11->C_OpenSession(slot, CKF_SERIAL_SESSION, NULL, NULL, &tmp_session);
	if (chk_rv != CKR_OK) {
		handle->pkcs11->C_CloseSession(handle->session);
		handle->session = -1;
		handle->session_slot = -1;

		return(chk_rv);
	}

	handle->session = tmp_session;
	handle->session_slot = slot;


	return(CKR_OK);
}

MODULE_SCOPE int tclpkcs11_close_session(struct tclpkcs11_handle *handle) {
	CK_RV chk_rv;

	if (handle->session != -1) {
		chk_rv = handle->pkcs11->C_CloseSession(handle->session);
		handle->session = -1;
		handle->session_slot = -1;

		if (chk_rv != CKR_OK) {
			return(chk_rv);
		}
	}

	return(CKR_OK);







|





<
|
|








<
<






>







|
<
|
|







364
365
366
367
368
369
370
371
372
373
374
375
376

377
378
379
380
381
382
383
384
385
386


387
388
389
390
391
392
393
394
395
396
397
398
399
400
401

402
403
404
405
406
407
408
409
410
}

/* Convience function to start a session if one is not already active */
MODULE_SCOPE int tclpkcs11_start_session(struct tclpkcs11_handle *handle, CK_SLOT_ID slot) {
	CK_SESSION_HANDLE tmp_session;
	CK_RV chk_rv;

	if (handle->session_active) {
		if (handle->session_slot == slot) {
			return(CKR_OK);
		}

		/* Close the existing session and create a new one */

		handle->session_active = 0;
		chk_rv = handle->pkcs11->C_CloseSession(handle->session);
		if (chk_rv != CKR_OK) {
			return(chk_rv);
		}
	}

	chk_rv = handle->pkcs11->C_OpenSession(slot, CKF_SERIAL_SESSION, NULL, NULL, &tmp_session);
	if (chk_rv != CKR_OK) {
		handle->pkcs11->C_CloseSession(handle->session);



		return(chk_rv);
	}

	handle->session = tmp_session;
	handle->session_slot = slot;
	handle->session_active = 1;

	return(CKR_OK);
}

MODULE_SCOPE int tclpkcs11_close_session(struct tclpkcs11_handle *handle) {
	CK_RV chk_rv;

	if (handle->session_active) {

		handle->session_active = 0;
		chk_rv = handle->pkcs11->C_CloseSession(handle->session);

		if (chk_rv != CKR_OK) {
			return(chk_rv);
		}
	}

	return(CKR_OK);
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597

	/* Allocate the per-handle structure */
	new_handle = (struct tclpkcs11_handle *) ckalloc(sizeof(*new_handle));

	/* Initialize the per-handle structure */
	new_handle->base = handle;
	new_handle->pkcs11 = pkcs11_function_list;
	new_handle->session = -1;
	new_handle->session_slot = -1;

	Tcl_SetHashValue(tcl_handle_entry, (ClientData) new_handle);

	Tcl_SetObjResult(interp, tcl_handle);

	return(TCL_OK);
}







|
<







580
581
582
583
584
585
586
587

588
589
590
591
592
593
594

	/* Allocate the per-handle structure */
	new_handle = (struct tclpkcs11_handle *) ckalloc(sizeof(*new_handle));

	/* Initialize the per-handle structure */
	new_handle->base = handle;
	new_handle->pkcs11 = pkcs11_function_list;
	new_handle->session_active = 0;


	Tcl_SetHashValue(tcl_handle_entry, (ClientData) new_handle);

	Tcl_SetObjResult(interp, tcl_handle);

	return(TCL_OK);
}
1219
1220
1221
1222
1223
1224
1225
1226
1227

1228
1229
1230
1231
1232
1233
1234
1235

		return(TCL_ERROR);
	}

	chk_rv = handle->pkcs11->C_Logout(handle->session);
	if (chk_rv != CKR_OK) {
		if (chk_rv == CKR_DEVICE_REMOVED) {
			handle->pkcs11->C_CloseSession(handle->session);
			handle->session = -1;

			handle->session_slot = -1;
		} else {
			Tcl_SetObjResult(interp, tclpkcs11_pkcs11_error(chk_rv));

			return(TCL_ERROR);
		}
	}








<
|
>
|







1216
1217
1218
1219
1220
1221
1222

1223
1224
1225
1226
1227
1228
1229
1230
1231
1232

		return(TCL_ERROR);
	}

	chk_rv = handle->pkcs11->C_Logout(handle->session);
	if (chk_rv != CKR_OK) {
		if (chk_rv == CKR_DEVICE_REMOVED) {

			handle->session_active = 0;

			handle->pkcs11->C_CloseSession(handle->session);
		} else {
			Tcl_SetObjResult(interp, tclpkcs11_pkcs11_error(chk_rv));

			return(TCL_ERROR);
		}
	}