1 /* 2 * Copyright (c) 2005-2018 Alon Bar-Lev <alon.barlev@gmail.com> 3 * 4 * This software is available to you under a choice of one of two 5 * licenses. You may choose to be licensed under the terms of the GNU 6 * General Public License (GPL) Version 2, or the BSD license. 7 * 8 * GNU General Public License (GPL) Version 2 9 * =========================================== 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING.GPL included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 23 * 24 * BSD License 25 * ============ 26 * Redistribution and use in source and binary forms, with or without 27 * modification, are permitted provided that the following conditions are met: 28 * 29 * o Redistributions of source code must retain the above copyright notice, 30 * this list of conditions and the following disclaimer. 31 * o Redistributions in binary form must reproduce the above copyright 32 * notice, this list of conditions and the following disclaimer in the 33 * documentation and/or other materials provided with the distribution. 34 * o Neither the name of the Alon Bar-Lev nor the names of its 35 * contributors may be used to endorse or promote products derived from 36 * this software without specific prior written permission. 37 * 38 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 39 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 41 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 42 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 43 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 44 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 45 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 46 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 48 * POSSIBILITY OF SUCH DAMAGE. 49 */ 50 51 #ifndef ___PKCS11H_BASE_H 52 #define ___PKCS11H_BASE_H 53 54 #include "common.h" 55 56 #include <pkcs11-helper-1.0/pkcs11h-core.h> 57 #include <pkcs11-helper-1.0/pkcs11h-certificate.h> 58 #include "_pkcs11h-threading.h" 59 60 #if !defined(_WIN32) 61 #include <unistd.h> 62 #endif 63 64 #define _PKCS11H_INVALID_SLOT_ID ((CK_SLOT_ID)-1) 65 #define _PKCS11H_INVALID_SESSION_HANDLE ((CK_SESSION_HANDLE)-1) 66 #define _PKCS11H_INVALID_OBJECT_HANDLE ((CK_OBJECT_HANDLE)-1) 67 68 #define _PKCS11H_DEFAULT_SLOTEVENT_POLL 5000 69 #define _PKCS11H_DEFAULT_MAX_LOGIN_RETRY 3 70 #define _PKCS11H_DEFAULT_PIN_CACHE_PERIOD PKCS11H_PIN_CACHE_INFINITE 71 72 /*=========================================== 73 * Macros 74 */ 75 76 #define __PKCS11H_MSG_LEVEL_TEST(flags) (((unsigned int)flags) <= _g_pkcs11h_loglevel) 77 78 #if defined(HAVE_CPP_VARARG_MACRO_ISO) && !defined(__LCLINT__) 79 # define _PKCS11H_LOG(flags, ...) do { if (__PKCS11H_MSG_LEVEL_TEST(flags)) _pkcs11h_log((flags), __VA_ARGS__); } while (FALSE) 80 # ifdef ENABLE_PKCS11H_DEBUG 81 # define _PKCS11H_DEBUG(flags, ...) do { if (__PKCS11H_MSG_LEVEL_TEST(flags)) _pkcs11h_log((flags), __VA_ARGS__); } while (FALSE) 82 # else 83 # define _PKCS11H_DEBUG(flags, ...) 84 # endif 85 #elif defined(HAVE_CPP_VARARG_MACRO_GCC) && !defined(__LCLINT__) 86 # define _PKCS11H_LOG(flags, args...) do { if (__PKCS11H_MSG_LEVEL_TEST(flags)) _pkcs11h_log((flags), args); } while (FALSE) 87 # ifdef ENABLE_PKCS11H_DEBUG 88 # define _PKCS11H_DEBUG(flags, args...) do { if (__PKCS11H_MSG_LEVEL_TEST(flags)) _pkcs11h_log((flags), args); } while (FALSE) 89 # else 90 # define _PKCS11H_DEBUG(flags, args...) 91 # endif 92 #else 93 # define _PKCS11H_LOG _pkcs11h_log 94 # define _PKCS11H_DEBUG _pkcs11h_log 95 #endif 96 97 /*=========================================== 98 * Types 99 */ 100 101 struct _pkcs11h_provider_s; 102 struct _pkcs11h_session_s; 103 struct _pkcs11h_data_s; 104 typedef struct _pkcs11h_provider_s *_pkcs11h_provider_t; 105 typedef struct _pkcs11h_session_s *_pkcs11h_session_t; 106 typedef struct _pkcs11h_data_s *_pkcs11h_data_t; 107 108 struct _pkcs11h_provider_s { 109 _pkcs11h_provider_t next; 110 111 PKCS11H_BOOL enabled; 112 char reference[1024]; 113 char manufacturerID[sizeof (((CK_TOKEN_INFO *)NULL)->manufacturerID)+1]; 114 115 #if defined(_WIN32) 116 HANDLE handle; 117 #else 118 void *handle; 119 #endif 120 121 CK_FUNCTION_LIST_PTR f; 122 PKCS11H_BOOL should_finalize; 123 PKCS11H_BOOL allow_protected_auth; 124 PKCS11H_BOOL cert_is_private; 125 unsigned mask_private_mode; 126 unsigned mask_decrypt_mode; 127 unsigned slot_event_method; 128 unsigned slot_poll_interval; 129 130 #if defined(ENABLE_PKCS11H_SLOTEVENT) 131 _pkcs11h_thread_t slotevent_thread; 132 #endif 133 }; 134 135 struct _pkcs11h_session_s { 136 _pkcs11h_session_t next; 137 138 int reference_count; 139 PKCS11H_BOOL valid; 140 141 _pkcs11h_provider_t provider; 142 143 pkcs11h_token_id_t token_id; 144 145 CK_SESSION_HANDLE session_handle; 146 147 PKCS11H_BOOL allow_protected_auth_supported; 148 int pin_cache_period; 149 time_t pin_expire_time; 150 151 #if defined(ENABLE_PKCS11H_CERTIFICATE) 152 pkcs11h_certificate_id_list_t cached_certs; 153 PKCS11H_BOOL touch; 154 #endif 155 156 #if defined(ENABLE_PKCS11H_THREADING) 157 _pkcs11h_mutex_t mutex; 158 #endif 159 }; 160 161 struct _pkcs11h_data_s { 162 PKCS11H_BOOL initialized; 163 int pin_cache_period; 164 165 _pkcs11h_provider_t providers; 166 _pkcs11h_session_t sessions; 167 168 struct { 169 void * log_data; 170 void * slotevent_data; 171 void * token_prompt_data; 172 void * pin_prompt_data; 173 pkcs11h_hook_log_t log; 174 pkcs11h_hook_slotevent_t slotevent; 175 pkcs11h_hook_token_prompt_t token_prompt; 176 pkcs11h_hook_pin_prompt_t pin_prompt; 177 } hooks; 178 179 PKCS11H_BOOL allow_protected_auth; 180 unsigned max_retries; 181 182 #if defined(ENABLE_PKCS11H_THREADING) 183 struct { 184 _pkcs11h_mutex_t global; 185 _pkcs11h_mutex_t session; 186 _pkcs11h_mutex_t cache; 187 } mutexes; 188 #endif 189 #if !defined(_WIN32) 190 PKCS11H_BOOL safefork; 191 #endif 192 193 #if defined(ENABLE_PKCS11H_SLOTEVENT) 194 struct { 195 PKCS11H_BOOL initialized; 196 PKCS11H_BOOL should_terminate; 197 PKCS11H_BOOL skip_event; 198 _pkcs11h_cond_t cond_event; 199 _pkcs11h_thread_t thread; 200 } slotevent; 201 #endif 202 }; 203 204 void 205 _pkcs11h_log ( 206 IN const unsigned flags, 207 IN const char * const format, 208 IN ... 209 ) 210 #ifdef __GNUC__ 211 __attribute__ ((format (printf, 2, 3))) 212 #endif 213 ; 214 215 extern _pkcs11h_data_t _g_pkcs11h_data; 216 extern unsigned int _g_pkcs11h_loglevel; 217 218 #endif 219