kmsSession.c revision 4f14b0f29aa144cc03efdde5508ae126ae197acf
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*/
#include <pthread.h>
#include <errno.h>
#include <security/cryptoki.h>
#include "kmsGlobal.h"
#include "kmsSession.h"
#include "kmsSlot.h"
#include "kmsKeystoreUtil.h"
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if (!(flags & CKF_SERIAL_SESSION))
return (CKR_SESSION_PARALLEL_NOT_SUPPORTED);
return (CKR_ARGUMENTS_BAD);
if (slotID != KMS_TOKEN_SLOTID) {
return (CKR_SLOT_ID_INVALID);
}
/*
* Acquire the slot lock to protect sl_state and sl_sess_list.
* These two fields need to be protected atomically, even though
* "sl_sess_list" is updated in kms_add_session().
*/
pslot = get_slotinfo();
/* If SO is logged in the slot, only the RW session is allowed. */
return (CKR_SESSION_READ_WRITE_SO_EXISTS);
}
/* Create a new session */
return (rv);
}
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
return (rv);
/*
* Set SESSION_IS_CLOSING flag so any access to this
* session will be rejected.
*/
return (CKR_SESSION_CLOSED);
}
/*
* Decrement the session reference count.
* We hold the session lock, and REFRELE()
* will release the session lock for us.
*/
/*
* Delete a session by calling kms_delete_session() with
* a session pointer and two boolean arguments. The 3rd argument
* boolean value FALSE indicates that the caller does not
* hold the slot lock. The 4th argument boolean value B_FALSE
* indicates that we want to delete all the objects completely.
*
* kms_delete_session() will reset SESSION_IS_CLOSING
* flag after it is done.
*/
return (rv);
}
/*ARGSUSED*/
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/* Delete all the sessions and release the allocated resources */
return (CKR_OK);
}
/*
* Utility routine to get CK_STATE value for a session.
* The caller should not be holding the session lock.
*/
static CK_STATE
{
pslot = get_slotinfo();
}
return (state);
}
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
return (CKR_ARGUMENTS_BAD);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
return (rv);
/* Provide information for the specified session */
pInfo->ulDeviceError = 0;
/*
* Decrement the session reference count.
*/
return (rv);
}
/*ARGSUSED*/
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
return (CKR_FUNCTION_NOT_SUPPORTED);
}
/*ARGSUSED*/
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
return (CKR_FUNCTION_NOT_SUPPORTED);
}
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
return (CKR_USER_TYPE_INVALID);
}
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
return (rv);
/* Acquire the slot lock */
pslot = get_slotinfo();
/* Check if the slot is logged in already */
goto clean_exit;
}
/* To login as SO, every session in this slot needs to be R/W */
while (sp) {
/*
* Need not to lock individual sessions before
* accessing their "ses_RO" and "next" fields,
* because they are always accessed under the
* slot's mutex protection.
*/
break;
}
}
if (found) {
goto clean_exit;
}
}
/*
* Login to KMS by attempting to load the profile using
* the given password.
*/
(const char *)pPin,
/* Set the slot's session state. */
}
return (rv);
}
{
if (!kms_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
return (rv);
/* Acquire the slot lock. */
pslot = get_slotinfo();
/* Check if the user or SO was logged in */
goto clean_exit;
}
/*
* If this slot was logged in as USER previously, we need to clean up
* all private object wrappers in library for this slot.
*/
/* Reset the slot's session state. */
}
return (rv);
}