In-house patch created to avoid the multiple declaration for log variable.
This is necessary only when building the component with Solaris Studio.
This patch is Solaris buildenv specific and may not be suitable for upstream.
Other modifications were introduced to keep this in sync with upstream patches
For example, the addition of RSA, EC, or both mechanisms support the variance
of different types of smart cards, where some cards support only EC, some only RSA.
/* static module data -------------------------------- */
+// XXX - Solaris studio compiler specific
+// changed variable name from "log" to "mylog" as we need to
+// avoid multiple declarations of a variable named "log"
+static Log *mylog = NULL;
static SlotList *slotList = NULL;
-static OSLock finalizeLock(false);
+static OSLock *finalizeLock = NULL;
+#define FINALIZE_GETLOCK() if (finalizeLock) finalizeLock->getLock();
+#define FINALIZE_RELEASELOCK() if (finalizeLock) finalizeLock->releaseLock();
static CK_BBOOL initialized = FALSE;
static CK_BBOOL finalizing = FALSE;
/**********************************************************************
************************** MECHANISM TABLE ***************************
**********************************************************************/
{CKM_RSA_PKCS, { 1024, 4096, CKF_HW | CKF_SIGN | CKF_DECRYPT } }
-static unsigned int numMechanisms = sizeof(mechanismList)/sizeof(MechInfo);
+ {CKM_ECDSA,{256,521,CKF_HW | CKF_SIGN | CKF_EC_F_P}},{ CKM_ECDSA_SHA1, {256, 521, CKF_HW | CKF_SIGN | CKF_EC_F_P}},{ CKM_ECDH1_DERIVE,{256, 521, CKF_HW | CKF_DERIVE | CKF_EC_F_P} }
+ {CKM_RSA_PKCS, { 1024, 4096, CKF_HW | CKF_SIGN | CKF_DECRYPT } },
+ {CKM_ECDSA,{256,521,CKF_HW | CKF_SIGN | CKF_EC_F_P}},{ CKM_ECDSA_SHA1, {256, 521, CKF_HW | CKF_SIGN | CKF_EC_F_P}},{ CKM_ECDH1_DERIVE,{256, 521, CKF_HW | CKF_DERIVE | CKF_EC_F_P} }
+unsigned int numRSAMechanisms = sizeof(rsaMechanismList)/sizeof(MechInfo);
+unsigned int numECMechanisms = sizeof(ecMechanismList)/sizeof(MechInfo);
+unsigned int numAllMechanisms = sizeof(allMechanismList)/sizeof(MechInfo);
/* ------------------------------------------------------------ */
for (i = 0; i < ulCount; ++i) {
CK_ATTRIBUTE_PTR pT = pTemplate + i;
if (pT->pValue && pT->ulValueLen == 4) {
"template [%02lu] type: %04lx, pValue: %08lx, ulValueLen: %08lx, value: %lu\n",
i, pT->type, pT->pValue, pT->ulValueLen, *(CK_ULONG_PTR)pT->pValue);
- log->log("template [%02lu] type: %04lx, pValue: %08lx, ulValueLen: %08lx\n",
+ mylog->log("template [%02lu] type: %04lx, pValue: %08lx, ulValueLen: %08lx\n",
i, pT->type, pT->pValue, pT->ulValueLen);
#define NOTSUPPORTED(name, args) \
- log->log(#name " called (notSupported)\n"); \
+ mylog->log(#name " called (notSupported)\n"); \
return CKR_FUNCTION_NOT_SUPPORTED; \
return CKR_CRYPTOKI_NOT_INITIALIZED; \
- log->log(#name " called\n"); \
+ mylog->log(#name " called\n"); \
slotList->name2 use_args ; \
} catch(PKCS11Exception& e) { \
NOTSUPPORTED(C_GenerateKeyPair, (CK_SESSION_HANDLE,CK_MECHANISM_PTR,CK_ATTRIBUTE_PTR,CK_ULONG,CK_ATTRIBUTE_PTR,CK_ULONG,CK_OBJECT_HANDLE_PTR,CK_OBJECT_HANDLE_PTR))
NOTSUPPORTED(C_WrapKey, (CK_SESSION_HANDLE,CK_MECHANISM_PTR,CK_OBJECT_HANDLE,CK_OBJECT_HANDLE,CK_BYTE_PTR,CK_ULONG_PTR))
NOTSUPPORTED(C_UnwrapKey, (CK_SESSION_HANDLE,CK_MECHANISM_PTR,CK_OBJECT_HANDLE,CK_BYTE_PTR,CK_ULONG,CK_ATTRIBUTE_PTR,CK_ULONG,CK_OBJECT_HANDLE_PTR))
-NOTSUPPORTED(C_DeriveKey, (CK_SESSION_HANDLE,CK_MECHANISM_PTR,CK_OBJECT_HANDLE,CK_ATTRIBUTE_PTR,CK_ULONG,CK_OBJECT_HANDLE_PTR))
NOTSUPPORTED(C_GetFunctionStatus, (CK_SESSION_HANDLE))
NOTSUPPORTED(C_CancelFunction, (CK_SESSION_HANDLE))
SUPPORTED(C_GenerateRandom, generateRandom,
(CK_SESSION_HANDLE hSession ,CK_BYTE_PTR data,CK_ULONG dataLen),
(hSession, data, dataLen))
+SUPPORTED(C_DeriveKey,derive,
+ (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey ),
+ (hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey))
/* non-specialized functions supported with the slot directly */
return CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ if (finalizeLock && !finalizeLock->isValid()) {
CK_C_INITIALIZE_ARGS* initArgs = (CK_C_INITIALIZE_ARGS*) pInitArgs;
+ OSLock::setThreadSafe(0);
/* work around a bug in NSS where the library parameters are only
* send if locking is requested */
if (initArgs->LibraryParameters) {
- if( (initArgs->flags & CKF_OS_LOCKING_OK) || initArgs->LockMutex ){
+ needThreads = ((initArgs->flags & CKF_OS_LOCKING_OK) != 0);
+ OSLock::setThreadSafe(needThreads);
+ /* don't get a finalize lock unless someone initializes us asking
+ if (needThreads && !finalizeLock) {
+ finalizeLock = new OSLock(true);
+ if (finalizeLock == NULL) return CKR_HOST_MEMORY;
+ /* only support OS LOCKING threads */
+ if( ((initArgs->flags & CKF_OS_LOCKING_OK) == 0)
+ && initArgs->LockMutex ){
throw PKCS11Exception(CKR_CANT_LOCK);
char * logFileName = getenv("COOL_KEY_LOG_FILE");
if (strcmp(logFileName,"SYSLOG") == 0) {
- log = new FileLog(logFileName);
+ mylog = new FileLog(logFileName);
+ mylog = new DummyLog();
- log->log("Initialize called, hello %d\n", 5);
- CKY_SetName("coolkey");
- slotList = new SlotList(log);
+ mylog->log("Initialize called, hello %d\n", 5);
+ CKY_SetName((char *) "coolkey");
+ slotList = new SlotList(mylog);
} catch(PKCS11Exception &e) {
// XXX cleanup all data structures !!!
- log->log("Finalizing...\n");
+ mylog->log("Finalizing...\n");
// don't race the setting of finalizing. If C_WaitEvent gets passed
// the finalizing call first, we know it will set waitEvent before
// we can get the lock, so we only need to protect setting finalizing
+ FINALIZE_RELEASELOCK();
/* we're waiting on a slot event, shutdown first to allow
* the wait function to complete before we pull the rug out.
+ FINALIZE_RELEASELOCK();
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_GetInfo called\n");
+ mylog->log("C_GetInfo called\n");
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("Called C_GetSlotInfo\n");
+ mylog->log("Called C_GetSlotInfo\n");
slotList->validateSlotID(slotID);
return slotList->getSlot(
slotIDToIndex(slotID))->getSlotInfo(pSlotInfo);
} catch( PKCS11Exception &excep ) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_GetTokenInfo called\n");
+ mylog->log("C_GetTokenInfo called\n");
slotList->validateSlotID(slotID);
return slotList->getSlot(
slotIDToIndex(slotID))->getTokenInfo(pTokenInfo);
} catch( PKCS11Exception &excep ) {
C_GetMechanismList(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
+ const MechInfo *mechanismList = NULL;
+ unsigned int numMechanisms = 0;
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_GetMechanismList called\n");
+ mylog->log("C_GetMechanismList called\n");
throw PKCS11Exception(CKR_ARGUMENTS_BAD);
slotList->validateSlotID(slotID);
- if( ! slotList->getSlot(
- slotIDToIndex(slotID))->isTokenPresent() ) {
+ Slot *slot = slotList->getSlot(slotIDToIndex(slotID));
+ if( ! slot || ! slot->isTokenPresent() ) {
return CKR_TOKEN_NOT_PRESENT;
+ switch (slot->getAlgs()) {
+ mechanismList = allMechanismList;
+ numMechanisms = numAllMechanisms;
+ mechanismList = ecMechanismList;
+ numMechanisms = numECMechanisms;
+ mechanismList = rsaMechanismList;
+ numMechanisms = numRSAMechanisms;
if( pMechanismList != NULL ) {
if( *pulCount < numMechanisms ) {
rv = CKR_BUFFER_TOO_SMALL;
*pulCount = numMechanisms;
- log->log("C_GetMechanismList returning %d\n", rv);
+ mylog->log("C_GetMechanismList returning %d\n", rv);
} catch(PKCS11Exception &excep ) {
C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
CK_MECHANISM_INFO_PTR pInfo)
+ const MechInfo *mechanismList = NULL;
+ unsigned int numMechanisms = 0;
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_GetMechanismInfo called\n");
+ mylog->log("C_GetMechanismInfo called\n");
throw PKCS11Exception(CKR_ARGUMENTS_BAD);
slotList->validateSlotID(slotID);
- if( ! slotList->getSlot(slotIDToIndex(slotID))->isTokenPresent() ) {
+ Slot *slot = slotList->getSlot(slotIDToIndex(slotID));
+ if( ! slot || ! slot->isTokenPresent() ) {
return CKR_TOKEN_NOT_PRESENT;
+ switch (slot->getAlgs()) {
+ mechanismList = allMechanismList;
+ numMechanisms = numAllMechanisms;
+ mechanismList = ecMechanismList;
+ numMechanisms = numECMechanisms;
+ mechanismList = rsaMechanismList;
+ numMechanisms = numRSAMechanisms;
for(unsigned int i=0; i < numMechanisms; ++i ) {
if( mechanismList[i].mech == type ) {
*pInfo = mechanismList[i].info;
- log->log("C_GetMechanismInfo got info about %d\n", type);
+ mylog->log("C_GetMechanismInfo got info about %d\n", type);
- log->log("C_GetMechanismInfo failed to find info about %d\n", type);
+ mylog->log("C_GetMechanismInfo failed to find info about %d\n", type);
return CKR_MECHANISM_INVALID; // mechanism not in the list
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_OpenSession called\n");
+ mylog->log("C_OpenSession called\n");
slotList->validateSlotID(slotID);
#ifdef LATER // the CSP isn't setting this bit right now.
if( ! (flags & CKF_SERIAL_SESSION) ) {
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_CloseSession(0x%x) called\n", hSession);
+ mylog->log("C_CloseSession(0x%x) called\n", hSession);
// If nothing else, we need to logout the token when all
// its sessions are closed.
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_CloseAllSessions(0x%x) called\n", slotID);
+ mylog->log("C_CloseAllSessions(0x%x) called\n", slotID);
slotList->validateSlotID(slotID);
// If nothing else, we need to logout the token when all
// its sessions are closed.
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_FindObjectsInit called, %lu templates\n", ulCount);
+ mylog->log("C_FindObjectsInit called, %lu templates\n", ulCount);
dumpTemplates(pTemplate, ulCount);
if( pTemplate == NULL && ulCount != 0 ) {
slotList->findObjectsInit(hSession, pTemplate, ulCount);
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_FindObjects called, max objects = %lu\n", ulMaxObjectCount );
+ mylog->log("C_FindObjects called, max objects = %lu\n", ulMaxObjectCount );
if( phObject == NULL && ulMaxObjectCount != 0 ) {
throw PKCS11Exception(CKR_ARGUMENTS_BAD);
slotList->findObjects(hSession, phObject, ulMaxObjectCount,
- log->log("returned %lu objects:", count );
+ mylog->log("returned %lu objects:", count );
for (i = 0; i < count; ++i) {
- log->log(" 0x%08lx", phObject[i]);
+ mylog->log(" 0x%08lx", phObject[i]);
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_Login called\n");
+ mylog->log("C_Login called\n");
if( userType != CKU_USER ) {
throw PKCS11Exception(CKR_USER_TYPE_INVALID);
slotList->login(hSession, pPin, ulPinLen);
} catch(PKCS11Exception &e) {
return CKR_CRYPTOKI_NOT_INITIALIZED;
- log->log("C_GetAttributeValue called, %lu templates for object 0x%08lx\n", ulCount, hObject);
+ mylog->log("C_GetAttributeValue called, %lu templates for object 0x%08lx\n", ulCount, hObject);
dumpTemplates(pTemplate, ulCount);
if( pTemplate == NULL && ulCount != 0 ) {
throw PKCS11Exception(CKR_ARGUMENTS_BAD);
} catch(PKCS11Exception& e) {
if (rv == CKR_ATTRIBUTE_TYPE_INVALID ||
rv == CKR_BUFFER_TOO_SMALL) {
dumpTemplates(pTemplate, ulCount);
C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved)
+ FINALIZE_RELEASELOCK();
return CKR_CRYPTOKI_NOT_INITIALIZED;
+ FINALIZE_RELEASELOCK();
return CKR_CRYPTOKI_NOT_INITIALIZED;
+ FINALIZE_RELEASELOCK();
- log->log("C_WaitForSlotEvent called\n");
+ mylog->log("C_WaitForSlotEvent called\n");
slotList->waitForSlotEvent(flags, pSlot, pReserved);
} catch(PKCS11Exception& e) {