Skip to content

Commit

Permalink
Do not load profiles for 2.40
Browse files Browse the repository at this point in the history 
Any version less than PKCS#11 3.0 does not have profile support,
so let's not even try to load them in that case.

Signed-off-by: Simo Sorce <simo@redhat.com>
  • Loading branch information
@simo5
simo5 committed Jan 9, 2024
1 parent 5bd9b88 commit 90618dd
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 1 deletion.
5 changes: 5 additions & 0 deletions src/interface.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -469,3 +469,8 @@ CK_RV side_channel_free_Decrypt(P11PROV_CTX *ctx, CK_SESSION_HANDLE hSession,
return intf->Decrypt(hSession, pEncryptedData, ulEncryptedDataLen, pData,
pulDataLen);
}

CK_INFO p11prov_module_ck_info(P11PROV_MODULE *mctx)
{
return mctx->ck_info;
}
2 changes: 2 additions & 0 deletions src/interface.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,4 +133,6 @@ CK_RV side_channel_free_Decrypt(P11PROV_CTX *ctx, CK_SESSION_HANDLE hSession,
CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData,
CK_ULONG_PTR pulDataLen);

CK_INFO p11prov_module_ck_info(P11PROV_MODULE *mctx);

#endif /* _INTERFACE_H */
9 changes: 9 additions & 0 deletions src/provider.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -615,6 +615,15 @@ bool p11prov_ctx_no_operation_state(P11PROV_CTX *ctx)
return ctx->no_operation_state;
}

CK_INFO p11prov_ctx_get_ck_info(P11PROV_CTX *ctx)
{
if (!ctx->module) {
CK_INFO info = { 0 };
return info;
}
return p11prov_module_ck_info(ctx->module);
}

static void p11prov_teardown(void *ctx)
{
p11prov_ctx_free((P11PROV_CTX *)ctx);
Expand Down
2 changes: 2 additions & 0 deletions src/provider.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,8 @@ int p11prov_ctx_cache_sessions(P11PROV_CTX *ctx);

bool p11prov_ctx_no_operation_state(P11PROV_CTX *ctx);

CK_INFO p11prov_ctx_get_ck_info(P11PROV_CTX *ctx);

#include "debug.h"

/* Errors */
Expand Down
8 changes: 7 additions & 1 deletion src/slot.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,11 +118,14 @@ static const char slot_desc_fmt[] = "PKCS#11 Token (Slot %lu - %s)";
CK_RV p11prov_init_slots(P11PROV_CTX *ctx, P11PROV_SLOTS_CTX **slots)
{
CK_ULONG num;
CK_INFO ck_info;
CK_SLOT_ID *slotid = NULL;
struct p11prov_slots_ctx *sctx;
CK_RV ret;
int err;

ck_info = p11prov_ctx_get_ck_info(ctx);

sctx = OPENSSL_zalloc(sizeof(P11PROV_SLOTS_CTX));
if (!sctx) {
return CKR_HOST_MEMORY;
Expand Down Expand Up @@ -215,7 +218,10 @@ CK_RV p11prov_init_slots(P11PROV_CTX *ctx, P11PROV_SLOTS_CTX **slots)
goto done;
}

get_slot_profiles(ctx, slot);
/* profiles not available before version 3 */
if (ck_info.cryptokiVersion.major >= 3) {
get_slot_profiles(ctx, slot);
}
get_slot_mechanisms(ctx, slot);

P11PROV_debug_slot(ctx, slot->id, &slot->slot, &slot->token,
Expand Down

0 comments on commit 90618dd

Please sign in to comment.