Hello,
>if C_Initialize is called the second card blocks if
there is already an
open session. C_Initialize looks at all readers, whether in
use or not.
>The calling chain is:
>C_Initialize
>-> __card_detect_all
>-> card_detect
>-> pkcs15_bind
>-> sc_pkcs15_bind
>-> sc_lock
>-> pcsc_lock
>-> SCardBeginTransaction
>-> SYS_Usleep
>-> _nanosleep_nocancel
>is there a way to find out if a reader is already in
use?
>or is there an option so pcsc_lock could fail if the
reader is locked,
rather than wait?
I made a workaround. The idea is to pre select a reader
while loading the
engine. The openssl engine works only with the pre selected
reader. It's little bit dirty, but it is working.
SELECT_READER command
works with one or more readers.
If you don't use it, all readers will be used (as usual).
The changes are in engine_pkcs11 and libp11.
Juergen
Example :
openssl
>engine -t dynamic -pre
SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre
ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre
MODULE_PATH:/usr/lib/opensc-pkcs11.so -pre SELECT_READER:0
or
>engine -t dynamic -pre
SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre
ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre
MODULE_PATH:/usr/lib/opensc-pkcs11.so -pre SELECT_READER:0,2
Based on libp11-0.2.1
############################################################
################
########
diff -udrNPpr libp11-0.2.1/rsaref/pkcs11f.h
../libp11-0.2.1/rsaref/pkcs11f.h
--- libp11-0.2.1/rsaref/pkcs11f.h 2005-10-30
13:48:02.000000000 +0100
+++ ../libp11-0.2.1/rsaref/pkcs11f.h 2006-04-21
09:11:40.000000000 +0200
 -910,3
+910,10 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEve
CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR
*/
);
#endif
+
+CK_PKCS11_FUNCTION_INFO(C_PreInitialize)
+#ifdef CK_NEED_ARG_LIST
+(
+ int *piPreInit /* reserved. Should be NULL_PTR */
+);
+#endif
diff -udrNPpr libp11-0.2.1/src/libp11.h
../libp11-0.2.1/src/libp11.h
--- libp11-0.2.1/src/libp11.h 2005-11-23
21:37:39.000000000 +0100
+++ ../libp11-0.2.1/src/libp11.h 2006-04-21
09:01:57.000000000 +0200
-117,6
+117,9 extern PKCS11_CTX *PKCS11_CTX_new(void);
*/
extern int PKCS11_CTX_load(PKCS11_CTX * ctx, const char *
ident);
+extern int PKCS11_CTX_preinit_readers(int *readers);
+
+
/**
* Unload a PKCS#11 module
*
diff -udrNPpr libp11-0.2.1/src/p11_load.c
../libp11-0.2.1/src/p11_load.c
--- libp11-0.2.1/src/p11_load.c 2005-10-30
13:48:03.000000000 +0100
+++ ../libp11-0.2.1/src/p11_load.c 2006-04-21
09:03:55.000000000 +0200
-21,6
+21,11
static void *handle = NULL;
+#define SC_MAX_READERS 16
+
+int preinit_reader[SC_MAX_READERS];
+int preinit_readers=0;
+
/*
* Create a new context
*/
-39,6
+44,18 PKCS11_CTX *PKCS11_CTX_new(void)
return ctx;
}
+int PKCS11_CTX_preinit_readers(int *readers)
+{
+ preinit_readers=0;
+ if ( readers!=NULL )
+ {
+ preinit_readers=1;
+ }
+
+ return 0;
+}
+
+
/*
* Load the shared library, and initialize it.
*/
-58,6
+75,9 int PKCS11_CTX_load(PKCS11_CTX * ctx, co
return -1;
}
+ if ( preinit_readers==1)
+ rv =
priv->method->C_PreInitialize(preinit_reader);
+
/* Tell the PKCS11 to initialize itself */
rv = priv->method->C_Initialize(NULL);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CTX_LOAD, rv);
-72,6
+92,7 int PKCS11_CTX_load(PKCS11_CTX * ctx, co
return 0;
}
+
/*
* Unload the shared library
*/
diff -udrNPpr libp11-0.2.1/src/p11_slot.c
../libp11-0.2.1/src/p11_slot.c
--- libp11-0.2.1/src/p11_slot.c 2005-10-30
13:48:03.000000000 +0100
+++ ../libp11-0.2.1/src/p11_slot.c 2006-01-25
14:22:55.000000000 +0100
-128,10
+128,12 int PKCS11_login(PKCS11_SLOT * slot, int
if (PKCS11_open_session(slot, so))
return -1;
}
+
+
rv = CRYPTOKI_call(ctx, C_Login(priv->session,
so ? CKU_SO :
CKU_USER,
- (CK_UTF8CHAR *) pin,
strlen(pin)));
+ (CK_UTF8CHAR *) pin,
pin ?
strlen(pin) : 0 ));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGIN, rv);
priv->loggedIn = 1;
return 0;
rootlinuxas:~/newopensc/org# diff -udrNPpr libp11-0.2.1
../libp11-0.2.1
diff -udrNPpr libp11-0.2.1/rsaref/pkcs11f.h
../libp11-0.2.1/rsaref/pkcs11f.h
--- libp11-0.2.1/rsaref/pkcs11f.h 2005-10-30
13:48:02.000000000 +0100
+++ ../libp11-0.2.1/rsaref/pkcs11f.h 2006-04-21
09:11:40.000000000 +0200
-910,3
+910,10 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEve
CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR
*/
);
#endif
+
+CK_PKCS11_FUNCTION_INFO(C_PreInitialize)
+#ifdef CK_NEED_ARG_LIST
+(
+ int *piPreInit /* reserved. Should be NULL_PTR */
+);
+#endif
diff -udrNPpr libp11-0.2.1/src/libp11.h
../libp11-0.2.1/src/libp11.h
--- libp11-0.2.1/src/libp11.h 2005-11-23
21:37:39.000000000 +0100
+++ ../libp11-0.2.1/src/libp11.h 2006-04-21
09:01:57.000000000 +0200
-117,6
+117,9 extern PKCS11_CTX *PKCS11_CTX_new(void);
*/
extern int PKCS11_CTX_load(PKCS11_CTX * ctx, const char *
ident);
+extern int PKCS11_CTX_preinit_readers(int *readers);
+
+
/**
* Unload a PKCS#11 module
*
diff -udrNPpr libp11-0.2.1/src/p11_load.c
../libp11-0.2.1/src/p11_load.c
--- libp11-0.2.1/src/p11_load.c 2005-10-30
13:48:03.000000000 +0100
+++ ../libp11-0.2.1/src/p11_load.c 2006-04-21
09:03:55.000000000 +0200
-21,6
+21,11
static void *handle = NULL;
+#define SC_MAX_READERS 16
+
+int preinit_reader[SC_MAX_READERS];
+int preinit_readers=0;
+
/*
* Create a new context
*/
-39,6
+44,18 PKCS11_CTX *PKCS11_CTX_new(void)
return ctx;
}
+int PKCS11_CTX_preinit_readers(int *readers)
+{
+ preinit_readers=0;
+ if ( readers!=NULL )
+ {
+ preinit_readers=1;
+ }
+
+ return 0;
+}
+
+
/*
* Load the shared library, and initialize it.
*/
-58,6
+75,9 int PKCS11_CTX_load(PKCS11_CTX * ctx, co
return -1;
}
+ if ( preinit_readers==1)
+ rv =
priv->method->C_PreInitialize(preinit_reader);
+
/* Tell the PKCS11 to initialize itself */
rv = priv->method->C_Initialize(NULL);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CTX_LOAD, rv);
-72,6
+92,7 int PKCS11_CTX_load(PKCS11_CTX * ctx, co
return 0;
}
+
/*
* Unload the shared library
*/
diff -udrNPpr libp11-0.2.1/src/p11_slot.c
../libp11-0.2.1/src/p11_slot.c
--- libp11-0.2.1/src/p11_slot.c 2005-10-30
13:48:03.000000000 +0100
+++ ../libp11-0.2.1/src/p11_slot.c 2006-01-25
14:22:55.000000000 +0100
-128,10
+128,12 int PKCS11_login(PKCS11_SLOT * slot, int
if (PKCS11_open_session(slot, so))
return -1;
}
+
+
rv = CRYPTOKI_call(ctx, C_Login(priv->session,
so ? CKU_SO :
CKU_USER,
- (CK_UTF8CHAR *) pin,
strlen(pin)));
+ (CK_UTF8CHAR *) pin,
pin ?
strlen(pin) : 0 ));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGIN, rv);
priv->loggedIn = 1;
return 0;
############################################################
################
########
Based on engine_pkcs11-0.1.3
############################################################
################
########
diff -udrNPpr engine_pkcs11-0.1.3/src/engine_pkcs11.c
../engine_pkcs11-0.1.3/src/engine_pkcs11.c
--- engine_pkcs11-0.1.3/src/engine_pkcs11.c 2005-11-23
21:43:53.000000000 +0100
+++ ../engine_pkcs11-0.1.3/src/engine_pkcs11.c 2006-04-26
17:12:48.591449504 +0200
-41,6
+41,7
/** The maximum length of an internally-allocated PIN */
#define MAX_PIN_LENGTH 12
+#define SC_MAX_READERS 16
PKCS11_CTX *ctx;
-57,6
+58,33 int verbose = 0;
char *module = NULL;
int default_module = 1;
+int preinit_readers = 0;
+
+int preinit_reader[SC_MAX_READERS];
+
+int set_pre_select(const char *reader)
+{
+int i=0;
+ preinit_readers=0;
+ for ( i=0; i<SC_MAX_READERS; i++)
+ preinit_reader[i]=0;
+
+
+char * pch=NULL;
+int itmp=0;
+
+ pch=strtok(reader,",");
+
+ while (pch != NULL){
+ sscanf( pch, "%d",&itmp);
+ preinit_reader[itmp]=1;
+ pch = strtok (NULL, ",");
+ }
+
+ preinit_reader=1;
+ return 1;
+}
+
int set_module(const char *modulename)
{
module = strdup (modulename);
-143,10
+171,16 int pkcs11_init(ENGINE * engine)
fprintf(stderr, "initializing
engine\n");
}
ctx = PKCS11_CTX_new();
+ if ( preinit_readers==1 )
+ {
+ PKCS11_CTX_preinit_readers(preinit_reader);
+ }
if (PKCS11_CTX_load(ctx, module) < 0) {
fprintf(stderr, "unable to load module
%s\n", module);
return 0;
}
+
+
return 1;
}
diff -udrNPpr engine_pkcs11-0.1.3/src/hw_pkcs11.c
../engine_pkcs11-0.1.3/src/hw_pkcs11.c
--- engine_pkcs11-0.1.3/src/hw_pkcs11.c 2005-11-23
21:43:53.000000000 +0100
+++ ../engine_pkcs11-0.1.3/src/hw_pkcs11.c 2006-04-21
08:41:57.000000000 +0200
-80,6
+80,7
#define CMD_VERBOSE (ENGINE_CMD_BASE+3)
#define CMD_QUIET (ENGINE_CMD_BASE+4)
#define CMD_LOAD_CERT_CTRL (ENGINE_CMD_BASE+5)
+#define CMD_PRE_SELECT_READER (ENGINE_CMD_BASE+6)
static int pkcs11_engine_destroy(ENGINE * e);
static int pkcs11_engine_ctrl(ENGINE * e, int cmd, long i,
void *p, void
(*f) ());
-113,6
+114,10 static const ENGINE_CMD_DEFN pkcs11_cmd_
"LOAD_CERT_CTRL",
"Get the certificate from card",
ENGINE_CMD_FLAG_INTERNAL},
+ {CMD_PRE_SELECT_READER,
+ "SELECT_READER",
+ "Pre select reader",
+ ENGINE_CMD_FLAG_STRING},
{0, NULL, NULL, 0}
};
-134,6
+139,9 static int pkcs11_engine_ctrl(ENGINE * e
return inc_verbose();
case CMD_LOAD_CERT_CTRL:
return load_cert_ctrl(e, p);
+ case CMD_PRE_SELECT_READER:
+ return set_pre_select((const char *) p);
+
default:
break;
}
_______________________________________________
opensc-devel mailing list
opensc-devellists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc
-devel
|