1*c84ccd0aSEtienne Carriere // SPDX-License-Identifier: BSD-2-Clause 2*c84ccd0aSEtienne Carriere /* 3*c84ccd0aSEtienne Carriere * Copyright (c) 2017-2020, Linaro Limited 4*c84ccd0aSEtienne Carriere */ 5*c84ccd0aSEtienne Carriere 6*c84ccd0aSEtienne Carriere #include <assert.h> 7*c84ccd0aSEtienne Carriere #include <pkcs11_ta.h> 8*c84ccd0aSEtienne Carriere #include <string.h> 9*c84ccd0aSEtienne Carriere #include <string_ext.h> 10*c84ccd0aSEtienne Carriere #include <sys/queue.h> 11*c84ccd0aSEtienne Carriere #include <tee_api_types.h> 12*c84ccd0aSEtienne Carriere #include <tee_internal_api_extensions.h> 13*c84ccd0aSEtienne Carriere #include <util.h> 14*c84ccd0aSEtienne Carriere 15*c84ccd0aSEtienne Carriere #include "pkcs11_token.h" 16*c84ccd0aSEtienne Carriere #include "pkcs11_helpers.h" 17*c84ccd0aSEtienne Carriere 18*c84ccd0aSEtienne Carriere /* Provide 3 slots/tokens, ID is token index */ 19*c84ccd0aSEtienne Carriere #ifndef CFG_PKCS11_TA_TOKEN_COUNT 20*c84ccd0aSEtienne Carriere #define TOKEN_COUNT 3 21*c84ccd0aSEtienne Carriere #else 22*c84ccd0aSEtienne Carriere #define TOKEN_COUNT CFG_PKCS11_TA_TOKEN_COUNT 23*c84ccd0aSEtienne Carriere #endif 24*c84ccd0aSEtienne Carriere 25*c84ccd0aSEtienne Carriere /* Static allocation of tokens runtime instances (reset to 0 at load) */ 26*c84ccd0aSEtienne Carriere struct ck_token ck_token[TOKEN_COUNT]; 27*c84ccd0aSEtienne Carriere 28*c84ccd0aSEtienne Carriere /* Static allocation of tokens runtime instances */ 29*c84ccd0aSEtienne Carriere struct ck_token *get_token(unsigned int token_id) 30*c84ccd0aSEtienne Carriere { 31*c84ccd0aSEtienne Carriere if (token_id > TOKEN_COUNT) 32*c84ccd0aSEtienne Carriere return NULL; 33*c84ccd0aSEtienne Carriere 34*c84ccd0aSEtienne Carriere return &ck_token[token_id]; 35*c84ccd0aSEtienne Carriere } 36*c84ccd0aSEtienne Carriere 37*c84ccd0aSEtienne Carriere unsigned int get_token_id(struct ck_token *token) 38*c84ccd0aSEtienne Carriere { 39*c84ccd0aSEtienne Carriere ptrdiff_t id = token - ck_token; 40*c84ccd0aSEtienne Carriere 41*c84ccd0aSEtienne Carriere assert(id >= 0 && id < TOKEN_COUNT); 42*c84ccd0aSEtienne Carriere return id; 43*c84ccd0aSEtienne Carriere } 44*c84ccd0aSEtienne Carriere 45*c84ccd0aSEtienne Carriere static TEE_Result pkcs11_token_init(unsigned int id) 46*c84ccd0aSEtienne Carriere { 47*c84ccd0aSEtienne Carriere struct ck_token *token = init_persistent_db(id); 48*c84ccd0aSEtienne Carriere 49*c84ccd0aSEtienne Carriere if (!token) 50*c84ccd0aSEtienne Carriere return TEE_ERROR_SECURITY; 51*c84ccd0aSEtienne Carriere 52*c84ccd0aSEtienne Carriere if (token->state == PKCS11_TOKEN_RESET) { 53*c84ccd0aSEtienne Carriere /* As per PKCS#11 spec, token resets to read/write state */ 54*c84ccd0aSEtienne Carriere token->state = PKCS11_TOKEN_READ_WRITE; 55*c84ccd0aSEtienne Carriere token->session_count = 0; 56*c84ccd0aSEtienne Carriere token->rw_session_count = 0; 57*c84ccd0aSEtienne Carriere } 58*c84ccd0aSEtienne Carriere 59*c84ccd0aSEtienne Carriere return TEE_SUCCESS; 60*c84ccd0aSEtienne Carriere } 61*c84ccd0aSEtienne Carriere 62*c84ccd0aSEtienne Carriere TEE_Result pkcs11_init(void) 63*c84ccd0aSEtienne Carriere { 64*c84ccd0aSEtienne Carriere unsigned int id = 0; 65*c84ccd0aSEtienne Carriere TEE_Result ret = TEE_ERROR_GENERIC; 66*c84ccd0aSEtienne Carriere 67*c84ccd0aSEtienne Carriere for (id = 0; id < TOKEN_COUNT; id++) { 68*c84ccd0aSEtienne Carriere ret = pkcs11_token_init(id); 69*c84ccd0aSEtienne Carriere if (ret) 70*c84ccd0aSEtienne Carriere return ret; 71*c84ccd0aSEtienne Carriere } 72*c84ccd0aSEtienne Carriere 73*c84ccd0aSEtienne Carriere return ret; 74*c84ccd0aSEtienne Carriere } 75*c84ccd0aSEtienne Carriere 76*c84ccd0aSEtienne Carriere void pkcs11_deinit(void) 77*c84ccd0aSEtienne Carriere { 78*c84ccd0aSEtienne Carriere unsigned int id = 0; 79*c84ccd0aSEtienne Carriere 80*c84ccd0aSEtienne Carriere for (id = 0; id < TOKEN_COUNT; id++) 81*c84ccd0aSEtienne Carriere close_persistent_db(get_token(id)); 82*c84ccd0aSEtienne Carriere } 83