"Fossies" - the Fresh Open Source Software Archive

Member "knot-2.8.3/src/libdnssec/p11/p11.c" (16 Jul 2019, 2403 Bytes) of package /linux/misc/dns/knot-2.8.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "p11.c" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 2.7.6_vs_2.8.0.

    1 /*  Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
    2 
    3     This program is free software: you can redistribute it and/or modify
    4     it under the terms of the GNU General Public License as published by
    5     the Free Software Foundation, either version 3 of the License, or
    6     (at your option) any later version.
    7 
    8     This program is distributed in the hope that it will be useful,
    9     but WITHOUT ANY WARRANTY; without even the implied warranty of
   10     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11     GNU General Public License for more details.
   12 
   13     You should have received a copy of the GNU General Public License
   14     along with this program.  If not, see <https://www.gnu.org/licenses/>.
   15  */
   16 
   17 #include <assert.h>
   18 #include <gnutls/pkcs11.h>
   19 #include <stdlib.h>
   20 #include <string.h>
   21 
   22 #include "libdnssec/p11/p11.h"
   23 #include "libdnssec/error.h"
   24 
   25 #ifdef ENABLE_PKCS11
   26 
   27 #define PKCS11_MODULES_MAX 16
   28 
   29 static char *pkcs11_modules[PKCS11_MODULES_MAX] = { 0 };
   30 static int pkcs11_modules_count = 0;
   31 
   32 static int map_result(int gnutls_result)
   33 {
   34     return gnutls_result == GNUTLS_E_SUCCESS ? DNSSEC_EOK : DNSSEC_ERROR;
   35 }
   36 
   37 int p11_init(void)
   38 {
   39     int r = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
   40     return map_result(r);
   41 }
   42 
   43 int p11_reinit(void)
   44 {
   45     int r = gnutls_pkcs11_reinit();
   46     return map_result(r);
   47 }
   48 
   49 int p11_load_module(const char *module)
   50 {
   51     for (int i = 0; i < pkcs11_modules_count; i++) {
   52         if (strcmp(pkcs11_modules[i], module) == 0) {
   53             return DNSSEC_EOK;
   54         }
   55     }
   56 
   57     assert(pkcs11_modules_count <= PKCS11_MODULES_MAX);
   58     if (pkcs11_modules_count == PKCS11_MODULES_MAX) {
   59         return DNSSEC_P11_TOO_MANY_MODULES;
   60     }
   61 
   62     char *copy = strdup(module);
   63     if (!copy) {
   64         return DNSSEC_ENOMEM;
   65     }
   66 
   67     int r = gnutls_pkcs11_add_provider(module, NULL);
   68     if (r != GNUTLS_E_SUCCESS) {
   69         free(copy);
   70         return DNSSEC_P11_FAILED_TO_LOAD_MODULE;
   71     }
   72 
   73     pkcs11_modules[pkcs11_modules_count] = copy;
   74     pkcs11_modules_count += 1;
   75 
   76     return DNSSEC_EOK;
   77 }
   78 
   79 void p11_cleanup(void)
   80 {
   81     for (int i = 0; i < pkcs11_modules_count; i++) {
   82         free(pkcs11_modules[i]);
   83         pkcs11_modules[i] = NULL;
   84     }
   85 
   86     pkcs11_modules_count = 0;
   87 
   88     gnutls_pkcs11_deinit();
   89 }
   90 
   91 #else
   92 
   93 int p11_init(void)
   94 {
   95     return DNSSEC_EOK;
   96 }
   97 
   98 int p11_reinit(void)
   99 {
  100     return DNSSEC_EOK;
  101 }
  102 
  103 int p11_load_module(const char *module)
  104 {
  105     return DNSSEC_NOT_IMPLEMENTED_ERROR;
  106 }
  107 
  108 void p11_cleanup(void)
  109 {
  110     // this function intentionally left blank
  111 }
  112 
  113 #endif