Skip to content

Commit

Permalink
"fix" for clone-then-initialize problem
Browse files Browse the repository at this point in the history
Signed-off-by: Arjen Nienhuis <[email protected]>
  • Loading branch information
arjennienhuis committed Jun 17, 2023
1 parent a1d7d18 commit edea342
Show file tree
Hide file tree
Showing 4 changed files with 49 additions and 22 deletions.
5 changes: 1 addition & 4 deletions cryptoki/src/context/general_purpose.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ use std::convert::TryFrom;

// See public docs on stub in parent mod.rs
#[inline(always)]
pub(super) fn initialize(ctx: &mut Pkcs11, init_args: CInitializeArgs) -> Result<()> {
pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()> {
// if no args are specified, library expects NULL
let mut init_args = CK_C_INITIALIZE_ARGS::from(init_args);
let init_args_ptr = &mut init_args;
Expand All @@ -19,9 +19,6 @@ pub(super) fn initialize(ctx: &mut Pkcs11, init_args: CInitializeArgs) -> Result
init_args_ptr as *mut CK_C_INITIALIZE_ARGS as *mut ::std::ffi::c_void,
))
.into_result()
.map(|_| {
ctx.initialized = true;
})
}
}

Expand Down
17 changes: 9 additions & 8 deletions cryptoki/src/context/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ use std::mem;
use std::path::Path;
use std::ptr;
use std::sync::Arc;
use std::sync::RwLock;

// Implementation of Pkcs11 class that can be enclosed in a single Arc
pub(crate) struct Pkcs11Impl {
Expand Down Expand Up @@ -76,7 +77,7 @@ impl Drop for Pkcs11Impl {
#[derive(Clone, Debug)]
pub struct Pkcs11 {
pub(crate) impl_: Arc<Pkcs11Impl>,
initialized: bool,
initialized: Arc<RwLock<bool>>,
}

impl Pkcs11 {
Expand All @@ -99,23 +100,23 @@ impl Pkcs11 {
_pkcs11_lib: pkcs11_lib,
function_list: *list_ptr,
}),
initialized: false,
initialized: Arc::new(RwLock::new(false)),
})
}
}

/// Initialize the PKCS11 library
pub fn initialize(&mut self, init_args: CInitializeArgs) -> Result<()> {
if !self.initialized {
initialize(self, init_args)
} else {
Err(Error::AlreadyInitialized)
pub fn initialize(&self, init_args: CInitializeArgs) -> Result<()> {
let mut init_lock = self.initialized.as_ref().write().unwrap();
if *init_lock {
Err(Error::AlreadyInitialized)?
}
initialize(self, init_args).map(|_| *init_lock = true)
}

/// Check whether the PKCS11 library has been initialized
pub fn is_initialized(&self) -> bool {
self.initialized
*self.initialized.as_ref().read().unwrap()
}

/// Finalize the PKCS11 library. Indicates that the application no longer needs to use PKCS11.
Expand Down
39 changes: 32 additions & 7 deletions cryptoki/tests/basic.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
// SPDX-License-Identifier: Apache-2.0
mod common;

use crate::common::{SO_PIN, USER_PIN};
use crate::common::{get_pkcs11, SO_PIN, USER_PIN};
use common::init_pins;
use cryptoki::error::{Error, RvError};
use cryptoki::mechanism::aead::GcmParams;
Expand Down Expand Up @@ -679,13 +679,9 @@ fn is_fn_supported_test() {
#[test]
#[serial]
fn is_initialized_test() {
use cryptoki::context::{CInitializeArgs, Pkcs11};
use cryptoki::context::CInitializeArgs;

let mut pkcs11 = Pkcs11::new(
std::env::var("PKCS11_SOFTHSM2_MODULE")
.unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()),
)
.unwrap();
let pkcs11 = get_pkcs11();

assert!(
!pkcs11.is_initialized(),
Expand All @@ -707,6 +703,35 @@ fn is_initialized_test() {
}
}

#[test]
#[serial]
#[allow(deprecated)]
#[allow(clippy::redundant_clone)]
fn test_clone_initialize() {
use cryptoki::context::CInitializeArgs;

let pkcs11 = get_pkcs11();

let clone = pkcs11.clone();
assert!(
!pkcs11.is_initialized(),
"Before initialize() it should not be initialized"
);
assert!(
!clone.is_initialized(),
"Before initialize() the clone should not be initialized"
);
pkcs11.initialize(CInitializeArgs::OsThreads).unwrap();
assert!(
pkcs11.is_initialized(),
"After initialize() it should be initialized"
);
assert!(
clone.is_initialized(),
"After initialize() the clone should be initialized"
);
}

#[test]
#[serial]
fn aes_key_attributes_test() -> TestResult {
Expand Down
10 changes: 7 additions & 3 deletions cryptoki/tests/common.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,16 @@ pub static USER_PIN: &str = "fedcba";
// The default SO pin
pub static SO_PIN: &str = "abcdef";

pub fn init_pins() -> (Pkcs11, Slot) {
let mut pkcs11 = Pkcs11::new(
pub fn get_pkcs11() -> Pkcs11 {
Pkcs11::new(
env::var("PKCS11_SOFTHSM2_MODULE")
.unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()),
)
.unwrap();
.unwrap()
}

pub fn init_pins() -> (Pkcs11, Slot) {
let pkcs11 = get_pkcs11();

// initialize the library
pkcs11.initialize(CInitializeArgs::OsThreads).unwrap();
Expand Down

0 comments on commit edea342

Please sign in to comment.