PKCS #11: support static linking with PKCS #11 library

--enable-pkcs11=static LIBS=-l<pkcs11 static library> or define HAVE_PKCS11_STATIC
2021-08-30 12:22:30 +10:00 · 2021-08-30 12:22:30 +10:00 · 218f4c80f9
parent c7645a42a7
commit 218f4c80f9
4 changed files with 29 additions and 3 deletions
--- a/configure.ac
+++ b/configure.ac
@ -5228,10 +5228,16 @@ AC_ARG_ENABLE([pkcs11],
    [ ENABLED_PKCS11=no ]
    )

-if test "x$ENABLED_PKCS11" = "xyes"
+if test "x$ENABLED_PKCS11" != "xno"
 then
    AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS11 -DHAVE_WOLF_BIGINT"
+    if test "x$ENABLED_PKCS11" != "xstatic"
+    then
        LIBS="$LIBS -ldl"
+    else
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS11_STATIC"
+        ENABLED_PKCS11="yes"
+    fi
 fi


--- a/wolfcrypt/src/wc_pkcs11.c
+++ b/wolfcrypt/src/wc_pkcs11.c
@ -27,7 +27,9 @@

 #ifdef HAVE_PKCS11

+#ifndef HAVE_PKCS11_STATIC
 #include <dlfcn.h>
+#endif

 #include <wolfssl/wolfcrypt/wc_pkcs11.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
@ -416,7 +418,9 @@ static void pkcs11_val(const char* op, CK_ULONG val)
 int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap)
 {
    int                  ret = 0;
+#ifndef HAVE_PKCS11_STATIC
    void*                func;
+#endif
    CK_C_INITIALIZE_ARGS args;

    if (dev == NULL || library == NULL)
@ -424,6 +428,7 @@ int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap)

    if (ret == 0) {
        dev->heap = heap;
+#ifndef HAVE_PKCS11_STATIC
        dev->dlHandle = dlopen(library, RTLD_NOW | RTLD_LOCAL);
        if (dev->dlHandle == NULL) {
            WOLFSSL_MSG(dlerror());
@ -441,6 +446,9 @@ int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap)
    }
    if (ret == 0) {
        ret = ((CK_C_GetFunctionList)func)(&dev->func);
+#else
+        ret = C_GetFunctionList(&dev->func);
+#endif
        if (ret != CKR_OK) {
            PKCS11_RV("CK_C_GetFunctionList", ret);
            ret = WC_HW_E;
@ -470,13 +478,19 @@ int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap)
 */
 void wc_Pkcs11_Finalize(Pkcs11Dev* dev)
 {
-    if (dev != NULL && dev->dlHandle != NULL) {
+    if (dev != NULL
+#ifndef HAVE_PKCS11_STATIC
+        && dev->dlHandle != NULL
+#endif
+        ) {
        if (dev->func != NULL) {
            dev->func->C_Finalize(NULL);
            dev->func = NULL;
        }
+#ifndef HAVE_PKCS11_STATIC
        dlclose(dev->dlHandle);
        dev->dlHandle = NULL;
+#endif
    }
 }

--- a/wolfssl/wolfcrypt/pkcs11.h
+++ b/wolfssl/wolfcrypt/pkcs11.h
@ -346,6 +346,10 @@ typedef CK_FUNCTION_LIST_PTR* CK_FUNCTION_LIST_PTR_PTR;

 typedef CK_RV (*CK_C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);

+#ifdef HAVE_PKCS11_STATIC
+CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
+#endif
+
 struct CK_FUNCTION_LIST {
    CK_VERSION version;

--- a/wolfssl/wolfcrypt/wc_pkcs11.h
+++ b/wolfssl/wolfcrypt/wc_pkcs11.h
@ -39,7 +39,9 @@


 typedef struct Pkcs11Dev {
+#ifndef HAVE_PKCS11_STATIC
    void*             dlHandle;         /* Handle to library  */
+#endif
    CK_FUNCTION_LIST* func;             /* Array of functions */
    void*             heap;
 } Pkcs11Dev;