diff -Naur opencryptoki-2.2.4/configure.in opencryptoki-2.2.4-cca-dlopen/configure.in --- opencryptoki-2.2.4/configure.in 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/configure.in 2008-03-27 12:06:24.000000000 -0400 @@ -303,7 +303,6 @@ usr/lib/pkcs11/tpm_stdll/tok_struct.h \ usr/lib/pkcs11/cca_stdll/Makefile \ usr/lib/pkcs11/cca_stdll/tok_struct.h \ - usr/lib/pkcs11/cca_stdll/ccalibs/Makefile \ usr/lib/pkcs11/methods/4758_status/Makefile \ misc/Makefile \ misc/opencryptoki.conf \ diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/api/apiutil.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/api/apiutil.c --- opencryptoki-2.2.4/usr/lib/pkcs11/api/apiutil.c 2006-04-17 14:23:06.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/api/apiutil.c 2008-03-27 14:48:21.000000000 -0400 @@ -1003,14 +1003,15 @@ dllload[i].dll_name = sinfp->dll_location; // Point to the location - dllload[i].dlop_p = dlopen(sinfp->dll_location,RTLD_NOW); + dllload[i].dlop_p = dlopen(sinfp->dll_location, RTLD_LAZY); if (dllload[i].dlop_p != NULL ){ sltp->dlop_p = dllload[i].dlop_p; sltp->dll_information = &dllload[i]; dllload[i].dll_load_count=1;; - } else { + syslog(LOG_ERR, "%s: Error attempting dlopen() on [%s]; dlerror = [%s]\n", __FUNCTION__, + sinfp->dll_location, dlerror()); LOGIT(LOG_DEBUG,"\tDL_Load of %s failed, dlerror: %s",sinfp->dll_location,dlerror()); sltp->dlop_p = NULL; return 0; diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulcall.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulcall.c --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulcall.c 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulcall.c 1969-12-31 19:00:00.000000000 -0500 @@ -1,57 +0,0 @@ - -#include "csulincl.h" - - -/* Random Number Generate */ -void CSNBRNG (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - unsigned char * form, - unsigned char * random_number) -{ -} - -/* PKA Key Token Build */ -void CSNDPKB (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * key_values_structure_length, - unsigned char * key_values_structure, - long * key_name_ln, - unsigned char * key_name, - long * reserved_1_length, - unsigned char * reserved_1, - long * reserved_2_length, - unsigned char * reserved_2, - long * reserved_3_length, - unsigned char * reserved_3, - long * reserved_4_length, - unsigned char * reserved_4, - long * reserved_5_length, - unsigned char * reserved_5, - long * token_length, - unsigned char * token) -{ -} - -/* Digital Signature Generate */ -void CSNDDSG (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * PKA_private_key_id_length, - unsigned char * PKA_private_key_id, - long * hash_length, - unsigned char * hash, - long * signature_field_length, - long * signature_bit_length, - unsigned char * signature_field) -{ -} - diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsapi.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsapi.c --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsapi.c 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsapi.c 1969-12-31 19:00:00.000000000 -0500 @@ -1,71 +0,0 @@ - -#include "csulincl.h" - -/* PKA Key Generate */ -void CSNDPKG (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * regeneration_data_length, - unsigned char * regeneration_data, - long * skeleton_key_token_length, - unsigned char * skeleton_key_token, - unsigned char * transport_key_identifier, - long * generated_key_identifier_length, - unsigned char * generated_key_identifier) -{ -} - -/* Digital Signature Verify */ -void CSNDDSV (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * PKA_public_key_id_length, - unsigned char * PKA_public_key_id, - long * hash_length, - unsigned char * hash, - long * signature_field_length, - unsigned char * signature_field) -{ -} - -/* Crypto Facility Query */ -void CSUACFQ (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * verb_data_length, - unsigned char * verb_data) -{ -} - -/* Des Key Token Change */ -void CSNBKTC (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - unsigned char * key_identifier) -{ -} - -/* PKA Key Token Change */ -void CSNDKTC (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * key_id_length, - unsigned char * key_id) -{ -} - diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsecy.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsecy.c --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsecy.c 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libcsulsecy.c 1969-12-31 19:00:00.000000000 -0500 @@ -1,36 +0,0 @@ - -#include "csulincl.h" - -/* Key Generate */ -void CSNBKGN (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - unsigned char * key_form, - unsigned char * key_length, - unsigned char * key_type_1, - unsigned char * key_type_2, - unsigned char * KEK_key_identifier_1, - unsigned char * KEK_key_identifier_2, - unsigned char * generated_key_identifier_1, - unsigned char * generated_key_identifier_2) -{ -} - -/* PKA Encrypt */ -void CSNDPKE (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * key_value_length, - unsigned char * key_value, - long * data_struct_length, - unsigned char * data_struct, - long * RSA_public_key_length, - unsigned char * RSA_public_key, - long * RSA_encipher_length, - unsigned char * RSA_encipher) -{ -} diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libds30.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libds30.c --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/libds30.c 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/libds30.c 1969-12-31 19:00:00.000000000 -0500 @@ -1,55 +0,0 @@ - -#include "csulincl.h" - - -/* Decipher */ -void CSNBDEC (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - unsigned char * key_identifier, - long * text_length, - unsigned char * ciphertext, - unsigned char * initialization_vector, - long * rule_array_count, - unsigned char * rule_array, - unsigned char * chaining_vector, - unsigned char * plaintext) -{ -} - -/* Encipher */ -void CSNBENC (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - unsigned char * key_identifier, - long * text_length, - unsigned char * plaintext, - unsigned char * initialization_vector, - long * rule_array_count, - unsigned char * rule_array, - long * pad_character, - unsigned char * chaining_vector, - unsigned char * ciphertext) -{ -} - -/* PKA Decrypt */ -void CSNDPKD (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * enciphered_key_length, - unsigned char * enciphered_key, - long * data_struct_length, - unsigned char * data_struct, - long * RSA_private_key_length, - unsigned char * RSA_private_key, - long * key_value_length, - unsigned char * key_value) -{ -} - diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/Makefile.am opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/Makefile.am --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/ccalibs/Makefile.am 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/ccalibs/Makefile.am 1969-12-31 19:00:00.000000000 -0500 @@ -1,21 +0,0 @@ - -# -# The following lib builds create stub libraries. These stubs are not installed -# but are linked against during the openCryptoki build. When the customer -# installs the CCA libs, those libs will provide the symbols that the stub -# libs provide here. -# -noinst_LTLIBRARIES=libcsulsecy.la \ - libcsulcall.la \ - libcsulsapi.la \ - libds30.la - -libcsulsecy_la_SOURCES=libcsulsecy.c -libcsulcall_la_SOURCES=libcsulcall.c -libcsulsapi_la_SOURCES=libcsulsapi.c -libds30_la_SOURCES=libds30.c - -AM_LDFLAGS=-shared -version-info 1:0:0 - -AM_CFLAGS=-I.. - diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/cca_specific.c opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/cca_specific.c --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/cca_specific.c 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/cca_specific.c 2008-03-27 12:11:15.000000000 -0400 @@ -20,6 +20,7 @@ #include <pthread.h> #include <limits.h> #include <syslog.h> +#include <dlfcn.h> #include <openssl/des.h> @@ -136,6 +137,34 @@ { unsigned char rule_array[256] = { 0, }; long return_code, reason_code, rule_array_count, verb_data_length; + void *lib_csulsecy; + void *lib_csulcall; + void *lib_csulsapi; + void *lib_ds30; + + /* Explictly load the dependent libraries. There are circular + * dependencies in this set of libraries, so we do lazy symbol + * resolution for the first three libraries. */ + lib_ds30 = dlopen("libds30.so", (RTLD_GLOBAL | RTLD_LAZY)); + if (lib_ds30 == NULL) { + syslog(LOG_ERR, "%s: Error loading library: [%s]\n", __FUNCTION__, dlerror()); + return CKR_FUNCTION_FAILED; + } + lib_csulsapi = dlopen("libcsulsapi.so", (RTLD_GLOBAL | RTLD_LAZY)); + if (lib_csulsapi == NULL) { + syslog(LOG_ERR, "%s: Error loading library: [%s]\n", __FUNCTION__, dlerror()); + return CKR_FUNCTION_FAILED; + } + lib_csulcall = dlopen("libcsulcall.so", (RTLD_GLOBAL | RTLD_LAZY)); + if (lib_csulcall == NULL) { + syslog(LOG_ERR, "%s: Error loading library: [%s]\n", __FUNCTION__, dlerror()); + return CKR_FUNCTION_FAILED; + } + lib_csulsecy = dlopen("libcsulsecy.so", (RTLD_GLOBAL | RTLD_NOW)); + if (lib_csulsecy == NULL) { + syslog(LOG_ERR, "%s: Error loading library: [%s]\n", __FUNCTION__, dlerror()); + return CKR_FUNCTION_FAILED; + } memcpy(rule_array, "STATCCAE", 8); diff -Naur opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/Makefile.am opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/Makefile.am --- opencryptoki-2.2.4/usr/lib/pkcs11/cca_stdll/Makefile.am 2008-03-27 14:47:39.000000000 -0400 +++ opencryptoki-2.2.4-cca-dlopen/usr/lib/pkcs11/cca_stdll/Makefile.am 2008-03-27 12:03:52.000000000 -0400 @@ -1,8 +1,6 @@ # Makefile.am for common functions for openCryptoki # Michael A. Halcrow <mhalcrow@us.ibm.com> -SUBDIRS=ccalibs - # # The PKCS#11 STDLL library # @@ -21,9 +19,7 @@ -DSTDLL_NAME=\"ccatok\" opencryptoki_stdll_libpkcs11_cca_la_LDFLAGS = -shared -Wl,-Bsymbolic \ - -lcrypto -lpthread -nostartfiles -Wl,-soname,$@ \ - -Wl,-L./ccalibs/.libs \ - -Wl,-lcsulsecy -Wl,-lcsulcall -Wl,-lcsulsapi -Wl,-lds30 + -lcrypto -lpthread -nostartfiles -Wl,-soname,$@ opencryptoki_stdll_libpkcs11_cca_la_SOURCES = ../common/asn1.c \ ../common/dig_mgr.c \