Allow checking for initialization status

The `Pkcs11` struct is enhanced to store a flag identifying whether the
library has been initialized or not. This flag can then be used to
signal re-initialization attempts and to simply inform users of the
status.

Signed-off-by: Ionut Mihalcea <[email protected]>

Author: ionut-arm

cryptoki/src/context/general_purpose.rs

@@ -9,7 +9,7 @@ use paste::paste;
 
 // See public docs on stub in parent mod.rs
 #[inline(always)]
-pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()> {
+pub(super) fn initialize(ctx: &mut Pkcs11, init_args: CInitializeArgs) -> Result<()> {
     // if no args are specified, library expects NULL
     let mut init_args = CK_C_INITIALIZE_ARGS::from(init_args);
     let init_args_ptr = &mut init_args;
@@ -18,6 +18,9 @@ pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()>
             init_args_ptr as *mut CK_C_INITIALIZE_ARGS as *mut ::std::ffi::c_void,
         ))
         .into_result()
+        .map(|_| {
+            ctx.initialized = true;
+        })
     }
 }
 

cryptoki/src/context/mod.rs

@@ -76,6 +76,7 @@ impl Drop for Pkcs11Impl {
 #[derive(Clone, Debug)]
 pub struct Pkcs11 {
     pub(crate) impl_: Arc<Pkcs11Impl>,
+    initialized: bool,
 }
 
 impl Pkcs11 {
@@ -98,13 +99,23 @@ impl Pkcs11 {
                     _pkcs11_lib: pkcs11_lib,
                     function_list: *list_ptr,
                 }),
+                initialized: false,
             })
         }
     }
 
     /// Initialize the PKCS11 library
-    pub fn initialize(&self, init_args: CInitializeArgs) -> Result<()> {
-        initialize(self, init_args)
+    pub fn initialize(&mut self, init_args: CInitializeArgs) -> Result<()> {
+        if !self.initialized {
+            initialize(self, init_args)
+        } else {
+            Err(Error::AlreadyInitialized)
+        }
+    }
+
+    /// Check whether the PKCS11 library has been initialized
+    pub fn is_initialized(&self) -> bool {
+        self.initialized
     }
 
     /// Finalize the PKCS11 library. Indicates that the application no longer needs to use PKCS11.

cryptoki/src/error/mod.rs

@@ -40,6 +40,9 @@ pub enum Error {
 
     /// The PIN was not set before logging in.
     PinNotSet,
+
+    /// The PKCS11 library has already been initialized
+    AlreadyInitialized,
 }
 
 impl fmt::Display for Error {
@@ -54,6 +57,7 @@ impl fmt::Display for Error {
             Error::NullFunctionPointer => write!(f, "Calling a NULL function pointer"),
             Error::InvalidValue => write!(f, "The value is not one of the expected options"),
             Error::PinNotSet => write!(f, "Pin has not been set before trying to log in"),
+            Error::AlreadyInitialized => write!(f, "PKCS11 library has already been initialized"),
         }
     }
 }
@@ -69,7 +73,8 @@ impl std::error::Error for Error {
             | Error::NotSupported
             | Error::NullFunctionPointer
             | Error::PinNotSet
-            | Error::InvalidValue => None,
+            | Error::InvalidValue
+            | Error::AlreadyInitialized => None,
         }
     }
 }

cryptoki/tests/basic.rs

@@ -698,3 +698,34 @@ fn is_fn_supported_test() {
         "C_DigestFinal function reports as not supported"
     );
 }
+
+#[test]
+#[serial]
+fn is_initialized_test() {
+    use cryptoki::context::{CInitializeArgs, Pkcs11};
+
+    let mut pkcs11 = Pkcs11::new(
+        std::env::var("PKCS11_SOFTHSM2_MODULE")
+            .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()),
+    )
+    .unwrap();
+
+    assert!(
+        !pkcs11.is_initialized(),
+        "Context created with initialized flag on"
+    );
+
+    // initialize the library
+    pkcs11.initialize(CInitializeArgs::OsThreads).unwrap();
+
+    assert!(
+        pkcs11.is_initialized(),
+        "Context was not marked as initialized"
+    );
+
+    match pkcs11.initialize(CInitializeArgs::OsThreads) {
+        Err(Error::AlreadyInitialized) => (),
+        Err(e) => panic!("Got unexpected error when initializing: {}", e),
+        Ok(()) => panic!("Initializing twice should not have been allowed"),
+    }
+}

cryptoki/tests/common.rs

@@ -12,7 +12,7 @@ pub static USER_PIN: &str = "fedcba";
 pub static SO_PIN: &str = "abcdef";
 
 pub fn init_pins() -> (Pkcs11, Slot) {
-    let pkcs11 = Pkcs11::new(
+    let mut pkcs11 = Pkcs11::new(
         env::var("PKCS11_SOFTHSM2_MODULE")
             .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()),
     )