@@ -1767,7 +1767,7 @@ int pkcs11_crypto_init(void)
17671767 };
17681768 CK_ULONG search_attr_count = sizeof (search_attr ) / sizeof (* search_attr );
17691769 CK_ULONG obj_count = 0 ;
1770- int session_opened = 0 , logged_in = 0 ;
1770+ int pkcs11_intiialized = 0 , session_opened = 0 , logged_in = 0 ;
17711771
17721772 if (encrypt_initialized )
17731773 return 0 ;
@@ -1798,19 +1798,22 @@ int pkcs11_crypto_init(void)
17981798 }
17991799
18001800 if (ret == CKR_OK ) {
1801+ pkcs11_initialized = 1 ;
1802+
18011803 ret = pkcs11_function_list -> C_OpenSession (1 ,
18021804 CKF_SERIAL_SESSION | CKF_RW_SESSION , NULL , NULL ,
18031805 & pkcs11_session );
1804- session_opened = 1 ;
18051806 }
18061807
18071808 if (ret == CKR_OK ) {
1809+ session_opened = 1 ;
18081810 ret = pkcs11_function_list -> C_Login (pkcs11_session , CKU_USER ,
18091811 pkcs11_pin , sizeof (pkcs11_pin ) - 1 );
1810- logged_in = 1 ;
18111812 }
18121813
18131814 if (ret == CKR_OK ) {
1815+ logged_in = 1 ;
1816+
18141817 /* Retrieve AES key by CKA_ID */
18151818 ret = pkcs11_function_list -> C_FindObjectsInit (pkcs11_session ,
18161819 search_attr , search_attr_count );
@@ -1822,7 +1825,7 @@ int pkcs11_crypto_init(void)
18221825 }
18231826
18241827 if (ret == CKR_OK && obj_count != 1 ) {
1825- ret = -1 ;
1828+ ret = CKR_KEY_HANDLE_INVALID ;
18261829 }
18271830
18281831 if (ret == CKR_OK ) {
@@ -1841,6 +1844,9 @@ int pkcs11_crypto_init(void)
18411844 if (session_opened ) {
18421845 pkcs11_function_list -> C_CloseSession (pkcs11_session );
18431846 }
1847+ if (pkcs11_initialized ) {
1848+ pkcs11_function_list -> C_Finalize (NULL );
1849+ }
18441850 }
18451851
18461852 return ret ;
@@ -1855,18 +1861,18 @@ void pkcs11_crypto_set_iv(uint8_t *nonce, uint32_t iv_ctr)
18551861 if (pkcs11_enc_initialized ) {
18561862 ret = pkcs11_function_list -> C_EncryptFinal (pkcs11_session , buf ,
18571863 & buf_len );
1864+ pkcs11_enc_initialized = 0 ;
18581865 if (ret != CKR_OK ) {
18591866 return ;
18601867 }
1861- pkcs11_enc_initialized = 0 ;
18621868 }
18631869 else if (pkcs11_dec_initialized ) {
18641870 ret = pkcs11_function_list -> C_DecryptFinal (pkcs11_session , buf ,
18651871 & buf_len );
1872+ pkcs11_dec_initialized = 0 ;
18661873 if (ret != CKR_OK ) {
18671874 return ;
18681875 }
1869- pkcs11_dec_initialized = 0 ;
18701876 }
18711877
18721878#if ENCRYPT_PKCS11_MECHANISM == CKM_AES_CTR
@@ -1921,7 +1927,7 @@ int pkcs11_crypto_encrypt(uint8_t *out, uint8_t *in, size_t size)
19211927
19221928 pkcs11_enc_initialized = 1 ;
19231929 }
1924-
1930+
19251931 encrypted_len = size ;
19261932 ret = pkcs11_function_list -> C_EncryptUpdate (pkcs11_session , in , size , out ,
19271933 & encrypted_len );
0 commit comments