chaps: Cancel operations on error returns

The PKCS#11 spec indicates that if errors are returned from
crypto operation functions, the in-progress operation should
be terminated.  For example, in section 11.8 (p.140), the
description of C_Encrypt has:
  "A call to C_Encrypt always terminates the active encryption
   operation unless it returns CKR_BUFFER_TOO_SMALL or is a
   successful call (i.e., one which returns CKR_OK) to determine
   the length of the buffer needed to hold the ciphertext."

Some errors from these functions (typically CKR_ARGUMENTS_BAD)
are detected on the client side; to ensure that the chapsd state
is correctly updated to cancel the operation, we add a collection
of <Operation>Cancel methods to the D-Bus interface.

There are also some errors detected at the daemon side (in
particular, the interspersal of one-shot and incremental
operations); these can just trigger a local call to the appropriate
<Operation>Cancel function.

TEST=Chaps unit tests (with ASAN) plus PKCS11 tests

Change-Id: I8108907bfad9b5ba4b81ba25cf253b4e03ca9b9f
Reviewed-by: Darren Krahn <>
Commit-Queue: David Drysdale <>
Tested-by: David Drysdale <>
18 files changed