static gboolean
init_pin_for_uninitialized_slots (GP11Module *module, const gchar *master)
{
GError *error = NULL;
GList *slots, *l;
gboolean initialize;
GP11TokenInfo *info;
GP11Session *session;
g_return_val_if_fail (GP11_IS_MODULE (module), FALSE);
g_return_val_if_fail (master, FALSE);
slots = gp11_module_get_slots (module, TRUE);
for (l = slots; l; l = g_list_next (l)) {
info = gp11_slot_get_token_info (l->data);
initialize = (info && !(info->flags & CKF_USER_PIN_INITIALIZED));
if (initialize) {
session = open_and_login_session (l->data, CKU_SO, NULL);
if (session != NULL) {
if (!gp11_session_init_pin (session, (const guchar*)master, strlen (master), &error)) {
if (!g_error_matches (error, GP11_ERROR, CKR_FUNCTION_NOT_SUPPORTED))
g_warning ("couldn't initialize slot with master password: %s",
egg_error_message (error));
g_clear_error (&error);
}
g_object_unref (session);
}
}
gp11_token_info_free (info);
}
gp11_list_unref_free (slots);
return TRUE;
}
static GP11Session*
lookup_login_session (GP11Module *module)
{
GP11Slot *slot = NULL;
GError *error = NULL;
GP11Session *session;
GP11SlotInfo *info;
GList *slots;
GList *l;
g_assert (GP11_IS_MODULE (module));
/*
* Find the right slot.
*
* TODO: This isn't necessarily the best way to do this.
* A good function could be added to gp11 library.
* But needs more thought on how to do this.
*/
slots = gp11_module_get_slots (module, TRUE);
for (l = slots; !slot && l; l = g_list_next (l)) {
info = gp11_slot_get_info (l->data);
if (g_ascii_strcasecmp ("Secret Store", info->slot_description) == 0)
slot = g_object_ref (l->data);
gp11_slot_info_free (info);
}
gp11_list_unref_free (slots);
g_return_val_if_fail (slot, NULL);
session = open_and_login_session (slot, CKU_USER, &error);
if (error) {
g_warning ("couldn't open pkcs11 session for login: %s", egg_error_message (error));
g_clear_error (&error);
}
g_object_unref (slot);
return session;
}
static gboolean
set_pin_for_any_slots (GList *modules, const gchar *original, const gchar *master)
{
GError *error = NULL;
GList *slots, *l;
gboolean initialize;
GckTokenInfo *info;
GckSession *session;
g_return_val_if_fail (original, FALSE);
g_return_val_if_fail (master, FALSE);
slots = gck_modules_get_slots (modules, TRUE);
for (l = slots; l; l = g_list_next (l)) {
/* Set pin for any that are initialized, and not pap */
info = gck_slot_get_token_info (l->data);
initialize = (info && (info->flags & CKF_USER_PIN_INITIALIZED));
if (initialize) {
session = open_and_login_session (l->data, CKU_USER, NULL);
if (session != NULL) {
if (!gck_session_set_pin (session, (const guchar*)original, strlen (original),
(const guchar*)master, strlen (master), NULL, &error)) {
if (!g_error_matches (error, GCK_ERROR, CKR_PIN_INCORRECT) &&
!g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED))
g_warning ("couldn't change slot master password: %s",
egg_error_message (error));
g_clear_error (&error);
}
g_object_unref (session);
}
}
gck_token_info_free (info);
}
gck_list_unref_free (slots);
return TRUE;
}
static GckSession*
lookup_login_session (GList *modules)
{
GckSlot *slot = NULL;
GError *error = NULL;
GckSession *session;
slot = gck_modules_token_for_uri (modules, "pkcs11:token=Secret%20Store", &error);
if (!slot) {
g_warning ("couldn't find secret store module: %s", egg_error_message (error));
return NULL;
}
session = open_and_login_session (slot, CKU_USER, &error);
if (error) {
g_warning ("couldn't open pkcs11 session for login: %s", egg_error_message (error));
g_clear_error (&error);
}
g_object_unref (slot);
return session;
}
