static gboolean gkm_xdg_trust_real_load (GkmSerializable *base, GkmSecret *login, GBytes *data) { GkmXdgTrust *self = GKM_XDG_TRUST (base); GNode *asn = NULL; if (g_bytes_get_size (data) == 0) return FALSE; asn = egg_asn1x_create (xdg_asn1_tab, "trust-1"); g_return_val_if_fail (asn, FALSE); if (!egg_asn1x_decode (asn, data)) { g_warning ("couldn't parse trust data: %s", egg_asn1x_message (asn)); egg_asn1x_destroy (asn); return FALSE; } /* Next parse out all the pairs */ if (!load_assertions (self, asn)) { egg_asn1x_destroy (asn); return FALSE; } /* Take ownership of this new data */ if (self->pv->bytes) g_bytes_unref (self->pv->bytes); self->pv->bytes = g_bytes_ref (data); egg_asn1x_destroy (self->pv->asn); self->pv->asn = asn; return TRUE; }
static gboolean gkm_xdg_trust_real_save (GkmSerializable *base, GkmSecret *login, gpointer *data, gsize *n_data) { GkmXdgTrust *self = GKM_XDG_TRUST (base); g_return_val_if_fail (GKM_XDG_IS_TRUST (self), FALSE); g_return_val_if_fail (data, FALSE); g_return_val_if_fail (n_data, FALSE); g_return_val_if_fail (self->pv->asn, FALSE); if (!save_assertions (self, self->pv->asn)) return FALSE; *data = egg_asn1x_encode (self->pv->asn, NULL, n_data); if (*data == NULL) { g_warning ("encoding trust failed: %s", egg_asn1x_message (self->pv->asn)); return FALSE; } /* ASN.1 now refers to this data, take ownership */ g_free (self->pv->data); self->pv->data = *data; self->pv->n_data = *n_data; /* Return a duplicate, since we own encoded */ *data = g_memdup (*data, *n_data); return TRUE; }
static GkmTrustLevel gkm_xdg_trust_get_level (GkmTrust *base, const gchar *purpose) { GkmXdgTrust *self = GKM_XDG_TRUST (base); GkmAssertion *assertion; GBytes *key; gulong type; key = create_assertion_key (purpose, NULL); assertion = g_hash_table_lookup (self->pv->assertions, key); g_bytes_unref (key); if (!assertion) return GKM_TRUST_UNKNOWN; type = gkm_assertion_get_trust_type (assertion); if (type == CKT_X_ANCHORED_CERTIFICATE) return GKM_TRUST_ANCHOR; else if (type == CKT_X_PINNED_CERTIFICATE) return GKM_TRUST_TRUSTED; else if (type == CKT_X_DISTRUSTED_CERTIFICATE) return GKM_TRUST_DISTRUSTED; else g_return_val_if_reached (GKM_TRUST_UNKNOWN); }
static void gkm_xdg_trust_expose_object (GkmObject *base, gboolean expose) { GHashTableIter iter; gpointer value; GKM_OBJECT_CLASS (gkm_xdg_trust_parent_class)->expose_object (base, expose); g_hash_table_iter_init (&iter, GKM_XDG_TRUST (base)->pv->assertions); while (g_hash_table_iter_next (&iter, NULL, &value)) gkm_object_expose (value, expose); }
static gboolean complete_add_assertion (GkmTransaction *transaction, GObject *object, gpointer user_data) { GkmAssertion *assertion = GKM_ASSERTION (user_data); GkmXdgTrust *self = GKM_XDG_TRUST (object); if (gkm_transaction_get_failed (transaction)) remove_assertion_from_trust (self, assertion, NULL); g_object_unref (assertion); return TRUE; }
static void gkm_xdg_trust_finalize (GObject *obj) { GkmXdgTrust *self = GKM_XDG_TRUST (obj); if (self->pv->asn) egg_asn1x_destroy (self->pv->asn); self->pv->asn = NULL; if (self->pv->assertions) g_hash_table_destroy (self->pv->assertions); self->pv->assertions = NULL; G_OBJECT_CLASS (gkm_xdg_trust_parent_class)->finalize (obj); }
static gboolean gkm_xdg_trust_real_load (GkmSerializable *base, GkmSecret *login, gconstpointer data, gsize n_data) { GkmXdgTrust *self = GKM_XDG_TRUST (base); GNode *asn = NULL; gpointer copy; g_return_val_if_fail (GKM_XDG_IS_TRUST (self), FALSE); g_return_val_if_fail (data, FALSE); if (n_data == 0) return FALSE; copy = g_memdup (data, n_data); asn = egg_asn1x_create (xdg_asn1_tab, "trust-1"); g_return_val_if_fail (asn, FALSE); if (!egg_asn1x_decode (asn, copy, n_data)) { g_warning ("couldn't parse trust data: %s", egg_asn1x_message (asn)); egg_asn1x_destroy (asn); g_free (copy); return FALSE; } /* Next parse out all the pairs */ if (!load_assertions (self, asn)) { egg_asn1x_destroy (asn); g_free (copy); return FALSE; } /* Take ownership of this new data */ g_free (self->pv->data); self->pv->data = copy; self->pv->n_data = n_data; egg_asn1x_destroy (self->pv->asn); self->pv->asn = asn; return TRUE; }
static CK_RV gkm_xdg_trust_get_attribute (GkmObject *base, GkmSession *session, CK_ATTRIBUTE_PTR attr) { GkmXdgTrust *self = GKM_XDG_TRUST (base); switch (attr->type) { case CKA_PRIVATE: return gkm_attribute_set_bool (attr, CK_FALSE); case CKA_TRUST_STEP_UP_APPROVED: return gkm_attribute_set_bool (attr, CK_FALSE); case CKA_CLASS: return gkm_attribute_set_ulong (attr, CKO_NETSCAPE_TRUST); case CKA_MODIFIABLE: return gkm_attribute_set_bool (attr, CK_FALSE); /* Certificate reference values */ case CKA_SUBJECT: return trust_get_der (self, "subject", attr); case CKA_SERIAL_NUMBER: return trust_get_integer (self, "serialNumber", attr); case CKA_ISSUER: return trust_get_der (self, "issuer", attr); case CKA_X_CERTIFICATE_VALUE: return trust_get_complete (self, attr); /* Certificate hash values */ case CKA_CERT_MD5_HASH: return trust_get_hash (self, G_CHECKSUM_MD5, attr); case CKA_CERT_SHA1_HASH: return trust_get_hash (self, G_CHECKSUM_SHA1, attr); default: break; }; return GKM_OBJECT_CLASS (gkm_xdg_trust_parent_class)->get_attribute (base, session, attr); }
static GBytes * gkm_xdg_trust_real_save (GkmSerializable *base, GkmSecret *login) { GkmXdgTrust *self = GKM_XDG_TRUST (base); GBytes *bytes; g_return_val_if_fail (GKM_XDG_IS_TRUST (self), FALSE); g_return_val_if_fail (self->pv->asn, FALSE); if (!save_assertions (self, self->pv->asn)) return FALSE; bytes = egg_asn1x_encode (self->pv->asn, NULL); if (bytes == NULL) { g_warning ("encoding trust failed: %s", egg_asn1x_message (self->pv->asn)); return FALSE; } if (self->pv->bytes) g_bytes_unref (self->pv->bytes); self->pv->bytes = bytes; return g_bytes_ref (bytes); }