gboolean gkd_ssh_agent_proto_read_pair_v1 (EggBuffer *req, gsize *offset, GckBuilder *priv_attrs, GckBuilder *pub_attrs) { const GckAttribute *attr; g_assert (req); g_assert (offset); g_assert (priv_attrs); g_assert (pub_attrs); if (!gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_MODULUS) || !gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_PUBLIC_EXPONENT) || !gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_PRIVATE_EXPONENT) || !gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_COEFFICIENT) || !gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_PRIME_1) || !gkd_ssh_agent_proto_read_mpi_v1 (req, offset, priv_attrs, CKA_PRIME_2)) return FALSE; /* Copy attributes to the public key */ attr = gck_builder_find (priv_attrs, CKA_MODULUS); gck_builder_add_attribute (pub_attrs, attr); attr = gck_builder_find (priv_attrs, CKA_PUBLIC_EXPONENT); gck_builder_add_attribute (pub_attrs, attr); /* Add in your basic other required attributes */ gck_builder_add_ulong (priv_attrs, CKA_CLASS, CKO_PRIVATE_KEY); gck_builder_add_ulong (priv_attrs, CKA_KEY_TYPE, CKK_RSA); gck_builder_add_ulong (pub_attrs, CKA_CLASS, CKO_PUBLIC_KEY); gck_builder_add_ulong (pub_attrs, CKA_KEY_TYPE, CKK_RSA); return TRUE; }
static GckObject * lookup_public_key (GckObject *object, GCancellable *cancellable, GError **lerror) { GckBuilder builder = GCK_BUILDER_INIT; gulong attr_types[] = { CKA_ID }; GckAttributes *attrs; GError *error = NULL; GckSession *session; GckObject *result; const GckAttribute *id; GList *objects; attrs = gck_object_cache_lookup (object, attr_types, G_N_ELEMENTS (attr_types), cancellable, &error); if (error != NULL) { _gcr_debug ("couldn't load private key id: %s", error->message); g_propagate_error (lerror, error); return NULL; } id = gck_attributes_find (attrs, CKA_ID); if (id == NULL || gck_attribute_is_invalid (id)) { gck_attributes_unref (attrs); _gcr_debug ("couldn't load private key id"); g_set_error_literal (lerror, GCK_ERROR, CKR_ATTRIBUTE_TYPE_INVALID, gck_message_from_rv (CKR_ATTRIBUTE_TYPE_INVALID)); return NULL; } gck_builder_add_ulong (&builder, CKA_CLASS, CKO_PUBLIC_KEY); gck_builder_add_attribute (&builder, id); gck_attributes_unref (attrs); session = gck_object_get_session (object); objects = gck_session_find_objects (session, gck_builder_end (&builder), cancellable, &error); g_object_unref (session); if (error != NULL) { _gcr_debug ("couldn't lookup public key: %s", error->message); g_propagate_error (lerror, error); return NULL; } if (!objects) return NULL; result = g_object_ref (objects->data); gck_list_unref_free (objects); return result; }
gboolean gkd_ssh_agent_proto_read_pair_dsa (EggBuffer *req, gsize *offset, GckBuilder *priv_attrs, GckBuilder *pub_attrs) { const GckAttribute *attr; g_assert (req); g_assert (offset); g_assert (priv_attrs); g_assert (pub_attrs); if (!gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PRIME) || !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_SUBPRIME) || !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_BASE) || !gkd_ssh_agent_proto_read_mpi (req, offset, pub_attrs, CKA_VALUE) || !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_VALUE)) return FALSE; /* Copy attributes to the public key */ attr = gck_builder_find (priv_attrs, CKA_PRIME); gck_builder_add_attribute (pub_attrs, attr); attr = gck_builder_find (priv_attrs, CKA_SUBPRIME); gck_builder_add_attribute (pub_attrs, attr); attr = gck_builder_find (priv_attrs, CKA_BASE); gck_builder_add_attribute (pub_attrs, attr); /* Add in your basic other required attributes */ gck_builder_add_ulong (priv_attrs, CKA_CLASS, CKO_PRIVATE_KEY); gck_builder_add_ulong (priv_attrs, CKA_KEY_TYPE, CKK_DSA); gck_builder_add_ulong (pub_attrs, CKA_CLASS, CKO_PUBLIC_KEY); gck_builder_add_ulong (pub_attrs, CKA_KEY_TYPE, CKK_DSA); return TRUE; }
GckObject* gkd_secret_create_with_credential (GckSession *session, GckAttributes *attrs, GckObject *cred, GError **error) { GckBuilder builder = GCK_BUILDER_INIT; const GckAttribute *attr; gboolean token; gck_builder_add_ulong (&builder, CKA_G_CREDENTIAL, gck_object_get_handle (cred)); gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION); attr = gck_attributes_find (attrs, CKA_LABEL); if (attr != NULL) gck_builder_add_attribute (&builder, attr); if (!gck_attributes_find_boolean (attrs, CKA_TOKEN, &token)) token = FALSE; gck_builder_add_boolean (&builder, CKA_TOKEN, token); return gck_session_create_object (session, gck_builder_end (&builder), NULL, error); }
static GckObject* collection_find_matching_item (GkdSecretObjects *self, GckSession *session, const gchar *identifier, const GckAttribute *fields) { GckBuilder builder = GCK_BUILDER_INIT; GckObject *result = NULL; GError *error = NULL; GckObject *search; gpointer data; gsize n_data; /* Find items matching the collection and fields */ gck_builder_add_attribute (&builder, fields); gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier); gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_SEARCH); gck_builder_add_boolean (&builder, CKA_TOKEN, FALSE); /* Create the search object */ search = gck_session_create_object (session, gck_builder_end (&builder), NULL, &error); if (error != NULL) { g_warning ("couldn't search for matching item: %s", egg_error_message (error)); g_clear_error (&error); return NULL; } /* Get the matched item handles, and delete the search object */ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, NULL); gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (n_data >= sizeof (CK_OBJECT_HANDLE)) result = gck_object_from_handle (session, *((CK_OBJECT_HANDLE_PTR)data)); g_free (data); return result; }