static void
dump_object (P11KitIter *iter,
CK_ATTRIBUTE *attrs)
{
CK_ATTRIBUTE label = { CKA_LABEL, };
CK_ATTRIBUTE *attr;
char *string;
char *name;
CK_RV rv;
attr = p11_attrs_find_valid (attrs, CKA_LABEL);
if (!attr) {
rv = p11_kit_iter_load_attributes (iter, &label, 1);
if (rv == CKR_OK)
attr = &label;
}
if (attr)
name = strndup (attr->pValue, attr->ulValueLen);
else
name = strdup ("unknown");
string = p11_attrs_to_string (attrs, -1);
printf ("\"%s\" = %s\n", name, string);
free (string);
free (label.pValue);
free (name);
}
static bool
create_anchor (CK_FUNCTION_LIST *module,
CK_SESSION_HANDLE session,
CK_ATTRIBUTE *attrs)
{
CK_BBOOL truev = CK_TRUE;
CK_OBJECT_HANDLE object;
char *string;
CK_RV rv;
CK_ULONG klass;
CK_ATTRIBUTE basics_certificate[] = {
{ CKA_TOKEN, &truev, sizeof (truev) },
{ CKA_TRUSTED, &truev, sizeof (truev) },
{ CKA_INVALID, },
};
CK_ATTRIBUTE basics_extension[] = {
{ CKA_TOKEN, &truev, sizeof (truev) },
{ CKA_INVALID, },
};
CK_ATTRIBUTE basics_empty[] = {
{ CKA_INVALID, },
};
CK_ATTRIBUTE *basics = basics_empty;
if (p11_attrs_find_ulong (attrs, CKA_CLASS, &klass)) {
switch (klass) {
case CKO_CERTIFICATE:
basics = basics_certificate;
break;
case CKO_X_CERTIFICATE_EXTENSION:
basics = basics_extension;
break;
}
}
attrs = p11_attrs_merge (attrs, p11_attrs_dup (basics), true);
p11_attrs_remove (attrs, CKA_MODIFIABLE);
if (p11_debugging) {
string = p11_attrs_to_string (attrs, -1);
p11_debug ("storing: %s", string);
free (string);
}
rv = (module->C_CreateObject) (session, attrs,
p11_attrs_count (attrs), &object);
p11_attrs_free (attrs);
if (rv != CKR_OK) {
p11_message ("couldn't create object: %s", p11_kit_strerror (rv));
return false;
}
return true;
}
static bool
modify_anchor (CK_FUNCTION_LIST *module,
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE object,
CK_ATTRIBUTE *attrs)
{
CK_BBOOL truev = CK_TRUE;
CK_ATTRIBUTE *changes;
CK_ATTRIBUTE *label;
CK_ULONG klass;
char *string;
CK_RV rv;
CK_ATTRIBUTE trusted = { CKA_TRUSTED, &truev, sizeof (truev) };
label = p11_attrs_find_valid (attrs, CKA_LABEL);
if (p11_attrs_find_ulong (attrs, CKA_CLASS, &klass) &&
klass == CKO_CERTIFICATE)
changes = p11_attrs_build (NULL, &trusted, label, NULL);
else
changes = p11_attrs_build (NULL, label, NULL);
return_val_if_fail (attrs != NULL, FALSE);
/* Don't need the attributes anymore */
p11_attrs_free (attrs);
if (p11_debugging) {
string = p11_attrs_to_string (changes, -1);
p11_debug ("setting: %s", string);
free (string);
}
rv = (module->C_SetAttributeValue) (session, object, changes,
p11_attrs_count (changes));
p11_attrs_free (changes);
if (rv != CKR_OK) {
p11_message ("couldn't create object: %s", p11_kit_strerror (rv));
return false;
}
return true;
}