static GBytes * gkm_gnome2_private_key_real_save (GkmSerializable *base, GkmSecret *login) { GkmGnome2PrivateKey *self = GKM_GNOME2_PRIVATE_KEY (base); const gchar *password = NULL; gsize n_password; GkmSexp *sexp; GBytes *result; g_return_val_if_fail (GKM_IS_GNOME2_PRIVATE_KEY (self), FALSE); sexp = gkm_gnome2_private_key_real_acquire_crypto_sexp (GKM_SEXP_KEY (self), NULL); g_return_val_if_fail (sexp, FALSE); if (login != NULL) password = gkm_secret_get_password (login, &n_password); if (password == NULL) { result = gkm_data_der_write_private_pkcs8_plain (gkm_sexp_get (sexp)); } else { result = gkm_data_der_write_private_pkcs8_crypted (gkm_sexp_get (sexp), password, n_password); } gkm_sexp_unref (sexp); return result; }
static gboolean gkm_mate2_private_key_real_save (GkmSerializable *base, GkmSecret *login, gpointer *data, gsize *n_data) { GkmMate2PrivateKey *self = GKM_MATE2_PRIVATE_KEY (base); const gchar *password; gsize n_password; GkmSexp *sexp; guchar *key; g_return_val_if_fail (GKM_IS_MATE2_PRIVATE_KEY (self), FALSE); g_return_val_if_fail (data, FALSE); g_return_val_if_fail (n_data, FALSE); sexp = gkm_mate2_private_key_real_acquire_crypto_sexp (GKM_SEXP_KEY (self), NULL); g_return_val_if_fail (sexp, FALSE); password = gkm_secret_get_password (login, &n_password); if (password == NULL) { key = gkm_data_der_write_private_pkcs8_plain (gkm_sexp_get (sexp), n_data); /* * Caller is expecting normal memory buffer, which makes sense since * this is being written to disk, and won't be 'secure' anyway. */ *data = g_memdup (key, *n_data); egg_secure_free (key); } else { *data = gkm_data_der_write_private_pkcs8_crypted (gkm_sexp_get (sexp), password, n_password, n_data); } gkm_sexp_unref (sexp); return *data != NULL; }
static gboolean gkm_mate2_public_key_real_save (GkmSerializable *base, GkmSecret *login, gpointer *data, gsize *n_data) { GkmMate2PublicKey *self = GKM_MATE2_PUBLIC_KEY (base); GkmSexp *wrapper; g_return_val_if_fail (GKM_IS_MATE2_PUBLIC_KEY (self), FALSE); g_return_val_if_fail (data, FALSE); g_return_val_if_fail (n_data, FALSE); wrapper = gkm_sexp_key_get_base (GKM_SEXP_KEY (self)); g_return_val_if_fail (wrapper, FALSE); *data = gkm_data_der_write_public_key (gkm_sexp_get (wrapper), n_data); return *data != NULL; }
CK_RV gkm_crypto_decrypt (GkmSession *session, CK_MECHANISM_TYPE mech, CK_BYTE_PTR encrypted, CK_ULONG n_encrypted, CK_BYTE_PTR data, CK_ULONG_PTR n_data) { GkmSexp *sexp; switch (mech) { case CKM_RSA_PKCS: case CKM_RSA_X_509: sexp = gkm_session_get_crypto_state (session); g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); return gkm_crypto_decrypt_xsa (gkm_sexp_get (sexp), mech, encrypted, n_encrypted, data, n_data); default: g_return_val_if_reached (CKR_GENERAL_ERROR); } }
CK_RV gkm_crypto_verify (GkmSession *session, CK_MECHANISM_TYPE mech, CK_BYTE_PTR data, CK_ULONG n_data, CK_BYTE_PTR signature, CK_ULONG n_signature) { GkmSexp *sexp; switch (mech) { case CKM_RSA_PKCS: case CKM_RSA_X_509: case CKM_DSA: sexp = gkm_session_get_crypto_state (session); g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); return gkm_crypto_verify_xsa (gkm_sexp_get (sexp), mech, data, n_data, signature, n_signature); default: g_return_val_if_reached (CKR_GENERAL_ERROR); } }