static gboolean init_pin_for_uninitialized_slots (GP11Module *module, const gchar *master) { GError *error = NULL; GList *slots, *l; gboolean initialize; GP11TokenInfo *info; GP11Session *session; g_return_val_if_fail (GP11_IS_MODULE (module), FALSE); g_return_val_if_fail (master, FALSE); slots = gp11_module_get_slots (module, TRUE); for (l = slots; l; l = g_list_next (l)) { info = gp11_slot_get_token_info (l->data); initialize = (info && !(info->flags & CKF_USER_PIN_INITIALIZED)); if (initialize) { session = open_and_login_session (l->data, CKU_SO, NULL); if (session != NULL) { if (!gp11_session_init_pin (session, (const guchar*)master, strlen (master), &error)) { if (!g_error_matches (error, GP11_ERROR, CKR_FUNCTION_NOT_SUPPORTED)) g_warning ("couldn't initialize slot with master password: %s", egg_error_message (error)); g_clear_error (&error); } g_object_unref (session); } } gp11_token_info_free (info); } gp11_list_unref_free (slots); return TRUE; }
static GP11Session* lookup_login_session (GP11Module *module) { GP11Slot *slot = NULL; GError *error = NULL; GP11Session *session; GP11SlotInfo *info; GList *slots; GList *l; g_assert (GP11_IS_MODULE (module)); /* * Find the right slot. * * TODO: This isn't necessarily the best way to do this. * A good function could be added to gp11 library. * But needs more thought on how to do this. */ slots = gp11_module_get_slots (module, TRUE); for (l = slots; !slot && l; l = g_list_next (l)) { info = gp11_slot_get_info (l->data); if (g_ascii_strcasecmp ("Secret Store", info->slot_description) == 0) slot = g_object_ref (l->data); gp11_slot_info_free (info); } gp11_list_unref_free (slots); g_return_val_if_fail (slot, NULL); session = open_and_login_session (slot, CKU_USER, &error); if (error) { g_warning ("couldn't open pkcs11 session for login: %s", egg_error_message (error)); g_clear_error (&error); } g_object_unref (slot); return session; }
static gboolean set_pin_for_any_slots (GList *modules, const gchar *original, const gchar *master) { GError *error = NULL; GList *slots, *l; gboolean initialize; GckTokenInfo *info; GckSession *session; g_return_val_if_fail (original, FALSE); g_return_val_if_fail (master, FALSE); slots = gck_modules_get_slots (modules, TRUE); for (l = slots; l; l = g_list_next (l)) { /* Set pin for any that are initialized, and not pap */ info = gck_slot_get_token_info (l->data); initialize = (info && (info->flags & CKF_USER_PIN_INITIALIZED)); if (initialize) { session = open_and_login_session (l->data, CKU_USER, NULL); if (session != NULL) { if (!gck_session_set_pin (session, (const guchar*)original, strlen (original), (const guchar*)master, strlen (master), NULL, &error)) { if (!g_error_matches (error, GCK_ERROR, CKR_PIN_INCORRECT) && !g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED)) g_warning ("couldn't change slot master password: %s", egg_error_message (error)); g_clear_error (&error); } g_object_unref (session); } } gck_token_info_free (info); } gck_list_unref_free (slots); return TRUE; }
static GckSession* lookup_login_session (GList *modules) { GckSlot *slot = NULL; GError *error = NULL; GckSession *session; slot = gck_modules_token_for_uri (modules, "pkcs11:token=Secret%20Store", &error); if (!slot) { g_warning ("couldn't find secret store module: %s", egg_error_message (error)); return NULL; } session = open_and_login_session (slot, CKU_USER, &error); if (error) { g_warning ("couldn't open pkcs11 session for login: %s", egg_error_message (error)); g_clear_error (&error); } g_object_unref (slot); return session; }