/*
* Create a new context
*/
PKCS11_CTX *PKCS11_CTX_new(void)
{
PKCS11_CTX_private *priv;
PKCS11_CTX *ctx;
/* Load error strings */
ERR_load_PKCS11_strings();
priv = PKCS11_NEW(PKCS11_CTX_private);
ctx = PKCS11_NEW(PKCS11_CTX);
ctx->_private = priv;
return ctx;
}
static int pkcs11_init_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE obj, PKCS11_CERT ** ret)
{
PKCS11_TOKEN_private *tpriv;
PKCS11_CERT_private *kpriv;
PKCS11_CERT *cert, *tmp;
char label[256], data[2048];
unsigned char id[256];
CK_CERTIFICATE_TYPE cert_type;
size_t size;
size = sizeof(cert_type);
if (pkcs11_getattr_var(token, obj, CKA_CERTIFICATE_TYPE, &cert_type, &size))
return -1;
/* Ignore any certs we don't understand */
if (cert_type != CKC_X_509)
return 0;
tpriv = PRIVTOKEN(token);
tmp = (PKCS11_CERT *) OPENSSL_realloc(tpriv->certs,
(tpriv->ncerts + 1) * sizeof(PKCS11_CERT));
if (!tmp) {
free(tpriv->certs);
tpriv->certs = NULL;
return -1;
}
tpriv->certs = tmp;
cert = tpriv->certs + tpriv->ncerts++;
memset(cert, 0, sizeof(*cert));
cert->_private = kpriv = PKCS11_NEW(PKCS11_CERT_private);
kpriv->object = obj;
kpriv->parent = token;
if (!pkcs11_getattr_s(token, obj, CKA_LABEL, label, sizeof(label)))
cert->label = BUF_strdup(label);
size = sizeof(data);
if (!pkcs11_getattr_var(token, obj, CKA_VALUE, data, &size)) {
const unsigned char *p = (unsigned char *) data;
cert->x509 = d2i_X509(NULL, &p, size);
}
cert->id_len = sizeof(id);
if (!pkcs11_getattr_var(token, obj, CKA_ID, id, &cert->id_len)) {
cert->id = (unsigned char *) malloc(cert->id_len);
memcpy(cert->id, id, cert->id_len);
}
/* Initialize internal information */
kpriv->id_len = sizeof(kpriv->id);
if (pkcs11_getattr_var(token, obj, CKA_ID, kpriv->id, &kpriv->id_len))
kpriv->id_len = 0;
if (ret)
*ret = cert;
return 0;
}
