static int find_object(struct pkcs11_session_info *sinfo, struct pin_info_st *pin_info, ck_object_handle_t * _ctx, struct p11_kit_uri *info, unsigned int flags) { int ret; ck_object_handle_t ctx; struct ck_attribute *attrs; unsigned long attr_count; unsigned long count; ck_rv_t rv; ret = pkcs11_open_session(sinfo, pin_info, info, flags & SESSION_LOGIN); if (ret < 0) { gnutls_assert(); return ret; } attrs = p11_kit_uri_get_attributes(info, &attr_count); rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, attrs, attr_count); if (rv != CKR_OK) { gnutls_assert(); _gnutls_debug_log("p11: FindObjectsInit failed.\n"); ret = pkcs11_rv_to_err(rv); goto fail; } if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK && count == 1) { *_ctx = ctx; pkcs11_find_objects_final(sinfo); return 0; } ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; pkcs11_find_objects_final(sinfo); fail: pkcs11_close_session(sinfo); return ret; }
/** * p11_kit_iter_set_uri: * @iter: the iterator * @uri: (allow-none): a PKCS\#11 URI to filter on, or %NULL * * Set the PKCS\#11 uri for iterator. Only * objects that match the @uri will be returned by the iterator. * Relevant information in @uri is copied, and you need not keep * @uri around. * * If no @uri is specified then the iterator will iterate over all * objects, unless otherwise filtered. * * This function should be called at most once, and should be * called before iterating begins. * */ void p11_kit_iter_set_uri (P11KitIter *iter, P11KitUri *uri) { CK_ATTRIBUTE *attrs; CK_TOKEN_INFO *tinfo; CK_SLOT_INFO *sinfo; CK_INFO *minfo; CK_ULONG count; return_if_fail (iter != NULL); if (uri != NULL) { if (p11_kit_uri_any_unrecognized (uri)) { iter->match_nothing = 1; } else { attrs = p11_kit_uri_get_attributes (uri, &count); iter->match_attrs = p11_attrs_buildn (NULL, attrs, count); iter->match_slot_id = p11_kit_uri_get_slot_id (uri); minfo = p11_kit_uri_get_module_info (uri); if (minfo != NULL) memcpy (&iter->match_module, minfo, sizeof (CK_INFO)); sinfo = p11_kit_uri_get_slot_info (uri); if (sinfo != NULL) memcpy (&iter->match_slot, sinfo, sizeof (CK_SLOT_INFO)); tinfo = p11_kit_uri_get_token_info (uri); if (tinfo != NULL) memcpy (&iter->match_token, tinfo, sizeof (CK_TOKEN_INFO)); } } else { /* Match any module version number and slot ID */ memset (&iter->match_module, 0, sizeof (iter->match_module)); iter->match_module.libraryVersion.major = (CK_BYTE)-1; iter->match_module.libraryVersion.minor = (CK_BYTE)-1; iter->match_slot_id = (CK_SLOT_ID)-1; } }
static void test_uri_get_set_attributes (void) { CK_ATTRIBUTE_PTR attrs; CK_OBJECT_CLASS klass; CK_ATTRIBUTE attr; CK_ULONG n_attrs; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (0, n_attrs); attr.type = CKA_LABEL; attr.pValue = "Test"; attr.ulValueLen = 4; ret = p11_kit_uri_set_attribute (uri, &attr); assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (1, n_attrs); assert (attrs[0].type == CKA_LABEL); assert (attrs[0].ulValueLen == 4); assert (memcmp (attrs[0].pValue, "Test", 4) == 0); attr.type = CKA_LABEL; attr.pValue = "Kablooey"; attr.ulValueLen = 8; ret = p11_kit_uri_set_attribute (uri, &attr); assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (1, n_attrs); assert (attrs[0].type == CKA_LABEL); assert (attrs[0].ulValueLen == 8); assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0); klass = CKO_DATA; attr.type = CKA_CLASS; attr.pValue = &klass; attr.ulValueLen = sizeof (klass); ret = p11_kit_uri_set_attribute (uri, &attr); assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (2, n_attrs); assert (attrs[0].type == CKA_LABEL); assert (attrs[0].ulValueLen == 8); assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0); assert (attrs[1].type == CKA_CLASS); assert (attrs[1].ulValueLen == sizeof (klass)); assert (memcmp (attrs[1].pValue, &klass, sizeof (klass)) == 0); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (1, n_attrs); assert (attrs[0].type == CKA_CLASS); assert (attrs[0].ulValueLen == sizeof (klass)); assert (memcmp (attrs[0].pValue, &klass, sizeof (klass)) == 0); attr.type = CKA_LABEL; attr.pValue = "Three"; attr.ulValueLen = 5; ret = p11_kit_uri_set_attributes (uri, &attr, 1); assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (1, n_attrs); assert (attrs[0].type == CKA_LABEL); assert (attrs[0].ulValueLen == 5); assert (memcmp (attrs[0].pValue, "Three", 5) == 0); p11_kit_uri_clear_attributes (uri); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); assert_ptr_not_null (attrs); assert_num_eq (0, n_attrs); p11_kit_uri_free (uri); }