Esempio n. 1
0
static int
find_object(struct pkcs11_session_info *sinfo,
	    struct pin_info_st *pin_info,
	    ck_object_handle_t * _ctx,
	    struct p11_kit_uri *info, unsigned int flags)
{
	int ret;
	ck_object_handle_t ctx;
	struct ck_attribute *attrs;
	unsigned long attr_count;
	unsigned long count;
	ck_rv_t rv;

	ret =
	    pkcs11_open_session(sinfo, pin_info, info,
				flags & SESSION_LOGIN);
	if (ret < 0) {
		gnutls_assert();
		return ret;
	}

	attrs = p11_kit_uri_get_attributes(info, &attr_count);
	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, attrs,
				      attr_count);
	if (rv != CKR_OK) {
		gnutls_assert();
		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
		ret = pkcs11_rv_to_err(rv);
		goto fail;
	}

	if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count)
	    == CKR_OK && count == 1) {
		*_ctx = ctx;
		pkcs11_find_objects_final(sinfo);
		return 0;
	}

	ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
	pkcs11_find_objects_final(sinfo);
      fail:
	pkcs11_close_session(sinfo);

	return ret;
}
Esempio n. 2
0
/**
 * p11_kit_iter_set_uri:
 * @iter: the iterator
 * @uri: (allow-none): a PKCS\#11 URI to filter on, or %NULL
 *
 * Set the PKCS\#11 uri for iterator. Only
 * objects that match the @uri will be returned by the iterator.
 * Relevant information in @uri is copied, and you need not keep
 * @uri around.
 *
 * If no @uri is specified then the iterator will iterate over all
 * objects, unless otherwise filtered.
 *
 * This function should be called at most once, and should be
 * called before iterating begins.
 *
 */
void
p11_kit_iter_set_uri (P11KitIter *iter,
                      P11KitUri *uri)
{
	CK_ATTRIBUTE *attrs;
	CK_TOKEN_INFO *tinfo;
	CK_SLOT_INFO *sinfo;
	CK_INFO *minfo;
	CK_ULONG count;

	return_if_fail (iter != NULL);

	if (uri != NULL) {

		if (p11_kit_uri_any_unrecognized (uri)) {
			iter->match_nothing = 1;

		} else {
			attrs = p11_kit_uri_get_attributes (uri, &count);
			iter->match_attrs = p11_attrs_buildn (NULL, attrs, count);

			iter->match_slot_id = p11_kit_uri_get_slot_id (uri);

			minfo = p11_kit_uri_get_module_info (uri);
			if (minfo != NULL)
				memcpy (&iter->match_module, minfo, sizeof (CK_INFO));

			sinfo = p11_kit_uri_get_slot_info (uri);
			if (sinfo != NULL)
				memcpy (&iter->match_slot, sinfo, sizeof (CK_SLOT_INFO));

			tinfo = p11_kit_uri_get_token_info (uri);
			if (tinfo != NULL)
				memcpy (&iter->match_token, tinfo, sizeof (CK_TOKEN_INFO));
		}
	} else {
		/* Match any module version number and slot ID */
		memset (&iter->match_module, 0, sizeof (iter->match_module));
		iter->match_module.libraryVersion.major = (CK_BYTE)-1;
		iter->match_module.libraryVersion.minor = (CK_BYTE)-1;
		iter->match_slot_id = (CK_SLOT_ID)-1;
	}
}
Esempio n. 3
0
static void
test_uri_get_set_attributes (void)
{
	CK_ATTRIBUTE_PTR attrs;
	CK_OBJECT_CLASS klass;
	CK_ATTRIBUTE attr;
	CK_ULONG n_attrs;
	P11KitUri *uri;
	int ret;

	uri = p11_kit_uri_new ();
	assert_ptr_not_null (uri);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (0, n_attrs);

	attr.type = CKA_LABEL;
	attr.pValue = "Test";
	attr.ulValueLen = 4;

	ret = p11_kit_uri_set_attribute (uri, &attr);
	assert_num_eq (P11_KIT_URI_OK, ret);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (1, n_attrs);
	assert (attrs[0].type == CKA_LABEL);
	assert (attrs[0].ulValueLen == 4);
	assert (memcmp (attrs[0].pValue, "Test", 4) == 0);

	attr.type = CKA_LABEL;
	attr.pValue = "Kablooey";
	attr.ulValueLen = 8;

	ret = p11_kit_uri_set_attribute (uri, &attr);
	assert_num_eq (P11_KIT_URI_OK, ret);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (1, n_attrs);
	assert (attrs[0].type == CKA_LABEL);
	assert (attrs[0].ulValueLen == 8);
	assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0);

	klass = CKO_DATA;
	attr.type = CKA_CLASS;
	attr.pValue = &klass;
	attr.ulValueLen = sizeof (klass);

	ret = p11_kit_uri_set_attribute (uri, &attr);
	assert_num_eq (P11_KIT_URI_OK, ret);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (2, n_attrs);
	assert (attrs[0].type == CKA_LABEL);
	assert (attrs[0].ulValueLen == 8);
	assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0);
	assert (attrs[1].type == CKA_CLASS);
	assert (attrs[1].ulValueLen == sizeof (klass));
	assert (memcmp (attrs[1].pValue, &klass, sizeof (klass)) == 0);

	ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL);
	assert_num_eq (P11_KIT_URI_OK, ret);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (1, n_attrs);
	assert (attrs[0].type == CKA_CLASS);
	assert (attrs[0].ulValueLen == sizeof (klass));
	assert (memcmp (attrs[0].pValue, &klass, sizeof (klass)) == 0);

	attr.type = CKA_LABEL;
	attr.pValue = "Three";
	attr.ulValueLen = 5;

	ret = p11_kit_uri_set_attributes (uri, &attr, 1);
	assert_num_eq (P11_KIT_URI_OK, ret);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (1, n_attrs);
	assert (attrs[0].type == CKA_LABEL);
	assert (attrs[0].ulValueLen == 5);
	assert (memcmp (attrs[0].pValue, "Three", 5) == 0);

	p11_kit_uri_clear_attributes (uri);

	attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
	assert_ptr_not_null (attrs);
	assert_num_eq (0, n_attrs);

	p11_kit_uri_free (uri);
}