static int
find_object(struct pkcs11_session_info *sinfo,
struct pin_info_st *pin_info,
ck_object_handle_t * _ctx,
struct p11_kit_uri *info, unsigned int flags)
{
int ret;
ck_object_handle_t ctx;
struct ck_attribute *attrs;
unsigned long attr_count;
unsigned long count;
ck_rv_t rv;
ret =
pkcs11_open_session(sinfo, pin_info, info,
flags & SESSION_LOGIN);
if (ret < 0) {
gnutls_assert();
return ret;
}
attrs = p11_kit_uri_get_attributes(info, &attr_count);
rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, attrs,
attr_count);
if (rv != CKR_OK) {
gnutls_assert();
_gnutls_debug_log("p11: FindObjectsInit failed.\n");
ret = pkcs11_rv_to_err(rv);
goto fail;
}
if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count)
== CKR_OK && count == 1) {
*_ctx = ctx;
pkcs11_find_objects_final(sinfo);
return 0;
}
ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
pkcs11_find_objects_final(sinfo);
fail:
pkcs11_close_session(sinfo);
return ret;
}
/**
* p11_kit_iter_set_uri:
* @iter: the iterator
* @uri: (allow-none): a PKCS\#11 URI to filter on, or %NULL
*
* Set the PKCS\#11 uri for iterator. Only
* objects that match the @uri will be returned by the iterator.
* Relevant information in @uri is copied, and you need not keep
* @uri around.
*
* If no @uri is specified then the iterator will iterate over all
* objects, unless otherwise filtered.
*
* This function should be called at most once, and should be
* called before iterating begins.
*
*/
void
p11_kit_iter_set_uri (P11KitIter *iter,
P11KitUri *uri)
{
CK_ATTRIBUTE *attrs;
CK_TOKEN_INFO *tinfo;
CK_SLOT_INFO *sinfo;
CK_INFO *minfo;
CK_ULONG count;
return_if_fail (iter != NULL);
if (uri != NULL) {
if (p11_kit_uri_any_unrecognized (uri)) {
iter->match_nothing = 1;
} else {
attrs = p11_kit_uri_get_attributes (uri, &count);
iter->match_attrs = p11_attrs_buildn (NULL, attrs, count);
iter->match_slot_id = p11_kit_uri_get_slot_id (uri);
minfo = p11_kit_uri_get_module_info (uri);
if (minfo != NULL)
memcpy (&iter->match_module, minfo, sizeof (CK_INFO));
sinfo = p11_kit_uri_get_slot_info (uri);
if (sinfo != NULL)
memcpy (&iter->match_slot, sinfo, sizeof (CK_SLOT_INFO));
tinfo = p11_kit_uri_get_token_info (uri);
if (tinfo != NULL)
memcpy (&iter->match_token, tinfo, sizeof (CK_TOKEN_INFO));
}
} else {
/* Match any module version number and slot ID */
memset (&iter->match_module, 0, sizeof (iter->match_module));
iter->match_module.libraryVersion.major = (CK_BYTE)-1;
iter->match_module.libraryVersion.minor = (CK_BYTE)-1;
iter->match_slot_id = (CK_SLOT_ID)-1;
}
}
static void
test_uri_get_set_attributes (void)
{
CK_ATTRIBUTE_PTR attrs;
CK_OBJECT_CLASS klass;
CK_ATTRIBUTE attr;
CK_ULONG n_attrs;
P11KitUri *uri;
int ret;
uri = p11_kit_uri_new ();
assert_ptr_not_null (uri);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (0, n_attrs);
attr.type = CKA_LABEL;
attr.pValue = "Test";
attr.ulValueLen = 4;
ret = p11_kit_uri_set_attribute (uri, &attr);
assert_num_eq (P11_KIT_URI_OK, ret);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (1, n_attrs);
assert (attrs[0].type == CKA_LABEL);
assert (attrs[0].ulValueLen == 4);
assert (memcmp (attrs[0].pValue, "Test", 4) == 0);
attr.type = CKA_LABEL;
attr.pValue = "Kablooey";
attr.ulValueLen = 8;
ret = p11_kit_uri_set_attribute (uri, &attr);
assert_num_eq (P11_KIT_URI_OK, ret);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (1, n_attrs);
assert (attrs[0].type == CKA_LABEL);
assert (attrs[0].ulValueLen == 8);
assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0);
klass = CKO_DATA;
attr.type = CKA_CLASS;
attr.pValue = &klass;
attr.ulValueLen = sizeof (klass);
ret = p11_kit_uri_set_attribute (uri, &attr);
assert_num_eq (P11_KIT_URI_OK, ret);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (2, n_attrs);
assert (attrs[0].type == CKA_LABEL);
assert (attrs[0].ulValueLen == 8);
assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0);
assert (attrs[1].type == CKA_CLASS);
assert (attrs[1].ulValueLen == sizeof (klass));
assert (memcmp (attrs[1].pValue, &klass, sizeof (klass)) == 0);
ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL);
assert_num_eq (P11_KIT_URI_OK, ret);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (1, n_attrs);
assert (attrs[0].type == CKA_CLASS);
assert (attrs[0].ulValueLen == sizeof (klass));
assert (memcmp (attrs[0].pValue, &klass, sizeof (klass)) == 0);
attr.type = CKA_LABEL;
attr.pValue = "Three";
attr.ulValueLen = 5;
ret = p11_kit_uri_set_attributes (uri, &attr, 1);
assert_num_eq (P11_KIT_URI_OK, ret);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (1, n_attrs);
assert (attrs[0].type == CKA_LABEL);
assert (attrs[0].ulValueLen == 5);
assert (memcmp (attrs[0].pValue, "Three", 5) == 0);
p11_kit_uri_clear_attributes (uri);
attrs = p11_kit_uri_get_attributes (uri, &n_attrs);
assert_ptr_not_null (attrs);
assert_num_eq (0, n_attrs);
p11_kit_uri_free (uri);
}
