static void
auto_unlock_attach_object (CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs, const gchar *password)
{
CK_OBJECT_CLASS klass;
gchar *label;
gchar *unique;
if (!password)
return;
if (!gkm_attributes_find_ulong (attrs, n_attrs, CKA_CLASS, &klass))
return;
if (klass == CKO_G_COLLECTION) {
auto_unlock_attach_keyring (attrs, n_attrs, password);
return;
}
unique = auto_unlock_object_unique (attrs, n_attrs);
if (unique == NULL)
return;
if (!gkm_attributes_find_string (attrs, n_attrs, CKA_LABEL, &label))
label = g_strdup (unique);
gkm_wrap_login_attach_secret (label, password, "unique", unique, NULL);
g_free (unique);
g_free (label);
}
static GkmObject*
factory_create_item (GkmSession *session, GkmTransaction *transaction,
CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
{
GkmSecretCollection *collection = NULL;
GkmSecretItem *item;
GkmManager *m_manager;
GkmManager *s_manager;
CK_ATTRIBUTE *attr;
gboolean is_token;
gchar *identifier;
g_return_val_if_fail (GKM_IS_TRANSACTION (transaction), NULL);
g_return_val_if_fail (attrs || !n_attrs, NULL);
/* See if a collection attribute was specified */
attr = gkm_attributes_find (attrs, n_attrs, CKA_G_COLLECTION);
if (attr == NULL) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE);
return NULL;
}
m_manager = gkm_module_get_manager (gkm_session_get_module (session));
s_manager = gkm_session_get_manager (session);
gkm_attribute_consume (attr);
if (!gkm_attributes_find_boolean (attrs, n_attrs, CKA_TOKEN, &is_token))
collection = gkm_secret_collection_find (session, attr, m_manager, s_manager, NULL);
else if (is_token)
collection = gkm_secret_collection_find (session, attr, m_manager, NULL);
else
collection = gkm_secret_collection_find (session, attr, s_manager, NULL);
if (!collection) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT);
return NULL;
}
/* If an ID was specified, then try and see if that ID already exists */
if (gkm_attributes_find_string (attrs, n_attrs, CKA_ID, &identifier)) {
item = gkm_secret_collection_get_item (collection, identifier);
if (item == NULL) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT);
return NULL;
} else {
gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item),
FALSE, attrs, n_attrs);
return g_object_ref (item);
}
}
/* Create a new collection which will own the item */
item = gkm_secret_collection_create_item (collection, transaction);
gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item),
TRUE, attrs, n_attrs);
return g_object_ref (item);
}
static void
auto_unlock_attach_keyring (CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs, const gchar *password)
{
gchar *location;
gchar *label;
if (!password)
return;
location = auto_unlock_keyring_location (attrs, n_attrs);
if (location == NULL)
return;
if (!gkm_attributes_find_string (attrs, n_attrs, CKA_LABEL, &label))
if (!gkm_attributes_find_string (attrs, n_attrs, CKA_ID, &label))
label = g_strdup (location);
gkm_wrap_login_attach_secret (label, password, "keyring", location, NULL);
g_free (location);
g_free (label);
}
static GkmObject*
factory_create_assertion (GkmSession *session, GkmTransaction *transaction,
CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
{
GkmAssertion *assertion;
CK_X_ASSERTION_TYPE type;
GkmManager *manager;
gboolean created = FALSE;
GkmXdgTrust *trust;
gchar *purpose;
gchar *peer;
g_return_val_if_fail (attrs || !n_attrs, NULL);
if (!gkm_attributes_find_ulong (attrs, n_attrs, CKA_X_ASSERTION_TYPE, &type)) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE);
return NULL;
}
if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PURPOSE, &purpose)) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE);
return NULL;
}
if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PEER, &peer))
peer = NULL;
/* Try to find or create an appropriate trust object for this assertion */
manager = gkm_manager_for_template (attrs, n_attrs, session);
trust = lookup_or_create_trust_object (session, manager, transaction,
type, attrs, n_attrs, &created);
/* Creating the trust object failed */
if (trust == NULL) {
g_return_val_if_fail (gkm_transaction_get_failed (transaction), NULL);
g_free (purpose);
g_free (peer);
return NULL;
}
assertion = g_object_new (GKM_XDG_TYPE_ASSERTION,
"module", gkm_session_get_module (session),
"manager", manager,
"trust", trust,
"type", type,
"purpose", purpose,
"peer", peer,
NULL);
g_free (purpose);
g_free (peer);
/* Add the assertion to the trust object */
if (!gkm_transaction_get_failed (transaction)) {
gkm_xdg_trust_replace_assertion (trust, GKM_ASSERTION (assertion), transaction);
if (gkm_transaction_get_failed (transaction)) {
gkm_transaction_fail (transaction, CKR_GENERAL_ERROR);
/* A new trust assertion */
} else {
gkm_attributes_consume (attrs, n_attrs, CKA_X_ASSERTION_TYPE, CKA_X_PURPOSE, G_MAXULONG);
gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (assertion),
TRUE, attrs, n_attrs);
}
}
g_object_unref (trust);
return GKM_OBJECT (assertion);
}
