static void auto_unlock_attach_object (CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs, const gchar *password) { CK_OBJECT_CLASS klass; gchar *label; gchar *unique; if (!password) return; if (!gkm_attributes_find_ulong (attrs, n_attrs, CKA_CLASS, &klass)) return; if (klass == CKO_G_COLLECTION) { auto_unlock_attach_keyring (attrs, n_attrs, password); return; } unique = auto_unlock_object_unique (attrs, n_attrs); if (unique == NULL) return; if (!gkm_attributes_find_string (attrs, n_attrs, CKA_LABEL, &label)) label = g_strdup (unique); gkm_wrap_login_attach_secret (label, password, "unique", unique, NULL); g_free (unique); g_free (label); }
static GkmObject* factory_create_item (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmSecretCollection *collection = NULL; GkmSecretItem *item; GkmManager *m_manager; GkmManager *s_manager; CK_ATTRIBUTE *attr; gboolean is_token; gchar *identifier; g_return_val_if_fail (GKM_IS_TRANSACTION (transaction), NULL); g_return_val_if_fail (attrs || !n_attrs, NULL); /* See if a collection attribute was specified */ attr = gkm_attributes_find (attrs, n_attrs, CKA_G_COLLECTION); if (attr == NULL) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } m_manager = gkm_module_get_manager (gkm_session_get_module (session)); s_manager = gkm_session_get_manager (session); gkm_attribute_consume (attr); if (!gkm_attributes_find_boolean (attrs, n_attrs, CKA_TOKEN, &is_token)) collection = gkm_secret_collection_find (session, attr, m_manager, s_manager, NULL); else if (is_token) collection = gkm_secret_collection_find (session, attr, m_manager, NULL); else collection = gkm_secret_collection_find (session, attr, s_manager, NULL); if (!collection) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT); return NULL; } /* If an ID was specified, then try and see if that ID already exists */ if (gkm_attributes_find_string (attrs, n_attrs, CKA_ID, &identifier)) { item = gkm_secret_collection_get_item (collection, identifier); if (item == NULL) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT); return NULL; } else { gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item), FALSE, attrs, n_attrs); return g_object_ref (item); } } /* Create a new collection which will own the item */ item = gkm_secret_collection_create_item (collection, transaction); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item), TRUE, attrs, n_attrs); return g_object_ref (item); }
static void auto_unlock_attach_keyring (CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs, const gchar *password) { gchar *location; gchar *label; if (!password) return; location = auto_unlock_keyring_location (attrs, n_attrs); if (location == NULL) return; if (!gkm_attributes_find_string (attrs, n_attrs, CKA_LABEL, &label)) if (!gkm_attributes_find_string (attrs, n_attrs, CKA_ID, &label)) label = g_strdup (location); gkm_wrap_login_attach_secret (label, password, "keyring", location, NULL); g_free (location); g_free (label); }
static GkmObject* factory_create_assertion (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmAssertion *assertion; CK_X_ASSERTION_TYPE type; GkmManager *manager; gboolean created = FALSE; GkmXdgTrust *trust; gchar *purpose; gchar *peer; g_return_val_if_fail (attrs || !n_attrs, NULL); if (!gkm_attributes_find_ulong (attrs, n_attrs, CKA_X_ASSERTION_TYPE, &type)) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PURPOSE, &purpose)) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PEER, &peer)) peer = NULL; /* Try to find or create an appropriate trust object for this assertion */ manager = gkm_manager_for_template (attrs, n_attrs, session); trust = lookup_or_create_trust_object (session, manager, transaction, type, attrs, n_attrs, &created); /* Creating the trust object failed */ if (trust == NULL) { g_return_val_if_fail (gkm_transaction_get_failed (transaction), NULL); g_free (purpose); g_free (peer); return NULL; } assertion = g_object_new (GKM_XDG_TYPE_ASSERTION, "module", gkm_session_get_module (session), "manager", manager, "trust", trust, "type", type, "purpose", purpose, "peer", peer, NULL); g_free (purpose); g_free (peer); /* Add the assertion to the trust object */ if (!gkm_transaction_get_failed (transaction)) { gkm_xdg_trust_replace_assertion (trust, GKM_ASSERTION (assertion), transaction); if (gkm_transaction_get_failed (transaction)) { gkm_transaction_fail (transaction, CKR_GENERAL_ERROR); /* A new trust assertion */ } else { gkm_attributes_consume (attrs, n_attrs, CKA_X_ASSERTION_TYPE, CKA_X_PURPOSE, G_MAXULONG); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (assertion), TRUE, attrs, n_attrs); } } g_object_unref (trust); return GKM_OBJECT (assertion); }