static GkmObject* factory_create_private_key (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmGnome2PrivateKey *key; GkmSexp *sexp; g_return_val_if_fail (attrs || !n_attrs, NULL); sexp = gkm_private_xsa_key_create_sexp (session, transaction, attrs, n_attrs); if (sexp == NULL) return NULL; key = g_object_new (GKM_TYPE_GNOME2_PRIVATE_KEY, "base-sexp", sexp, "module", gkm_session_get_module (session), "manager", gkm_manager_for_template (attrs, n_attrs, session), NULL); g_return_val_if_fail (!key->private_sexp, NULL); key->private_sexp = gkm_sexp_ref (sexp); gkm_sexp_unref (sexp); /* TODO: We don't support setting these yet, so ignore them */ gkm_attributes_consume (attrs, n_attrs, CKA_SIGN_RECOVER, CKA_UNWRAP, CKA_ID, G_MAXULONG); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (key), TRUE, attrs, n_attrs); return GKM_OBJECT (key); }
static GkmObject* factory_create_generic_key (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmGenericKey *key; GkmManager *manager; CK_ATTRIBUTE_PTR value; value = gkm_attributes_find (attrs, n_attrs, CKA_VALUE); if (value == NULL) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } if (gkm_attributes_find (attrs, n_attrs, CKA_VALUE_LEN)) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT); return NULL; } manager = gkm_manager_for_template (attrs, n_attrs, session); key = g_object_new (GKM_TYPE_GENERIC_KEY, "module", gkm_session_get_module (session), "manager", manager, NULL); key->value = egg_secure_alloc (value->ulValueLen); key->n_value = value->ulValueLen; memcpy (key->value, value->pValue, key->n_value); gkm_attribute_consume (value); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (key), TRUE, attrs, n_attrs); return GKM_OBJECT (key); }
static GkmObject* factory_create_private_key (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmMate2PrivateKey *key; GkmSexp *sexp; g_return_val_if_fail (attrs || !n_attrs, NULL); sexp = gkm_private_xsa_key_create_sexp (session, transaction, attrs, n_attrs); if (sexp == NULL) return NULL; key = g_object_new (GKM_TYPE_MATE2_PRIVATE_KEY, "base-sexp", sexp, "module", gkm_session_get_module (session), "manager", gkm_manager_for_template (attrs, n_attrs, session), NULL); g_return_val_if_fail (!key->private_sexp, NULL); key->private_sexp = gkm_sexp_ref (sexp); gkm_sexp_unref (sexp); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (key), TRUE, attrs, n_attrs); return GKM_OBJECT (key); }
static GkmObject* factory_create_credential (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { CK_OBJECT_HANDLE handle; GkmCredential *cred; CK_ATTRIBUTE *attr; GkmManager *manager; GkmModule *module; GkmObject *object = NULL; CK_RV rv; g_return_val_if_fail (GKM_IS_TRANSACTION (transaction), NULL); g_return_val_if_fail (attrs || !n_attrs, NULL); /* The handle is optional */ if (gkm_attributes_find_ulong (attrs, n_attrs, CKA_G_OBJECT, &handle)) { rv = gkm_session_lookup_readable_object (session, handle, &object); if (rv != CKR_OK) { gkm_transaction_fail (transaction, rv); return NULL; } } else { object = NULL; } /* The value is optional */ attr = gkm_attributes_find (attrs, n_attrs, CKA_VALUE); gkm_attributes_consume (attrs, n_attrs, CKA_VALUE, CKA_G_OBJECT, G_MAXULONG); module = gkm_session_get_module (session); manager = gkm_manager_for_template (attrs, n_attrs, session); rv = gkm_credential_create (module, manager, object, attr ? attr->pValue : NULL, attr ? attr->ulValueLen : 0, &cred); if (rv == CKR_OK) { gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (cred), TRUE, attrs, n_attrs); return GKM_OBJECT (cred); } else { gkm_transaction_fail (transaction, rv); return NULL; } }
static GkmObject* factory_create_null_key (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmNullKey *key; GkmManager *manager; manager = gkm_manager_for_template (attrs, n_attrs, session); key = g_object_new (GKM_TYPE_NULL_KEY, "module", gkm_session_get_module (session), "manager", manager, NULL); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (key), TRUE, attrs, n_attrs); return GKM_OBJECT (key); }
static GkmObject* factory_create_public_key (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmObject *object = NULL; GkmSexp *sexp; g_return_val_if_fail (attrs || !n_attrs, NULL); sexp = gkm_public_xsa_key_create_sexp (session, transaction, attrs, n_attrs); if (sexp != NULL) { object = g_object_new (GKM_TYPE_MATE2_PUBLIC_KEY, "base-sexp", sexp, "module", gkm_session_get_module (session), "manager", gkm_manager_for_template (attrs, n_attrs, session), NULL); gkm_sexp_unref (sexp); gkm_session_complete_object_creation (session, transaction, object, TRUE, attrs, n_attrs); } return object; }
static GkmObject* factory_create_certificate (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { CK_ATTRIBUTE_PTR attr; GkmCertificate *cert; g_return_val_if_fail (GKM_IS_TRANSACTION (transaction), NULL); g_return_val_if_fail (attrs || !n_attrs, NULL); /* Dig out the value */ attr = gkm_attributes_find (attrs, n_attrs, CKA_VALUE); if (attr == NULL) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } cert = g_object_new (GKM_TYPE_CERTIFICATE, "module", gkm_session_get_module (session), "manager", gkm_manager_for_template (attrs, n_attrs, session), NULL); /* Load the certificate from the data specified */ if (!gkm_serializable_load (GKM_SERIALIZABLE (cert), NULL, attr->pValue, attr->ulValueLen)) { gkm_transaction_fail (transaction, CKR_ATTRIBUTE_VALUE_INVALID); g_object_unref (cert); return NULL; } /* Note that we ignore the subject */ gkm_attributes_consume (attrs, n_attrs, CKA_VALUE, CKA_SUBJECT, G_MAXULONG); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (cert), TRUE, attrs, n_attrs); return GKM_OBJECT (cert); }
static GkmObject* factory_create_assertion (GkmSession *session, GkmTransaction *transaction, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs) { GkmAssertion *assertion; CK_X_ASSERTION_TYPE type; GkmManager *manager; gboolean created = FALSE; GkmXdgTrust *trust; gchar *purpose; gchar *peer; g_return_val_if_fail (attrs || !n_attrs, NULL); if (!gkm_attributes_find_ulong (attrs, n_attrs, CKA_X_ASSERTION_TYPE, &type)) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PURPOSE, &purpose)) { gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE); return NULL; } if (!gkm_attributes_find_string (attrs, n_attrs, CKA_X_PEER, &peer)) peer = NULL; /* Try to find or create an appropriate trust object for this assertion */ manager = gkm_manager_for_template (attrs, n_attrs, session); trust = lookup_or_create_trust_object (session, manager, transaction, type, attrs, n_attrs, &created); /* Creating the trust object failed */ if (trust == NULL) { g_return_val_if_fail (gkm_transaction_get_failed (transaction), NULL); g_free (purpose); g_free (peer); return NULL; } assertion = g_object_new (GKM_XDG_TYPE_ASSERTION, "module", gkm_session_get_module (session), "manager", manager, "trust", trust, "type", type, "purpose", purpose, "peer", peer, NULL); g_free (purpose); g_free (peer); /* Add the assertion to the trust object */ if (!gkm_transaction_get_failed (transaction)) { gkm_xdg_trust_replace_assertion (trust, GKM_ASSERTION (assertion), transaction); if (gkm_transaction_get_failed (transaction)) { gkm_transaction_fail (transaction, CKR_GENERAL_ERROR); /* A new trust assertion */ } else { gkm_attributes_consume (attrs, n_attrs, CKA_X_ASSERTION_TYPE, CKA_X_PURPOSE, G_MAXULONG); gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (assertion), TRUE, attrs, n_attrs); } } g_object_unref (trust); return GKM_OBJECT (assertion); }