static void
test_expose_transaction (Test* test, gconstpointer unused)
{
CK_OBJECT_HANDLE handle;
GkmManager *manager;
GkmObject *check, *object;
GkmTransaction *transaction;
manager = gkm_session_get_manager (test->session);
object = mock_module_object_new (test->session);
handle = gkm_object_get_handle (object);
transaction = gkm_transaction_new ();
/* Should be hidden */
gkm_object_expose (object, FALSE);
check = gkm_manager_find_by_handle (manager, handle);
g_assert (check == NULL);
/* Now it should have a handle, and be visible */
gkm_object_expose_full (object, transaction, TRUE);
check = gkm_manager_find_by_handle (manager, handle);
g_assert (check == object);
gkm_transaction_fail (transaction, CKR_GENERAL_ERROR);
gkm_transaction_complete (transaction);
/* Now should be invisible */
check = gkm_manager_find_by_handle (manager, handle);
g_assert (check == NULL);
g_object_unref (transaction);
}
static void
apartment_free (gpointer data)
{
Apartment *apt;
GList *l;
g_assert (data != NULL);
apt = (Apartment*)data;
g_return_if_fail (GKM_IS_MANAGER (apt->session_manager));
/* Unreference all the sessions */
for (l = apt->sessions; l; l = g_list_next (l)) {
/* Some sanity checks to make sure things have remained as expected */
g_return_if_fail (GKM_IS_SESSION (l->data));
g_return_if_fail (gkm_session_get_apartment (l->data) == apt->apt_id);
g_return_if_fail (gkm_session_get_manager (l->data) == apt->session_manager);
g_return_if_fail (gkm_session_get_logged_in (l->data) == apt->logged_in);
g_object_unref (l->data);
}
g_list_free (apt->sessions);
g_object_unref (apt->session_manager);
g_slice_free (Apartment, apt);
}
static GkmObject*
factory_create_item (GkmSession *session, GkmTransaction *transaction,
CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
{
GkmSecretCollection *collection = NULL;
GkmSecretItem *item;
GkmManager *m_manager;
GkmManager *s_manager;
CK_ATTRIBUTE *attr;
gboolean is_token;
gchar *identifier;
g_return_val_if_fail (GKM_IS_TRANSACTION (transaction), NULL);
g_return_val_if_fail (attrs || !n_attrs, NULL);
/* See if a collection attribute was specified */
attr = gkm_attributes_find (attrs, n_attrs, CKA_G_COLLECTION);
if (attr == NULL) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE);
return NULL;
}
m_manager = gkm_module_get_manager (gkm_session_get_module (session));
s_manager = gkm_session_get_manager (session);
gkm_attribute_consume (attr);
if (!gkm_attributes_find_boolean (attrs, n_attrs, CKA_TOKEN, &is_token))
collection = gkm_secret_collection_find (session, attr, m_manager, s_manager, NULL);
else if (is_token)
collection = gkm_secret_collection_find (session, attr, m_manager, NULL);
else
collection = gkm_secret_collection_find (session, attr, s_manager, NULL);
if (!collection) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT);
return NULL;
}
/* If an ID was specified, then try and see if that ID already exists */
if (gkm_attributes_find_string (attrs, n_attrs, CKA_ID, &identifier)) {
item = gkm_secret_collection_get_item (collection, identifier);
if (item == NULL) {
gkm_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT);
return NULL;
} else {
gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item),
FALSE, attrs, n_attrs);
return g_object_ref (item);
}
}
/* Create a new collection which will own the item */
item = gkm_secret_collection_create_item (collection, transaction);
gkm_session_complete_object_creation (session, transaction, GKM_OBJECT (item),
TRUE, attrs, n_attrs);
return g_object_ref (item);
}
static void
unlock_collection(void)
{
GkmCredential *cred;
GkmObject *object;
CK_RV rv;
/* Create credential, which unlocks collection */
object = GKM_OBJECT (collection);
rv = gkm_credential_create (gkm_object_get_module (object),
gkm_session_get_manager (session),
object, NULL, 0, &cred);
g_assert (rv == CKR_OK);
gkm_session_add_session_object (session, NULL, GKM_OBJECT (cred));
g_object_unref (cred);
}
static void
test_expose (Test* test, gconstpointer unused)
{
CK_OBJECT_HANDLE handle;
GkmManager *manager;
GkmObject *check, *object;
manager = gkm_session_get_manager (test->session);
object = mock_module_object_new (test->session);
handle = gkm_object_get_handle (object);
gkm_object_expose (object, TRUE);
/* Now it should have a handle, and be visible */
check = gkm_manager_find_by_handle (manager, handle);
g_assert (check == object);
gkm_object_expose (object, FALSE);
/* Now should be invisible */
check = gkm_manager_find_by_handle (manager, handle);
g_assert (check == NULL);
}
gboolean
gkm_credential_for_each (GkmSession *session, GkmObject *object,
GkmCredentialFunc func, gpointer user_data)
{
CK_OBJECT_HANDLE handle;
CK_OBJECT_CLASS klass;
CK_ATTRIBUTE attrs[2];
GList *results, *l;
GkmCredential *cred;
gboolean ret;
g_return_val_if_fail (GKM_IS_SESSION (session), FALSE);
g_return_val_if_fail (GKM_IS_OBJECT (object), FALSE);
g_return_val_if_fail (func, FALSE);
/* Do we have one right on the session */
cred = gkm_session_get_credential (session);
if (cred && gkm_credential_get_object (cred) == object) {
g_object_ref (cred);
ret = (func) (cred, object, user_data);
g_object_unref (cred);
if (ret)
return TRUE;
}
klass = CKO_G_CREDENTIAL;
attrs[0].type = CKA_CLASS;
attrs[0].pValue = &klass;
attrs[0].ulValueLen = sizeof (klass);
handle = gkm_object_get_handle (object);
attrs[1].type = CKA_G_OBJECT;
attrs[1].pValue = &handle;
attrs[1].ulValueLen = sizeof (handle);
/* Find any on the session */
results = gkm_manager_find_by_attributes (gkm_session_get_manager (session),
session, attrs, G_N_ELEMENTS (attrs));
for (l = results; l; l = g_list_next (l)) {
g_object_ref (l->data);
ret = (func) (l->data, object, user_data);
g_object_unref (l->data);
if (ret)
break;
}
g_list_free (results);
if (l != NULL)
return TRUE;
/* Find any in the token */
results = gkm_manager_find_by_attributes (gkm_module_get_manager (gkm_session_get_module (session)),
session, attrs, G_N_ELEMENTS (attrs));
for (l = results; l; l = g_list_next (l)) {
g_object_ref (l->data);
ret = (func) (l->data, object, user_data);
g_object_unref (l->data);
if (ret)
break;
}
g_list_free (results);
return (l != NULL);
}
