static void
test_uri_match_token (void)
{
CK_TOKEN_INFO token;
P11KitUri *uri;
int ret;
uri = p11_kit_uri_new ();
assert_ptr_not_null (uri);
ret = p11_kit_uri_parse ("pkcs11:model=Giselle", P11_KIT_URI_FOR_ANY, uri);
assert_num_eq (P11_KIT_URI_OK, ret);
set_space_string (token.label, sizeof (token.label), "A label");
set_space_string (token.model, sizeof (token.model), "Giselle");
ret = p11_kit_uri_match_token_info (uri, &token);
assert_num_eq (1, ret);
set_space_string (token.label, sizeof (token.label), "Another label");
ret = p11_kit_uri_match_token_info (uri, &token);
assert_num_eq (1, ret);
set_space_string (token.model, sizeof (token.model), "Zoolander");
ret = p11_kit_uri_match_token_info (uri, &token);
assert_num_eq (0, ret);
p11_kit_uri_set_unrecognized (uri, 1);
ret = p11_kit_uri_match_token_info (uri, &token);
assert_num_eq (0, ret);
p11_kit_uri_free (uri);
}
static void
test_uri_build_with_token_info (void)
{
char *string = NULL;
P11KitUri *uri;
P11KitUri *check;
CK_TOKEN_INFO_PTR token;
int ret;
uri = p11_kit_uri_new ();
assert_ptr_not_null (uri);
token = p11_kit_uri_get_token_info (uri);
set_space_string (token->label, sizeof (token->label), "The Label");
set_space_string (token->serialNumber, sizeof (token->serialNumber), "44444");
set_space_string (token->manufacturerID, sizeof (token->manufacturerID), "Me");
set_space_string (token->model, sizeof (token->model), "Deluxe");
ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string);
assert_num_eq (P11_KIT_URI_OK, ret);
assert_ptr_not_null (string);
check = p11_kit_uri_new ();
assert_ptr_not_null (check);
ret = p11_kit_uri_parse (string, P11_KIT_URI_FOR_TOKEN, check);
assert_num_eq (P11_KIT_URI_OK, ret);
p11_kit_uri_match_token_info (check, p11_kit_uri_get_token_info (uri));
p11_kit_uri_free (uri);
p11_kit_uri_free (check);
assert (strstr (string, "token=The%20Label") != NULL);
assert (strstr (string, "serial=44444") != NULL);
assert (strstr (string, "manufacturer=Me") != NULL);
assert (strstr (string, "model=Deluxe") != NULL);
free (string);
}
static int
find_ext_cb(struct pkcs11_session_info *sinfo,
struct token_info *info, struct ck_info *lib_info,
void *input)
{
struct find_ext_data_st *find_data = input;
struct ck_attribute a[4];
ck_object_class_t class = -1;
unsigned long count;
ck_rv_t rv;
ck_object_handle_t obj;
int ret;
gnutls_datum_t ext;
if (info == NULL) { /* we don't support multiple calls */
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
/* do not bother reading the token if basic fields do not match
*/
if (!p11_kit_uri_match_token_info
(find_data->obj->info, &info->tinfo)
|| !p11_kit_uri_match_module_info(find_data->obj->info,
lib_info)) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
/* retrieve the extensions */
class = CKO_X_CERTIFICATE_EXTENSION;
a[0].type = CKA_CLASS;
a[0].value = &class;
a[0].value_len = sizeof class;
a[1].type = CKA_PUBLIC_KEY_INFO;
a[1].value = find_data->spki.data;
a[1].value_len = find_data->spki.size;
rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a, 2);
if (rv != CKR_OK) {
gnutls_assert();
_gnutls_debug_log
("p11: FindObjectsInit failed for cert extensions.\n");
return pkcs11_rv_to_err(rv);
}
while(pkcs11_find_objects(sinfo->module, sinfo->pks, &obj, 1, &count) == CKR_OK && count == 1) {
rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_VALUE, &ext);
if (rv == CKR_OK) {
find_data->exts = gnutls_realloc_fast(find_data->exts, (1+find_data->exts_size)*sizeof(find_data->exts[0]));
if (find_data->exts == NULL) {
gnutls_assert();
ret = pkcs11_rv_to_err(rv);
goto cleanup;
}
if (_gnutls_x509_decode_ext(&ext, &find_data->exts[find_data->exts_size]) == 0) {
find_data->exts_size++;
}
}
}
ret = 0;
cleanup:
pkcs11_find_objects_final(sinfo);
return ret;
}
