static gboolean service_method_create_with_master_password (GkdExportedInternal *skeleton, GDBusMethodInvocation *invocation, GVariant *attributes, GVariant *master, GkdSecretService *self) { GckBuilder builder = GCK_BUILDER_INIT; GkdSecretSecret *secret = NULL; GckAttributes *attrs = NULL; GError *error = NULL; gchar *path; const gchar *caller; if (!gkd_secret_property_parse_all (attributes, SECRET_COLLECTION_INTERFACE, &builder)) { gck_builder_clear (&builder); g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, "Invalid properties argument"); return TRUE; } caller = g_dbus_method_invocation_get_sender (invocation); secret = gkd_secret_secret_parse (self, caller, master, &error); if (secret == NULL) { gck_builder_clear (&builder); g_dbus_method_invocation_take_error (invocation, error); return TRUE; } gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE); attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); path = gkd_secret_create_with_secret (attrs, secret, &error); gck_attributes_unref (attrs); gkd_secret_secret_free (secret); if (path == NULL) { gkd_secret_propagate_error (invocation, "Couldn't create collection", error); return TRUE; } /* Notify the callers that a collection was created */ g_message ("emit collection_Created"); gkd_secret_service_emit_collection_created (self, path); gkd_exported_internal_complete_create_with_master_password (skeleton, invocation, path); g_free (path); return TRUE; }
static gboolean service_method_create_collection (GkdExportedService *skeleton, GDBusMethodInvocation *invocation, GVariant *properties, gchar *alias, GkdSecretService *self) { GckBuilder builder = GCK_BUILDER_INIT; GckAttributes *attrs; GkdSecretCreate *create; const gchar *path; const char *caller; if (!gkd_secret_property_parse_all (properties, SECRET_COLLECTION_INTERFACE, &builder)) { gck_builder_clear (&builder); g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, "Invalid properties"); return TRUE; } /* Empty alias is no alias */ if (alias) { if (!alias[0]) { alias = NULL; } else if (!g_str_equal (alias, "default")) { gck_builder_clear (&builder); g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, G_DBUS_ERROR_NOT_SUPPORTED, "Only the 'default' alias is supported"); return TRUE; } } gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE); attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); /* Create the prompt object, for the password */ caller = g_dbus_method_invocation_get_sender (invocation); create = gkd_secret_create_new (self, caller, attrs, alias); gck_attributes_unref (attrs); path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (create)); gkd_secret_service_publish_dispatch (self, caller, GKD_SECRET_DISPATCH (create)); gkd_exported_service_complete_create_collection (skeleton, invocation, "/", path); return TRUE; }
static DBusMessage* service_method_create_with_master_password (GkdSecretService *self, DBusMessage *message) { GckBuilder builder = GCK_BUILDER_INIT; DBusError derr = DBUS_ERROR_INIT; DBusMessageIter iter, array; DBusMessage *reply = NULL; GkdSecretSecret *secret = NULL; GckAttributes *attrs = NULL; GError *error = NULL; gchar *path; /* Parse the incoming message */ if (!dbus_message_has_signature (message, "a{sv}(oayays)")) return NULL; if (!dbus_message_iter_init (message, &iter)) g_return_val_if_reached (NULL); dbus_message_iter_recurse (&iter, &array); if (!gkd_secret_property_parse_all (&array, SECRET_COLLECTION_INTERFACE, &builder)) { gck_builder_clear (&builder); return dbus_message_new_error (message, DBUS_ERROR_INVALID_ARGS, "Invalid properties argument"); } dbus_message_iter_next (&iter); secret = gkd_secret_secret_parse (self, message, &iter, &derr); if (secret == NULL) { gck_builder_clear (&builder); return gkd_secret_error_to_reply (message, &derr); } gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE); attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); path = gkd_secret_create_with_secret (attrs, secret, &error); gck_attributes_unref (attrs); gkd_secret_secret_free (secret); if (path == NULL) return gkd_secret_propagate_error (message, "Couldn't create collection", error); /* Notify the callers that a collection was created */ gkd_secret_service_emit_collection_created (self, path); reply = dbus_message_new_method_return (message); dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID); g_free (path); return reply; }
static void prepare_generate (SeahorsePkcs11Generate *self) { CK_BYTE rsa_public_exponent[] = { 0x01, 0x00, 0x01 }; /* 65537 in bytes */ GckBuilder publi = GCK_BUILDER_INIT; GckBuilder priva = GCK_BUILDER_INIT; const gchar *label; g_assert (self->cancellable == NULL); g_assert (self->mechanism != NULL); gck_builder_add_ulong (&publi, CKA_CLASS, CKO_PUBLIC_KEY); gck_builder_add_ulong (&priva, CKA_CLASS, CKO_PRIVATE_KEY); gck_builder_add_boolean (&publi, CKA_TOKEN, TRUE); gck_builder_add_boolean (&priva, CKA_TOKEN, TRUE); gck_builder_add_boolean (&priva, CKA_PRIVATE, TRUE); gck_builder_add_boolean (&priva, CKA_SENSITIVE, TRUE); label = gtk_entry_get_text (self->label_entry); gck_builder_add_string (&publi, CKA_LABEL, label); gck_builder_add_string (&priva, CKA_LABEL, label); if (self->mechanism->type == CKM_RSA_PKCS_KEY_PAIR_GEN) { gck_builder_add_boolean (&publi, CKA_ENCRYPT, TRUE); gck_builder_add_boolean (&publi, CKA_VERIFY, TRUE); gck_builder_add_boolean (&publi, CKA_WRAP, TRUE); gck_builder_add_boolean (&priva, CKA_DECRYPT, TRUE); gck_builder_add_boolean (&priva, CKA_SIGN, TRUE); gck_builder_add_boolean (&priva, CKA_UNWRAP, TRUE); gck_builder_add_data (&publi, CKA_PUBLIC_EXPONENT, rsa_public_exponent, sizeof (rsa_public_exponent)); gck_builder_add_ulong (&publi, CKA_MODULUS_BITS, gtk_spin_button_get_value_as_int (self->bits_entry)); } else { g_warning ("currently no support for this mechanism"); } self->prv_attrs = gck_builder_steal (&priva); self->pub_attrs = gck_builder_steal (&publi); gck_builder_clear (&publi); gck_builder_clear (&priva); }
GNode * _gcr_subject_public_key_load (GckObject *key, GCancellable *cancellable, GError **error) { GckBuilder builder = GCK_BUILDER_INIT; GckAttributes *attributes; GNode *asn; g_return_val_if_fail (GCK_IS_OBJECT (key), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); lookup_attributes (key, &builder); if (!check_attributes (&builder)) { if (!load_attributes (key, &builder, cancellable, error)) { gck_builder_clear (&builder); return NULL; } } attributes = gck_builder_end (&builder); asn = _gcr_subject_public_key_for_attributes (attributes); if (asn == NULL) { g_set_error_literal (error, GCK_ERROR, CKR_TEMPLATE_INCONSISTENT, _("Couldn't build public key")); } gck_attributes_unref (attributes); return asn; }
static void load_closure_free (gpointer data) { LoadClosure *closure = data; g_object_unref (closure->object); gck_builder_clear (&closure->builder); g_slice_free (LoadClosure, closure); }
static gboolean object_property_set (GkdSecretObjects *objects, GckObject *object, const gchar *prop_name, GVariant *value, GError **error_out) { GckBuilder builder = GCK_BUILDER_INIT; GError *error = NULL; gulong attr_type; /* What type of property is it? */ if (!gkd_secret_property_get_type (prop_name, &attr_type)) { g_set_error (error_out, G_DBUS_ERROR, G_DBUS_ERROR_UNKNOWN_PROPERTY, "Object does not have the '%s' property", prop_name); return FALSE; } /* Retrieve the actual attribute value */ if (!gkd_secret_property_parse_variant (value, prop_name, &builder)) { gck_builder_clear (&builder); g_set_error (error_out, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, "The property type or value was invalid: %s", prop_name); return FALSE; } gck_object_set (object, gck_builder_end (&builder), NULL, &error); if (error != NULL) { if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN)) g_set_error (error_out, GKD_SECRET_ERROR, GKD_SECRET_ERROR_IS_LOCKED, "Cannot set property on a locked object"); else g_set_error (error_out, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't set '%s' property: %s", prop_name, egg_error_message (error)); g_clear_error (&error); return FALSE; } return TRUE; }
gboolean gkd_secret_objects_handle_search_items (GkdSecretObjects *self, GDBusMethodInvocation *invocation, GVariant *attributes, const gchar *base, gboolean separate_locked) { GckBuilder builder = GCK_BUILDER_INIT; GckObject *search; GckSession *session; GError *error = NULL; gchar *identifier; gpointer data; gsize n_data; GList *locked, *unlocked; GList *items; GVariantBuilder result; if (!gkd_secret_property_parse_fields (attributes, &builder)) { gck_builder_clear (&builder); g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Invalid data in attributes argument"); return TRUE; } if (base != NULL) { if (!gkd_secret_util_parse_path (base, &identifier, NULL)) g_return_val_if_reached (FALSE); gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier); g_free (identifier); } gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_SEARCH); gck_builder_add_boolean (&builder, CKA_TOKEN, FALSE); /* The session we're using to access the object */ session = gkd_secret_service_get_pkcs11_session (self->service, g_dbus_method_invocation_get_sender (invocation)); g_return_val_if_fail (session, FALSE); /* Create the search object */ search = gck_session_create_object (session, gck_builder_end (&builder), NULL, &error); if (error != NULL) { g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't search for items: %s", egg_error_message (error)); g_clear_error (&error); return TRUE; } /* Get the matched item handles, and delete the search object */ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error); gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (error != NULL) { g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't retrieve matched items: %s", egg_error_message (error)); g_clear_error (&error); return TRUE; } /* Build a list of object handles */ items = gck_objects_from_handle_array (session, data, n_data / sizeof (CK_OBJECT_HANDLE)); g_free (data); /* Filter out the locked items */ if (separate_locked) { GVariant *unlocked_variant, *locked_variant; item_cleanup_search_results (session, items, &locked, &unlocked); g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_builder, &result); unlocked_variant = g_variant_builder_end (&result); g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, locked, NULL, on_object_path_append_to_builder, &result); locked_variant = g_variant_builder_end (&result); g_list_free (locked); g_list_free (unlocked); g_dbus_method_invocation_return_value (invocation, g_variant_new ("(@ao@ao)", unlocked_variant, locked_variant)); } else { g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, items, NULL, on_object_path_append_to_builder, &result); g_dbus_method_invocation_return_value (invocation, g_variant_new ("(@ao)", g_variant_builder_end (&result))); } gck_list_unref_free (items); return TRUE; }
static DBusMessage* service_method_create_collection (GkdSecretService *self, DBusMessage *message) { GckBuilder builder = GCK_BUILDER_INIT; DBusMessageIter iter, array; GckAttributes *attrs; GkdSecretCreate *create; DBusMessage *reply; const gchar *path; const gchar *alias; const char *caller; const gchar *coll; /* Parse the incoming message */ if (!dbus_message_has_signature (message, "a{sv}s")) return NULL; if (!dbus_message_iter_init (message, &iter)) g_return_val_if_reached (NULL); dbus_message_iter_recurse (&iter, &array); if (!gkd_secret_property_parse_all (&array, SECRET_COLLECTION_INTERFACE, &builder)) { gck_builder_clear (&builder); return dbus_message_new_error_printf (message, DBUS_ERROR_INVALID_ARGS, "Invalid properties"); } if (!dbus_message_iter_next (&iter)) g_return_val_if_reached (NULL); dbus_message_iter_get_basic (&iter, &alias); /* Empty alias is no alias */ if (alias) { if (!alias[0]) { alias = NULL; } else if (!g_str_equal (alias, "default")) { gck_builder_clear (&builder); return dbus_message_new_error (message, DBUS_ERROR_NOT_SUPPORTED, "Only the 'default' alias is supported"); } } gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE); attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); /* Create the prompt object, for the password */ caller = dbus_message_get_sender (message); create = gkd_secret_create_new (self, caller, attrs, alias); gck_attributes_unref (attrs); path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (create)); gkd_secret_service_publish_dispatch (self, caller, GKD_SECRET_DISPATCH (create)); coll = "/"; reply = dbus_message_new_method_return (message); dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &coll, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID); g_object_unref (create); return reply; }