void _gcr_subject_public_key_load_async (GckObject *key, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; LoadClosure *closure; g_return_if_fail (GCK_IS_OBJECT (key)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (NULL, callback, user_data, _gcr_subject_public_key_load_async); closure = g_slice_new0 (LoadClosure); closure->object = g_object_ref (key); lookup_attributes (key, &closure->builder); g_simple_async_result_set_op_res_gpointer (res, closure, load_closure_free); if (check_attributes (&closure->builder)) { g_simple_async_result_complete_in_idle (res); g_object_unref (res); return; } g_simple_async_result_run_in_thread (res, thread_key_attributes, G_PRIORITY_DEFAULT, cancellable); g_object_unref (res); }
gboolean _gck_module_fire_authenticate_object (GckModule *self, GckObject *object, gchar *label, gchar **password) { GckTokenInfo *info; GckSession *session; GckSlot *slot; gboolean ret; g_assert (GCK_IS_MODULE (self)); g_assert (GCK_IS_OBJECT (object)); g_assert (password); session = gck_object_get_session (object); slot = gck_session_get_slot (session); g_object_unref (session); info = gck_slot_get_token_info (slot); g_object_unref (slot); if (info != NULL) { if (info->flags & CKF_PROTECTED_AUTHENTICATION_PATH) { gck_token_info_free (info); *password = NULL; return TRUE; } gck_token_info_free (info); } g_signal_emit (self, signals[AUTHENTICATE_OBJECT], 0, object, label, password, &ret); return ret; }
GNode * _gcr_subject_public_key_load (GckObject *key, GCancellable *cancellable, GError **error) { GckBuilder builder = GCK_BUILDER_INIT; GckAttributes *attributes; GNode *asn; g_return_val_if_fail (GCK_IS_OBJECT (key), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); lookup_attributes (key, &builder); if (!check_attributes (&builder)) { if (!load_attributes (key, &builder, cancellable, error)) { gck_builder_clear (&builder); return NULL; } } attributes = gck_builder_end (&builder); asn = _gcr_subject_public_key_for_attributes (attributes); if (asn == NULL) { g_set_error_literal (error, GCK_ERROR, CKR_TEMPLATE_INCONSISTENT, _("Couldn't build public key")); } gck_attributes_unref (attributes); return asn; }
static GckObject* create_credential (GckSession *session, GckObject *object, const gchar *secret, GError **error) { GckAttributes *attrs; GckObject *cred; g_return_val_if_fail (GCK_IS_SESSION (session), NULL); g_return_val_if_fail (!object || GCK_IS_OBJECT (object), NULL); if (!secret) secret = ""; attrs = gck_attributes_new (); gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_G_CREDENTIAL); gck_attributes_add_string (attrs, CKA_VALUE, secret); gck_attributes_add_boolean (attrs, CKA_MATE_TRANSIENT, TRUE); gck_attributes_add_boolean (attrs, CKA_TOKEN, TRUE); if (object) gck_attributes_add_ulong (attrs, CKA_G_OBJECT, gck_object_get_handle (object)); cred = gck_session_create_object (session, attrs, NULL, error); gck_attributes_unref (attrs); return cred; }
/** * gck_password_get_key: * @self: the password object * * If the password request is to unlock a PKCS\#11 key, then this is the * the object representing that key. * * Returns: (transfer full): the password is for this key, or %NULL if not * being requested for a key; must be unreferenced after use */ GckObject * gck_password_get_key (GckPassword *self) { g_return_val_if_fail (GCK_IS_PASSWORD (self), NULL); if (self->pv->for_token) return NULL; g_return_val_if_fail (GCK_IS_OBJECT (self->pv->token_or_key), NULL); return g_object_ref (self->pv->token_or_key); }
static void gck_password_constructed (GObject *obj) { GckPassword *self = GCK_PASSWORD (obj); G_OBJECT_CLASS (gck_password_parent_class)->constructed (obj); g_return_if_fail (GCK_IS_SLOT (self->pv->token_or_key) || GCK_IS_OBJECT (self->pv->token_or_key)); }
/** * gcr_certificate_request_prepare: * @format: the format for the certificate request * @private_key: the private key the the certificate is being requested for * * Create a new certificate request, in the given format for the private key. * * Returns: (transfer full): a new #GcrCertificate request */ GcrCertificateRequest * gcr_certificate_request_prepare (GcrCertificateRequestFormat format, GckObject *private_key) { g_return_val_if_fail (format == GCR_CERTIFICATE_REQUEST_PKCS10, NULL); g_return_val_if_fail (GCK_IS_OBJECT (private_key), NULL); return g_object_new (GCR_TYPE_CERTIFICATE_REQUEST, "format", format, "private-key", private_key, NULL); }
/** * gcr_certificate_request_capable: * @private_key: a private key * @cancellable: cancellation object * @error: location to place an error * * Check whether #GcrCertificateRequest is capable of creating a request * for the given @private_key. * * Returns: whether a request can be created */ gboolean gcr_certificate_request_capable (GckObject *private_key, GCancellable *cancellable, GError **error) { g_return_val_if_fail (GCK_IS_OBJECT (private_key), FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); return _gcr_key_mechanisms_check (private_key, ALL_MECHANISMS, G_N_ELEMENTS (ALL_MECHANISMS), CKA_SIGN, cancellable, error); }
/** * gcr_certificate_request_capable_async: * @private_key: a private key * @cancellable: cancellation object * @callback: will be called when the operation completes * @user_data: data to be passed to callback * * Asynchronously check whether #GcrCertificateRequest is capable of creating * a request for the given @private_key. */ void gcr_certificate_request_capable_async (GckObject *private_key, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (GCK_IS_OBJECT (private_key)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); _gcr_key_mechanisms_check_async (private_key, ALL_MECHANISMS, G_N_ELEMENTS (ALL_MECHANISMS), CKA_SIGN, cancellable, callback, user_data); }
static GckObject* create_login_keyring (GckSession *session, GckObject *cred, GError **error) { GckObject *login; GckAttributes *atts; g_return_val_if_fail (GCK_IS_SESSION (session), NULL); g_return_val_if_fail (GCK_IS_OBJECT (cred), NULL); atts = gck_attributes_new (); gck_attributes_add_ulong (atts, CKA_CLASS, CKO_G_COLLECTION); gck_attributes_add_string (atts, CKA_ID, "login"); gck_attributes_add_ulong (atts, CKA_G_CREDENTIAL, gck_object_get_handle (cred)); gck_attributes_add_boolean (atts, CKA_TOKEN, TRUE); /* TRANSLATORS: This is the display label for the login keyring */ gck_attributes_add_string (atts, CKA_LABEL, _("Login")); login = gck_session_create_object (session, atts, NULL, error); gck_attributes_unref (atts); return login; }
static void gcr_certificate_request_set_property (GObject *obj, guint prop_id, const GValue *value, GParamSpec *pspec) { GcrCertificateRequest *self = GCR_CERTIFICATE_REQUEST (obj); GcrCertificateRequestFormat format; switch (prop_id) { case PROP_PRIVATE_KEY: g_return_if_fail (self->private_key == NULL); self->private_key = g_value_dup_object (value); g_return_if_fail (GCK_IS_OBJECT (self->private_key)); break; case PROP_FORMAT: format = g_value_get_enum (value); g_return_if_fail (format == GCR_CERTIFICATE_REQUEST_PKCS10); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec); break; } }