static gboolean
rsa_subject_public_key_from_attributes (GckAttributes *attrs,
GNode *info_asn)
{
const GckAttribute *modulus;
const GckAttribute *exponent;
GNode *key_asn;
GNode *params_asn;
GBytes *key;
GBytes *usg;
modulus = gck_attributes_find (attrs, CKA_MODULUS);
exponent = gck_attributes_find (attrs, CKA_PUBLIC_EXPONENT);
if (modulus == NULL || gck_attribute_is_invalid (modulus) ||
exponent == NULL || gck_attribute_is_invalid (exponent))
return FALSE;
key_asn = egg_asn1x_create (pk_asn1_tab, "RSAPublicKey");
g_return_val_if_fail (key_asn, FALSE);
params_asn = egg_asn1x_create (pk_asn1_tab, "RSAParameters");
g_return_val_if_fail (params_asn, FALSE);
usg = g_bytes_new_with_free_func (modulus->value, modulus->length,
gck_attributes_unref,
gck_attributes_ref (attrs));
egg_asn1x_set_integer_as_usg (egg_asn1x_node (key_asn, "modulus", NULL), usg);
g_bytes_unref (usg);
usg = g_bytes_new_with_free_func (exponent->value, exponent->length,
gck_attributes_unref,
gck_attributes_ref (attrs));
egg_asn1x_set_integer_as_usg (egg_asn1x_node (key_asn, "publicExponent", NULL), usg);
g_bytes_unref (usg);
key = egg_asn1x_encode (key_asn, NULL);
egg_asn1x_destroy (key_asn);
egg_asn1x_set_null (params_asn);
egg_asn1x_set_bits_as_raw (egg_asn1x_node (info_asn, "subjectPublicKey", NULL),
key, g_bytes_get_size (key) * 8);
egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), GCR_OID_PKIX1_RSA);
egg_asn1x_set_any_from (egg_asn1x_node (info_asn, "algorithm", "parameters", NULL), params_asn);
egg_asn1x_destroy (params_asn);
g_bytes_unref (key);
return TRUE;
}
static GNode *
cert_subject_public_key_from_attributes (GckAttributes *attributes)
{
const GckAttribute *attr;
GBytes *bytes;
GNode *cert;
GNode *asn;
attr = gck_attributes_find (attributes, CKA_VALUE);
if (attr == NULL || gck_attribute_is_invalid (attr)) {
_gcr_debug ("no value attribute for certificate");
return NULL;
}
bytes = g_bytes_new_with_free_func (attr->value, attr->length,
gck_attributes_unref,
gck_attributes_ref (attributes));
cert = egg_asn1x_create_and_decode (pkix_asn1_tab, "Certificate", bytes);
g_bytes_unref (bytes);
if (cert == NULL) {
_gcr_debug ("couldn't parse certificate value");
return NULL;
}
asn = egg_asn1x_node (cert, "tbsCertificate", "subjectPublicKeyInfo", NULL);
g_return_val_if_fail (asn != NULL, NULL);
/* Remove the subject public key out of the certificate */
g_node_unlink (asn);
egg_asn1x_destroy (cert);
return asn;
}
static GckAttributes *
calculate_attrs (GcrKeyRenderer *self)
{
if (self->pv->attributes)
return gck_attributes_ref (self->pv->attributes);
if (GCK_IS_OBJECT_CACHE (self->pv->object))
return gck_object_cache_get_attributes (GCK_OBJECT_CACHE (self->pv->object));
return NULL;
}
/**
* gck_slots_enumerate_objects:
* @slots: a list of #GckSlot to enumerate objects on.
* @attrs: Attributes that the objects must have, or empty for all objects.
* @session_options: Options for opening a session.
*
* Setup an enumerator for listing matching objects on the slots.
*
* This call will not block but will return an enumerator immediately.
*
* Return value: a new enumerator
**/
GckEnumerator*
gck_slots_enumerate_objects (GList *slots, GckAttributes *attrs, guint session_options)
{
GckUriInfo *uri_info;
g_return_val_if_fail (attrs, NULL);
uri_info = _gck_uri_info_new ();
uri_info->attributes = gck_attributes_ref (attrs);
return _gck_enumerator_new (slots, session_options, uri_info);
}
/**
* gcr_key_renderer_set_attributes:
* @self: The key renderer
* @attrs: (allow-none): the attributes to display
*
* Get the attributes displayed in the renderer. The attributes should represent
* either an RSA, DSA, or EC key in PKCS\#11 style.
*/
void
gcr_key_renderer_set_attributes (GcrKeyRenderer *self, GckAttributes *attrs)
{
g_return_if_fail (GCR_IS_KEY_RENDERER (self));
if (self->pv->attributes)
gck_attributes_unref (self->pv->attributes);
self->pv->attributes = attrs;
if (self->pv->attributes)
gck_attributes_ref (self->pv->attributes);
g_object_notify (G_OBJECT (self), "attributes");
gcr_renderer_emit_data_changed (GCR_RENDERER (self));
}
/**
* gcr_importer_create_for_parsed:
* @parsed: a parser with a parsed item to import
*
* Create a set of importers which can import this parsed item.
* The parsed item is represented by the state of the GcrParser at the
* time of calling this method.
*
* Returns: (element-type Gcr.Importer) (transfer full): a list of importers
* which can import the parsed item, which should be freed with
* g_object_unref(), or %NULL if no types of importers can be created
*/
GList *
gcr_importer_create_for_parsed (GcrParsed *parsed)
{
GcrRegistered *registered;
GcrImporterIface *iface;
gpointer instance_class;
GckAttributes *attrs;
gboolean matched;
gulong n_attrs;
GList *results = NULL;
GHashTable *seen;
gulong j;
gsize i;
g_return_val_if_fail (parsed != NULL, NULL);
gcr_importer_register_well_known ();
if (!registered_importers)
return NULL;
if (!registered_sorted) {
g_array_sort (registered_importers, sort_registered_by_n_attrs);
registered_sorted = TRUE;
}
attrs = gcr_parsed_get_attributes (parsed);
if (attrs != NULL)
gck_attributes_ref (attrs);
else
attrs = gck_attributes_new_empty (GCK_INVALID);
seen = g_hash_table_new (g_direct_hash, g_direct_equal);
if (_gcr_debugging) {
gchar *a = gck_attributes_to_string (attrs);
_gcr_debug ("looking for importer for: %s", a);
g_free (a);
}
for (i = 0; i < registered_importers->len; ++i) {
registered = &(g_array_index (registered_importers, GcrRegistered, i));
n_attrs = gck_attributes_count (registered->attrs);
matched = TRUE;
for (j = 0; j < n_attrs; ++j) {
if (!gck_attributes_contains (attrs, gck_attributes_at (registered->attrs, j))) {
matched = FALSE;
break;
}
}
if (_gcr_debugging) {
gchar *a = gck_attributes_to_string (registered->attrs);
_gcr_debug ("importer %s %s: %s", g_type_name (registered->importer_type),
matched ? "matched" : "didn't match", a);
g_free (a);
}
if (matched) {
if (check_if_seen_or_add (seen, GUINT_TO_POINTER (registered->importer_type)))
continue;
instance_class = g_type_class_ref (registered->importer_type);
iface = g_type_interface_peek (instance_class, GCR_TYPE_IMPORTER);
g_return_val_if_fail (iface != NULL, NULL);
g_return_val_if_fail (iface->create_for_parsed, NULL);
results = g_list_concat (results, (iface->create_for_parsed) (parsed));
g_type_class_unref (instance_class);
}
}
g_hash_table_unref (seen);
gck_attributes_unref (attrs);
return results;
}
static gboolean
dsa_subject_public_key_from_attributes (GckAttributes *attrs,
gulong klass,
GNode *info_asn)
{
const GckAttribute *value, *g, *q, *p;
GNode *key_asn, *params_asn;
GBytes *key;
p = gck_attributes_find (attrs, CKA_PRIME);
q = gck_attributes_find (attrs, CKA_SUBPRIME);
g = gck_attributes_find (attrs, CKA_BASE);
value = gck_attributes_find (attrs, CKA_VALUE);
if (p == NULL || gck_attribute_is_invalid (p) ||
q == NULL || gck_attribute_is_invalid (q) ||
g == NULL || gck_attribute_is_invalid (g) ||
value == NULL || gck_attribute_is_invalid (value))
return FALSE;
key_asn = egg_asn1x_create (pk_asn1_tab, "DSAPublicPart");
g_return_val_if_fail (key_asn, FALSE);
params_asn = egg_asn1x_create (pk_asn1_tab, "DSAParameters");
g_return_val_if_fail (params_asn, FALSE);
egg_asn1x_take_integer_as_usg (egg_asn1x_node (params_asn, "p", NULL),
g_bytes_new_with_free_func (p->value, p->length,
gck_attributes_unref,
gck_attributes_ref (attrs)));
egg_asn1x_take_integer_as_usg (egg_asn1x_node (params_asn, "q", NULL),
g_bytes_new_with_free_func (q->value, q->length,
gck_attributes_unref,
gck_attributes_ref (attrs)));
egg_asn1x_take_integer_as_usg (egg_asn1x_node (params_asn, "g", NULL),
g_bytes_new_with_free_func (g->value, g->length,
gck_attributes_unref,
gck_attributes_ref (attrs)));
/* Are these attributes for a public or private key? */
if (klass == CKO_PRIVATE_KEY) {
/* We need to calculate the public from the private key */
if (!dsa_subject_public_key_from_private (key_asn, p, q, g, value))
g_return_val_if_reached (FALSE);
} else if (klass == CKO_PUBLIC_KEY) {
egg_asn1x_take_integer_as_usg (key_asn,
g_bytes_new_with_free_func (value->value, value->length,
gck_attributes_unref,
gck_attributes_ref (attrs)));
} else {
g_assert_not_reached ();
}
key = egg_asn1x_encode (key_asn, NULL);
egg_asn1x_destroy (key_asn);
egg_asn1x_set_bits_as_raw (egg_asn1x_node (info_asn, "subjectPublicKey", NULL),
key, g_bytes_get_size (key) * 8);
egg_asn1x_set_any_from (egg_asn1x_node (info_asn, "algorithm", "parameters", NULL), params_asn);
egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), GCR_OID_PKIX1_DSA);
g_bytes_unref (key);
egg_asn1x_destroy (params_asn);
return TRUE;
}
