static GckObject * secret_objects_lookup_gck_object_for_path (GkdSecretObjects *self, const gchar *sender, const gchar *path, GError **error_out) { GckBuilder builder = GCK_BUILDER_INIT; GList *objects; GckSession *session; gchar *c_ident; gchar *i_ident; GckObject *object = NULL; GError *error = NULL; g_return_val_if_fail (path, FALSE); if (!gkd_secret_util_parse_path (path, &c_ident, &i_ident) || !c_ident) goto out; /* The session we're using to access the object */ session = gkd_secret_service_get_pkcs11_session (self->service, sender); g_return_val_if_fail (session, FALSE); if (i_ident) { gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY); gck_builder_add_string (&builder, CKA_G_COLLECTION, c_ident); gck_builder_add_string (&builder, CKA_ID, i_ident); } else { gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION); gck_builder_add_string (&builder, CKA_ID, c_ident); } objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error); g_free (c_ident); g_free (i_ident); if (error != NULL) { g_warning ("couldn't lookup object: %s: %s", path, egg_error_message (error)); g_clear_error (&error); } if (!objects) goto out; object = g_object_ref (objects->data); gck_list_unref_free (objects); out: if (!object) g_set_error (error_out, GKD_SECRET_ERROR, GKD_SECRET_ERROR_NO_SUCH_OBJECT, "The '%s' object does not exist", path); return object; }
void gkd_secret_objects_foreach_collection (GkdSecretObjects *self, const gchar *caller, GkdSecretObjectsForeach callback, gpointer user_data) { GckBuilder builder = GCK_BUILDER_INIT; GckSession *session; GError *error = NULL; GList *collections, *l; gpointer identifier; gsize n_identifier; gchar *path; g_return_if_fail (GKD_SECRET_IS_OBJECTS (self)); g_return_if_fail (callback); /* The session we're using to access the object */ if (caller == NULL) { session = gkd_secret_service_internal_pkcs11_session (self->service); } else { session = gkd_secret_service_get_pkcs11_session (self->service, caller); } gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION); collections = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error); if (error != NULL) { g_warning ("couldn't lookup collections: %s", egg_error_message (error)); g_clear_error (&error); return; } for (l = collections; l; l = g_list_next (l)) { identifier = gck_object_get_data (l->data, CKA_ID, NULL, &n_identifier, &error); if (identifier == NULL) { g_warning ("couldn't get collection identifier: %s", egg_error_message (error)); g_clear_error (&error); continue; } path = gkd_secret_util_build_path (SECRET_COLLECTION_PREFIX, identifier, n_identifier); g_free (identifier); (callback) (self, path, l->data, user_data); g_free (path); } gck_list_unref_free (collections); }
void gkd_secret_objects_foreach_item (GkdSecretObjects *self, const gchar *caller, const gchar *base, GkdSecretObjectsForeach callback, gpointer user_data) { GckBuilder builder = GCK_BUILDER_INIT; GckSession *session; GError *error = NULL; gchar *identifier; GList *items; g_return_if_fail (GKD_SECRET_IS_OBJECTS (self)); g_return_if_fail (base != NULL); g_return_if_fail (callback != NULL); /* The session we're using to access the object */ if (caller == NULL) { session = gkd_secret_service_internal_pkcs11_session (self->service); } else { session = gkd_secret_service_get_pkcs11_session (self->service, caller); } if (!gkd_secret_util_parse_path (base, &identifier, NULL)) g_return_if_reached (); gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY); gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier); items = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error); if (error == NULL) { objects_foreach_item (self, items, base, callback, user_data); } else { g_warning ("couldn't lookup items in '%s' collection: %s", identifier, egg_error_message (error)); g_clear_error (&error); } gck_list_unref_free (items); g_free (identifier); }
GckObject* gkd_secret_objects_lookup_item (GkdSecretObjects *self, const gchar *caller, const gchar *path) { GckBuilder builder = GCK_BUILDER_INIT; GckObject *object = NULL; GError *error = NULL; GList *objects; GckSession *session; gchar *collection; gchar *identifier; g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL); g_return_val_if_fail (caller, NULL); g_return_val_if_fail (path, NULL); if (!gkd_secret_util_parse_path (path, &collection, &identifier)) return NULL; /* The session we're using to access the object */ session = gkd_secret_service_get_pkcs11_session (self->service, caller); g_return_val_if_fail (session, NULL); gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY); gck_builder_add_string (&builder, CKA_ID, identifier); gck_builder_add_string (&builder, CKA_G_COLLECTION, collection); objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error); g_free (identifier); g_free (collection); if (error != NULL) { g_warning ("couldn't lookup item: %s: %s", path, egg_error_message (error)); g_clear_error (&error); } if (objects) object = g_object_ref (objects->data); gck_list_unref_free (objects); return object; }
static DBusMessage* service_method_lock_service (GkdSecretService *self, DBusMessage *message) { DBusError derr = DBUS_ERROR_INIT; GckSession *session; const char *caller; if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID)) return NULL; caller = dbus_message_get_sender (message); session = gkd_secret_service_get_pkcs11_session (self, caller); g_return_val_if_fail (session != NULL, NULL); if (!gkd_secret_lock_all (session, &derr)) return gkd_secret_error_to_reply (message, &derr); return dbus_message_new_method_return (message); }
static gboolean service_method_lock_service (GkdExportedService *skeleton, GDBusMethodInvocation *invocation, GkdSecretService *self) { GError *error = NULL; GckSession *session; const char *caller; caller = g_dbus_method_invocation_get_sender (invocation); session = gkd_secret_service_get_pkcs11_session (self, caller); g_return_val_if_fail (session != NULL, FALSE); if (!gkd_secret_lock_all (session, &error)) g_dbus_method_invocation_take_error (invocation, error); else gkd_exported_service_complete_lock_service (skeleton, invocation); return TRUE; }
gboolean gkd_secret_objects_handle_search_items (GkdSecretObjects *self, GDBusMethodInvocation *invocation, GVariant *attributes, const gchar *base, gboolean separate_locked) { GckBuilder builder = GCK_BUILDER_INIT; GckObject *search; GckSession *session; GError *error = NULL; gchar *identifier; gpointer data; gsize n_data; GList *locked, *unlocked; GList *items; GVariantBuilder result; if (!gkd_secret_property_parse_fields (attributes, &builder)) { gck_builder_clear (&builder); g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Invalid data in attributes argument"); return TRUE; } if (base != NULL) { if (!gkd_secret_util_parse_path (base, &identifier, NULL)) g_return_val_if_reached (FALSE); gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier); g_free (identifier); } gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_SEARCH); gck_builder_add_boolean (&builder, CKA_TOKEN, FALSE); /* The session we're using to access the object */ session = gkd_secret_service_get_pkcs11_session (self->service, g_dbus_method_invocation_get_sender (invocation)); g_return_val_if_fail (session, FALSE); /* Create the search object */ search = gck_session_create_object (session, gck_builder_end (&builder), NULL, &error); if (error != NULL) { g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't search for items: %s", egg_error_message (error)); g_clear_error (&error); return TRUE; } /* Get the matched item handles, and delete the search object */ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error); gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (error != NULL) { g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't retrieve matched items: %s", egg_error_message (error)); g_clear_error (&error); return TRUE; } /* Build a list of object handles */ items = gck_objects_from_handle_array (session, data, n_data / sizeof (CK_OBJECT_HANDLE)); g_free (data); /* Filter out the locked items */ if (separate_locked) { GVariant *unlocked_variant, *locked_variant; item_cleanup_search_results (session, items, &locked, &unlocked); g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_builder, &result); unlocked_variant = g_variant_builder_end (&result); g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, locked, NULL, on_object_path_append_to_builder, &result); locked_variant = g_variant_builder_end (&result); g_list_free (locked); g_list_free (unlocked); g_dbus_method_invocation_return_value (invocation, g_variant_new ("(@ao@ao)", unlocked_variant, locked_variant)); } else { g_variant_builder_init (&result, G_VARIANT_TYPE ("ao")); objects_foreach_item (self, items, NULL, on_object_path_append_to_builder, &result); g_dbus_method_invocation_return_value (invocation, g_variant_new ("(@ao)", g_variant_builder_end (&result))); } gck_list_unref_free (items); return TRUE; }