static char * symlink_for_subject_hash (p11_enumerate *ex) { unsigned char md[P11_DIGEST_SHA1_LEN]; p11_buffer der; CK_ATTRIBUTE *subject; unsigned long hash; char *linkname = NULL; subject = p11_attrs_find_valid (ex->attrs, CKA_SUBJECT); if (!subject || !subject->pValue || !subject->ulValueLen) return NULL; p11_buffer_init_full (&der, memdup (subject->pValue, subject->ulValueLen), subject->ulValueLen, 0, realloc, free); return_val_if_fail (der.data != NULL, NULL); if (p11_openssl_canon_name_der (ex->asn1_defs, &der)) { p11_digest_sha1 (md, der.data, der.len, NULL); hash = ( ((unsigned long)md[0] ) | ((unsigned long)md[1] << 8L) | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L) ) & 0xffffffffL; if (asprintf (&linkname, "%08lx", hash) < 0) return_val_if_reached (NULL); } p11_buffer_uninit (&der); return linkname; }
static void dump_object (P11KitIter *iter, CK_ATTRIBUTE *attrs) { CK_ATTRIBUTE label = { CKA_LABEL, }; CK_ATTRIBUTE *attr; char *string; char *name; CK_RV rv; attr = p11_attrs_find_valid (attrs, CKA_LABEL); if (!attr) { rv = p11_kit_iter_load_attributes (iter, &label, 1); if (rv == CKR_OK) attr = &label; } if (attr) name = strndup (attr->pValue, attr->ulValueLen); else name = strdup ("unknown"); string = p11_attrs_to_string (attrs, -1); printf ("\"%s\" = %s\n", name, string); free (string); free (label.pValue); free (name); }
static CK_OBJECT_HANDLE find_anchor (CK_FUNCTION_LIST *module, CK_SESSION_HANDLE session, CK_ATTRIBUTE *attrs) { CK_OBJECT_HANDLE object = 0UL; CK_ATTRIBUTE *attr; p11_kit_iter *iter; attr = p11_attrs_find_valid (attrs, CKA_CLASS); return_val_if_fail (attr != NULL, 0); iter = p11_kit_iter_new (NULL, 0); return_val_if_fail (iter != NULL, 0); if (iter_match_anchor (iter, attrs)) { p11_kit_iter_begin_with (iter, module, 0, session); if (p11_kit_iter_next (iter) == CKR_OK) object = p11_kit_iter_get_object (iter); } p11_kit_iter_free (iter); return object; }
static bool iter_match_anchor (p11_kit_iter *iter, CK_ATTRIBUTE *attrs) { CK_ATTRIBUTE *attr; attr = p11_attrs_find_valid (attrs, CKA_CLASS); if (attr == NULL) return false; p11_kit_iter_add_filter (iter, attr, 1); attr = p11_attrs_find_valid (attrs, CKA_VALUE); if (attr == NULL) return false; p11_kit_iter_add_filter (iter, attr, 1); return true; }
static bool modify_anchor (CK_FUNCTION_LIST *module, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE *attrs) { CK_BBOOL truev = CK_TRUE; CK_ATTRIBUTE *changes; CK_ATTRIBUTE *label; CK_ULONG klass; char *string; CK_RV rv; CK_ATTRIBUTE trusted = { CKA_TRUSTED, &truev, sizeof (truev) }; label = p11_attrs_find_valid (attrs, CKA_LABEL); if (p11_attrs_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_CERTIFICATE) changes = p11_attrs_build (NULL, &trusted, label, NULL); else changes = p11_attrs_build (NULL, label, NULL); return_val_if_fail (attrs != NULL, FALSE); /* Don't need the attributes anymore */ p11_attrs_free (attrs); if (p11_debugging) { string = p11_attrs_to_string (changes, -1); p11_debug ("setting: %s", string); free (string); } rv = (module->C_SetAttributeValue) (session, object, changes, p11_attrs_count (changes)); p11_attrs_free (changes); if (rv != CKR_OK) { p11_message ("couldn't create object: %s", p11_kit_strerror (rv)); return false; } return true; }
static bool write_alias (p11_enumerate *ex, node_asn *asn) { CK_ATTRIBUTE *label; int ret; label = p11_attrs_find_valid (ex->attrs, CKA_LABEL); if (label == NULL) { ret = asn1_write_value (asn, "alias", NULL, 0); return_val_if_fail (ret == ASN1_SUCCESS, false); } else { ret = asn1_write_value (asn, "alias", label->pValue, label->ulValueLen); return_val_if_fail (ret == ASN1_SUCCESS, false); } return true; }
static char * symlink_for_subject_old_hash (p11_enumerate *ex) { unsigned char md[P11_DIGEST_MD5_LEN]; CK_ATTRIBUTE *subject; unsigned long hash; char *linkname; subject = p11_attrs_find_valid (ex->attrs, CKA_SUBJECT); if (!subject) return NULL; p11_digest_md5 (md, subject->pValue, (size_t)subject->ulValueLen, NULL); hash = ( ((unsigned long)md[0] ) | ((unsigned long)md[1] << 8L) | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L) ) & 0xffffffffL; if (asprintf (&linkname, "%08lx", hash) < 0) return_val_if_reached (NULL); return linkname; }