|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* Copyright (C) 2012, Redhat Inc.
|
|
Packit Service |
3749ba |
* Copyright (c) 2011, Collabora Ltd.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* Redistribution and use in source and binary forms, with or without
|
|
Packit Service |
3749ba |
* modification, are permitted provided that the following conditions
|
|
Packit Service |
3749ba |
* are met:
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* * Redistributions of source code must retain the above
|
|
Packit Service |
3749ba |
* copyright notice, this list of conditions and the
|
|
Packit Service |
3749ba |
* following disclaimer.
|
|
Packit Service |
3749ba |
* * Redistributions in binary form must reproduce the
|
|
Packit Service |
3749ba |
* above copyright notice, this list of conditions and
|
|
Packit Service |
3749ba |
* the following disclaimer in the documentation and/or
|
|
Packit Service |
3749ba |
* other materials provided with the distribution.
|
|
Packit Service |
3749ba |
* * The names of contributors to this software may not be
|
|
Packit Service |
3749ba |
* used to endorse or promote products derived from this
|
|
Packit Service |
3749ba |
* software without specific prior written permission.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
Packit Service |
3749ba |
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
Packit Service |
3749ba |
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
Packit Service |
3749ba |
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
Packit Service |
3749ba |
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
Packit Service |
3749ba |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
Packit Service |
3749ba |
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
|
Packit Service |
3749ba |
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
Packit Service |
3749ba |
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
Packit Service |
3749ba |
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
|
|
Packit Service |
3749ba |
* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
|
|
Packit Service |
3749ba |
* DAMAGE.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* Author: Stef Walter <stefw@collabora.co.uk>
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include "config.h"
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include "attrs.h"
|
|
Packit Service |
3749ba |
#include "buffer.h"
|
|
Packit Service |
3749ba |
#include "compat.h"
|
|
Packit Service |
3749ba |
#include "constants.h"
|
|
Packit Service |
3749ba |
#include "debug.h"
|
|
Packit Service |
3749ba |
#include "hash.h"
|
|
Packit Service |
3749ba |
#include "pkcs11.h"
|
|
Packit Service |
3749ba |
#include "pkcs11i.h"
|
|
Packit Service |
3749ba |
#include "pkcs11x.h"
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include <assert.h>
|
|
Packit Service |
3749ba |
#include <stdarg.h>
|
|
Packit Service |
3749ba |
#include <stdio.h>
|
|
Packit Service |
3749ba |
#include <stdint.h>
|
|
Packit Service |
3749ba |
#include <stdlib.h>
|
|
Packit Service |
3749ba |
#include <string.h>
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#define ELEMS(x) (sizeof (x) / sizeof (x[0]))
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_terminator (const CK_ATTRIBUTE *attrs)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
return (attrs == NULL || attrs->type == CKA_INVALID);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ULONG
|
|
Packit Service |
3749ba |
p11_attrs_count (const CK_ATTRIBUTE *attrs)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (attrs == NULL)
|
|
Packit Service |
3749ba |
return 0UL;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (count = 0; !p11_attrs_terminator (attrs); count++, attrs++);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return count;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
void
|
|
Packit Service |
3749ba |
p11_attrs_free (void *attrs)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *ats = attrs;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (!attrs)
|
|
Packit Service |
3749ba |
return;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (ats + i); i++)
|
|
Packit Service |
3749ba |
free (ats[i].pValue);
|
|
Packit Service |
3749ba |
free (ats);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
attrs_build (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ULONG count_to_add,
|
|
Packit Service |
3749ba |
bool take_values,
|
|
Packit Service |
3749ba |
bool override,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE * (*generator) (void *),
|
|
Packit Service |
3749ba |
void *state)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *attr;
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *add;
|
|
Packit Service |
3749ba |
CK_ULONG current;
|
|
Packit Service |
3749ba |
CK_ULONG at;
|
|
Packit Service |
3749ba |
CK_ULONG j;
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
size_t length;
|
|
Packit Service |
3749ba |
void *new_memory;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* How many attributes we already have */
|
|
Packit Service |
3749ba |
current = p11_attrs_count (attrs);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Reallocate for how many we need */
|
|
Packit Service |
3749ba |
length = current + count_to_add;
|
|
Packit Service |
3749ba |
return_val_if_fail (current <= length && length < SIZE_MAX, NULL);
|
|
Packit Service |
3749ba |
new_memory = reallocarray (attrs, length + 1, sizeof (CK_ATTRIBUTE));
|
|
Packit Service |
3749ba |
return_val_if_fail (new_memory != NULL, NULL);
|
|
Packit Service |
3749ba |
attrs = new_memory;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
at = current;
|
|
Packit Service |
3749ba |
for (i = 0; i < count_to_add; i++) {
|
|
Packit Service |
3749ba |
add = (generator) (state);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Skip with invalid type */
|
|
Packit Service |
3749ba |
if (!add || add->type == CKA_INVALID)
|
|
Packit Service |
3749ba |
continue;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
attr = NULL;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do we have this attribute? */
|
|
Packit Service |
3749ba |
for (j = 0; attr == NULL && j < current; j++) {
|
|
Packit Service |
3749ba |
if (attrs[j].type == add->type) {
|
|
Packit Service |
3749ba |
attr = attrs + j;
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The attribute doesn't exist */
|
|
Packit Service |
3749ba |
if (attr == NULL) {
|
|
Packit Service |
3749ba |
attr = attrs + at;
|
|
Packit Service |
3749ba |
at++;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The attribute exists and we're not overriding */
|
|
Packit Service |
3749ba |
} else if (!override) {
|
|
Packit Service |
3749ba |
if (take_values)
|
|
Packit Service |
3749ba |
free (add->pValue);
|
|
Packit Service |
3749ba |
continue;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The attribute exitss, and we're overriding */
|
|
Packit Service |
3749ba |
} else {
|
|
Packit Service |
3749ba |
free (attr->pValue);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memcpy (attr, add, sizeof (CK_ATTRIBUTE));
|
|
Packit Service |
3749ba |
if (!take_values && attr->pValue != NULL) {
|
|
Packit Service |
3749ba |
if (attr->ulValueLen == 0)
|
|
Packit Service |
3749ba |
attr->pValue = malloc (1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
attr->pValue = memdup (attr->pValue, attr->ulValueLen);
|
|
Packit Service |
3749ba |
return_val_if_fail (attr->pValue != NULL, NULL);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Mark this as the end */
|
|
Packit Service |
3749ba |
(attrs + at)->type = CKA_INVALID;
|
|
Packit Service |
3749ba |
assert (p11_attrs_terminator (attrs + at));
|
|
Packit Service |
3749ba |
return attrs;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
vararg_generator (void *state)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
va_list *va = state;
|
|
Packit Service |
3749ba |
return va_arg (*va, CK_ATTRIBUTE *);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_build (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
...)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
va_list va;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = 0UL;
|
|
Packit Service |
3749ba |
va_start (va, attrs);
|
|
Packit Service |
3749ba |
while (va_arg (va, CK_ATTRIBUTE *))
|
|
Packit Service |
3749ba |
count++;
|
|
Packit Service |
3749ba |
va_end (va);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
va_start (va, attrs);
|
|
Packit Service |
3749ba |
attrs = attrs_build (attrs, count, false, true,
|
|
Packit Service |
3749ba |
vararg_generator, &va);
|
|
Packit Service |
3749ba |
va_end (va);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return attrs;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
template_generator (void *state)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE **template = state;
|
|
Packit Service |
3749ba |
return (*template)++;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_buildn (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *add,
|
|
Packit Service |
3749ba |
CK_ULONG count)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
return attrs_build (attrs, count, false, true,
|
|
Packit Service |
3749ba |
template_generator, &add);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_take (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
CK_VOID_PTR value,
|
|
Packit Service |
3749ba |
CK_ULONG length)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE attr = { type, value, length };
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *add = &att;;
|
|
Packit Service |
3749ba |
return attrs_build (attrs, 1, true, true,
|
|
Packit Service |
3749ba |
template_generator, &add);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_merge (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *merge,
|
|
Packit Service |
3749ba |
bool replace)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *ptr;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (attrs == NULL)
|
|
Packit Service |
3749ba |
return merge;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
ptr = merge;
|
|
Packit Service |
3749ba |
count = p11_attrs_count (merge);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
attrs = attrs_build (attrs, count, true, replace,
|
|
Packit Service |
3749ba |
template_generator, &ptr);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* Since we're supposed to own the merge attributes,
|
|
Packit Service |
3749ba |
* free the container array.
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
free (merge);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return attrs;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_dup (const CK_ATTRIBUTE *attrs)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = p11_attrs_count (attrs);
|
|
Packit Service |
3749ba |
return p11_attrs_buildn (NULL, attrs, count);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_find (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (attrs + i); i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type)
|
|
Packit Service |
3749ba |
return attrs + i;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return NULL;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_findn (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ULONG count,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type)
|
|
Packit Service |
3749ba |
return attrs + i;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return NULL;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_find_bool (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
CK_BBOOL *value)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (attrs + i); i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen == sizeof (CK_BBOOL) &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL) {
|
|
Packit Service |
3749ba |
*value = *((CK_BBOOL *)attrs[i].pValue);
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_findn_bool (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ULONG count,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
CK_BBOOL *value)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen == sizeof (CK_BBOOL) &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL) {
|
|
Packit Service |
3749ba |
*value = *((CK_BBOOL *)attrs[i].pValue);
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_find_ulong (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
CK_ULONG *value)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (attrs + i); i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen == sizeof (CK_ULONG) &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL) {
|
|
Packit Service |
3749ba |
*value = *((CK_ULONG *)attrs[i].pValue);
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_findn_ulong (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ULONG count,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
CK_ULONG *value)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen == sizeof (CK_ULONG) &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL) {
|
|
Packit Service |
3749ba |
*value = *((CK_ULONG *)attrs[i].pValue);
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
void *
|
|
Packit Service |
3749ba |
p11_attrs_find_value (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type,
|
|
Packit Service |
3749ba |
size_t *length)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (attrs + i); i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen != 0 &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen != (CK_ULONG)-1 &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL) {
|
|
Packit Service |
3749ba |
if (length)
|
|
Packit Service |
3749ba |
*length = attrs[i].ulValueLen;
|
|
Packit Service |
3749ba |
return attrs[i].pValue;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return NULL;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *
|
|
Packit Service |
3749ba |
p11_attrs_find_valid (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; !p11_attrs_terminator (attrs + i); i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type &&
|
|
Packit Service |
3749ba |
attrs[i].pValue != NULL &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen != 0 &&
|
|
Packit Service |
3749ba |
attrs[i].ulValueLen != (CK_ULONG)-1)
|
|
Packit Service |
3749ba |
return attrs + i;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return NULL;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_remove (CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = p11_attrs_count (attrs);
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
if (attrs[i].type == type)
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (i == count)
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (attrs[i].pValue)
|
|
Packit Service |
3749ba |
free (attrs[i].pValue);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memmove (attrs + i, attrs + i + 1, (count - (i + 1)) * sizeof (CK_ATTRIBUTE));
|
|
Packit Service |
3749ba |
attrs[count - 1].type = CKA_INVALID;
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
void
|
|
Packit Service |
3749ba |
p11_attrs_purge (CK_ATTRIBUTE *attrs)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
int in, out;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (in = 0, out = 0; !p11_attrs_terminator (attrs + in); in++) {
|
|
Packit Service |
3749ba |
if (attrs[in].ulValueLen == (CK_ULONG)-1) {
|
|
Packit Service |
3749ba |
free (attrs[in].pValue);
|
|
Packit Service |
3749ba |
attrs[in].pValue = NULL;
|
|
Packit Service |
3749ba |
attrs[in].ulValueLen = 0;
|
|
Packit Service |
3749ba |
} else {
|
|
Packit Service |
3749ba |
if (in != out)
|
|
Packit Service |
3749ba |
memcpy (attrs + out, attrs + in, sizeof (CK_ATTRIBUTE));
|
|
Packit Service |
3749ba |
out++;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
attrs[out].type = CKA_INVALID;
|
|
Packit Service |
3749ba |
assert (p11_attrs_terminator (attrs + out));
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_match (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *match)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *attr;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (; !p11_attrs_terminator (match); match++) {
|
|
Packit Service |
3749ba |
attr = p11_attrs_find ((CK_ATTRIBUTE *)attrs, match->type);
|
|
Packit Service |
3749ba |
if (!attr)
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
if (!p11_attr_equal (attr, match))
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attrs_matchn (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *match,
|
|
Packit Service |
3749ba |
CK_ULONG count)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *attr;
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
attr = p11_attrs_find ((CK_ATTRIBUTE *)attrs, match[i].type);
|
|
Packit Service |
3749ba |
if (!attr)
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
if (!p11_attr_equal (attr, match + i))
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attr_match_value (const CK_ATTRIBUTE *attr,
|
|
Packit Service |
3749ba |
const void *value,
|
|
Packit Service |
3749ba |
ssize_t length)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
if (length < 0)
|
|
Packit Service |
3749ba |
length = strlen (value);
|
|
Packit Service |
3749ba |
return (attr != NULL &&
|
|
Packit Service |
3749ba |
attr->ulValueLen == length &&
|
|
Packit Service |
3749ba |
(attr->pValue == value ||
|
|
Packit Service |
3749ba |
(attr->pValue && value &&
|
|
Packit Service |
3749ba |
memcmp (attr->pValue, value, attr->ulValueLen) == 0)));
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
bool
|
|
Packit Service |
3749ba |
p11_attr_equal (const void *v1,
|
|
Packit Service |
3749ba |
const void *v2)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *one = v1;
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *two = v2;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return (one == two ||
|
|
Packit Service |
3749ba |
(one && two && one->type == two->type &&
|
|
Packit Service |
3749ba |
p11_attr_match_value (one, two->pValue, two->ulValueLen)));
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
unsigned int
|
|
Packit Service |
3749ba |
p11_attr_hash (const void *data)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *attr = data;
|
|
Packit Service |
3749ba |
uint32_t hash = 0;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (attr != NULL) {
|
|
Packit Service |
3749ba |
p11_hash_murmur3 (&hash,
|
|
Packit Service |
3749ba |
&attr->type, sizeof (attr->type),
|
|
Packit Service |
3749ba |
attr->pValue, (size_t)attr->ulValueLen,
|
|
Packit Service |
3749ba |
NULL);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return hash;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
buffer_append_printf (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
const char *format,
|
|
Packit Service |
3749ba |
...) GNUC_PRINTF(2, 3);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
buffer_append_printf (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
const char *format,
|
|
Packit Service |
3749ba |
...)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
char *string;
|
|
Packit Service |
3749ba |
va_list va;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
va_start (va, format);
|
|
Packit Service |
3749ba |
if (vasprintf (&string, format, va) < 0) {
|
|
Packit Service |
3749ba |
va_end (va);
|
|
Packit Service |
3749ba |
return_if_reached ();
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
va_end (va);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
free (string);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static bool
|
|
Packit Service |
3749ba |
attribute_is_ulong_of_type (const CK_ATTRIBUTE *attr,
|
|
Packit Service |
3749ba |
CK_ULONG type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
if (attr->type != type)
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
if (attr->ulValueLen != sizeof (CK_ULONG))
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
if (!attr->pValue)
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static bool
|
|
Packit Service |
3749ba |
attribute_is_trust_value (const CK_ATTRIBUTE *attr)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
switch (attr->type) {
|
|
Packit Service |
3749ba |
case CKA_TRUST_DIGITAL_SIGNATURE:
|
|
Packit Service |
3749ba |
case CKA_TRUST_NON_REPUDIATION:
|
|
Packit Service |
3749ba |
case CKA_TRUST_KEY_ENCIPHERMENT:
|
|
Packit Service |
3749ba |
case CKA_TRUST_DATA_ENCIPHERMENT:
|
|
Packit Service |
3749ba |
case CKA_TRUST_KEY_AGREEMENT:
|
|
Packit Service |
3749ba |
case CKA_TRUST_KEY_CERT_SIGN:
|
|
Packit Service |
3749ba |
case CKA_TRUST_CRL_SIGN:
|
|
Packit Service |
3749ba |
case CKA_TRUST_SERVER_AUTH:
|
|
Packit Service |
3749ba |
case CKA_TRUST_CLIENT_AUTH:
|
|
Packit Service |
3749ba |
case CKA_TRUST_CODE_SIGNING:
|
|
Packit Service |
3749ba |
case CKA_TRUST_EMAIL_PROTECTION:
|
|
Packit Service |
3749ba |
case CKA_TRUST_IPSEC_END_SYSTEM:
|
|
Packit Service |
3749ba |
case CKA_TRUST_IPSEC_TUNNEL:
|
|
Packit Service |
3749ba |
case CKA_TRUST_IPSEC_USER:
|
|
Packit Service |
3749ba |
case CKA_TRUST_TIME_STAMPING:
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
default:
|
|
Packit Service |
3749ba |
return false;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return attribute_is_ulong_of_type (attr, attr->type);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static bool
|
|
Packit Service |
3749ba |
attribute_is_sensitive (const CK_ATTRIBUTE *attr,
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* Don't print any just attribute, since they may contain
|
|
Packit Service |
3749ba |
* sensitive data
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
switch (attr->type) {
|
|
Packit Service |
3749ba |
#define X(x) case x: return false;
|
|
Packit Service |
3749ba |
X (CKA_CLASS)
|
|
Packit Service |
3749ba |
X (CKA_TOKEN)
|
|
Packit Service |
3749ba |
X (CKA_PRIVATE)
|
|
Packit Service |
3749ba |
X (CKA_LABEL)
|
|
Packit Service |
3749ba |
X (CKA_APPLICATION)
|
|
Packit Service |
3749ba |
X (CKA_OBJECT_ID)
|
|
Packit Service |
3749ba |
X (CKA_CERTIFICATE_TYPE)
|
|
Packit Service |
3749ba |
X (CKA_ISSUER)
|
|
Packit Service |
3749ba |
X (CKA_SERIAL_NUMBER)
|
|
Packit Service |
3749ba |
X (CKA_AC_ISSUER)
|
|
Packit Service |
3749ba |
X (CKA_OWNER)
|
|
Packit Service |
3749ba |
X (CKA_ATTR_TYPES)
|
|
Packit Service |
3749ba |
X (CKA_TRUSTED)
|
|
Packit Service |
3749ba |
X (CKA_CERTIFICATE_CATEGORY)
|
|
Packit Service |
3749ba |
X (CKA_JAVA_MIDP_SECURITY_DOMAIN)
|
|
Packit Service |
3749ba |
X (CKA_URL)
|
|
Packit Service |
3749ba |
X (CKA_HASH_OF_SUBJECT_PUBLIC_KEY)
|
|
Packit Service |
3749ba |
X (CKA_HASH_OF_ISSUER_PUBLIC_KEY)
|
|
Packit Service |
3749ba |
X (CKA_CHECK_VALUE)
|
|
Packit Service |
3749ba |
X (CKA_KEY_TYPE)
|
|
Packit Service |
3749ba |
X (CKA_SUBJECT)
|
|
Packit Service |
3749ba |
X (CKA_ID)
|
|
Packit Service |
3749ba |
X (CKA_SENSITIVE)
|
|
Packit Service |
3749ba |
X (CKA_ENCRYPT)
|
|
Packit Service |
3749ba |
X (CKA_DECRYPT)
|
|
Packit Service |
3749ba |
X (CKA_WRAP)
|
|
Packit Service |
3749ba |
X (CKA_UNWRAP)
|
|
Packit Service |
3749ba |
X (CKA_SIGN)
|
|
Packit Service |
3749ba |
X (CKA_SIGN_RECOVER)
|
|
Packit Service |
3749ba |
X (CKA_VERIFY)
|
|
Packit Service |
3749ba |
X (CKA_VERIFY_RECOVER)
|
|
Packit Service |
3749ba |
X (CKA_DERIVE)
|
|
Packit Service |
3749ba |
X (CKA_START_DATE)
|
|
Packit Service |
3749ba |
X (CKA_END_DATE)
|
|
Packit Service |
3749ba |
X (CKA_MODULUS_BITS)
|
|
Packit Service |
3749ba |
X (CKA_PRIME_BITS)
|
|
Packit Service |
3749ba |
/* X (CKA_SUBPRIME_BITS) */
|
|
Packit Service |
3749ba |
/* X (CKA_SUB_PRIME_BITS) */
|
|
Packit Service |
3749ba |
X (CKA_VALUE_BITS)
|
|
Packit Service |
3749ba |
X (CKA_VALUE_LEN)
|
|
Packit Service |
3749ba |
X (CKA_EXTRACTABLE)
|
|
Packit Service |
3749ba |
X (CKA_LOCAL)
|
|
Packit Service |
3749ba |
X (CKA_NEVER_EXTRACTABLE)
|
|
Packit Service |
3749ba |
X (CKA_ALWAYS_SENSITIVE)
|
|
Packit Service |
3749ba |
X (CKA_KEY_GEN_MECHANISM)
|
|
Packit Service |
3749ba |
X (CKA_MODIFIABLE)
|
|
Packit Service |
3749ba |
X (CKA_SECONDARY_AUTH)
|
|
Packit Service |
3749ba |
X (CKA_AUTH_PIN_FLAGS)
|
|
Packit Service |
3749ba |
X (CKA_ALWAYS_AUTHENTICATE)
|
|
Packit Service |
3749ba |
X (CKA_WRAP_WITH_TRUSTED)
|
|
Packit Service |
3749ba |
X (CKA_WRAP_TEMPLATE)
|
|
Packit Service |
3749ba |
X (CKA_UNWRAP_TEMPLATE)
|
|
Packit Service |
3749ba |
X (CKA_HW_FEATURE_TYPE)
|
|
Packit Service |
3749ba |
X (CKA_RESET_ON_INIT)
|
|
Packit Service |
3749ba |
X (CKA_HAS_RESET)
|
|
Packit Service |
3749ba |
X (CKA_PIXEL_X)
|
|
Packit Service |
3749ba |
X (CKA_PIXEL_Y)
|
|
Packit Service |
3749ba |
X (CKA_RESOLUTION)
|
|
Packit Service |
3749ba |
X (CKA_CHAR_ROWS)
|
|
Packit Service |
3749ba |
X (CKA_CHAR_COLUMNS)
|
|
Packit Service |
3749ba |
X (CKA_COLOR)
|
|
Packit Service |
3749ba |
X (CKA_BITS_PER_PIXEL)
|
|
Packit Service |
3749ba |
X (CKA_CHAR_SETS)
|
|
Packit Service |
3749ba |
X (CKA_ENCODING_METHODS)
|
|
Packit Service |
3749ba |
X (CKA_MIME_TYPES)
|
|
Packit Service |
3749ba |
X (CKA_MECHANISM_TYPE)
|
|
Packit Service |
3749ba |
X (CKA_REQUIRED_CMS_ATTRIBUTES)
|
|
Packit Service |
3749ba |
X (CKA_DEFAULT_CMS_ATTRIBUTES)
|
|
Packit Service |
3749ba |
X (CKA_SUPPORTED_CMS_ATTRIBUTES)
|
|
Packit Service |
3749ba |
X (CKA_ALLOWED_MECHANISMS)
|
|
Packit Service |
3749ba |
X (CKA_X_ASSERTION_TYPE)
|
|
Packit Service |
3749ba |
X (CKA_X_CERTIFICATE_VALUE)
|
|
Packit Service |
3749ba |
X (CKA_X_PURPOSE)
|
|
Packit Service |
3749ba |
X (CKA_X_PEER)
|
|
Packit Service |
3749ba |
X (CKA_X_DISTRUSTED)
|
|
Packit Service |
3749ba |
X (CKA_X_CRITICAL)
|
|
Packit Service |
3749ba |
X (CKA_PUBLIC_KEY_INFO)
|
|
Packit Service |
3749ba |
X (CKA_NSS_URL)
|
|
Packit Service |
3749ba |
X (CKA_NSS_EMAIL)
|
|
Packit Service |
3749ba |
X (CKA_NSS_SMIME_INFO)
|
|
Packit Service |
3749ba |
X (CKA_NSS_SMIME_TIMESTAMP)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PKCS8_SALT)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PASSWORD_CHECK)
|
|
Packit Service |
3749ba |
X (CKA_NSS_EXPIRES)
|
|
Packit Service |
3749ba |
X (CKA_NSS_KRL)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PQG_COUNTER)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PQG_SEED)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PQG_H)
|
|
Packit Service |
3749ba |
X (CKA_NSS_PQG_SEED_BITS)
|
|
Packit Service |
3749ba |
X (CKA_NSS_MODULE_SPEC)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_DIGITAL_SIGNATURE)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_NON_REPUDIATION)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_KEY_ENCIPHERMENT)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_DATA_ENCIPHERMENT)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_KEY_AGREEMENT)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_KEY_CERT_SIGN)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_CRL_SIGN)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_SERVER_AUTH)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_CLIENT_AUTH)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_CODE_SIGNING)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_EMAIL_PROTECTION)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_IPSEC_END_SYSTEM)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_IPSEC_TUNNEL)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_IPSEC_USER)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_TIME_STAMPING)
|
|
Packit Service |
3749ba |
X (CKA_TRUST_STEP_UP_APPROVED)
|
|
Packit Service |
3749ba |
X (CKA_CERT_SHA1_HASH)
|
|
Packit Service |
3749ba |
X (CKA_CERT_MD5_HASH)
|
|
Packit Service |
3749ba |
case CKA_VALUE:
|
|
Packit Service |
3749ba |
return (klass != CKO_CERTIFICATE &&
|
|
Packit Service |
3749ba |
klass != CKO_X_CERTIFICATE_EXTENSION);
|
|
Packit Service |
3749ba |
#undef X
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return true;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_class (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_classes, klass);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "0x%08lX", klass);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_assertion_type (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_X_ASSERTION_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_asserts, type);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "0x%08lX", type);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_key_type (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_KEY_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_keys, type);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "0x%08lX", type);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_certificate_type (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_CERTIFICATE_TYPE type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_certs, type);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "0x%08lX", type);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_trust_value (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_TRUST trust)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_trusts, trust);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "0x%08lX", trust);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_certificate_category (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_ULONG category)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_categories, category);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "%lu (%s)", category, string);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "%lu", category);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_attribute_type (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
CK_ULONG type)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
const char *string = p11_constant_name (p11_constant_types, type);
|
|
Packit Service |
3749ba |
if (string != NULL)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, string, -1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "CKA_0x%08lX", type);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
format_some_bytes (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
void *bytes,
|
|
Packit Service |
3749ba |
CK_ULONG length)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
unsigned char ch;
|
|
Packit Service |
3749ba |
const unsigned char *data = bytes;
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (bytes == NULL) {
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "NULL", -1);
|
|
Packit Service |
3749ba |
return;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "\"", 1);
|
|
Packit Service |
3749ba |
for (i = 0; i < length && i < 128; i++) {
|
|
Packit Service |
3749ba |
ch = data[i];
|
|
Packit Service |
3749ba |
if (ch == '\t')
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "\\t", -1);
|
|
Packit Service |
3749ba |
else if (ch == '\n')
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "\\n", -1);
|
|
Packit Service |
3749ba |
else if (ch == '\r')
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "\\r", -1);
|
|
Packit Service |
3749ba |
else if (ch >= 32 && ch < 127)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, &ch, 1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "\\x%02x", ch);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (i < length)
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "...");
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "\"", 1);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
void
|
|
Packit Service |
3749ba |
p11_attr_format (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *attr,
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, "{ ", -1);
|
|
Packit Service |
3749ba |
format_attribute_type (buffer, attr->type);
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, " = ", -1);
|
|
Packit Service |
3749ba |
if (attr->ulValueLen == CKA_INVALID) {
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "(-1) INVALID");
|
|
Packit Service |
3749ba |
} else if (attribute_is_ulong_of_type (attr, CKA_CLASS)) {
|
|
Packit Service |
3749ba |
format_class (buffer, *((CK_OBJECT_CLASS *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_ulong_of_type (attr, CKA_X_ASSERTION_TYPE)) {
|
|
Packit Service |
3749ba |
format_assertion_type (buffer, *((CK_X_ASSERTION_TYPE *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_ulong_of_type (attr, CKA_CERTIFICATE_TYPE)) {
|
|
Packit Service |
3749ba |
format_certificate_type (buffer, *((CK_CERTIFICATE_TYPE *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_ulong_of_type (attr, CKA_CERTIFICATE_CATEGORY)) {
|
|
Packit Service |
3749ba |
format_certificate_category (buffer, *((CK_ULONG *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_ulong_of_type (attr, CKA_KEY_TYPE)) {
|
|
Packit Service |
3749ba |
format_key_type (buffer, *((CK_KEY_TYPE *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_trust_value (attr)) {
|
|
Packit Service |
3749ba |
format_trust_value (buffer, *((CK_TRUST *)attr->pValue));
|
|
Packit Service |
3749ba |
} else if (attribute_is_sensitive (attr, klass)) {
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "(%lu) NOT-PRINTED", attr->ulValueLen);
|
|
Packit Service |
3749ba |
} else {
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "(%lu) ", attr->ulValueLen);
|
|
Packit Service |
3749ba |
format_some_bytes (buffer, attr->pValue, attr->ulValueLen);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, " }", -1);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
void
|
|
Packit Service |
3749ba |
p11_attrs_format (p11_buffer *buffer,
|
|
Packit Service |
3749ba |
const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
int count)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_BBOOL first = CK_TRUE;
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (count < 0)
|
|
Packit Service |
3749ba |
count = p11_attrs_count (attrs);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (!p11_attrs_findn_ulong (attrs, CKA_CLASS, count, &klass))
|
|
Packit Service |
3749ba |
klass = CKA_INVALID;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
buffer_append_printf (buffer, "(%d) [", count);
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++) {
|
|
Packit Service |
3749ba |
if (first)
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, " ", 1);
|
|
Packit Service |
3749ba |
else
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, ", ", 2);
|
|
Packit Service |
3749ba |
first = CK_FALSE;
|
|
Packit Service |
3749ba |
p11_attr_format (buffer, attrs + i, klass);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
p11_buffer_add (buffer, " ]", -1);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
char *
|
|
Packit Service |
3749ba |
p11_attrs_to_string (const CK_ATTRIBUTE *attrs,
|
|
Packit Service |
3749ba |
int count)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
p11_buffer buffer;
|
|
Packit Service |
3749ba |
if (!p11_buffer_init_null (&buffer, 128))
|
|
Packit Service |
3749ba |
return_val_if_reached (NULL);
|
|
Packit Service |
3749ba |
p11_attrs_format (&buffer, attrs, count);
|
|
Packit Service |
3749ba |
return p11_buffer_steal (&buffer, NULL);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
char *
|
|
Packit Service |
3749ba |
p11_attr_to_string (const CK_ATTRIBUTE *attr,
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
p11_buffer buffer;
|
|
Packit Service |
3749ba |
if (!p11_buffer_init_null (&buffer, 32))
|
|
Packit Service |
3749ba |
return_val_if_reached (NULL);
|
|
Packit Service |
3749ba |
p11_attr_format (&buffer, attr, klass);
|
|
Packit Service |
3749ba |
return p11_buffer_steal (&buffer, NULL);
|
|
Packit Service |
3749ba |
}
|