gnome-keyring r1172 - in trunk: . pk pk/tests pkcs11 pkix po ssh
- From: nnielsen svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-keyring r1172 - in trunk: . pk pk/tests pkcs11 pkix po ssh
- Date: Wed, 9 Jul 2008 17:35:24 +0000 (UTC)
Author: nnielsen
Date: Wed Jul 9 17:35:24 2008
New Revision: 1172
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1172&view=rev
Log:
* pk/gkr-pk-cert.c:
* pk/gkr-pk-cert.h:
* pk/gkr-pk-manager.c: (moved from gkr-pk-object-manager.c)
* pk/gkr-pk-manager.h: (moved from gkr-pk-object-manager.h)
* pk/gkr-pk-netscape-trust.c:
* pk/gkr-pk-netscape-trust.h:
* pk/gkr-pk-object.c:
* pk/gkr-pk-object.h:
* pk/gkr-pk-object-manager.c: (moved to gkr-pk-manager.c)
* pk/gkr-pk-object-manager.h: (moved to gkr-pk-manager.h)
* pk/gkr-pk-privkey.c:
* pk/gkr-pk-privkey.h:
* pk/gkr-pk-root-storage.c:
* pk/gkr-pk-session.c:
* pk/gkr-pk-session.h:
* pk/gkr-pk-session-storage.c:
* pk/gkr-pk-storage.c:
* pk/gkr-pk-storage.h:
* pk/Makefile.am:
* pk/tests/unit-test-pk-cert.c:
* pk/tests/unit-test-pk-netscape-trust.c:
* pk/tests/unit-test-pk-object.c:
* pkcs11/gkr-pkcs11-daemon-session.c:
* pkcs11/gkr-pkcs11-dsa.h:
* ssh/gkr-ssh-daemon-ops.c:
* ssh/gkr-ssh-storage.c: Rework how object creation happens.
Rename
GkrPkObjectManager to GkrPkManager. Add concept of a PK session,
which
PKCS#11 and SSH can now use.
* pk/gkr-pk-import.c: (added)
* pk/gkr-pk-import.h: (added)
* pk/gkr-pk-util.c:
* pk/gkr-pk-util.h:
* pk/Makefile.am:
* pk/tests/check-attribute.c:
* pk/tests/Makefile.am:
* pk/tests/unit-test-pk-import.c: (added)
* pkcs11/pkcs11g.h:
* pkix/gkr-pkix-parser.c: Implement 'import' PKCS#11 object.
Added:
trunk/pk/gkr-pk-import.c
trunk/pk/gkr-pk-import.h
trunk/pk/gkr-pk-manager.c
- copied, changed from r1169, /trunk/pk/gkr-pk-object-manager.c
trunk/pk/gkr-pk-manager.h
- copied, changed from r1169, /trunk/pk/gkr-pk-object-manager.h
trunk/pk/gkr-pk-session.c
trunk/pk/gkr-pk-session.h
trunk/pk/tests/unit-test-pk-import.c
Removed:
trunk/pk/gkr-pk-object-manager.c
trunk/pk/gkr-pk-object-manager.h
Modified:
trunk/ChangeLog
trunk/pk/Makefile.am
trunk/pk/gkr-pk-cert.c
trunk/pk/gkr-pk-cert.h
trunk/pk/gkr-pk-netscape-trust.c
trunk/pk/gkr-pk-netscape-trust.h
trunk/pk/gkr-pk-object-storage.c
trunk/pk/gkr-pk-object.c
trunk/pk/gkr-pk-object.h
trunk/pk/gkr-pk-privkey.c
trunk/pk/gkr-pk-privkey.h
trunk/pk/gkr-pk-pubkey.c
trunk/pk/gkr-pk-pubkey.h
trunk/pk/gkr-pk-root-storage.c
trunk/pk/gkr-pk-session-storage.c
trunk/pk/gkr-pk-storage.c
trunk/pk/gkr-pk-storage.h
trunk/pk/gkr-pk-util.c
trunk/pk/gkr-pk-util.h
trunk/pk/tests/Makefile.am
trunk/pk/tests/check-attribute.c
trunk/pk/tests/unit-test-pk-cert.c
trunk/pk/tests/unit-test-pk-key.c
trunk/pk/tests/unit-test-pk-netscape-trust.c
trunk/pk/tests/unit-test-pk-object.c
trunk/pkcs11/gkr-pkcs11-daemon-session.c
trunk/pkcs11/gkr-pkcs11-dsa.h
trunk/pkcs11/pkcs11g.h
trunk/pkix/gkr-pkix-parser.c
trunk/po/ChangeLog
trunk/po/POTFILES.in
trunk/ssh/gkr-ssh-daemon-ops.c
trunk/ssh/gkr-ssh-storage.c
Modified: trunk/pk/Makefile.am
==============================================================================
--- trunk/pk/Makefile.am (original)
+++ trunk/pk/Makefile.am Wed Jul 9 17:35:24 2008
@@ -20,14 +20,16 @@
libgkr_pk_la_SOURCES = \
gkr-pk-cert.c gkr-pk-cert.h \
+ gkr-pk-import.c gkr-pk-import.h \
gkr-pk-index.c gkr-pk-index.h \
+ gkr-pk-manager.c gkr-pk-manager.h \
gkr-pk-netscape-trust.c gkr-pk-netscape-trust.h \
gkr-pk-object.c gkr-pk-object.h \
- gkr-pk-object-manager.c gkr-pk-object-manager.h \
gkr-pk-object-storage.c gkr-pk-object-storage.h \
gkr-pk-places.h \
gkr-pk-privkey.c gkr-pk-privkey.h \
gkr-pk-pubkey.c gkr-pk-pubkey.h \
+ gkr-pk-session.c gkr-pk-session.h \
gkr-pk-session-storage.c gkr-pk-session-storage.h \
gkr-pk-storage.c gkr-pk-storage.h \
gkr-pk-util.c gkr-pk-util.h \
Modified: trunk/pk/gkr-pk-cert.c
==============================================================================
--- trunk/pk/gkr-pk-cert.c (original)
+++ trunk/pk/gkr-pk-cert.c Wed Jul 9 17:35:24 2008
@@ -27,7 +27,7 @@
#include "gkr-pk-index.h"
#include "gkr-pk-netscape-trust.h"
#include "gkr-pk-object.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-privkey.h"
#include "gkr-pk-pubkey.h"
#include "gkr-pk-storage.h"
@@ -218,7 +218,7 @@
id = gkr_pk_cert_get_keyid (cert);
g_return_val_if_fail (id, FALSE);
- return gkr_pk_object_manager_find_by_id (GKR_PK_OBJECT (cert)->manager, GKR_TYPE_PK_PRIVKEY, id) != NULL;
+ return gkr_pk_manager_find_by_id (GKR_PK_OBJECT (cert)->manager, GKR_TYPE_PK_PRIVKEY, id) != NULL;
}
static gboolean
@@ -648,13 +648,15 @@
}
GkrPkCert*
-gkr_pk_cert_new (GkrPkObjectManager *manager, GQuark location, ASN1_TYPE asn1)
+gkr_pk_cert_new (GkrPkManager *manager, GQuark location, ASN1_TYPE asn1)
{
gkrid id = NULL;
GkrPkCert *cert;
guchar *raw;
gsize n_raw;
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), NULL);
+
/* TODO: A more efficient way? */
if (asn1) {
raw = gkr_pkix_asn1_encode (asn1, "", &n_raw, NULL);
@@ -671,14 +673,14 @@
}
CK_RV
-gkr_pk_cert_create (GkrPkObjectManager* manager, GArray* array,
+gkr_pk_cert_create (GkrPkManager* manager, GArray* array,
GkrPkObject **object)
{
ASN1_TYPE asn;
CK_ATTRIBUTE_PTR attr;
CK_KEY_TYPE type;
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (manager), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), CKR_GENERAL_ERROR);
g_return_val_if_fail (array, CKR_GENERAL_ERROR);
g_return_val_if_fail (object, CKR_GENERAL_ERROR);
Modified: trunk/pk/gkr-pk-cert.h
==============================================================================
--- trunk/pk/gkr-pk-cert.h (original)
+++ trunk/pk/gkr-pk-cert.h Wed Jul 9 17:35:24 2008
@@ -52,10 +52,10 @@
GType gkr_pk_cert_get_type (void) G_GNUC_CONST;
-GkrPkCert* gkr_pk_cert_new (GkrPkObjectManager *manager,
+GkrPkCert* gkr_pk_cert_new (GkrPkManager *manager,
GQuark location, ASN1_TYPE asn1);
-CK_RV gkr_pk_cert_create (GkrPkObjectManager* manager,
+CK_RV gkr_pk_cert_create (GkrPkManager* manager,
GArray* array, GkrPkObject **object);
gboolean gkr_pk_cert_has_extension (GkrPkCert *cert, GQuark oid,
Added: trunk/pk/gkr-pk-import.c
==============================================================================
--- (empty file)
+++ trunk/pk/gkr-pk-import.c Wed Jul 9 17:35:24 2008
@@ -0,0 +1,592 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-pk-import.c - Object used to track an import
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#include "config.h"
+
+#include "gkr-pk-import.h"
+#include "gkr-pk-object.h"
+#include "gkr-pk-manager.h"
+#include "gkr-pk-session.h"
+#include "gkr-pk-storage.h"
+#include "gkr-pk-util.h"
+
+#include "common/gkr-secure-memory.h"
+
+#include "keyrings/gkr-keyring-login.h"
+
+#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11g.h"
+
+#include "pkix/gkr-pkix-parser.h"
+
+#include "ui/gkr-ask-daemon.h"
+#include "ui/gkr-ask-request.h"
+
+#include <glib.h>
+#include <glib-object.h>
+#include <glib/gi18n.h>
+
+/* -------------------------------------------------------------------------------------
+ * DECLARATIONS
+ */
+
+enum {
+ PROP_0,
+ PROP_IMPORT_MANAGER,
+ PROP_IMPORT_STORAGE,
+ PROP_IMPORT_TOKEN,
+ PROP_IMPORT_LABEL
+};
+
+typedef struct _GkrPkImportPrivate GkrPkImportPrivate;
+
+struct _GkrPkImportPrivate {
+ GError *error;
+
+ gchar *raw_data;
+ gsize n_raw_data;
+};
+
+G_DEFINE_TYPE (GkrPkImport, gkr_pk_import, GKR_TYPE_PK_OBJECT);
+
+#define GKR_PK_IMPORT_GET_PRIVATE(o) \
+ (G_TYPE_INSTANCE_GET_PRIVATE((o), GKR_TYPE_PK_IMPORT, GkrPkImportPrivate))
+
+/* -----------------------------------------------------------------------------
+ * HELPERS
+ */
+
+static void
+object_disappeared (gpointer data, GObject *exobject)
+{
+ GkrPkImport *import = GKR_PK_IMPORT (data);
+ import->import_objects = g_slist_remove (import->import_objects, exobject);
+}
+
+static const gchar*
+prepare_ask_title (GQuark type)
+{
+ if (type == GKR_PKIX_PRIVATE_KEY)
+ return _("Import private key");
+ else if (type == GKR_PKIX_CERTIFICATE)
+ return _("Import certificate");
+ else if (type == GKR_PKIX_PUBLIC_KEY)
+ return _("Import public key");
+ else
+ return _("Import");
+}
+
+static const gchar*
+prepare_ask_primary (GQuark type)
+{
+ if (type == GKR_PKIX_PRIVATE_KEY)
+ return _("Enter password to unlock the private key");
+ else if (type == GKR_PKIX_CERTIFICATE)
+ return _("Enter password to unlock the certificate");
+ else if (type == GKR_PKIX_PUBLIC_KEY)
+ return _("Enter password to unlock the public key");
+ else
+ return _("Enter password to unlock");
+}
+
+static const gchar*
+prepare_ask_check (GQuark type)
+{
+ /*
+ * Yes this is unmaintainable and stupid, but is required
+ * for translations to work properly.
+ */
+ if (type == GKR_PKIX_PRIVATE_KEY)
+ return _("Automatically unlock this private key when I log in.");
+ else if (type == GKR_PKIX_CERTIFICATE)
+ return _("Automatically unlock this certificate when I log in.");
+ else if (type == GKR_PKIX_PUBLIC_KEY)
+ return _("Automatically unlock this public key when I log in.");
+ else
+ return _("Automatically unlock this when I log in");
+}
+
+static gchar*
+prepare_ask_secondary (GQuark type, const gchar *label)
+{
+ if (type == GKR_PKIX_PRIVATE_KEY)
+ return g_strdup_printf (_("The system wants to import the private key '%s', but it is locked"), label);
+ else if (type == GKR_PKIX_CERTIFICATE)
+ return g_strdup_printf (_("The system wants to import the certificate '%s', but it is locked"), label);
+ else if (type == GKR_PKIX_PUBLIC_KEY)
+ return g_strdup_printf (_("The system wants to import the public key '%s', but it is locked"), label);
+ else
+ return g_strdup_printf (_("The system wants to import '%s', but it is locked"), label);
+}
+
+static gboolean
+parser_ask_password (GkrPkixParser *parser, GQuark loc, gkrconstid digest,
+ GQuark type, const gchar *label, gint *state, gchar **result,
+ GkrPkImport *import)
+{
+ GkrAskRequest *ask;
+ gchar *secondary;
+ gboolean ret;
+ GkrPkIndex *index;
+ guint flags;
+
+ g_return_val_if_fail (GKR_IS_PK_IMPORT (import), FALSE);
+ g_return_val_if_fail (digest != NULL, FALSE);
+ g_return_val_if_fail (state != NULL, FALSE);
+ g_return_val_if_fail (result != NULL, FALSE);
+
+ /*
+ * Certain encryption mechanisms (eg: PKCS12) behave differently with
+ * a null and a blank password. And some crypto libraries use a null
+ * password and some use a blank password.
+ *
+ * The net effect is that if the user enters a blank password we
+ * also need to try a null password.
+ */
+
+ #define LAST_WAS_BLANK 1
+ if (*state == LAST_WAS_BLANK) {
+ *result = NULL;
+ return TRUE;
+ }
+
+ index = gkr_pk_storage_index (import->import_storage, loc);
+ g_return_val_if_fail (index, FALSE);
+
+ if (!label)
+ label = import->import_label;
+
+ /* Build up the prompt */
+ flags = GKR_ASK_REQUEST_PASSWORD | GKR_ASK_REQUEST_OK_CANCEL_BUTTONS;
+ ask = gkr_ask_request_new (prepare_ask_title (type),
+ prepare_ask_primary (type), flags);
+
+ secondary = prepare_ask_secondary (type, label);
+ gkr_ask_request_set_secondary (ask, secondary);
+ g_free (secondary);
+
+ /*
+ * TODO: We should be able to prompt for a location to import this
+ * object to.
+ */
+
+ if (gkr_keyring_login_is_usable ())
+ gkr_ask_request_set_check_option (ask, prepare_ask_check (type));
+
+ /* Prompt the user */
+ gkr_ask_daemon_process (ask);
+
+ /* If the user denied ... */
+ if (ask->response == GKR_ASK_RESPONSE_DENY) {
+ ret = FALSE;
+
+ /* User cancelled or failure */
+ } else if (ask->response < GKR_ASK_RESPONSE_ALLOW) {
+ ret = FALSE;
+
+ /* Successful response */
+ } else {
+ *result = gkr_secure_strdup (ask->typed_password);
+ if (*result && strlen (*result) == 0)
+ *state = LAST_WAS_BLANK;
+ if (ask->checked)
+ gkr_pk_index_set_secret (index, digest, ask->typed_password);
+ }
+
+ g_object_unref (ask);
+ return ret;
+}
+
+static gboolean
+process_parsed (GkrPkImport *import, GQuark location, gkrconstid digest,
+ GQuark type, const gchar *property, gpointer value)
+{
+ GkrPkImportPrivate *pv = GKR_PK_IMPORT_GET_PRIVATE (import);
+ GkrPkObject *object;
+ gboolean created = FALSE;
+
+ g_return_val_if_fail (type != 0, FALSE);
+ g_return_val_if_fail (import->import_storage, FALSE);
+ g_return_val_if_fail (import->import_manager, FALSE);
+
+ /* Already had an error? Skip all the rest */
+ if (pv->error)
+ return FALSE;
+
+ object = gkr_pk_manager_find_by_digest (import->import_manager, digest);
+ if (!object) {
+ created = TRUE;
+ object = g_object_new (gkr_pk_object_get_object_type (type),
+ "manager", import->import_manager,
+ "location", location, "digest", digest, NULL);
+ }
+
+ /* Setup the sexp, probably a key on this object */
+ g_return_val_if_fail (object, FALSE);
+ g_object_set (object, property, value, NULL);
+
+ /* Apply the import label to the object if it has none */
+ if (!gkr_pk_object_has_label (object) && import->import_label)
+ g_object_set (object, "label", import->import_label, NULL);
+
+ if (created) {
+ gkr_pk_storage_store (import->import_storage, object, &pv->error);
+ g_object_unref (object);
+ }
+
+ import->import_objects = g_slist_prepend (import->import_objects, object);
+ g_object_weak_ref (G_OBJECT (object), object_disappeared, import);
+
+ return TRUE;
+}
+
+static gboolean
+parser_parsed_sexp (GkrPkixParser *parser, GQuark location, gkrconstid digest,
+ GQuark type, gcry_sexp_t sexp, GkrPkImport *import)
+{
+ return process_parsed (import, location, digest, type, "gcrypt-sexp", sexp);
+}
+
+static gboolean
+parser_parsed_asn1 (GkrPkixParser *parser, GQuark location, gkrconstid digest,
+ GQuark type, ASN1_TYPE asn1, GkrPkImport *import)
+{
+ return process_parsed (import, location, digest, type, "asn1-tree", asn1);
+}
+
+/* -----------------------------------------------------------------------------
+ * OBJECT
+ */
+
+static void
+gkr_pk_import_init (GkrPkImport *import)
+{
+
+}
+
+static CK_RV
+gkr_pk_import_get_attribute (GkrPkObject* obj, CK_ATTRIBUTE_PTR attr)
+{
+ GkrPkImportPrivate *pv = GKR_PK_IMPORT_GET_PRIVATE (obj);
+ GkrPkImport *import = GKR_PK_IMPORT (obj);
+ GArray *imported;
+ CK_OBJECT_HANDLE handle;
+ GSList *l;
+ gsize n_data;
+
+ g_assert (!attr->pValue);
+
+ switch (attr->type)
+ {
+ /* An array of integers, handles of objects imported */
+ case CKA_GNOME_IMPORT_OBJECTS:
+ imported = g_array_new (0, 1, sizeof (CK_OBJECT_HANDLE));
+ for (l = import->import_objects; l; l = g_slist_next (l)) {
+ /* Make sure it's all valid */
+ g_return_val_if_fail (GKR_IS_PK_OBJECT (l->data), CKR_GENERAL_ERROR);
+ handle = GKR_PK_OBJECT (l->data)->handle;
+ g_return_val_if_fail (handle != 0, CKR_GENERAL_ERROR);
+ g_array_append_val (imported, handle);
+ }
+
+ n_data = imported->len * sizeof (CK_OBJECT_HANDLE);
+ gkr_pk_attribute_take_data (attr, g_array_free (imported, FALSE), n_data);
+ return CKR_OK;
+
+ /* The actual data imported */
+ case CKA_VALUE:
+ gkr_pk_attribute_set_data (attr, pv->raw_data, pv->n_raw_data);
+ return CKR_OK;
+
+ /* Imported to token or session */
+ case CKA_GNOME_IMPORT_TOKEN:
+ gkr_pk_attribute_set_boolean (attr, import->import_token);
+ return CKR_OK;
+
+ /* Import label */
+ case CKA_GNOME_IMPORT_LABEL:
+ gkr_pk_attribute_set_string (attr, import->import_label);
+ return CKR_OK;
+
+ default:
+ break;
+ };
+
+ return GKR_PK_OBJECT_CLASS (gkr_pk_import_parent_class)->get_attribute (obj, attr);
+}
+
+static void
+gkr_pk_import_get_property (GObject *obj, guint prop_id, GValue *value,
+ GParamSpec *pspec)
+{
+ GkrPkImport *import = GKR_PK_IMPORT (obj);
+
+ switch (prop_id) {
+ case PROP_IMPORT_MANAGER:
+ g_value_set_object (value, import->import_manager);
+ break;
+ case PROP_IMPORT_STORAGE:
+ g_value_set_object (value, import->import_storage);
+ break;
+ case PROP_IMPORT_TOKEN:
+ g_value_set_boolean (value, import->import_token);
+ break;
+ case PROP_IMPORT_LABEL:
+ g_value_set_string (value, import->import_label);
+ break;
+ }
+}
+
+static void
+gkr_pk_import_set_property (GObject *obj, guint prop_id, const GValue *value,
+ GParamSpec *pspec)
+{
+ GkrPkImport *import = GKR_PK_IMPORT (obj);
+
+ switch (prop_id) {
+ case PROP_IMPORT_MANAGER:
+ g_assert (!import->import_manager);
+ import->import_manager = g_value_get_object (value);
+ g_return_if_fail (import->import_manager);
+ g_object_add_weak_pointer (G_OBJECT (import->import_manager),
+ (gpointer*)&(import->import_manager));
+ break;
+
+ case PROP_IMPORT_STORAGE:
+ g_assert (!import->import_storage);
+ import->import_storage = g_value_get_object (value);
+ g_return_if_fail (import->import_storage);
+ g_object_add_weak_pointer (G_OBJECT (import->import_storage),
+ (gpointer*)&(import->import_storage));
+ break;
+
+ case PROP_IMPORT_TOKEN:
+ import->import_token = g_value_get_boolean (value);
+ break;
+
+ case PROP_IMPORT_LABEL:
+ g_assert (!import->import_label);
+ import->import_label = g_value_dup_string (value);
+ break;
+ };
+}
+
+static void
+gkr_pk_import_finalize (GObject *obj)
+{
+ GkrPkImportPrivate *pv = GKR_PK_IMPORT_GET_PRIVATE (obj);
+ GkrPkImport *import = GKR_PK_IMPORT (obj);
+ GSList *l;
+
+ /* Free our imported data */
+ g_free (pv->raw_data);
+ pv->raw_data = NULL;
+ pv->n_raw_data = 0;
+
+ /* Free up any errors straggling */
+ g_clear_error (&pv->error);
+
+ /* Remove all weak references to objects */
+ for (l = import->import_objects; l; l = g_slist_next (l)) {
+ g_return_if_fail (GKR_IS_PK_OBJECT (l->data));
+ g_object_weak_unref (G_OBJECT (l->data), object_disappeared, import);
+ }
+
+ g_slist_free (import->import_objects);
+ import->import_objects = NULL;
+
+ /* Remove the weak reference to storage */
+ if (import->import_storage)
+ g_object_remove_weak_pointer (G_OBJECT (import->import_storage),
+ (gpointer*)&(import->import_storage));
+ import->import_storage = NULL;
+
+ /* Remove the weak reference to manager */
+ if (import->import_manager)
+ g_object_remove_weak_pointer (G_OBJECT (import->import_manager),
+ (gpointer*)&(import->import_manager));
+ import->import_manager = NULL;
+
+ /* The import label */
+ g_free (import->import_label);
+ import->import_label = NULL;
+
+ G_OBJECT_CLASS (gkr_pk_import_parent_class)->finalize (obj);
+}
+
+static void
+gkr_pk_import_class_init (GkrPkImportClass *klass)
+{
+ GObjectClass *gobject_class;
+ GkrPkObjectClass *parent_class;
+
+ gobject_class = (GObjectClass*)klass;
+
+ gkr_pk_import_parent_class = g_type_class_peek_parent (klass);
+
+ parent_class = GKR_PK_OBJECT_CLASS (klass);
+ parent_class->get_attribute = gkr_pk_import_get_attribute;
+
+ gobject_class->finalize = gkr_pk_import_finalize;
+ gobject_class->get_property = gkr_pk_import_get_property;
+ gobject_class->set_property = gkr_pk_import_set_property;
+
+ g_object_class_install_property (gobject_class, PROP_IMPORT_MANAGER,
+ g_param_spec_object ("import-manager", "Import Manager", "Object Manager to Import To",
+ GKR_TYPE_PK_MANAGER, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ g_object_class_install_property (gobject_class, PROP_IMPORT_STORAGE,
+ g_param_spec_object ("import-storage", "Import Storage", "Storage to Import To",
+ GKR_TYPE_PK_STORAGE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ g_object_class_install_property (gobject_class, PROP_IMPORT_TOKEN,
+ g_param_spec_boolean ("import-token", "Import Token", "Whether to import to token or session",
+ FALSE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ g_object_class_install_property (gobject_class, PROP_IMPORT_LABEL,
+ g_param_spec_string ("import-label", "Import Label", "Label for prompts and imported objects without labels",
+ NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ g_type_class_add_private (gobject_class, sizeof (GkrPkImportPrivate));
+}
+
+CK_RV
+gkr_pk_import_create (GkrPkManager* manager, GkrPkSession *session,
+ GArray* array, GkrPkObject **object)
+{
+ CK_ATTRIBUTE_PTR vattr, lattr;
+ CK_BBOOL import_token, token;
+ GError *err = NULL;
+ gchar *label;
+ CK_RV ret;
+
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GKR_IS_PK_SESSION (session), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (array, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (object, CKR_GENERAL_ERROR);
+
+ *object = NULL;
+
+ /* Cannot create a import object on a token */
+ if (gkr_pk_attributes_boolean (array, CKA_TOKEN, &token) && token)
+ return CKR_TEMPLATE_INCONSISTENT;
+
+ /* Must specify where the import goes */
+ if (!gkr_pk_attributes_boolean (array, CKA_GNOME_IMPORT_TOKEN, &import_token))
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ /* Must have an import value */
+ vattr = gkr_pk_attributes_find (array, CKA_VALUE);
+ if (!vattr)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ lattr = gkr_pk_attributes_find (array, CKA_GNOME_IMPORT_LABEL);
+ if (lattr)
+ label = g_strndup (lattr->pValue, lattr->ulValueLen);
+ else
+ label = NULL;
+
+ /*
+ * Figure out where we store objects to, note this is not where this 'import'
+ * object will actually end up being stored.
+ */
+
+ /* Create ourselves an import object */
+ *object = g_object_new (GKR_TYPE_PK_IMPORT,
+ "manager", manager,
+ "import-storage", import_token ? gkr_pk_storage_get_default () : session->storage,
+ "import-manager", import_token ? gkr_pk_manager_for_token() : session->manager,
+ "import-token", import_token,
+ "import-label", label,
+ NULL);
+
+ g_free (label);
+
+ /* Perform the actual import */
+ if (!gkr_pk_import_perform (GKR_PK_IMPORT (*object), vattr->pValue,
+ vattr->ulValueLen, &err)) {
+
+ g_object_unref (*object);
+ *object = NULL;
+
+ if (err->domain == GKR_PKIX_PARSE_ERROR)
+ ret = CKR_DATA_INVALID;
+ else
+ ret = CKR_GENERAL_ERROR;
+
+ g_message ("couldn't import data: %s", err && err->message ? err->message : "");
+ g_clear_error (&err);
+
+ return ret;
+ }
+
+ /* All the attributes that we used up */
+ gkr_pk_attributes_consume (array, CKA_VALUE, CKA_GNOME_IMPORT_TOKEN,
+ CKA_GNOME_IMPORT_LABEL, -1);
+
+ return CKR_OK;
+}
+
+GSList*
+gkr_pk_import_get_objects (GkrPkImport *import)
+{
+ g_return_val_if_fail (GKR_IS_PK_IMPORT (import), NULL);
+ return g_slist_copy (import->import_objects);
+}
+
+gboolean
+gkr_pk_import_perform (GkrPkImport *import, const guchar *data, gsize n_data, GError **err)
+{
+ GkrPkImportPrivate *pv = GKR_PK_IMPORT_GET_PRIVATE (import);
+ GkrPkixParser *parser;
+ gboolean ret;
+
+ g_return_val_if_fail (GKR_IS_PK_IMPORT (import), FALSE);
+
+ parser = gkr_pkix_parser_new ();
+ g_signal_connect (parser, "parsed-asn1", G_CALLBACK (parser_parsed_asn1), import);
+ g_signal_connect (parser, "parsed-sexp", G_CALLBACK (parser_parsed_sexp), import);
+ g_signal_connect (parser, "ask-password", G_CALLBACK (parser_ask_password), import);
+
+ ret = gkr_pkix_parser_parse (parser, 0, data, n_data, err);
+ g_object_unref (parser);
+
+ if (!ret)
+ return FALSE;
+
+ /* Check for import errors */
+ if (pv->error) {
+ if (*err) {
+ *err = pv->error;
+ pv->error = NULL;
+ }
+
+ g_clear_error (&pv->error);
+ return FALSE;
+ }
+
+ pv->raw_data = g_memdup (data, n_data);
+ pv->n_raw_data = n_data;
+
+ return TRUE;
+}
Added: trunk/pk/gkr-pk-import.h
==============================================================================
--- (empty file)
+++ trunk/pk/gkr-pk-import.h Wed Jul 9 17:35:24 2008
@@ -0,0 +1,73 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-pk-import.h - Importing of PK Objects
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#ifndef __GKR_PK_IMPORT_H__
+#define __GKR_PK_IMPORT_H__
+
+#include "pk/gkr-pk-object.h"
+
+#include <libtasn1.h>
+
+G_BEGIN_DECLS
+
+#define GKR_TYPE_PK_IMPORT (gkr_pk_import_get_type())
+#define GKR_PK_IMPORT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), GKR_TYPE_PK_IMPORT, GkrPkImport))
+#define GKR_PK_IMPORT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), GKR_TYPE_PK_IMPORT, GkrPkImport))
+#define GKR_IS_PK_IMPORT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), GKR_TYPE_PK_IMPORT))
+#define GKR_IS_PK_IMPORT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), GKR_TYPE_PK_IMPORT))
+#define GKR_PK_IMPORT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), GKR_TYPE_PK_IMPORT, GkrPkImportClass))
+
+typedef struct _GkrPkImport GkrPkImport;
+typedef struct _GkrPkImportClass GkrPkImportClass;
+
+struct _GkrPkImport {
+ GkrPkObject parent;
+
+ GSList *import_objects;
+ gboolean import_token;
+ GkrPkStorage *import_storage;
+ GkrPkManager *import_manager;
+ gchar *import_label;
+};
+
+struct _GkrPkImportClass {
+ GkrPkObjectClass parent_class;
+};
+
+GType gkr_pk_import_get_type (void) G_GNUC_CONST;
+
+CK_RV gkr_pk_import_create (GkrPkManager *manager,
+ GkrPkSession *session,
+ GArray *attrs,
+ GkrPkObject **object);
+
+GSList* gkr_pk_import_get_objects (GkrPkImport *import);
+
+gboolean gkr_pk_import_perform (GkrPkImport *import,
+ const guchar *data,
+ gsize n_data,
+ GError **err);
+
+G_END_DECLS
+
+#endif /* __GKR_PK_IMPORT_H__ */
Copied: trunk/pk/gkr-pk-manager.c (from r1169, /trunk/pk/gkr-pk-object-manager.c)
==============================================================================
--- /trunk/pk/gkr-pk-object-manager.c (original)
+++ trunk/pk/gkr-pk-manager.c Wed Jul 9 17:35:24 2008
@@ -1,5 +1,5 @@
/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
-/* gkr-pk-object-manager.c - Manage all 'token' PK objects
+/* gkr-pk-manager.c - Manage all 'token' PK objects
Copyright (C) 2007 Stefan Walter
@@ -24,7 +24,7 @@
#include "config.h"
#include "gkr-pk-cert.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-privkey.h"
#include "gkr-pk-storage.h"
#include "gkr-pk-util.h"
@@ -48,9 +48,9 @@
#include <stdarg.h>
-typedef struct _GkrPkObjectManagerPrivate GkrPkObjectManagerPrivate;
+typedef struct _GkrPkManagerPrivate GkrPkManagerPrivate;
-struct _GkrPkObjectManagerPrivate {
+struct _GkrPkManagerPrivate {
pid_t for_pid;
gboolean is_token;
@@ -58,13 +58,13 @@
GHashTable *object_by_digest;
};
-#define GKR_PK_OBJECT_MANAGER_GET_PRIVATE(o) \
- (G_TYPE_INSTANCE_GET_PRIVATE((o), GKR_TYPE_PK_OBJECT_MANAGER, GkrPkObjectManagerPrivate))
+#define GKR_PK_MANAGER_GET_PRIVATE(o) \
+ (G_TYPE_INSTANCE_GET_PRIVATE((o), GKR_TYPE_PK_MANAGER, GkrPkManagerPrivate))
-G_DEFINE_TYPE(GkrPkObjectManager, gkr_pk_object_manager, G_TYPE_OBJECT);
+G_DEFINE_TYPE(GkrPkManager, gkr_pk_manager, G_TYPE_OBJECT);
-static GkrPkObjectManager *object_manager_for_token = NULL;
-static GHashTable *object_managers_by_pid = NULL;
+static GkrPkManager *manager_for_token = NULL;
+static GHashTable *managers_by_pid = NULL;
/*
* Constantly increasing counter for the token object handles. Starting at
@@ -77,17 +77,17 @@
*/
static void
-cleanup_object_manager (void *unused)
+cleanup_manager (void *unused)
{
- g_assert (object_manager_for_token);
- g_object_unref (object_manager_for_token);
- object_manager_for_token = NULL;
+ g_assert (manager_for_token);
+ g_object_unref (manager_for_token);
+ manager_for_token = NULL;
}
static void
-add_object (GkrPkObjectManager *objmgr, GkrPkObject *object)
+add_object (GkrPkManager *objmgr, GkrPkObject *object)
{
- GkrPkObjectManagerPrivate *pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ GkrPkManagerPrivate *pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
gpointer k;
g_assert (GKR_IS_PK_OBJECT (object));
@@ -120,9 +120,9 @@
}
static void
-remove_object (GkrPkObjectManager *objmgr, GkrPkObject *object)
+remove_object (GkrPkManager *objmgr, GkrPkObject *object)
{
- GkrPkObjectManagerPrivate *pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ GkrPkManagerPrivate *pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
gpointer k;
g_assert (GKR_IS_PK_OBJECT (object));
@@ -150,26 +150,26 @@
*/
static void
-gkr_pk_object_manager_init (GkrPkObjectManager *objmgr)
+gkr_pk_manager_init (GkrPkManager *objmgr)
{
- GkrPkObjectManagerPrivate *pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ GkrPkManagerPrivate *pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
pv->object_by_handle = g_hash_table_new (g_direct_hash, g_direct_equal);
pv->object_by_digest = g_hash_table_new (gkr_id_hash, gkr_id_equals);
}
static void
-gkr_pk_object_manager_dispose (GObject *obj)
+gkr_pk_manager_dispose (GObject *obj)
{
- GkrPkObjectManager *objmgr = GKR_PK_OBJECT_MANAGER (obj);
- GkrPkObjectManagerPrivate *pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (obj);
+ GkrPkManager *objmgr = GKR_PK_MANAGER (obj);
+ GkrPkManagerPrivate *pv = GKR_PK_MANAGER_GET_PRIVATE (obj);
gpointer k;
GList *objects, *l;
/* Unregister all objects */
objects = g_list_copy (objmgr->objects);
for (l = objects; l; l = g_list_next (l))
- gkr_pk_object_manager_unregister (objmgr, GKR_PK_OBJECT (l->data));
+ gkr_pk_manager_unregister (objmgr, GKR_PK_OBJECT (l->data));
g_list_free (objects);
g_return_if_fail (objmgr->objects == NULL);
@@ -177,110 +177,114 @@
g_return_if_fail (g_hash_table_size (pv->object_by_digest) == 0);
if (pv->for_pid) {
- g_assert (object_managers_by_pid);
+ g_assert (managers_by_pid);
k = GUINT_TO_POINTER (pv->for_pid);
pv->for_pid = 0;
/* Remove us from the hash table */
- g_assert (g_hash_table_lookup (object_managers_by_pid, k) == objmgr);
- g_hash_table_remove (object_managers_by_pid, k);
+ g_assert (g_hash_table_lookup (managers_by_pid, k) == objmgr);
+ g_hash_table_remove (managers_by_pid, k);
/* Destroy the table if its empty */
- if (g_hash_table_size (object_managers_by_pid) == 0) {
- g_hash_table_destroy (object_managers_by_pid);
- object_managers_by_pid = NULL;
+ if (g_hash_table_size (managers_by_pid) == 0) {
+ g_hash_table_destroy (managers_by_pid);
+ managers_by_pid = NULL;
}
}
- G_OBJECT_CLASS (gkr_pk_object_manager_parent_class)->dispose (obj);
+ G_OBJECT_CLASS (gkr_pk_manager_parent_class)->dispose (obj);
}
static void
-gkr_pk_object_manager_finalize (GObject *obj)
+gkr_pk_manager_finalize (GObject *obj)
{
- GkrPkObjectManager *man = GKR_PK_OBJECT_MANAGER (obj);
- GkrPkObjectManagerPrivate *pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (obj);
+ GkrPkManager *man = GKR_PK_MANAGER (obj);
+ GkrPkManagerPrivate *pv = GKR_PK_MANAGER_GET_PRIVATE (obj);
g_hash_table_destroy (pv->object_by_handle);
g_hash_table_destroy (pv->object_by_digest);
g_assert (!man->objects);
g_assert (!pv->for_pid);
- G_OBJECT_CLASS (gkr_pk_object_manager_parent_class)->finalize (obj);
+ G_OBJECT_CLASS (gkr_pk_manager_parent_class)->finalize (obj);
}
static void
-gkr_pk_object_manager_class_init (GkrPkObjectManagerClass *klass)
+gkr_pk_manager_class_init (GkrPkManagerClass *klass)
{
GObjectClass *gobject_class;
gobject_class = (GObjectClass*)klass;
- gkr_pk_object_manager_parent_class = g_type_class_peek_parent (klass);
- gobject_class->dispose = gkr_pk_object_manager_dispose;
- gobject_class->finalize = gkr_pk_object_manager_finalize;
+ gkr_pk_manager_parent_class = g_type_class_peek_parent (klass);
+ gobject_class->dispose = gkr_pk_manager_dispose;
+ gobject_class->finalize = gkr_pk_manager_finalize;
- g_type_class_add_private (gobject_class, sizeof (GkrPkObjectManagerPrivate));
+ g_type_class_add_private (gobject_class, sizeof (GkrPkManagerPrivate));
}
-GkrPkObjectManager*
-gkr_pk_object_manager_new (void)
+/* ------------------------------------------------------------------------
+ * PUBLIC METHODS
+ */
+
+GkrPkManager*
+gkr_pk_manager_new (void)
{
- return g_object_new (GKR_TYPE_PK_OBJECT_MANAGER, NULL);
+ return g_object_new (GKR_TYPE_PK_MANAGER, NULL);
}
-GkrPkObjectManager*
-gkr_pk_object_manager_for_token (void)
+GkrPkManager*
+gkr_pk_manager_for_token (void)
{
- if (!object_manager_for_token) {
- object_manager_for_token = g_object_new (GKR_TYPE_PK_OBJECT_MANAGER, NULL);
- GKR_PK_OBJECT_MANAGER_GET_PRIVATE (object_manager_for_token)->is_token = TRUE;
- gkr_cleanup_register (cleanup_object_manager, NULL);
+ if (!manager_for_token) {
+ manager_for_token = g_object_new (GKR_TYPE_PK_MANAGER, NULL);
+ GKR_PK_MANAGER_GET_PRIVATE (manager_for_token)->is_token = TRUE;
+ gkr_cleanup_register (cleanup_manager, NULL);
}
- return object_manager_for_token;
+ return manager_for_token;
}
-GkrPkObjectManager*
-gkr_pk_object_manager_for_client (pid_t pid)
+GkrPkManager*
+gkr_pk_manager_for_client (pid_t pid)
{
- if (!object_managers_by_pid)
+ if (!managers_by_pid)
return NULL;
- return GKR_PK_OBJECT_MANAGER (g_hash_table_lookup (object_managers_by_pid,
- GUINT_TO_POINTER (pid)));
+ return GKR_PK_MANAGER (g_hash_table_lookup (managers_by_pid,
+ GUINT_TO_POINTER (pid)));
}
-GkrPkObjectManager*
-gkr_pk_object_manager_instance_for_client (pid_t pid)
+GkrPkManager*
+gkr_pk_manager_instance_for_client (pid_t pid)
{
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
- manager = gkr_pk_object_manager_for_client (pid);
+ manager = gkr_pk_manager_for_client (pid);
if (manager) {
g_object_ref (manager);
return manager;
}
- manager = g_object_new (GKR_TYPE_PK_OBJECT_MANAGER, NULL);
- GKR_PK_OBJECT_MANAGER_GET_PRIVATE (manager)->for_pid = pid;
+ manager = g_object_new (GKR_TYPE_PK_MANAGER, NULL);
+ GKR_PK_MANAGER_GET_PRIVATE (manager)->for_pid = pid;
/* The first client? */
- if (!object_managers_by_pid)
- object_managers_by_pid = g_hash_table_new (g_direct_hash, g_direct_equal);
+ if (!managers_by_pid)
+ managers_by_pid = g_hash_table_new (g_direct_hash, g_direct_equal);
/* Note us in the table */
- g_hash_table_insert (object_managers_by_pid, GUINT_TO_POINTER (pid), manager);
+ g_hash_table_insert (managers_by_pid, GUINT_TO_POINTER (pid), manager);
return manager;
}
void
-gkr_pk_object_manager_register (GkrPkObjectManager *objmgr, GkrPkObject *object)
+gkr_pk_manager_register (GkrPkManager *objmgr, GkrPkObject *object)
{
- GkrPkObjectManagerPrivate *pv;
+ GkrPkManagerPrivate *pv;
- g_return_if_fail (GKR_IS_PK_OBJECT_MANAGER (objmgr));
+ g_return_if_fail (GKR_IS_PK_MANAGER (objmgr));
g_return_if_fail (GKR_IS_PK_OBJECT (object));
- pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
g_return_if_fail (object->manager == NULL);
g_return_if_fail (object->digest);
@@ -289,13 +293,13 @@
}
void
-gkr_pk_object_manager_unregister (GkrPkObjectManager *objmgr, GkrPkObject *object)
+gkr_pk_manager_unregister (GkrPkManager *objmgr, GkrPkObject *object)
{
- GkrPkObjectManagerPrivate *pv;
+ GkrPkManagerPrivate *pv;
- g_return_if_fail (GKR_IS_PK_OBJECT_MANAGER (objmgr));
+ g_return_if_fail (GKR_IS_PK_MANAGER (objmgr));
g_return_if_fail (GKR_IS_PK_OBJECT (object));
- pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
g_return_if_fail (object->manager == objmgr);
g_return_if_fail (object->digest);
@@ -304,20 +308,20 @@
}
GkrPkObject*
-gkr_pk_object_manager_lookup (GkrPkObjectManager *man, CK_OBJECT_HANDLE obj)
+gkr_pk_manager_lookup (GkrPkManager *man, CK_OBJECT_HANDLE obj)
{
- GkrPkObjectManagerPrivate *pv;
+ GkrPkManagerPrivate *pv;
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (man), NULL);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (man), NULL);
g_return_val_if_fail (obj != 0, NULL);
- pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (man);
+ pv = GKR_PK_MANAGER_GET_PRIVATE (man);
return (GkrPkObject*)g_hash_table_lookup (pv->object_by_handle,
GUINT_TO_POINTER (obj));
}
GList*
-gkr_pk_object_manager_findv (GkrPkObjectManager *objmgr, GType gtype, ...)
+gkr_pk_manager_findv (GkrPkManager *objmgr, GType gtype, ...)
{
CK_ATTRIBUTE attr;
GArray *attrs = NULL;
@@ -342,7 +346,7 @@
* cleanup at variable scope rather than function scope.
*/
- ret = gkr_pk_object_manager_find (objmgr, gtype, attrs);
+ ret = gkr_pk_manager_find (objmgr, gtype, attrs);
break;
}
@@ -382,14 +386,14 @@
}
GList*
-gkr_pk_object_manager_find (GkrPkObjectManager *man, GType gtype, GArray *attrs)
+gkr_pk_manager_find (GkrPkManager *man, GType gtype, GArray *attrs)
{
CK_OBJECT_CLASS *ocls = NULL;
GkrPkObject *object;
gboolean do_refresh = TRUE;
GList *l, *objects = NULL;
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (man), NULL);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (man), NULL);
/* Figure out the class of objects we're loading */
if (attrs)
@@ -426,8 +430,7 @@
}
GkrPkObject*
-gkr_pk_object_manager_find_by_id (GkrPkObjectManager *objmgr, GType gtype,
- gkrconstid id)
+gkr_pk_manager_find_by_id (GkrPkManager *objmgr, GType gtype, gkrconstid id)
{
CK_ATTRIBUTE attr;
GkrPkObject *object;
@@ -435,7 +438,7 @@
GList *l;
g_return_val_if_fail (id, NULL);
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (objmgr), NULL);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (objmgr), NULL);
attr.pValue = (CK_VOID_PTR)gkr_id_get_raw (id, &len);
attr.ulValueLen = len;
@@ -454,14 +457,14 @@
}
GkrPkObject*
-gkr_pk_object_manager_find_by_digest (GkrPkObjectManager *objmgr, gkrconstid digest)
+gkr_pk_manager_find_by_digest (GkrPkManager *objmgr, gkrconstid digest)
{
- GkrPkObjectManagerPrivate *pv;
+ GkrPkManagerPrivate *pv;
GkrPkObject *object;
g_return_val_if_fail (digest, NULL);
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (objmgr), NULL);
- pv = GKR_PK_OBJECT_MANAGER_GET_PRIVATE (objmgr);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (objmgr), NULL);
+ pv = GKR_PK_MANAGER_GET_PRIVATE (objmgr);
object = GKR_PK_OBJECT (g_hash_table_lookup (pv->object_by_digest, digest));
return object;
Copied: trunk/pk/gkr-pk-manager.h (from r1169, /trunk/pk/gkr-pk-object-manager.h)
==============================================================================
--- /trunk/pk/gkr-pk-object-manager.h (original)
+++ trunk/pk/gkr-pk-manager.h Wed Jul 9 17:35:24 2008
@@ -1,5 +1,5 @@
/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
-/* gkr-pk-object-manager.h - Manage all 'token' PK objects
+/* gkr-pk-manager.h - Manage a set of PK objects
Copyright (C) 2007 Stefan Walter
@@ -21,8 +21,8 @@
Author: Stef Walter <stef memberwebs com>
*/
-#ifndef __GKR_PK_OBJECT_MANAGER_H__
-#define __GKR_PK_OBJECT_MANAGER_H__
+#ifndef __GKR_PK_MANAGER_H__
+#define __GKR_PK_MANAGER_H__
#include <gcrypt.h>
#include <glib-object.h>
@@ -30,19 +30,19 @@
#include "gkr-pk-object.h"
/*
- * GkrPkObjectManager
+ * GkrPkManager
*
- * A GkrPkObjectManager tracks a set of GkrPkObject objects. It does not own
+ * A GkrPkManager tracks a set of GkrPkObject objects. It does not own
* those objects. Once an object is registered with the manager it gets
* an identifier.
*
* An object will unregister itself from the manager when it is destroyed or
* it can be done explicitely.
*
- * A singleton GkrPkObjectManager exists for token objects, those stored in
+ * A singleton GkrPkManager exists for token objects, those stored in
* persistent storage. This manager lasts for the lifetime of the daemon.
*
- * Other GkrPkObjectManager objects can exist per client for session or
+ * Other GkrPkManager objects can exist per client for session or
* temporary objects. Multiple requests for a manager for the same client
* will return the same manager. Once all references dissappear this
* manager will go away.
@@ -50,58 +50,58 @@
G_BEGIN_DECLS
-#define GKR_TYPE_PK_OBJECT_MANAGER (gkr_pk_object_manager_get_type ())
-#define GKR_PK_OBJECT_MANAGER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GKR_TYPE_PK_OBJECT_MANAGER, GkrPkObjectManager))
-#define GKR_PK_OBJECT_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GKR_TYPE_PK_OBJECT_MANAGER, GObject))
-#define GKR_IS_PK_OBJECT_MANAGER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GKR_TYPE_PK_OBJECT_MANAGER))
-#define GKR_IS_PK_OBJECT_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GKR_TYPE_PK_OBJECT_MANAGER))
-#define GKR_PK_OBJECT_MANAGER_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GKR_TYPE_PK_OBJECT_MANAGER, GkrPkObjectManagerClass))
+#define GKR_TYPE_PK_MANAGER (gkr_pk_manager_get_type ())
+#define GKR_PK_MANAGER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GKR_TYPE_PK_MANAGER, GkrPkManager))
+#define GKR_PK_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GKR_TYPE_PK_MANAGER, GkrPkManager))
+#define GKR_IS_PK_MANAGER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GKR_TYPE_PK_MANAGER))
+#define GKR_IS_PK_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GKR_TYPE_PK_MANAGER))
+#define GKR_PK_MANAGER_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GKR_TYPE_PK_MANAGER, GkrPkManagerClass))
-typedef struct _GkrPkObjectManagerClass GkrPkObjectManagerClass;
+typedef struct _GkrPkManagerClass GkrPkManagerClass;
-struct _GkrPkObjectManager {
+struct _GkrPkManager {
GObject parent;
GList *objects;
};
-struct _GkrPkObjectManagerClass {
+struct _GkrPkManagerClass {
GObjectClass parent_class;
};
-GType gkr_pk_object_manager_get_type (void) G_GNUC_CONST;
+GType gkr_pk_manager_get_type (void) G_GNUC_CONST;
-GType gkr_pk_object_manager_type_from_string (const gchar *type);
+GType gkr_pk_manager_type_from_string (const gchar *type);
-GkrPkObjectManager* gkr_pk_object_manager_new (void);
+GkrPkManager* gkr_pk_manager_new (void);
-GkrPkObjectManager* gkr_pk_object_manager_for_token (void);
+GkrPkManager* gkr_pk_manager_for_token (void);
-GkrPkObjectManager* gkr_pk_object_manager_for_client (pid_t pid);
+GkrPkManager* gkr_pk_manager_for_client (pid_t pid);
-GkrPkObjectManager* gkr_pk_object_manager_instance_for_client (pid_t pid);
+GkrPkManager* gkr_pk_manager_instance_for_client (pid_t pid);
-void gkr_pk_object_manager_register (GkrPkObjectManager *objmgr,
- GkrPkObject *object);
+void gkr_pk_manager_register (GkrPkManager *objmgr,
+ GkrPkObject *object);
-void gkr_pk_object_manager_unregister (GkrPkObjectManager *objmgr,
- GkrPkObject *object);
+void gkr_pk_manager_unregister (GkrPkManager *objmgr,
+ GkrPkObject *object);
-GkrPkObject* gkr_pk_object_manager_lookup (GkrPkObjectManager *objmgr,
- CK_OBJECT_HANDLE obj);
+GkrPkObject* gkr_pk_manager_lookup (GkrPkManager *objmgr,
+ CK_OBJECT_HANDLE obj);
-GList* gkr_pk_object_manager_find (GkrPkObjectManager *objmgr,
- GType type, GArray *attrs);
+GList* gkr_pk_manager_find (GkrPkManager *objmgr,
+ GType type, GArray *attrs);
-GList* gkr_pk_object_manager_findv (GkrPkObjectManager *objmgr,
- GType gtype, ...) G_GNUC_NULL_TERMINATED;
+GList* gkr_pk_manager_findv (GkrPkManager *objmgr,
+ GType gtype, ...) G_GNUC_NULL_TERMINATED;
-GkrPkObject* gkr_pk_object_manager_find_by_id (GkrPkObjectManager *objmgr,
- GType gtype, gkrconstid id);
+GkrPkObject* gkr_pk_manager_find_by_id (GkrPkManager *objmgr,
+ GType gtype, gkrconstid id);
-GkrPkObject* gkr_pk_object_manager_find_by_digest (GkrPkObjectManager *objmgr,
- gkrconstid digest);
+GkrPkObject* gkr_pk_manager_find_by_digest (GkrPkManager *objmgr,
+ gkrconstid digest);
G_END_DECLS
-#endif /* __GKR_PK_OBJECT_MANAGER_H__ */
+#endif /* __GKR_PK_MANAGER_H__ */
Modified: trunk/pk/gkr-pk-netscape-trust.c
==============================================================================
--- trunk/pk/gkr-pk-netscape-trust.c (original)
+++ trunk/pk/gkr-pk-netscape-trust.c Wed Jul 9 17:35:24 2008
@@ -26,7 +26,7 @@
#include "gkr-pk-cert.h"
#include "gkr-pk-netscape-trust.h"
#include "gkr-pk-object.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-util.h"
#include "common/gkr-location.h"
@@ -371,7 +371,7 @@
}
GkrPkNetscapeTrust*
-gkr_pk_netscape_trust_new (GkrPkObjectManager *mgr, GkrPkCert *cert)
+gkr_pk_netscape_trust_new (GkrPkManager *mgr, GkrPkCert *cert)
{
GkrPkNetscapeTrust *trust;
gkrid digest = NULL;
@@ -379,6 +379,7 @@
const guchar *raw;
gsize n_raw;
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (mgr), NULL);
g_return_val_if_fail (GKR_IS_PK_CERT (cert), NULL);
obj = GKR_PK_OBJECT (cert);
Modified: trunk/pk/gkr-pk-netscape-trust.h
==============================================================================
--- trunk/pk/gkr-pk-netscape-trust.h (original)
+++ trunk/pk/gkr-pk-netscape-trust.h Wed Jul 9 17:35:24 2008
@@ -51,7 +51,7 @@
GType gkr_pk_netscape_trust_get_type (void) G_GNUC_CONST;
-GkrPkNetscapeTrust* gkr_pk_netscape_trust_new (GkrPkObjectManager* mgr, GkrPkCert *cert);
+GkrPkNetscapeTrust* gkr_pk_netscape_trust_new (GkrPkManager* mgr, GkrPkCert *cert);
G_END_DECLS
Modified: trunk/pk/gkr-pk-object-storage.c
==============================================================================
--- trunk/pk/gkr-pk-object-storage.c (original)
+++ trunk/pk/gkr-pk-object-storage.c Wed Jul 9 17:35:24 2008
@@ -25,7 +25,7 @@
#include "gkr-pk-cert.h"
#include "gkr-pk-index.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-object-storage.h"
#include "gkr-pk-places.h"
#include "gkr-pk-privkey.h"
@@ -133,12 +133,12 @@
prepare_object (GkrPkObjectStorage *storage, GQuark location,
gkrconstid digest, GQuark type)
{
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
GkrPkObject *object;
GType gtype;
- manager = gkr_pk_object_manager_for_token ();
- object = gkr_pk_object_manager_find_by_digest (manager, digest);
+ manager = gkr_pk_manager_for_token ();
+ object = gkr_pk_manager_find_by_digest (manager, digest);
/* The object already exists just reference it */
if (object) {
@@ -146,14 +146,8 @@
return object;
}
- if (type == GKR_PKIX_PRIVATE_KEY)
- gtype = GKR_TYPE_PK_PRIVKEY;
- else if (type == GKR_PKIX_PUBLIC_KEY)
- gtype = GKR_TYPE_PK_PUBKEY;
- else if (type == GKR_PKIX_CERTIFICATE)
- gtype = GKR_TYPE_PK_CERT;
- else
- g_return_val_if_reached (NULL);
+ gtype = gkr_pk_object_get_object_type (type);
+ g_return_val_if_fail (gtype != 0, NULL);
object = g_object_new (gtype, "manager", manager, "location", location,
"digest", digest, NULL);
Modified: trunk/pk/gkr-pk-object.c
==============================================================================
--- trunk/pk/gkr-pk-object.c (original)
+++ trunk/pk/gkr-pk-object.c Wed Jul 9 17:35:24 2008
@@ -24,16 +24,24 @@
#include "config.h"
#include "gkr-pk-cert.h"
+#include "gkr-pk-import.h"
#include "gkr-pk-index.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-object.h"
-#include "gkr-pk-object-manager.h"
#include "gkr-pk-privkey.h"
#include "gkr-pk-pubkey.h"
+#include "gkr-pk-session.h"
#include "gkr-pk-storage.h"
#include "gkr-pk-util.h"
#include "common/gkr-location.h"
+#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11g.h"
+#include "pkcs11/pkcs11n.h"
+
+#include "pkix/gkr-pkix-types.h"
+
#include <glib/gi18n.h>
#include <string.h>
@@ -110,7 +118,8 @@
g_assert (cattr.type == type);
*attr = gkr_pk_attribute_new (cattr.type);
- gkr_pk_attribute_steal (*attr, &cattr);
+ memcpy (*attr, &cattr, sizeof (cattr));
+ memset (&cattr, 0, sizeof (cattr));
g_hash_table_replace (pv->attr_cache, GUINT_TO_POINTER (type), *attr);
return CKR_OK;
@@ -165,7 +174,7 @@
static GObject*
gkr_pk_object_constructor (GType type, guint n_props, GObjectConstructParam *props)
{
- GkrPkObjectManager *mgr;
+ GkrPkManager *mgr;
GkrPkObject *xobj;
GObject *obj;
guint i;
@@ -186,7 +195,7 @@
if (props[i].pspec->name && g_str_equal (props[i].pspec->name, "manager")) {
mgr = g_value_get_object (props[i].value);
if (mgr) {
- gkr_pk_object_manager_register (mgr, xobj);
+ gkr_pk_manager_register (mgr, xobj);
g_return_val_if_fail (xobj->manager == mgr, obj);
}
break;
@@ -300,7 +309,7 @@
{
GkrPkObject *xobj = GKR_PK_OBJECT (obj);
GkrPkObjectPrivate *pv = GKR_PK_OBJECT_GET_PRIVATE (xobj);
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
GkrPkIndex *index;
GkrPkStorage *storage;
gkrid digest;
@@ -337,7 +346,7 @@
/* Unregister old digest with object manager */
manager = xobj->manager;
if (manager)
- gkr_pk_object_manager_unregister (manager, xobj);
+ gkr_pk_manager_unregister (manager, xobj);
/* Rename to the new digest in the index */
index = xobj->storage ? gkr_pk_storage_index (xobj->storage, xobj->location) : NULL;
@@ -353,7 +362,7 @@
/* Register with the object manager with the new digest */
if (manager)
- gkr_pk_object_manager_register (manager, xobj);
+ gkr_pk_manager_register (manager, xobj);
break;
@@ -397,7 +406,7 @@
g_free (pv->data_section);
if (xobj->manager)
- gkr_pk_object_manager_unregister (xobj->manager, xobj);
+ gkr_pk_manager_unregister (xobj->manager, xobj);
g_return_if_fail (xobj->manager == NULL);
gkr_id_free (xobj->digest);
@@ -426,7 +435,7 @@
g_object_class_install_property (gobject_class, PROP_MANAGER,
g_param_spec_object ("manager", "Manager", "Object Manager",
- GKR_TYPE_PK_OBJECT_MANAGER, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+ GKR_TYPE_PK_MANAGER, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
g_object_class_install_property (gobject_class, PROP_LOCATION,
g_param_spec_uint ("location", "Location", "Location of Data",
@@ -453,28 +462,64 @@
* PUBLIC
*/
+GType
+gkr_pk_object_get_object_type (GQuark pkix_type)
+{
+ if (pkix_type == GKR_PKIX_PRIVATE_KEY)
+ return GKR_TYPE_PK_PRIVKEY;
+ else if (pkix_type == GKR_PKIX_PUBLIC_KEY)
+ return GKR_TYPE_PK_PUBKEY;
+ else if (pkix_type == GKR_PKIX_CERTIFICATE)
+ return GKR_TYPE_PK_CERT;
+ else
+ g_return_val_if_reached (0);
+}
+
CK_RV
-gkr_pk_object_create (GkrPkObjectManager *manager,
+gkr_pk_object_create (GkrPkSession *session,
GArray *attrs, GkrPkObject **object)
{
+ GkrPkManager *the_manager;
+ GkrPkStorage *the_storage;
CK_ATTRIBUTE_PTR attr;
CK_OBJECT_CLASS cls;
+ CK_BBOOL token;
+ GError *err = NULL;
CK_RV ret;
+ gboolean res;
guint i;
+ /* Find out if its a token object or not */
+ if (!gkr_pk_attributes_boolean (attrs, CKA_TOKEN, &token))
+ token = CK_FALSE;
+
if (!gkr_pk_attributes_ulong (attrs, CKA_CLASS, &cls))
return CKR_TEMPLATE_INCOMPLETE;
- gkr_pk_attributes_consume (attrs, CKA_CLASS, -1);
-
+
+ /* Create the object with the right object manager */
+ the_manager = token ? gkr_pk_manager_for_token () : session->manager;
+ the_storage = token ? gkr_pk_storage_get_default () : session->storage;
+
+ /* Create the specific kind of object */
switch (cls) {
case CKO_PUBLIC_KEY:
- ret = gkr_pk_pubkey_create (manager, attrs, object);
+ ret = gkr_pk_pubkey_create (the_manager, attrs, object);
break;
+
case CKO_PRIVATE_KEY:
- ret = gkr_pk_privkey_create (manager, attrs, object);
+ ret = gkr_pk_privkey_create (the_manager, attrs, object);
break;
+
case CKO_CERTIFICATE:
- ret = gkr_pk_cert_create (manager, attrs, object);
+ ret = gkr_pk_cert_create (the_manager, attrs, object);
+ break;
+
+ case CKO_GNOME_IMPORT:
+ /*
+ * The import object, needs to have access to the session_manager, and
+ * session_storage in order to import stuff there.
+ */
+ ret = gkr_pk_import_create (the_manager, session, attrs, object);
break;
default:
/* TODO: What's a better error code here? */
@@ -483,12 +528,15 @@
if (ret != CKR_OK)
return ret;
-
+
g_return_val_if_fail (*object != NULL, CKR_GENERAL_ERROR);
+
+ /* Mark these bits as used */
+ gkr_pk_attributes_consume (attrs, CKA_CLASS, CKA_TOKEN, -1);
/*
* Check that all the remaining attributes are either already
- * set or are settable
+ * set, if not try to set them on the object.
*/
for (i = 0; i < attrs->len; ++i) {
attr = &(g_array_index (attrs, CK_ATTRIBUTE, i));
@@ -503,9 +551,26 @@
if (ret != CKR_OK) {
g_object_unref (*object);
*object = NULL;
+ return ret;
}
- return ret;
+ /* Store the object in the store that was appropriate */
+ res = gkr_pk_storage_store (the_storage, *object, &err);
+
+ if (!res) {
+ g_warning ("couldn't store created object: %s",
+ err && err->message ? err->message : "");
+ g_clear_error (&err);
+ g_object_unref (*object);
+ *object = NULL;
+ return CKR_GENERAL_ERROR;
+ }
+
+ /* Register it with the object manager if necessary */
+ if (!(*object)->manager)
+ gkr_pk_manager_register (the_manager, *object);
+
+ return CKR_OK;
}
void
@@ -779,6 +844,16 @@
return ret;
}
+gboolean
+gkr_pk_object_has_label (GkrPkObject *xobj)
+{
+ GkrPkObjectPrivate *pv = GKR_PK_OBJECT_GET_PRIVATE (xobj);
+ g_return_val_if_fail (GKR_IS_PK_OBJECT (xobj), FALSE);
+
+ return pv->orig_label != NULL ||
+ gkr_pk_object_index_has_value (xobj, GKR_PK_INDEX_LABEL);
+}
+
const gchar*
gkr_pk_object_get_label (GkrPkObject *xobj)
{
Modified: trunk/pk/gkr-pk-object.h
==============================================================================
--- trunk/pk/gkr-pk-object.h (original)
+++ trunk/pk/gkr-pk-object.h Wed Jul 9 17:35:24 2008
@@ -48,7 +48,8 @@
typedef struct _GkrPkObjectClass GkrPkObjectClass;
typedef struct _GkrPkStorage GkrPkStorage;
-typedef struct _GkrPkObjectManager GkrPkObjectManager;
+typedef struct _GkrPkManager GkrPkManager;
+typedef struct _GkrPkSession GkrPkSession;
struct _GkrPkObject {
GObject parent;
@@ -57,7 +58,7 @@
gkrid digest;
CK_OBJECT_HANDLE handle;
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
GkrPkStorage *storage;
};
@@ -98,7 +99,9 @@
GType gkr_pk_object_get_type (void) G_GNUC_CONST;
-CK_RV gkr_pk_object_create (GkrPkObjectManager *manager,
+GType gkr_pk_object_get_object_type (GQuark pkix_type);
+
+CK_RV gkr_pk_object_create (GkrPkSession *session,
GArray *attrs, GkrPkObject **object);
void gkr_pk_object_refresh (GkrPkObject *object);
@@ -117,7 +120,7 @@
CK_OBJECT_HANDLE gkr_pk_object_get_handle (GkrPkObject *object);
-GkrPkObjectManager* gkr_pk_object_get_manager (GkrPkObject *object);
+GkrPkManager* gkr_pk_object_get_manager (GkrPkObject *object);
CK_RV gkr_pk_object_get_attribute (GkrPkObject *object,
CK_ATTRIBUTE_PTR attr);
@@ -147,6 +150,8 @@
CK_RV gkr_pk_object_set_attributes (GkrPkObject *object,
GArray *attrs);
+gboolean gkr_pk_object_has_label (GkrPkObject *object);
+
const gchar* gkr_pk_object_get_label (GkrPkObject *object);
void gkr_pk_object_set_label (GkrPkObject *object,
Modified: trunk/pk/gkr-pk-privkey.c
==============================================================================
--- trunk/pk/gkr-pk-privkey.c (original)
+++ trunk/pk/gkr-pk-privkey.c Wed Jul 9 17:35:24 2008
@@ -25,8 +25,8 @@
#include "gkr-pk-cert.h"
#include "gkr-pk-index.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-object.h"
-#include "gkr-pk-object-manager.h"
#include "gkr-pk-privkey.h"
#include "gkr-pk-pubkey.h"
#include "gkr-pk-storage.h"
@@ -315,7 +315,7 @@
return CKR_GENERAL_ERROR;
obj = GKR_PK_OBJECT (key);
- crt = gkr_pk_object_manager_find_by_id (obj->manager, GKR_TYPE_PK_CERT, keyid);
+ crt = gkr_pk_manager_find_by_id (obj->manager, GKR_TYPE_PK_CERT, keyid);
if (crt == NULL)
return CKR_ATTRIBUTE_TYPE_INVALID;
@@ -601,12 +601,13 @@
}
GkrPkObject*
-gkr_pk_privkey_new (GkrPkObjectManager *mgr, GQuark location, gcry_sexp_t s_key)
+gkr_pk_privkey_new (GkrPkManager *mgr, GQuark location, gcry_sexp_t s_key)
{
GkrPkObject *key;
guchar hash[20];
gkrid digest;
-
+
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (mgr), NULL);
g_return_val_if_fail (s_key != NULL, NULL);
if (!gcry_pk_get_keygrip (s_key, hash))
@@ -624,14 +625,14 @@
}
CK_RV
-gkr_pk_privkey_create (GkrPkObjectManager* manager, GArray* array,
+gkr_pk_privkey_create (GkrPkManager* manager, GArray* array,
GkrPkObject **object)
{
CK_KEY_TYPE type;
gcry_sexp_t sexp;
CK_RV ret;
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (manager), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), CKR_GENERAL_ERROR);
g_return_val_if_fail (array, CKR_GENERAL_ERROR);
g_return_val_if_fail (object, CKR_GENERAL_ERROR);
Modified: trunk/pk/gkr-pk-privkey.h
==============================================================================
--- trunk/pk/gkr-pk-privkey.h (original)
+++ trunk/pk/gkr-pk-privkey.h Wed Jul 9 17:35:24 2008
@@ -57,10 +57,10 @@
GType gkr_pk_privkey_get_type (void) G_GNUC_CONST;
-GkrPkObject* gkr_pk_privkey_new (GkrPkObjectManager *mgr,
+GkrPkObject* gkr_pk_privkey_new (GkrPkManager *mgr,
GQuark location, gcry_sexp_t skey);
-CK_RV gkr_pk_privkey_create (GkrPkObjectManager* manager,
+CK_RV gkr_pk_privkey_create (GkrPkManager* manager,
GArray* array, GkrPkObject **object);
gkrconstid gkr_pk_privkey_get_keyid (GkrPkPrivkey *pkey);
Modified: trunk/pk/gkr-pk-pubkey.c
==============================================================================
--- trunk/pk/gkr-pk-pubkey.c (original)
+++ trunk/pk/gkr-pk-pubkey.c Wed Jul 9 17:35:24 2008
@@ -26,7 +26,7 @@
#include "gkr-pk-cert.h"
#include "gkr-pk-index.h"
#include "gkr-pk-object.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-pubkey.h"
#include "gkr-pk-storage.h"
#include "gkr-pk-util.h"
@@ -211,7 +211,7 @@
return CKR_GENERAL_ERROR;
obj = GKR_PK_OBJECT (key);
- crt = gkr_pk_object_manager_find_by_id (obj->manager, type, key->pub->keyid);
+ crt = gkr_pk_manager_find_by_id (obj->manager, type, key->pub->keyid);
if (crt == NULL)
return CKR_GENERAL_ERROR;
@@ -483,12 +483,13 @@
}
GkrPkObject*
-gkr_pk_pubkey_new (GkrPkObjectManager *manager, GQuark location, gcry_sexp_t s_key)
+gkr_pk_pubkey_new (GkrPkManager *manager, GQuark location, gcry_sexp_t s_key)
{
GkrPkObject *key;
guchar hash[20];
gkrid digest;
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), NULL);
g_return_val_if_fail (s_key != NULL, NULL);
if (!gcry_pk_get_keygrip (s_key, hash))
@@ -505,20 +506,20 @@
}
GkrPkPubkey*
-gkr_pk_pubkey_instance (GkrPkObjectManager *manager, GQuark location, gcry_sexp_t s_key)
+gkr_pk_pubkey_instance (GkrPkManager *manager, GQuark location, gcry_sexp_t s_key)
{
GkrPkObject *pub;
gkrid keyid;
g_return_val_if_fail (s_key, NULL);
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (manager), NULL);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), NULL);
/* Make sure we have the keyid properly */
keyid = gkr_crypto_skey_make_id (s_key);
g_return_val_if_fail (keyid, NULL);
/* Try the lookup */
- pub = gkr_pk_object_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
+ pub = gkr_pk_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
gkr_id_free (keyid);
if (pub != NULL) {
@@ -532,14 +533,14 @@
}
CK_RV
-gkr_pk_pubkey_create (GkrPkObjectManager* manager, GArray* array,
+gkr_pk_pubkey_create (GkrPkManager* manager, GArray* array,
GkrPkObject **object)
{
CK_KEY_TYPE type;
gcry_sexp_t sexp;
CK_RV ret;
- g_return_val_if_fail (GKR_IS_PK_OBJECT_MANAGER (manager), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GKR_IS_PK_MANAGER (manager), CKR_GENERAL_ERROR);
g_return_val_if_fail (array, CKR_GENERAL_ERROR);
g_return_val_if_fail (object, CKR_GENERAL_ERROR);
Modified: trunk/pk/gkr-pk-pubkey.h
==============================================================================
--- trunk/pk/gkr-pk-pubkey.h (original)
+++ trunk/pk/gkr-pk-pubkey.h Wed Jul 9 17:35:24 2008
@@ -54,16 +54,16 @@
GType gkr_pk_pubkey_get_type (void) G_GNUC_CONST;
-GkrPkObject* gkr_pk_pubkey_new (GkrPkObjectManager *manager,
+GkrPkObject* gkr_pk_pubkey_new (GkrPkManager *manager,
GQuark location, gcry_sexp_t s_key);
-GkrPkPubkey* gkr_pk_pubkey_instance (GkrPkObjectManager* manager,
+GkrPkPubkey* gkr_pk_pubkey_instance (GkrPkManager* manager,
GQuark location, gcry_sexp_t s_key);
-CK_RV gkr_pk_pubkey_create (GkrPkObjectManager* manager,
+CK_RV gkr_pk_pubkey_create (GkrPkManager* manager,
GArray* array, GkrPkObject **object);
-gkrconstid gkr_pk_pubkey_get_keyid (GkrPkPubkey *key);
+gkrconstid gkr_pk_pubkey_get_keyid (GkrPkPubkey *key);
gcry_sexp_t gkr_pk_pubkey_get_key (GkrPkPubkey *key);
Modified: trunk/pk/gkr-pk-root-storage.c
==============================================================================
--- trunk/pk/gkr-pk-root-storage.c (original)
+++ trunk/pk/gkr-pk-root-storage.c Wed Jul 9 17:35:24 2008
@@ -24,7 +24,7 @@
#include "config.h"
#include "gkr-pk-cert.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-root-storage.h"
#include "gkr-pk-util.h"
@@ -78,8 +78,8 @@
GkrPkObjectManager *manager;
GkrPkObject *object;
- manager = gkr_pk_object_manager_for_token ();
- object = gkr_pk_object_manager_find_by_digest (manager, digest);
+ manager = gkr_pk_manager_for_token ();
+ object = gkr_pk_manager_find_by_digest (manager, digest);
/* The object already exists just reference it */
if (object) {
Modified: trunk/pk/gkr-pk-session-storage.c
==============================================================================
--- trunk/pk/gkr-pk-session-storage.c (original)
+++ trunk/pk/gkr-pk-session-storage.c Wed Jul 9 17:35:24 2008
@@ -24,7 +24,7 @@
#include "config.h"
#include "gkr-pk-cert.h"
-#include "gkr-pk-object-manager.h"
+#include "gkr-pk-manager.h"
#include "gkr-pk-session-storage.h"
#include "gkr-pk-util.h"
Added: trunk/pk/gkr-pk-session.c
==============================================================================
--- (empty file)
+++ trunk/pk/gkr-pk-session.c Wed Jul 9 17:35:24 2008
@@ -0,0 +1,156 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-pk-session.c - Represents a PK session
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#include "config.h"
+
+#include "gkr-pk-manager.h"
+#include "gkr-pk-session.h"
+#include "gkr-pk-session-storage.h"
+#include "gkr-pk-storage.h"
+
+/* --------------------------------------------------------------------------------
+ * DECLARATIONS
+ */
+
+enum {
+ PROP_0,
+ PROP_MANAGER,
+ PROP_STORAGE
+};
+
+G_DEFINE_TYPE(GkrPkSession, gkr_pk_session, G_TYPE_OBJECT);
+
+/* --------------------------------------------------------------------------------
+ * OBJECT
+ */
+
+static void
+gkr_pk_session_init (GkrPkSession *session)
+{
+
+}
+
+static void
+gkr_pk_session_get_property (GObject *obj, guint prop_id, GValue *value,
+ GParamSpec *pspec)
+{
+ GkrPkSession *session = GKR_PK_SESSION (obj);
+
+ switch (prop_id) {
+ case PROP_MANAGER:
+ g_value_set_object (value, session->manager);
+ break;
+ case PROP_STORAGE:
+ g_value_set_object (value, session->storage);
+ break;
+ }
+}
+
+static void
+gkr_pk_session_set_property (GObject *obj, guint prop_id, const GValue *value,
+ GParamSpec *pspec)
+{
+ GkrPkSession *session = GKR_PK_SESSION (obj);
+
+ switch (prop_id) {
+ case PROP_MANAGER:
+ g_assert (!session->manager);
+ session->manager = g_value_get_object (value);
+ g_return_if_fail (session->manager);
+ g_object_ref (session->manager);
+ break;
+
+ case PROP_STORAGE:
+ g_assert (!session->storage);
+ session->storage = g_value_get_object (value);
+ g_return_if_fail (session->storage);
+ g_object_ref (session->storage);
+ break;
+ };
+}
+
+static void
+gkr_pk_session_finalize (GObject *obj)
+{
+ GkrPkSession *session = GKR_PK_SESSION (obj);
+
+ if (session->storage)
+ g_object_unref (session->storage);
+ session->storage = NULL;
+
+ if (session->manager)
+ g_object_unref (session->manager);
+ session->manager = NULL;
+
+ G_OBJECT_CLASS (gkr_pk_session_parent_class)->finalize (obj);
+}
+
+static void
+gkr_pk_session_class_init (GkrPkSessionClass *klass)
+{
+ GObjectClass *gobject_class = (GObjectClass*) klass;
+
+ gkr_pk_session_parent_class = g_type_class_peek_parent (klass);
+ gobject_class->get_property = gkr_pk_session_get_property;
+ gobject_class->set_property = gkr_pk_session_set_property;
+ gobject_class->finalize = gkr_pk_session_finalize;
+
+ g_object_class_install_property (gobject_class, PROP_MANAGER,
+ g_param_spec_object ("manager", "Manager", "Object Manager for Session",
+ GKR_TYPE_PK_MANAGER, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ g_object_class_install_property (gobject_class, PROP_STORAGE,
+ g_param_spec_object ("storage", "Storage", "Storage for Session",
+ GKR_TYPE_PK_STORAGE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+}
+
+/* --------------------------------------------------------------------------------
+ * PUBLIC
+ */
+
+GkrPkSession*
+gkr_pk_session_new (void)
+{
+ return gkr_pk_session_new_for_client (0);
+}
+
+GkrPkSession*
+gkr_pk_session_new_for_client (pid_t pid)
+{
+ GkrPkStorage *storage;
+ GkrPkManager *manager;
+ GkrPkSession *session;
+
+ storage = GKR_PK_STORAGE (gkr_pk_session_storage_new ());
+ if (pid == 0)
+ manager = gkr_pk_manager_new ();
+ else
+ manager = gkr_pk_manager_instance_for_client(pid);
+
+ session = g_object_new (GKR_TYPE_PK_SESSION, "manager", manager, "storage", storage, NULL);
+
+ g_object_unref (manager);
+ g_object_unref (storage);
+
+ return session;
+}
Added: trunk/pk/gkr-pk-session.h
==============================================================================
--- (empty file)
+++ trunk/pk/gkr-pk-session.h Wed Jul 9 17:35:24 2008
@@ -0,0 +1,64 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-pk-session.h - Represent a PK session
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#ifndef __GKR_PK_SESSION_H__
+#define __GKR_PK_SESSION_H__
+
+#include <gcrypt.h>
+#include <glib-object.h>
+
+#include "gkr-pk-object.h"
+#include "gkr-pk-manager.h"
+#include "gkr-pk-storage.h"
+
+G_BEGIN_DECLS
+
+#define GKR_TYPE_PK_SESSION (gkr_pk_session_get_type ())
+#define GKR_PK_SESSION(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GKR_TYPE_PK_SESSION, GkrPkSession))
+#define GKR_PK_SESSION_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GKR_TYPE_PK_SESSION, GkrPkSession))
+#define GKR_IS_PK_SESSION(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GKR_TYPE_PK_SESSION))
+#define GKR_IS_PK_SESSION_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GKR_TYPE_PK_SESSION))
+#define GKR_PK_SESSION_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GKR_TYPE_PK_SESSION, GkrPkSessionClass))
+
+typedef struct _GkrPkSessionClass GkrPkSessionClass;
+
+struct _GkrPkSession {
+ GObject parent;
+ GkrPkStorage *storage;
+ GkrPkManager *manager;
+};
+
+struct _GkrPkSessionClass {
+ GObjectClass parent_class;
+};
+
+GType gkr_pk_session_get_type (void) G_GNUC_CONST;
+
+GkrPkSession* gkr_pk_session_new (void);
+
+GkrPkSession* gkr_pk_session_new_for_client (pid_t pid);
+
+G_END_DECLS
+
+#endif /* __GKR_PK_SESSION_H__ */
+
Modified: trunk/pk/gkr-pk-storage.c
==============================================================================
--- trunk/pk/gkr-pk-storage.c (original)
+++ trunk/pk/gkr-pk-storage.c Wed Jul 9 17:35:24 2008
@@ -203,37 +203,17 @@
}
static gchar*
-prepare_ask_load_secondary (GQuark type, gboolean indexed, const gchar *label)
+prepare_ask_load_secondary (GQuark type, const gchar *label)
{
- /*
- * Yes this is unmaintainable and stupid, but is required
- * for translations to work properly.
- */
-
- /* When we've already indexed this data */
- if (indexed) {
-
- if (type == GKR_PKIX_PRIVATE_KEY)
- return g_strdup_printf (_("An application wants access to the private key '%s', but it is locked"), label);
- else if (type == GKR_PKIX_CERTIFICATE)
- return g_strdup_printf (_("An application wants access to the certificate '%s', but it is locked"), label);
- else if (type == GKR_PKIX_PUBLIC_KEY)
- return g_strdup_printf (_("An application wants access to the public key '%s', but it is locked"), label);
- else
- return g_strdup_printf (_("An application wants access to '%s', but it is locked"), label);
-
- /* Never before seen this data */
- } else {
+ if (type == GKR_PKIX_PRIVATE_KEY)
+ return g_strdup_printf (_("An application wants access to the private key '%s', but it is locked"), label);
+ else if (type == GKR_PKIX_CERTIFICATE)
+ return g_strdup_printf (_("An application wants access to the certificate '%s', but it is locked"), label);
+ else if (type == GKR_PKIX_PUBLIC_KEY)
+ return g_strdup_printf (_("An application wants access to the public key '%s', but it is locked"), label);
+ else
+ return g_strdup_printf (_("An application wants access to '%s', but it is locked"), label);
- if (type == GKR_PKIX_PRIVATE_KEY)
- return g_strdup_printf (_("The system wants to import the private key '%s', but it is locked"), label);
- else if (type == GKR_PKIX_CERTIFICATE)
- return g_strdup_printf (_("The system wants to import the certificate '%s', but it is locked"), label);
- else if (type == GKR_PKIX_PUBLIC_KEY)
- return g_strdup_printf (_("The system wants to import the public key '%s', but it is locked"), label);
- else
- return g_strdup_printf (_("The system wants to import '%s', but it is locked"), label);
- }
}
static gchar*
@@ -384,6 +364,13 @@
return domain;
}
+GkrPkStorage*
+gkr_pk_storage_get_default (void)
+{
+ g_return_val_if_fail (GKR_IS_PK_STORAGE (default_storage), NULL);
+ return default_storage;
+}
+
void
gkr_pk_storage_register (GkrPkStorage *storage, gboolean is_default)
{
@@ -525,7 +512,6 @@
g_return_if_fail (GKR_IS_PK_STORAGE (storage));
g_return_if_fail (GKR_IS_PK_OBJECT (object));
- g_return_if_fail (object->location);
if (g_hash_table_lookup (pv->objects, object))
return;
@@ -550,7 +536,6 @@
g_return_if_fail (GKR_IS_PK_OBJECT (object));
g_return_if_fail (GKR_IS_PK_STORAGE (storage));
- g_return_if_fail (object->location);
if (!g_hash_table_lookup (pv->objects, object))
return;
@@ -762,7 +747,6 @@
gchar *display = NULL;
gboolean ret;
GkrPkIndex *index;
- gboolean importing = FALSE;
gint st;
guint flags;
@@ -836,14 +820,11 @@
label = display = gkr_location_to_display (location);
/* Build up the prompt */
- if (importing)
- flags = GKR_ASK_REQUEST_PASSWORD | GKR_ASK_REQUEST_OK_CANCEL_BUTTONS;
- else
- flags = GKR_ASK_REQUEST_PASSWORD | GKR_ASK_REQUEST_OK_DENY_BUTTONS;
+ flags = GKR_ASK_REQUEST_PASSWORD | GKR_ASK_REQUEST_OK_DENY_BUTTONS;
ask = gkr_ask_request_new (prepare_ask_load_title (type),
prepare_ask_load_primary (type), flags);
- secondary = prepare_ask_load_secondary (type, !importing, label);
+ secondary = prepare_ask_load_secondary (type, label);
gkr_ask_request_set_secondary (ask, secondary);
g_free (secondary);
Modified: trunk/pk/gkr-pk-storage.h
==============================================================================
--- trunk/pk/gkr-pk-storage.h (original)
+++ trunk/pk/gkr-pk-storage.h Wed Jul 9 17:35:24 2008
@@ -62,6 +62,8 @@
GQuark gkr_pk_storage_get_error_domain (void) G_GNUC_CONST;
+GkrPkStorage* gkr_pk_storage_get_default (void);
+
void gkr_pk_storage_register (GkrPkStorage *storage,
gboolean default_storage);
Modified: trunk/pk/gkr-pk-util.c
==============================================================================
--- trunk/pk/gkr-pk-util.c (original)
+++ trunk/pk/gkr-pk-util.c Wed Jul 9 17:35:24 2008
@@ -201,15 +201,6 @@
}
void
-gkr_pk_attribute_steal (CK_ATTRIBUTE_PTR dest, CK_ATTRIBUTE_PTR attr)
-{
- g_assert (dest && attr);
- memcpy (dest, attr, sizeof (CK_ATTRIBUTE));
- memset (attr, 0, sizeof (CK_ATTRIBUTE));
- attr->type = dest->type;
-}
-
-void
gkr_pk_attribute_copy (CK_ATTRIBUTE_PTR dest, const CK_ATTRIBUTE_PTR attr)
{
g_assert (dest && attr);
@@ -226,6 +217,20 @@
}
void
+gkr_pk_attribute_take_data (CK_ATTRIBUTE_PTR attr, gpointer value, gsize n_value)
+{
+ g_assert (attr);
+
+ gkr_pk_attribute_clear (attr);
+
+ attr->ulValueLen = n_value;
+ if (n_value > 0) {
+ g_assert (value);
+ attr->pValue = value;
+ }
+}
+
+void
gkr_pk_attribute_set_data (CK_ATTRIBUTE_PTR attr, gconstpointer value, gsize n_value)
{
g_assert (attr);
Modified: trunk/pk/gkr-pk-util.h
==============================================================================
--- trunk/pk/gkr-pk-util.h (original)
+++ trunk/pk/gkr-pk-util.h Wed Jul 9 17:35:24 2008
@@ -51,8 +51,6 @@
void gkr_pk_attribute_copy (CK_ATTRIBUTE_PTR dest, const CK_ATTRIBUTE_PTR attr);
-void gkr_pk_attribute_steal (CK_ATTRIBUTE_PTR dest, CK_ATTRIBUTE_PTR attr);
-
void gkr_pk_attribute_clear (CK_ATTRIBUTE_PTR attr);
void gkr_pk_attribute_set_invalid (CK_ATTRIBUTE_PTR attr);
@@ -72,6 +70,9 @@
void gkr_pk_attribute_set_mpi (CK_ATTRIBUTE_PTR attr, gcry_mpi_t mpi);
+void gkr_pk_attribute_take_data (CK_ATTRIBUTE_PTR attr, gpointer value,
+ gsize n_value);
+
gboolean gkr_pk_attribute_get_boolean (const CK_ATTRIBUTE_PTR attr, CK_BBOOL *value);
gboolean gkr_pk_attribute_get_ulong (const CK_ATTRIBUTE_PTR attr, CK_ULONG *value);
Modified: trunk/pk/tests/Makefile.am
==============================================================================
--- trunk/pk/tests/Makefile.am (original)
+++ trunk/pk/tests/Makefile.am Wed Jul 9 17:35:24 2008
@@ -2,6 +2,7 @@
UNIT_AUTO = \
unit-test-pk-index.c \
unit-test-pk-cert.c \
+ unit-test-pk-import.c \
unit-test-pk-key.c \
unit-test-pk-netscape-trust.c \
unit-test-pk-object.c
Modified: trunk/pk/tests/check-attribute.c
==============================================================================
--- trunk/pk/tests/check-attribute.c (original)
+++ trunk/pk/tests/check-attribute.c Wed Jul 9 17:35:24 2008
@@ -35,6 +35,9 @@
#define CHECK_BYTE_ATTRIBUTE(cu, obj, type, val, length) \
check_attribute (cu, GKR_PK_OBJECT (obj), type, #type, val, length)
+#define CHECK_STRING_ATTRIBUTE(cu, obj, type, val) \
+ check_attribute (cu, GKR_PK_OBJECT (obj), type, #type, val, strlen (val))
+
#define CHECK_DATE_ATTRIBUTE(cu, obj, type, str) { \
CK_ATTRIBUTE test = { 0, NULL, 0 }; \
struct tm tm; \
Modified: trunk/pk/tests/unit-test-pk-cert.c
==============================================================================
--- trunk/pk/tests/unit-test-pk-cert.c (original)
+++ trunk/pk/tests/unit-test-pk-cert.c Wed Jul 9 17:35:24 2008
@@ -27,10 +27,11 @@
#include "pk/gkr-pk-cert.h"
#include "pk/gkr-pk-index.h"
+#include "pk/gkr-pk-manager.h"
#include "pk/gkr-pk-object.h"
-#include "pk/gkr-pk-object-manager.h"
#include "pk/gkr-pk-pubkey.h"
#include "pk/gkr-pk-privkey.h"
+#include "pk/gkr-pk-session.h"
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11g.h"
@@ -52,8 +53,8 @@
*
* Tests be run in the order specified here.
*/
-
-static GkrPkObjectManager *manager = NULL;
+static GkrPkSession *session = NULL;
+static GkrPkManager *manager = NULL;
static GkrPkCert *certificate_1 = NULL;
static GkrPkCert *certificate_2 = NULL;
@@ -63,7 +64,8 @@
void unit_setup_certificate (void)
{
/* Our own object manager */
- manager = gkr_pk_object_manager_instance_for_client (1231);
+ session = gkr_pk_session_new_for_client (1231);
+ manager = session->manager;
/* Our own pk_index */
pk_index = gkr_pk_index_default ();
@@ -132,7 +134,7 @@
keyid = gkr_pk_cert_get_keyid (certificate_1);
CuAssert (cu, "No key id returned from certificate", keyid != NULL);
- obj = gkr_pk_object_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
+ obj = gkr_pk_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
CuAssert (cu, "No matching public key object found in manager", GKR_IS_PK_PUBKEY (obj));
pubid = gkr_pk_pubkey_get_keyid (GKR_PK_PUBKEY (obj));
@@ -289,7 +291,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Try to create as with a set of invalid attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Certificate creation succeeded wrongly", ret == CKR_TEMPLATE_INCOMPLETE);
gkr_pk_attributes_free (attrs);
@@ -317,7 +319,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Now try with a proper set of attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Certificate creation failed", ret == CKR_OK);
CuAssert (cu, "Returned invalid object", GKR_IS_PK_CERT (object));
Added: trunk/pk/tests/unit-test-pk-import.c
==============================================================================
--- (empty file)
+++ trunk/pk/tests/unit-test-pk-import.c Wed Jul 9 17:35:24 2008
@@ -0,0 +1,179 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* unit-test-pk-import.c: Test an import object
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#include "config.h"
+
+#include "run-auto-test.h"
+
+#include "pk/gkr-pk-cert.h"
+#include "pk/gkr-pk-import.h"
+#include "pk/gkr-pk-index.h"
+#include "pk/gkr-pk-manager.h"
+#include "pk/gkr-pk-object.h"
+#include "pk/gkr-pk-session.h"
+#include "pk/gkr-pk-util.h"
+
+#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11g.h"
+
+#include <glib.h>
+#include <memory.h>
+
+/*
+ * Each test looks like (on one line):
+ * void unit_test_xxxxx (CuTest* cu)
+ *
+ * Each setup looks like (on one line):
+ * void unit_setup_xxxxx (void)
+ *
+ * Each teardown looks like (on one line):
+ * void unit_teardown_xxxxx (void)
+ *
+ * Tests be run in the order specified here.
+ */
+static GkrPkSession *session = NULL;
+static GkrPkManager *manager = NULL;
+static GkrPkImport *import = NULL;
+
+
+void unit_setup_import (void)
+{
+ /* Our own object manager */
+ session = gkr_pk_session_new_for_client (1238);
+ manager = session->manager;
+
+ /* A fake default storage so tests below go through */
+ gkr_pk_storage_register (session->storage, TRUE);
+}
+
+void unit_test_import_create_invalid (CuTest *cu)
+{
+ GArray *attrs;
+ GkrPkObject *object;
+ CK_RV ret;
+ CK_ATTRIBUTE attr;
+
+ attrs = gkr_pk_attributes_new ();
+ memset (&attr, 0, sizeof (attr));
+
+ attr.type = CKA_CLASS;
+ gkr_pk_attribute_set_ulong (&attr, CKO_GNOME_IMPORT);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ /* Try to create as with a set of invalid attributes */
+ ret = gkr_pk_object_create (session, attrs, &object);
+ CuAssert (cu, "Certificate creation succeeded wrongly", ret == CKR_TEMPLATE_INCOMPLETE);
+
+ gkr_pk_attributes_free (attrs);
+ attrs = gkr_pk_attributes_new ();
+
+ attr.type = CKA_CLASS;
+ gkr_pk_attribute_set_ulong (&attr, CKO_GNOME_IMPORT);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_GNOME_IMPORT_TOKEN;
+ gkr_pk_attribute_set_boolean (&attr, CK_FALSE);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_TOKEN;
+ gkr_pk_attribute_set_boolean (&attr, CK_TRUE);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ /* Shouldn't be able to create an import on the token */
+ ret = gkr_pk_object_create (session, attrs, &object);
+ CuAssert (cu, "Certificate creation succeeded wrongly", ret == CKR_TEMPLATE_INCONSISTENT);
+}
+
+#include "check-attribute.c"
+
+void unit_test_create_import (CuTest* cu)
+{
+ GkrPkObject *object;
+ guchar *data;
+ gsize n_data;
+ CK_RV ret;
+ GArray *attrs;
+ CK_ATTRIBUTE attr;
+
+ if (!g_file_get_contents ("test-data/certificate-1.crt", (gchar**)&data, &n_data, NULL))
+ g_error ("couldn't read certificate-1.crt");
+
+ attrs = gkr_pk_attributes_new ();
+ memset (&attr, 0, sizeof (attr));
+
+ attr.type = CKA_CLASS;
+ gkr_pk_attribute_set_ulong (&attr, CKO_GNOME_IMPORT);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_TOKEN;
+ gkr_pk_attribute_set_boolean (&attr, CK_FALSE);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_VALUE;
+ gkr_pk_attribute_take_data (&attr, data, n_data);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_GNOME_IMPORT_TOKEN;
+ gkr_pk_attribute_set_boolean (&attr, CK_FALSE);
+ gkr_pk_attributes_append (attrs, &attr);
+
+ attr.type = CKA_GNOME_IMPORT_LABEL;
+ gkr_pk_attribute_set_string (&attr, "Test Import Label");
+ gkr_pk_attributes_append (attrs, &attr);
+
+ /* Now try with a proper set of attributes */
+ ret = gkr_pk_object_create (session, attrs, &object);
+ CuAssert (cu, "Certificate creation failed", ret == CKR_OK);
+ CuAssert (cu, "Returned invalid object", GKR_IS_PK_IMPORT (object));
+
+ import = GKR_PK_IMPORT (object);
+
+ /* Check that the data is correct */
+ CHECK_BYTE_ATTRIBUTE (cu, import, CKA_VALUE, data, n_data);
+ CHECK_BOOL_ATTRIBUTE (cu, import, CKA_GNOME_IMPORT_TOKEN, CK_FALSE);
+ CHECK_STRING_ATTRIBUTE (cu, import, CKA_GNOME_IMPORT_LABEL, "Test Import Label");
+
+ gkr_pk_attributes_free (attrs);
+}
+
+void unit_test_import_objects (CuTest *cu)
+{
+ GkrPkObject *object;
+ GSList *objects;
+
+ /* Check that the object has the right stuff */
+ objects = gkr_pk_import_get_objects (import);
+
+ CuAssert (cu, "Should have imported one object", g_slist_length (objects) == 1);
+ CuAssert (cu, "Should have imported an object", GKR_IS_PK_OBJECT (objects->data));
+ object = GKR_PK_OBJECT (objects->data);
+ CuAssert (cu, "Should have imported a certificate", GKR_IS_PK_CERT (object));
+
+ /* Check that the properties work */
+ CHECK_BYTE_ATTRIBUTE (cu, import, CKA_GNOME_IMPORT_OBJECTS, &object->handle, sizeof (object->handle));
+
+ /* Check that the label is set correctly */
+ CHECK_STRING_ATTRIBUTE (cu, object, CKA_LABEL, "Test Import Label");
+ CuAssert (cu, "Should have setup label", strcmp (gkr_pk_object_get_label (object), "Test Import Label") == 0);
+}
+
Modified: trunk/pk/tests/unit-test-pk-key.c
==============================================================================
--- trunk/pk/tests/unit-test-pk-key.c (original)
+++ trunk/pk/tests/unit-test-pk-key.c Wed Jul 9 17:35:24 2008
@@ -29,9 +29,10 @@
#include "pk/gkr-pk-index.h"
#include "pk/gkr-pk-object.h"
-#include "pk/gkr-pk-object-manager.h"
+#include "pk/gkr-pk-manager.h"
#include "pk/gkr-pk-pubkey.h"
#include "pk/gkr-pk-privkey.h"
+#include "pk/gkr-pk-session.h"
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11g.h"
@@ -55,7 +56,8 @@
* Tests be run in the order specified here.
*/
-static GkrPkObjectManager *manager = NULL;
+static GkrPkSession *session = NULL;
+static GkrPkManager *manager = NULL;
static GkrPkObject *privkey_1 = NULL;
static GkrPkObject *privkey_3 = NULL;
@@ -66,7 +68,8 @@
gkr_crypto_setup ();
/* Our own object manager */
- manager = gkr_pk_object_manager_instance_for_client (1232);
+ session = gkr_pk_session_new_for_client (1232);
+ manager = session->manager;
}
void unit_test_create_keys (CuTest* cu)
@@ -153,7 +156,7 @@
keyid = gkr_pk_privkey_get_keyid (GKR_PK_PRIVKEY (privkey_1));
CuAssert (cu, "No key id returned from private key", keyid != NULL);
- obj = gkr_pk_object_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
+ obj = gkr_pk_manager_find_by_id (manager, GKR_TYPE_PK_PUBKEY, keyid);
CuAssert (cu, "No matching public key object found in manager", GKR_IS_PK_PUBKEY (obj));
pubid = gkr_pk_pubkey_get_keyid (GKR_PK_PUBKEY (obj));
@@ -217,7 +220,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Now try with a proper set of attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Private key creation failed", ret == CKR_OK);
CuAssert (cu, "Returned invalid object", GKR_IS_PK_PRIVKEY (object));
@@ -256,7 +259,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Now try with a proper set of attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Public key creation failed", ret == CKR_OK);
CuAssert (cu, "Returned invalid object", GKR_IS_PK_PUBKEY (object));
@@ -312,7 +315,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Now try with a proper set of attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Private key creation failed", ret == CKR_OK);
CuAssert (cu, "Returned invalid object", GKR_IS_PK_PRIVKEY (object));
@@ -368,7 +371,7 @@
gkr_pk_attributes_append (attrs, &attr);
/* Now try with a proper set of attributes */
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (session, attrs, &object);
CuAssert (cu, "Public key creation failed", ret == CKR_OK);
CuAssert (cu, "Returned invalid object", GKR_IS_PK_PUBKEY (object));
Modified: trunk/pk/tests/unit-test-pk-netscape-trust.c
==============================================================================
--- trunk/pk/tests/unit-test-pk-netscape-trust.c (original)
+++ trunk/pk/tests/unit-test-pk-netscape-trust.c Wed Jul 9 17:35:24 2008
@@ -28,8 +28,9 @@
#include "pk/gkr-pk-cert.h"
#include "pk/gkr-pk-index.h"
#include "pk/gkr-pk-object.h"
-#include "pk/gkr-pk-object-manager.h"
+#include "pk/gkr-pk-manager.h"
#include "pk/gkr-pk-netscape-trust.h"
+#include "pk/gkr-pk-session.h"
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11n.h"
@@ -52,7 +53,9 @@
* Tests be run in the order specified here.
*/
-static GkrPkObjectManager *manager = NULL;
+static GkrPkSession *session = NULL;
+static GkrPkManager *manager = NULL;
+
static GkrPkCert *certificate_1 = NULL;
static GkrPkCert *certificate_2 = NULL;
static GkrPkObject *trust_1 = NULL;
@@ -62,7 +65,8 @@
void unit_setup_trust (void)
{
/* Our own object manager */
- manager = gkr_pk_object_manager_instance_for_client (12333);
+ session = gkr_pk_session_new_for_client (12333);
+ manager = session->manager;
pk_index = gkr_pk_index_default ();
}
@@ -88,7 +92,7 @@
/* Should have created netscape trust companion object */
keyid = gkr_pk_cert_get_keyid (certificate_1);
- trust_1 = gkr_pk_object_manager_find_by_id (manager, GKR_TYPE_PK_NETSCAPE_TRUST, keyid);
+ trust_1 = gkr_pk_manager_find_by_id (manager, GKR_TYPE_PK_NETSCAPE_TRUST, keyid);
CuAssert (cu, "No matching netscape trust object found in manager", GKR_IS_PK_NETSCAPE_TRUST (trust_1));
if (!g_file_get_contents ("test-data/certificate-2.crt", &data, &n_data, NULL))
@@ -104,7 +108,7 @@
/* Should have created netscape trust companion object */
keyid = gkr_pk_cert_get_keyid (certificate_2);
- trust_2 = gkr_pk_object_manager_find_by_id (manager, GKR_TYPE_PK_NETSCAPE_TRUST, keyid);
+ trust_2 = gkr_pk_manager_find_by_id (manager, GKR_TYPE_PK_NETSCAPE_TRUST, keyid);
CuAssert (cu, "No matching netscape trust object found in manager", GKR_IS_PK_NETSCAPE_TRUST (trust_2));
}
Modified: trunk/pk/tests/unit-test-pk-object.c
==============================================================================
--- trunk/pk/tests/unit-test-pk-object.c (original)
+++ trunk/pk/tests/unit-test-pk-object.c Wed Jul 9 17:35:24 2008
@@ -30,7 +30,7 @@
#include "pk/gkr-pk-cert.h"
#include "pk/gkr-pk-index.h"
#include "pk/gkr-pk-object.h"
-#include "pk/gkr-pk-object-manager.h"
+#include "pk/gkr-pk-manager.h"
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11g.h"
@@ -53,13 +53,13 @@
* Tests be run in the order specified here.
*/
-static GkrPkObjectManager *manager = NULL;
+static GkrPkManager *manager = NULL;
static GkrPkObject *object_1 = NULL;
void unit_setup_object (void)
{
/* Our own object manager */
- manager = gkr_pk_object_manager_instance_for_client (1239);
+ manager = gkr_pk_manager_instance_for_client (1239);
object_1 = g_object_new (GKR_TYPE_PK_CERT, "location", 0, "manager", manager, NULL);
}
Modified: trunk/pkcs11/gkr-pkcs11-daemon-session.c
==============================================================================
--- trunk/pkcs11/gkr-pkcs11-daemon-session.c (original)
+++ trunk/pkcs11/gkr-pkcs11-daemon-session.c Wed Jul 9 17:35:24 2008
@@ -40,8 +40,8 @@
#include "keyrings/gkr-keyring-login.h"
#include "pk/gkr-pk-object.h"
-#include "pk/gkr-pk-object-manager.h"
-#include "pk/gkr-pk-session-storage.h"
+#include "pk/gkr-pk-manager.h"
+#include "pk/gkr-pk-session.h"
#include "pk/gkr-pk-storage.h"
#include "pk/gkr-pk-util.h"
@@ -74,10 +74,9 @@
GDestroyNotify operation_cleanup;
gpointer operation_data;
- guint deverror; /* The 'device' error code */
+ guint deverror; /* The 'device' error code */
- GkrPkObjectManager *manager; /* The object manager for this session */
- GkrPkStorage *storage; /* Objects owned by the session */
+ GkrPkSession *session; /* PK session to be used */
};
/*
@@ -225,18 +224,18 @@
read_object (GkrPkcs11Message *msg, SessionInfo *sinfo, GkrPkObject **res)
{
CK_OBJECT_HANDLE obj;
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
if (gkr_pkcs11_message_read_uint32 (msg, &obj) != CKR_OK)
return PROTOCOL_ERROR;
/* Find the object in question */
if (obj & GKR_PK_OBJECT_IS_PERMANENT)
- manager = gkr_pk_object_manager_for_token ();
+ manager = gkr_pk_manager_for_token ();
else
- manager = sinfo->manager;
+ manager = sinfo->session->manager;
- *res = gkr_pk_object_manager_lookup (manager, obj);
+ *res = gkr_pk_manager_lookup (manager, obj);
if (!*res)
return CKR_OBJECT_HANDLE_INVALID;
@@ -300,7 +299,7 @@
* client tells us.
*/
sinfo->pid = pid;
- sinfo->manager = gkr_pk_object_manager_instance_for_client (pid);
+ sinfo->session = gkr_pk_session_new_for_client (pid);
return CKR_OK;
}
@@ -419,15 +418,10 @@
session_C_CreateObject (SessionInfo *sinfo, GkrPkcs11Message *req,
GkrPkcs11Message *resp)
{
- GkrPkObjectManager *manager;
- CK_ATTRIBUTE_PTR attr;
CK_OBJECT_CLASS cls;
GkrPkObject *object;
GArray *attrs = NULL;
CK_BBOOL token;
- GError *err = NULL;
- gboolean res;
- guint i;
CK_RV ret;
if (sinfo->operation_type)
@@ -448,18 +442,8 @@
}
/* Find out if its a token object or not */
- token = CK_FALSE;
- for (i = 0; i < attrs->len; ++i) {
- attr = &(g_array_index (attrs, CK_ATTRIBUTE, i));
- if (attr->type == CKA_TOKEN) {
- if (attr && attr->pValue && attr->ulValueLen == sizeof (CK_BBOOL))
- token = *((CK_BBOOL*)attr->pValue);
-
- /* Mark that attribute as used */
- gkr_pk_attribute_consume (attr);
- break;
- }
- }
+ if (!gkr_pk_attributes_boolean (attrs, CKA_TOKEN, &token))
+ token = CK_FALSE;
/* A readonly session cannot create token objects */
if (token && sinfo->readonly) {
@@ -467,31 +451,14 @@
goto done;
}
- /* Create the object with the right object manager */
- manager = token ? gkr_pk_object_manager_for_token () : sinfo->manager;
- ret = gkr_pk_object_create (manager, attrs, &object);
+ ret = gkr_pk_object_create (sinfo->session, attrs, &object);
if (ret != CKR_OK)
goto done;
g_return_val_if_fail (object, CKR_GENERAL_ERROR);
- g_return_val_if_fail (object->storage == NULL, CKR_GENERAL_ERROR);
-
- /* Token objects get stored in the main object storage */
- if (token)
- res = gkr_pk_storage_store (NULL, object, &err);
-
- /* Session objects are owned by the session */
- else
- res = gkr_pk_storage_store (sinfo->storage, object, &err);
-
- if (!res) {
- g_warning ("couldn't write created object to disk: %s",
- err && err->message ? err->message : "");
- g_clear_error (&err);
- ret = CKR_GENERAL_ERROR;
- goto done;
- }
+ g_return_val_if_fail (object->storage != NULL, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (object->manager != NULL, CKR_GENERAL_ERROR);
gkr_pkcs11_message_write_uint32 (resp, object->handle);
ret = CKR_OK;
@@ -518,7 +485,7 @@
GkrPkcs11Message *resp)
{
CK_OBJECT_HANDLE obj;
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
GkrPkObject *object;
CK_RV ret = CKR_OK;
gboolean res;
@@ -530,11 +497,11 @@
/* Find the object in question */
if (obj & GKR_PK_OBJECT_IS_PERMANENT)
- manager = gkr_pk_object_manager_for_token ();
+ manager = gkr_pk_manager_for_token ();
else
- manager = sinfo->manager;
+ manager = sinfo->session->manager;
- object = gkr_pk_object_manager_lookup (manager, obj);
+ object = gkr_pk_manager_lookup (manager, obj);
if (!object)
return CKR_OBJECT_HANDLE_INVALID;
@@ -546,35 +513,20 @@
if (priv)
return CKR_USER_NOT_LOGGED_IN;
}
-
- /* A token object */
- if (obj & GKR_PK_OBJECT_IS_PERMANENT) {
- /* A readonly session cannot destroy token objects */
- if (sinfo->readonly)
- return CKR_SESSION_READ_ONLY;
-
- g_return_val_if_fail (object->storage, CKR_GENERAL_ERROR);
- res = gkr_pk_storage_remove (object->storage, object, &err);
- if (!res) {
- g_warning ("couldn't remove object from disk: %s",
- err && err->message ? err->message : "");
- g_clear_error (&err);
- ret = CKR_GENERAL_ERROR;
- }
-
- /* A session object */
- } else {
- /*
- * TODO: This just hides the object, does not destroy.
- * The problem is that we need to locate the actual
- * session where this is owned, which we currently
- * don't track.
- */
- gkr_pk_object_manager_unregister (manager, object);
- ret = CKR_OK;
+ /* A readonly session cannot destroy token objects */
+ if (sinfo->readonly && obj & GKR_PK_OBJECT_IS_PERMANENT)
+ return CKR_SESSION_READ_ONLY;
+
+ g_return_val_if_fail (object->storage, CKR_GENERAL_ERROR);
+ res = gkr_pk_storage_remove (object->storage, object, &err);
+ if (!res) {
+ g_warning ("couldn't remove object from disk: %s",
+ err && err->message ? err->message : "");
+ g_clear_error (&err);
+ ret = CKR_GENERAL_ERROR;
}
-
+
return ret;
}
@@ -678,13 +630,13 @@
/* All or only token objects? */
if(all || token) {
- l = gkr_pk_object_manager_find (gkr_pk_object_manager_for_token (), 0, attrs);
+ l = gkr_pk_manager_find (gkr_pk_manager_for_token (), 0, attrs);
objects = g_list_concat (objects, l);
}
/* All or only session objects? */
if (all || !token) {
- l = gkr_pk_object_manager_find (sinfo->manager, 0, attrs);
+ l = gkr_pk_manager_find (sinfo->session->manager, 0, attrs);
objects = g_list_concat (objects, l);
}
@@ -1364,7 +1316,7 @@
session_info_new ()
{
SessionInfo *sinfo = g_new0 (SessionInfo, 1);
- sinfo->storage = GKR_PK_STORAGE (gkr_pk_session_storage_new ());
+ sinfo->session = NULL; /* We assign this when the session opens */
return sinfo;
}
@@ -1372,10 +1324,8 @@
session_info_free (SessionInfo *sinfo)
{
if (sinfo) {
- if (sinfo->manager)
- g_object_unref (sinfo->manager);
- if (sinfo->storage)
- g_object_unref (sinfo->storage);
+ if (sinfo->session)
+ g_object_unref (sinfo->session);
g_free (sinfo);
}
}
Modified: trunk/pkcs11/gkr-pkcs11-dsa.h
==============================================================================
--- trunk/pkcs11/gkr-pkcs11-dsa.h (original)
+++ trunk/pkcs11/gkr-pkcs11-dsa.h Wed Jul 9 17:35:24 2008
@@ -36,7 +36,7 @@
const guchar *plain, gsize n_plain,
const guchar *signature, gsize n_signature);
-CK_RV gkr_pkcs11_dsa_create_key (GkrPkObjectManager *manager,
+CK_RV gkr_pkcs11_dsa_create_key (GkrPkManager *manager,
const GArray* attrs, GkrPkObject **key);
#endif /*GKRPKCS11DSA_H_*/
Modified: trunk/pkcs11/pkcs11g.h
==============================================================================
--- trunk/pkcs11/pkcs11g.h (original)
+++ trunk/pkcs11/pkcs11g.h Wed Jul 9 17:35:24 2008
@@ -27,6 +27,7 @@
#include "pkcs11.h"
#define CKA_GNOME (CKA_VENDOR_DEFINED | 0x474E4D45 /* GNME */ )
+#define CKO_GNOME (CKO_VENDOR_DEFINED | 0x474E4D45 /* GNME */ )
#define CKT_GNOME_UNKNOWN 0
#define CKT_GNOME_UNTRUSTED 1
@@ -88,4 +89,41 @@
#define CKA_GNOME_PURPOSE_IPSEC_USER (CKA_GNOME + 108)
#define CKA_GNOME_PURPOSE_TIME_STAMPING (CKA_GNOME + 109)
+/*
+ * An import object used to, well, import data and create objects
+ * out of the imported data.
+ *
+ * Attributes:
+ * - CKA_VALUE: The raw data to import
+ * - CKA_GNOME_IMPORT_TOKEN: Whether to import to token or session.
+ * - CKA_GNOME_IMPORT_OBJECTS: the objects that were imported
+ * - CKA_GNOME_IMPORT_LABEL: Label to be used in prompts, and set on the objects
+ * imported if they have no label.
+ */
+#define CKO_GNOME_IMPORT (CKO_GNOME + 200)
+
+/*
+ * Whether to import to token or session.
+ *
+ * CK_BBOOL
+ */
+#define CKA_GNOME_IMPORT_TOKEN (CKA_GNOME + 200)
+
+/*
+ * The objects that were imported.
+ *
+ * An array of CK_OBJECT_HANDLE.
+ *
+ * - The number of objects in the array is ulValueLen / sizeof (CK_OBJECT_HANDLE)
+ */
+#define CKA_GNOME_IMPORT_OBJECTS (CKA_GNOME + 201)
+
+/*
+ * The label to be used in prompts and set on objects imported if they
+ * have no label.
+ *
+ * String
+ */
+#define CKA_GNOME_IMPORT_LABEL (CKA_GNOME + 202)
+
#endif /* PKCS11G_H */
Modified: trunk/pkix/gkr-pkix-parser.c
==============================================================================
--- trunk/pkix/gkr-pkix-parser.c (original)
+++ trunk/pkix/gkr-pkix-parser.c Wed Jul 9 17:35:24 2008
@@ -384,7 +384,6 @@
GkrPkixResult ret;
g_return_val_if_fail (GKR_IS_PKIX_PARSER (parser), FALSE);
- g_return_val_if_fail (loc != 0, FALSE);
g_return_val_if_fail (data != NULL, FALSE);
g_return_val_if_fail (!err || !*err, FALSE);
Modified: trunk/po/POTFILES.in
==============================================================================
--- trunk/po/POTFILES.in (original)
+++ trunk/po/POTFILES.in Wed Jul 9 17:35:24 2008
@@ -6,6 +6,7 @@
library/gnome-keyring-utils.c
keyrings/gkr-keyring-login.c
keyrings/gkr-keyring.c
+pk/gkr-pk-import.c
pk/gkr-pk-index.c
pk/gkr-pk-object.c
pk/gkr-pk-object-storage.c
Modified: trunk/ssh/gkr-ssh-daemon-ops.c
==============================================================================
--- trunk/ssh/gkr-ssh-daemon-ops.c (original)
+++ trunk/ssh/gkr-ssh-daemon-ops.c Wed Jul 9 17:35:24 2008
@@ -28,9 +28,9 @@
#include "common/gkr-cleanup.h"
#include "common/gkr-crypto.h"
-#include "pk/gkr-pk-object-manager.h"
#include "pk/gkr-pk-privkey.h"
#include "pk/gkr-pk-pubkey.h"
+#include "pk/gkr-pk-session.h"
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11g.h"
@@ -48,7 +48,7 @@
* SESSION KEYS
*/
-static GkrPkObjectManager *session_manager = NULL;
+static GkrPkSession *ssh_session = NULL;
static void
mark_v1_key (GkrPkPrivkey *key)
@@ -64,15 +64,15 @@
}
static void
-cleanup_session_manager (gpointer unused)
+cleanup_session (gpointer unused)
{
- g_return_if_fail (session_manager);
- g_object_unref (session_manager);
- session_manager = NULL;
+ g_return_if_fail (ssh_session);
+ g_object_unref (ssh_session);
+ ssh_session = NULL;
}
static GkrPkPrivkey*
-find_private_key_in_manager (GkrPkObjectManager *manager, const gkrid keyid, guint version)
+find_private_key_in_manager (GkrPkManager *manager, const gkrid keyid, guint version)
{
GkrPkPrivkey *key = NULL;
GList *l, *objects;
@@ -82,8 +82,8 @@
data = gkr_id_get_raw (keyid, &n_data);
g_assert (data && n_data);
- objects = gkr_pk_object_manager_findv (manager, GKR_TYPE_PK_PRIVKEY,
- CKA_ID, data, n_data, NULL);
+ objects = gkr_pk_manager_findv (manager, GKR_TYPE_PK_PRIVKEY,
+ CKA_ID, data, n_data, NULL);
for (l = objects; l; l = g_list_next (l)) {
key = GKR_PK_PRIVKEY (objects->data);
@@ -109,13 +109,13 @@
keyid = gkr_crypto_skey_make_id (skey);
g_return_val_if_fail (keyid != NULL, NULL);
- /* Search through the session keys */
- if (session_manager)
- key = find_private_key_in_manager (session_manager, keyid, version);
+ /* Search through the session keys */
+ if (ssh_session)
+ key = find_private_key_in_manager (ssh_session->manager, keyid, version);
/* Search through the global keys */
if (!key && global)
- key = find_private_key_in_manager (gkr_pk_object_manager_for_token (), keyid, version);
+ key = find_private_key_in_manager (gkr_pk_manager_for_token (), keyid, version);
gkr_id_free (keyid);
return key;
@@ -124,8 +124,11 @@
static void
remove_session_key (GkrPkPrivkey *key)
{
- if (session_manager)
- gkr_pk_object_manager_unregister (session_manager, GKR_PK_OBJECT (key));
+ if (ssh_session) {
+ /* This removes ownership of the key */
+ if (!gkr_pk_storage_remove (ssh_session->storage, GKR_PK_OBJECT (key), NULL))
+ g_return_if_reached ();
+ }
}
static void
@@ -133,16 +136,16 @@
{
GkrPkPrivkey *key, *prev;
- if (!session_manager) {
- session_manager = gkr_pk_object_manager_new ();
- gkr_cleanup_register (cleanup_session_manager, NULL);
+ if (!ssh_session) {
+ ssh_session = gkr_pk_session_new ();
+ gkr_cleanup_register (cleanup_session, NULL);
}
prev = find_private_key (skey, FALSE, version);
if (prev)
remove_session_key (prev);
- key = GKR_PK_PRIVKEY (gkr_pk_privkey_new (session_manager, 0, skey));
+ key = GKR_PK_PRIVKEY (gkr_pk_privkey_new (ssh_session->manager, 0, skey));
g_return_if_fail (key != NULL);
if (comment)
@@ -150,6 +153,12 @@
if (version == 1)
mark_v1_key (key);
+
+ /* This owns the actual key */
+ if (!gkr_pk_storage_store (ssh_session->storage, GKR_PK_OBJECT (key), NULL))
+ g_return_if_reached ();
+
+ g_object_unref (key);
}
static void
@@ -267,12 +276,12 @@
gsize blobpos;
/* Only find the keys that have usage = ssh */
- objects = gkr_pk_object_manager_findv (gkr_pk_object_manager_for_token (), GKR_TYPE_PK_PRIVKEY,
- CKA_GNOME_PURPOSE_SSH_AUTH, CK_TRUE, 0, NULL);
+ objects = gkr_pk_manager_findv (gkr_pk_manager_for_token (), GKR_TYPE_PK_PRIVKEY,
+ CKA_GNOME_PURPOSE_SSH_AUTH, CK_TRUE, 0, NULL);
pubkeys = NULL;
- if (session_manager)
- get_public_keys (session_manager->objects, &pubkeys, 2);
+ if (ssh_session)
+ get_public_keys (ssh_session->manager->objects, &pubkeys, 2);
get_public_keys (objects, &pubkeys, 2);
g_list_free (objects);
@@ -312,8 +321,8 @@
GkrPkPubkey *pub;
const gchar *label;
- if (session_manager)
- get_public_keys (session_manager->objects, &pubkeys, 1);
+ if (ssh_session)
+ get_public_keys (ssh_session->manager->objects, &pubkeys, 1);
gkr_buffer_add_byte (resp, GKR_SSH_RES_RSA_IDENTITIES_ANSWER);
gkr_buffer_add_uint32 (resp, g_list_length (pubkeys));
@@ -658,7 +667,7 @@
* When the key is just a session key, then remove it
* completely.
*/
- if (obj->manager == session_manager)
+ if (ssh_session && obj->manager == ssh_session->manager)
remove_session_key (key);
/*
@@ -702,8 +711,8 @@
GList *objects, *l, *removes = NULL;
/* Remove all session keys */
- if (session_manager) {
- for (l = session_manager->objects; l; l = g_list_next (l)) {
+ if (ssh_session) {
+ for (l = ssh_session->manager->objects; l; l = g_list_next (l)) {
if (!GKR_IS_PK_PRIVKEY (l->data))
continue;
key = GKR_PK_PRIVKEY (l->data);
@@ -717,8 +726,8 @@
}
/* And now we lock all private keys with usage = SSH */
- objects = gkr_pk_object_manager_findv (gkr_pk_object_manager_for_token (), GKR_TYPE_PK_PRIVKEY,
- CKA_GNOME_PURPOSE_SSH_AUTH, CK_TRUE, 0, NULL);
+ objects = gkr_pk_manager_findv (gkr_pk_manager_for_token (), GKR_TYPE_PK_PRIVKEY,
+ CKA_GNOME_PURPOSE_SSH_AUTH, CK_TRUE, 0, NULL);
for (l = objects; l; l = g_list_next (l)) {
g_return_val_if_fail (GKR_IS_PK_OBJECT (l->data), FALSE);
@@ -737,8 +746,8 @@
GkrPkPrivkey *key;
GList *l, *removes = NULL;
- if (session_manager) {
- for (l = session_manager->objects; l; l = g_list_next (l)) {
+ if (ssh_session) {
+ for (l = ssh_session->manager->objects; l; l = g_list_next (l)) {
if (!GKR_IS_PK_PRIVKEY (l->data))
continue;
key = GKR_PK_PRIVKEY (l->data);
Modified: trunk/ssh/gkr-ssh-storage.c
==============================================================================
--- trunk/ssh/gkr-ssh-storage.c (original)
+++ trunk/ssh/gkr-ssh-storage.c Wed Jul 9 17:35:24 2008
@@ -37,7 +37,7 @@
#include "pkcs11/pkcs11.h"
#include "pk/gkr-pk-privkey.h"
-#include "pk/gkr-pk-object-manager.h"
+#include "pk/gkr-pk-manager.h"
#include "pk/gkr-pk-util.h"
#include "pkix/gkr-pkix-asn1.h"
@@ -116,11 +116,11 @@
static GkrPkObject*
prepare_object (GkrSshStorage *storage, GQuark location, gkrconstid digest)
{
- GkrPkObjectManager *manager;
+ GkrPkManager *manager;
GkrPkObject *object;
- manager = gkr_pk_object_manager_for_token ();
- object = gkr_pk_object_manager_find_by_digest (manager, digest);
+ manager = gkr_pk_manager_for_token ();
+ object = gkr_pk_manager_find_by_digest (manager, digest);
/* The object already exists just reference it */
if (object) {
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]