[gnome-keyring/dbus-api: 5/6] [pkcs11] Change terminology from 'authenticator' to 'credential.
- From: Stefan Walter <stefw src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [gnome-keyring/dbus-api: 5/6] [pkcs11] Change terminology from 'authenticator' to 'credential.
- Date: Wed, 11 Nov 2009 00:59:53 +0000 (UTC)
commit 7ce255405dbd7321f4d101ce6fb1441994e538a7
Author: Stef Walter <stef memberwebs com>
Date: Tue Nov 10 03:06:30 2009 +0000
[pkcs11] Change terminology from 'authenticator' to 'credential.
Change the CKO_G_AUTHENTICATOR to CKO_G_CREDENTIAL and
GckAuthenticator to GckCredential. Fine tune other
related naming conventions.
daemon/dbus/gkd-secrets-unlock.c | 14 +-
daemon/pkcs11/gkr-pkcs11-auth-ep.c | 18 +-
pkcs11/gck/Makefile.am | 2 +-
pkcs11/gck/gck-authenticator.h | 78 ------
.../gck/{gck-authenticator.c => gck-credential.c} | 275 ++++++++++----------
pkcs11/gck/gck-credential.h | 78 ++++++
pkcs11/gck/gck-module.c | 4 +-
pkcs11/gck/gck-object.c | 6 +-
pkcs11/gck/gck-object.h | 6 +-
pkcs11/gck/gck-private-key.c | 34 ++--
pkcs11/gck/gck-private-key.h | 4 +-
pkcs11/gck/gck-session.c | 52 ++--
pkcs11/gck/gck-session.h | 6 +-
pkcs11/gck/gck-types.h | 2 +-
pkcs11/gck/tests/Makefile.am | 2 +-
pkcs11/gck/tests/mock-locked-object.c | 8 +-
...test-authenticator.c => unit-test-credential.c} | 152 ++++++------
pkcs11/pkcs11g.h | 10 +-
pkcs11/secret-store/gck-secret-collection.c | 34 ++--
.../tests/unit-test-secret-collection.c | 94 ++++----
pkcs11/secret-store/tests/unit-test-secret-item.c | 16 +-
pkcs11/ssh-agent/gck-ssh-agent-ops.c | 4 +-
pkcs11/ssh-store/gck-ssh-private-key.c | 8 +-
pkcs11/ssh-store/tests/unit-test-private-key.c | 10 +-
24 files changed, 459 insertions(+), 458 deletions(-)
---
diff --git a/daemon/dbus/gkd-secrets-unlock.c b/daemon/dbus/gkd-secrets-unlock.c
index 5919b87..f353285 100644
--- a/daemon/dbus/gkd-secrets-unlock.c
+++ b/daemon/dbus/gkd-secrets-unlock.c
@@ -108,7 +108,7 @@ authenticate_collection (GkdSecretsUnlock *self, GP11Object *coll, gboolean *loc
GError *error = NULL;
GP11Attributes *attrs;
GP11Session *session;
- GP11Object *auth;
+ GP11Object *cred;
gchar *password;
gsize n_password;
@@ -138,9 +138,9 @@ authenticate_collection (GkdSecretsUnlock *self, GP11Object *coll, gboolean *loc
password = gkd_prompt_get_password (GKD_PROMPT (self), "password");
n_password = password ? strlen (password) : 0;
- auth = gp11_session_create_object (session, &error,
- CKA_CLASS, GP11_ULONG, CKO_GNOME_AUTHENTICATOR,
- CKA_GNOME_OBJECT, GP11_ULONG, gp11_object_get_handle (coll),
+ cred = gp11_session_create_object (session, &error,
+ CKA_CLASS, GP11_ULONG, CKO_G_CREDENTIAL,
+ CKA_G_OBJECT, GP11_ULONG, gp11_object_get_handle (coll),
CKA_GNOME_TRANSIENT, GP11_BOOLEAN, TRUE,
CKA_TOKEN, GP11_BOOLEAN, FALSE,
CKA_VALUE, n_password, password,
@@ -148,8 +148,8 @@ authenticate_collection (GkdSecretsUnlock *self, GP11Object *coll, gboolean *loc
egg_secure_strfree (password);
g_object_unref (session);
- if (auth) {
- g_object_unref (auth);
+ if (cred) {
+ g_object_unref (cred);
*locked = FALSE;
return TRUE; /* Operation succeeded, and unlocked */
@@ -160,7 +160,7 @@ authenticate_collection (GkdSecretsUnlock *self, GP11Object *coll, gboolean *loc
return TRUE; /* Operation succeded, although not unlocked*/
} else {
- g_warning ("couldn't create authenticator for collection: %s",
+ g_warning ("couldn't create credential for collection: %s",
error->message);
g_clear_error (&error);
return FALSE; /* Operation failed */
diff --git a/daemon/pkcs11/gkr-pkcs11-auth-ep.c b/daemon/pkcs11/gkr-pkcs11-auth-ep.c
index e9c48b4..984b297 100644
--- a/daemon/pkcs11/gkr-pkcs11-auth-ep.c
+++ b/daemon/pkcs11/gkr-pkcs11-auth-ep.c
@@ -69,7 +69,7 @@ auth_object_for_context_specific (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE obj
CK_BBOOL token, always;
CK_ULONG n_attrs;
CK_RV rv;
-
+
/* Lookup information about the specific object */
attrs[0].type = CKA_LABEL;
attrs[0].pValue = label = NULL;
@@ -161,26 +161,26 @@ auth_object_for_context_specific (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE obj
}
static void
-auth_create_authenticator (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
- CK_UTF8CHAR_PTR pin, CK_ULONG n_pin)
+auth_create_credential (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
+ CK_UTF8CHAR_PTR pin, CK_ULONG n_pin)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_BBOOL transient = CK_TRUE;
CK_BBOOL token = CK_FALSE;
CK_ATTRIBUTE attrs[] = {
{ CKA_CLASS, &klass, sizeof (klass) },
- { CKA_GNOME_OBJECT, &object, sizeof (object) },
+ { CKA_G_OBJECT, &object, sizeof (object) },
{ CKA_GNOME_TRANSIENT, &transient, sizeof (transient) },
{ CKA_TOKEN, &token, sizeof (token) },
{ CKA_VALUE, pin, n_pin }
};
- CK_OBJECT_HANDLE authenticator;
+ CK_OBJECT_HANDLE credential;
CK_RV rv;
- rv = pkcs11_lower->C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &authenticator);
+ rv = pkcs11_lower->C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &credential);
if (rv != CKR_OK)
- g_message ("failed to create authenticator object (code: %lu)", (gulong)rv);
+ g_message ("failed to create credential object (code: %lu)", (gulong)rv);
}
/* --------------------------------------------------------------------------------------
@@ -530,7 +530,7 @@ auth_C_Login (CK_SESSION_HANDLE handle, CK_USER_TYPE user_type,
/* If that was successful, then we can create an authenticator object */
if (user_type == CKU_CONTEXT_SPECIFIC && rv == CKR_OK && object != 0)
- auth_create_authenticator (handle, object, pin, pin_len);
+ auth_create_credential (handle, object, pin, pin_len);
/* Wrap things up */
DAEMON_ENTER ();
diff --git a/pkcs11/gck/Makefile.am b/pkcs11/gck/Makefile.am
index 2238f2c..5694ee6 100644
--- a/pkcs11/gck/Makefile.am
+++ b/pkcs11/gck/Makefile.am
@@ -18,10 +18,10 @@ BUILT_SOURCES = \
libgck_la_SOURCES = \
gck-attributes.c gck-attributes.h \
- gck-authenticator.c gck-authenticator.h \
gck-certificate.c gck-certificate.h \
gck-certificate-key.c gck-certificate-key.h \
gck-certificate-trust.c gck-certificate-trust.h \
+ gck-credential.c gck-credential.h \
gck-crypto.c gck-crypto.h \
gck-data-asn1.c gck-data-asn1.h \
gck-data-der.c gck-data-der.h \
diff --git a/pkcs11/gck/gck-authenticator.c b/pkcs11/gck/gck-credential.c
similarity index 53%
rename from pkcs11/gck/gck-authenticator.c
rename to pkcs11/gck/gck-credential.c
index 8f4d9b3..0a1584f 100644
--- a/pkcs11/gck/gck-authenticator.c
+++ b/pkcs11/gck/gck-credential.c
@@ -1,28 +1,28 @@
-/*
+/*
* gnome-keyring
- *
+ *
* Copyright (C) 2009 Stefan Walter
- *
- * This program is free software; you can redistribute it and/or modify
+ *
+ * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General License for more details.
- *
- * You should have received a copy of the GNU Lesser General
+ *
+ * You should have received a copy of the GNU Lesser General
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
- * 02111-1307, USA.
+ * 02111-1307, USA.
*/
#include "config.h"
#include "gck-attributes.h"
-#include "gck-authenticator.h"
+#include "gck-credential.h"
#include "gck-secret.h"
#include "gck-session.h"
#include "gck-transaction.h"
@@ -33,45 +33,45 @@
enum {
PROP_0,
PROP_OBJECT,
- PROP_LOGIN,
+ PROP_SECRET,
PROP_USES_REMAINING
};
-struct _GckAuthenticatorPrivate {
+struct _GckCredentialPrivate {
/* The object we authenticated */
GckObject *object;
-
- /* Optional login */
- GckSecret *login;
-
+
+ /* Optional secret */
+ GckSecret *secret;
+
/* Can limit by number of uses remaining */
gint uses_remaining;
};
-G_DEFINE_TYPE (GckAuthenticator, gck_authenticator, GCK_TYPE_OBJECT);
+G_DEFINE_TYPE (GckCredential, gck_credential, GCK_TYPE_OBJECT);
/* -----------------------------------------------------------------------------
- * INTERNAL
+ * INTERNAL
*/
static void
-factory_create_authenticator (GckSession *session, GckTransaction *transaction,
+factory_create_credential (GckSession *session, GckTransaction *transaction,
CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs, GckObject **result)
{
CK_OBJECT_HANDLE handle;
- GckAuthenticator *auth;
+ GckCredential *auth;
CK_ATTRIBUTE *attr;
GckManager *manager;
GckObject *object;
CK_RV rv;
-
+
g_return_if_fail (GCK_IS_TRANSACTION (transaction));
g_return_if_fail (attrs || !n_attrs);
g_return_if_fail (result);
/* The handle is required */
- if (!gck_attributes_find_ulong (attrs, n_attrs, CKA_GNOME_OBJECT, &handle)) {
+ if (!gck_attributes_find_ulong (attrs, n_attrs, CKA_G_OBJECT, &handle)) {
gck_transaction_fail (transaction, CKR_TEMPLATE_INCOMPLETE);
return;
}
@@ -82,14 +82,14 @@ factory_create_authenticator (GckSession *session, GckTransaction *transaction,
gck_transaction_fail (transaction, rv);
return;
}
-
+
/* The value is optional */
attr = gck_attributes_find (attrs, n_attrs, CKA_VALUE);
- gck_attributes_consume (attrs, n_attrs, CKA_VALUE, CKA_GNOME_OBJECT, G_MAXULONG);
-
+ gck_attributes_consume (attrs, n_attrs, CKA_VALUE, CKA_G_OBJECT, G_MAXULONG);
+
manager = gck_manager_for_template (attrs, n_attrs, session);
- rv = gck_authenticator_create (object, manager,
+ rv = gck_credential_create (object, manager,
attr ? attr->pValue : NULL,
attr ? attr->ulValueLen : 0, &auth);
if (rv == CKR_OK)
@@ -99,74 +99,74 @@ factory_create_authenticator (GckSession *session, GckTransaction *transaction,
}
static void
-self_destruct (GckAuthenticator *self)
+self_destruct (GckCredential *self)
{
GckTransaction *transaction;
CK_RV rv;
-
- g_assert (GCK_IS_AUTHENTICATOR (self));
-
+
+ g_assert (GCK_IS_CREDENTIAL (self));
+
transaction = gck_transaction_new ();
/* Destroy ourselves */
gck_object_destroy (GCK_OBJECT (self), transaction);
-
+
gck_transaction_complete (transaction);
rv = gck_transaction_get_result (transaction);
g_object_unref (transaction);
if (rv != CKR_OK)
- g_warning ("Couldn't destroy authenticator object: (code %lu)", (gulong)rv);
+ g_warning ("Couldn't destroy credential object: (code %lu)", (gulong)rv);
}
static void
object_went_away (gpointer data, GObject *old_object)
{
- GckAuthenticator *self = data;
- g_return_if_fail (GCK_IS_AUTHENTICATOR (self));
+ GckCredential *self = data;
+ g_return_if_fail (GCK_IS_CREDENTIAL (self));
self->pv->object = NULL;
self_destruct (self);
}
/* -----------------------------------------------------------------------------
- * OBJECT
+ * OBJECT
*/
-static CK_RV
-gck_authenticator_real_get_attribute (GckObject *base, GckSession *session, CK_ATTRIBUTE *attr)
+static CK_RV
+gck_credential_real_get_attribute (GckObject *base, GckSession *session, CK_ATTRIBUTE *attr)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (base);
+ GckCredential *self = GCK_CREDENTIAL (base);
switch (attr->type) {
case CKA_CLASS:
- return gck_attribute_set_ulong (attr, CKO_GNOME_AUTHENTICATOR);
+ return gck_attribute_set_ulong (attr, CKO_G_CREDENTIAL);
case CKA_PRIVATE:
return gck_attribute_set_bool (attr, TRUE);
- case CKA_GNOME_OBJECT:
+ case CKA_G_OBJECT:
g_return_val_if_fail (self->pv->object, CKR_GENERAL_ERROR);
return gck_attribute_set_ulong (attr, gck_object_get_handle (self->pv->object));
- case CKA_GNOME_USES_REMAINING:
+ case CKA_G_USES_REMAINING:
if (self->pv->uses_remaining < 0)
return gck_attribute_set_ulong (attr, (CK_ULONG)-1);
else
return gck_attribute_set_ulong (attr, self->pv->uses_remaining);
-
+
case CKA_VALUE:
return CKR_ATTRIBUTE_SENSITIVE;
};
- return GCK_OBJECT_CLASS (gck_authenticator_parent_class)->get_attribute (base, session, attr);
+ return GCK_OBJECT_CLASS (gck_credential_parent_class)->get_attribute (base, session, attr);
}
-static GObject*
-gck_authenticator_constructor (GType type, guint n_props, GObjectConstructParam *props)
+static GObject*
+gck_credential_constructor (GType type, guint n_props, GObjectConstructParam *props)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (G_OBJECT_CLASS (gck_authenticator_parent_class)->constructor(type, n_props, props));
- g_return_val_if_fail (self, NULL);
+ GckCredential *self = GCK_CREDENTIAL (G_OBJECT_CLASS (gck_credential_parent_class)->constructor(type, n_props, props));
+ g_return_val_if_fail (self, NULL);
g_return_val_if_fail (self->pv->object, NULL);
@@ -174,45 +174,45 @@ gck_authenticator_constructor (GType type, guint n_props, GObjectConstructParam
}
static void
-gck_authenticator_init (GckAuthenticator *self)
+gck_credential_init (GckCredential *self)
{
- self->pv = G_TYPE_INSTANCE_GET_PRIVATE (self, GCK_TYPE_AUTHENTICATOR, GckAuthenticatorPrivate);
+ self->pv = G_TYPE_INSTANCE_GET_PRIVATE (self, GCK_TYPE_CREDENTIAL, GckCredentialPrivate);
self->pv->uses_remaining = -1;
}
static void
-gck_authenticator_dispose (GObject *obj)
+gck_credential_dispose (GObject *obj)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (obj);
+ GckCredential *self = GCK_CREDENTIAL (obj);
if (self->pv->object)
g_object_weak_unref (G_OBJECT (self->pv->object), object_went_away, self);
self->pv->object = NULL;
-
- if (self->pv->login)
- g_object_unref (self->pv->login);
- self->pv->login = NULL;
-
- G_OBJECT_CLASS (gck_authenticator_parent_class)->dispose (obj);
+
+ if (self->pv->secret)
+ g_object_unref (self->pv->secret);
+ self->pv->secret = NULL;
+
+ G_OBJECT_CLASS (gck_credential_parent_class)->dispose (obj);
}
static void
-gck_authenticator_finalize (GObject *obj)
+gck_credential_finalize (GObject *obj)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (obj);
-
+ GckCredential *self = GCK_CREDENTIAL (obj);
+
g_assert (!self->pv->object);
- g_assert (!self->pv->login);
+ g_assert (!self->pv->secret);
- G_OBJECT_CLASS (gck_authenticator_parent_class)->finalize (obj);
+ G_OBJECT_CLASS (gck_credential_parent_class)->finalize (obj);
}
static void
-gck_authenticator_set_property (GObject *obj, guint prop_id, const GValue *value,
+gck_credential_set_property (GObject *obj, guint prop_id, const GValue *value,
GParamSpec *pspec)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (obj);
-
+ GckCredential *self = GCK_CREDENTIAL (obj);
+
switch (prop_id) {
case PROP_OBJECT:
g_return_if_fail (!self->pv->object);
@@ -220,8 +220,8 @@ gck_authenticator_set_property (GObject *obj, guint prop_id, const GValue *value
g_return_if_fail (GCK_IS_OBJECT (self->pv->object));
g_object_weak_ref (G_OBJECT (self->pv->object), object_went_away, self);
break;
- case PROP_LOGIN:
- gck_authenticator_set_login (self, g_value_get_object (value));
+ case PROP_SECRET:
+ gck_credential_set_secret (self, g_value_get_object (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
@@ -230,20 +230,20 @@ gck_authenticator_set_property (GObject *obj, guint prop_id, const GValue *value
}
static void
-gck_authenticator_get_property (GObject *obj, guint prop_id, GValue *value,
+gck_credential_get_property (GObject *obj, guint prop_id, GValue *value,
GParamSpec *pspec)
{
- GckAuthenticator *self = GCK_AUTHENTICATOR (obj);
-
+ GckCredential *self = GCK_CREDENTIAL (obj);
+
switch (prop_id) {
case PROP_OBJECT:
- g_value_set_object (value, gck_authenticator_get_object (self));
+ g_value_set_object (value, gck_credential_get_object (self));
break;
- case PROP_LOGIN:
- g_value_set_object (value, gck_authenticator_get_login (self));
+ case PROP_SECRET:
+ g_value_set_object (value, gck_credential_get_secret (self));
break;
case PROP_USES_REMAINING:
- g_value_set_int (value, gck_authenticator_get_uses_remaining (self));
+ g_value_set_int (value, gck_credential_get_uses_remaining (self));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
@@ -252,43 +252,43 @@ gck_authenticator_get_property (GObject *obj, guint prop_id, GValue *value,
}
static void
-gck_authenticator_class_init (GckAuthenticatorClass *klass)
+gck_credential_class_init (GckCredentialClass *klass)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
GckObjectClass *gck_class = GCK_OBJECT_CLASS (klass);
-
- gck_authenticator_parent_class = g_type_class_peek_parent (klass);
- g_type_class_add_private (klass, sizeof (GckAuthenticatorPrivate));
-
- gobject_class->constructor = gck_authenticator_constructor;
- gobject_class->dispose = gck_authenticator_dispose;
- gobject_class->finalize = gck_authenticator_finalize;
- gobject_class->set_property = gck_authenticator_set_property;
- gobject_class->get_property = gck_authenticator_get_property;
-
- gck_class->get_attribute = gck_authenticator_real_get_attribute;
-
+
+ gck_credential_parent_class = g_type_class_peek_parent (klass);
+ g_type_class_add_private (klass, sizeof (GckCredentialPrivate));
+
+ gobject_class->constructor = gck_credential_constructor;
+ gobject_class->dispose = gck_credential_dispose;
+ gobject_class->finalize = gck_credential_finalize;
+ gobject_class->set_property = gck_credential_set_property;
+ gobject_class->get_property = gck_credential_get_property;
+
+ gck_class->get_attribute = gck_credential_real_get_attribute;
+
g_object_class_install_property (gobject_class, PROP_OBJECT,
- g_param_spec_object ("object", "Object", "Object authenticated",
+ g_param_spec_object ("object", "Object", "Object authenticated",
GCK_TYPE_OBJECT, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
- g_object_class_install_property (gobject_class, PROP_LOGIN,
- g_param_spec_object ("login", "Login", "Optiontal login",
+ g_object_class_install_property (gobject_class, PROP_SECRET,
+ g_param_spec_object ("secret", "Secret", "Optiontal secret",
GCK_TYPE_SECRET, G_PARAM_READWRITE));
-
+
g_object_class_install_property (gobject_class, PROP_USES_REMAINING,
g_param_spec_int ("uses-remaining", "Uses Remaining", "Uses remaining",
-1, G_MAXINT, -1, G_PARAM_READWRITE));
}
/* -----------------------------------------------------------------------------
- * PUBLIC
+ * PUBLIC
*/
GckFactory*
-gck_authenticator_get_factory (void)
+gck_credential_get_factory (void)
{
- static CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ static CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
static CK_ATTRIBUTE attributes[] = {
{ CKA_CLASS, &klass, sizeof (klass) },
@@ -297,108 +297,107 @@ gck_authenticator_get_factory (void)
static GckFactory factory = {
attributes,
G_N_ELEMENTS (attributes),
- factory_create_authenticator
+ factory_create_credential
};
-
+
return &factory;
}
CK_RV
-gck_authenticator_create (GckObject *object, GckManager *manager,
- CK_UTF8CHAR_PTR pin, CK_ULONG n_pin,
- GckAuthenticator **result)
+gck_credential_create (GckObject *object, GckManager *manager,
+ CK_UTF8CHAR_PTR pin, CK_ULONG n_pin,
+ GckCredential **result)
{
- GckAuthenticator *auth;
- GckSecret *login = NULL;
+ GckCredential *auth;
+ GckSecret *secret = NULL;
CK_RV rv;
-
+
g_return_val_if_fail (GCK_IS_OBJECT (object), CKR_GENERAL_ERROR);
g_return_val_if_fail (result, CKR_GENERAL_ERROR);
-
- login = gck_secret_new_from_login (pin, n_pin);
- auth = g_object_new (GCK_TYPE_AUTHENTICATOR,
+
+ secret = gck_secret_new_from_login (pin, n_pin);
+ auth = g_object_new (GCK_TYPE_CREDENTIAL,
"module", gck_object_get_module (object),
- "manager", manager, "login", login,
+ "manager", manager, "secret", secret,
"object", object, NULL);
- g_object_unref (login);
-
+ g_object_unref (secret);
+
/* Now the unlock must work */
rv = gck_object_unlock (object, auth);
if (rv == CKR_OK)
*result = auth;
else
g_object_unref (auth);
-
+
return rv;
}
GckSecret*
-gck_authenticator_get_login (GckAuthenticator *self)
+gck_credential_get_secret (GckCredential *self)
{
- g_return_val_if_fail (GCK_IS_AUTHENTICATOR (self), NULL);
- return self->pv->login;
+ g_return_val_if_fail (GCK_IS_CREDENTIAL (self), NULL);
+ return self->pv->secret;
}
void
-gck_authenticator_set_login (GckAuthenticator *self, GckSecret *login)
+gck_credential_set_secret (GckCredential *self, GckSecret *secret)
{
- g_return_if_fail (GCK_IS_AUTHENTICATOR (self));
-
- if (login) {
- g_return_if_fail (GCK_IS_SECRET (login));
- g_object_ref (login);
+ g_return_if_fail (GCK_IS_CREDENTIAL (self));
+
+ if (secret) {
+ g_return_if_fail (GCK_IS_SECRET (secret));
+ g_object_ref (secret);
}
- if (self->pv->login)
- g_object_unref (self->pv->login);
- self->pv->login = login;
-
- g_object_notify (G_OBJECT (self), "login");
+ if (self->pv->secret)
+ g_object_unref (self->pv->secret);
+ self->pv->secret = secret;
+
+ g_object_notify (G_OBJECT (self), "secret");
}
const gchar*
-gck_authenticator_get_password (GckAuthenticator *self, gsize *n_password)
+gck_credential_get_password (GckCredential *self, gsize *n_password)
{
- g_return_val_if_fail (GCK_IS_AUTHENTICATOR (self), NULL);
+ g_return_val_if_fail (GCK_IS_CREDENTIAL (self), NULL);
g_return_val_if_fail (n_password, NULL);
-
- if (!self->pv->login) {
+
+ if (!self->pv->secret) {
*n_password = 0;
return NULL;
}
-
- return gck_secret_get_password (self->pv->login, n_password);
+
+ return gck_secret_get_password (self->pv->secret, n_password);
}
GckObject*
-gck_authenticator_get_object (GckAuthenticator *self)
+gck_credential_get_object (GckCredential *self)
{
- g_return_val_if_fail (GCK_IS_AUTHENTICATOR (self), NULL);
+ g_return_val_if_fail (GCK_IS_CREDENTIAL (self), NULL);
g_return_val_if_fail (GCK_IS_OBJECT (self->pv->object), NULL);
return self->pv->object;
}
gint
-gck_authenticator_get_uses_remaining (GckAuthenticator *self)
+gck_credential_get_uses_remaining (GckCredential *self)
{
- g_return_val_if_fail (GCK_IS_AUTHENTICATOR (self), 0);
+ g_return_val_if_fail (GCK_IS_CREDENTIAL (self), 0);
return self->pv->uses_remaining;
}
void
-gck_authenticator_set_uses_remaining (GckAuthenticator *self,
- gint use_count)
+gck_credential_set_uses_remaining (GckCredential *self, gint use_count)
{
- g_return_if_fail (GCK_IS_AUTHENTICATOR (self));
+ g_return_if_fail (GCK_IS_CREDENTIAL (self));
g_return_if_fail (use_count != 0);
-
+
self->pv->uses_remaining = use_count;
g_object_notify (G_OBJECT (self), "uses-remaining");
}
void
-gck_authenticator_throw_away_one_use (GckAuthenticator *self)
+gck_credential_throw_away_one_use (GckCredential *self)
{
- g_return_if_fail (GCK_IS_AUTHENTICATOR (self));
+ g_return_if_fail (GCK_IS_CREDENTIAL (self));
if (self->pv->uses_remaining > 0)
--(self->pv->uses_remaining);
if (self->pv->uses_remaining == 0)
diff --git a/pkcs11/gck/gck-credential.h b/pkcs11/gck/gck-credential.h
new file mode 100644
index 0000000..61f135a
--- /dev/null
+++ b/pkcs11/gck/gck-credential.h
@@ -0,0 +1,78 @@
+/*
+ * gnome-keyring
+ *
+ * Copyright (C) 2009 Stefan Walter
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ */
+
+#ifndef __GCK_CREDENTIAL_H__
+#define __GCK_CREDENTIAL_H__
+
+#include <glib-object.h>
+
+#include "gck-object.h"
+#include "gck-types.h"
+
+#define GCK_FACTORY_CREDENTIAL (gck_credential_get_factory ())
+
+#define GCK_TYPE_CREDENTIAL (gck_credential_get_type ())
+#define GCK_CREDENTIAL(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GCK_TYPE_CREDENTIAL, GckCredential))
+#define GCK_CREDENTIAL_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GCK_TYPE_CREDENTIAL, GckCredentialClass))
+#define GCK_IS_CREDENTIAL(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GCK_TYPE_CREDENTIAL))
+#define GCK_IS_CREDENTIAL_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GCK_TYPE_CREDENTIAL))
+#define GCK_CREDENTIAL_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GCK_TYPE_CREDENTIAL, GckCredentialClass))
+
+typedef struct _GckCredentialClass GckCredentialClass;
+typedef struct _GckCredentialPrivate GckCredentialPrivate;
+
+struct _GckCredential {
+ GckObject parent;
+ GckCredentialPrivate *pv;
+};
+
+struct _GckCredentialClass {
+ GckObjectClass parent_class;
+};
+
+GType gck_credential_get_type (void);
+
+GckFactory* gck_credential_get_factory (void);
+
+CK_RV gck_credential_create (GckObject *object,
+ GckManager *manager,
+ CK_UTF8CHAR_PTR pin,
+ CK_ULONG n_pin,
+ GckCredential **result);
+
+GckSecret* gck_credential_get_secret (GckCredential *self);
+
+void gck_credential_set_secret (GckCredential *self,
+ GckSecret *login);
+
+const gchar* gck_credential_get_password (GckCredential *self,
+ gsize *n_password);
+
+GckObject* gck_credential_get_object (GckCredential *self);
+
+gint gck_credential_get_uses_remaining (GckCredential *self);
+
+void gck_credential_set_uses_remaining (GckCredential *self,
+ gint use_count);
+
+void gck_credential_throw_away_one_use (GckCredential *self);
+
+#endif /* __GCK_CREDENTIAL_H__ */
diff --git a/pkcs11/gck/gck-module.c b/pkcs11/gck/gck-module.c
index 5ae1c52..d27a0a0 100644
--- a/pkcs11/gck/gck-module.c
+++ b/pkcs11/gck/gck-module.c
@@ -26,8 +26,8 @@
#include "pkcs11/pkcs11i.h"
#include "gck-attributes.h"
-#include "gck-authenticator.h"
#include "gck-certificate.h"
+#include "gck-credential.h"
#include "gck-factory.h"
#include "gck-manager.h"
#include "gck-memory-store.h"
@@ -563,7 +563,7 @@ gck_module_init (GckModule *self)
gck_module_register_factory (self, GCK_FACTORY_PRIVATE_KEY);
gck_module_register_factory (self, GCK_FACTORY_CERTIFICATE);
gck_module_register_factory (self, GCK_FACTORY_PUBLIC_KEY);
- gck_module_register_factory (self, GCK_FACTORY_AUTHENTICATOR);
+ gck_module_register_factory (self, GCK_FACTORY_CREDENTIAL);
}
static void
diff --git a/pkcs11/gck/gck-object.c b/pkcs11/gck/gck-object.c
index 1e295e4..06ed1ec 100644
--- a/pkcs11/gck/gck-object.c
+++ b/pkcs11/gck/gck-object.c
@@ -297,7 +297,7 @@ gck_object_real_create_attributes (GckObject *self, GckSession *session,
}
static CK_RV
-gck_object_real_unlock (GckObject *self, GckAuthenticator *auth)
+gck_object_real_unlock (GckObject *self, GckCredential *cred)
{
/* A derived class should have overridden this */
return CKR_FUNCTION_FAILED;
@@ -664,11 +664,11 @@ gck_object_is_transient (GckObject *self)
}
CK_RV
-gck_object_unlock (GckObject *self, GckAuthenticator *auth)
+gck_object_unlock (GckObject *self, GckCredential *cred)
{
g_return_val_if_fail (GCK_IS_OBJECT (self), CKR_GENERAL_ERROR);
g_return_val_if_fail (GCK_OBJECT_GET_CLASS (self)->unlock, CKR_GENERAL_ERROR);
- return GCK_OBJECT_GET_CLASS (self)->unlock (self, auth);
+ return GCK_OBJECT_GET_CLASS (self)->unlock (self, cred);
}
diff --git a/pkcs11/gck/gck-object.h b/pkcs11/gck/gck-object.h
index 7f17074..75fa935 100644
--- a/pkcs11/gck/gck-object.h
+++ b/pkcs11/gck/gck-object.h
@@ -63,7 +63,7 @@ struct _GckObjectClass {
void (*create_attributes) (GckObject *object, GckSession *session,
GckTransaction *transaction, CK_ATTRIBUTE *attrs, CK_ULONG n_attrs);
- CK_RV (*unlock) (GckObject *self, GckAuthenticator *auth);
+ CK_RV (*unlock) (GckObject *self, GckCredential *cred);
};
GType gck_object_get_type (void);
@@ -83,8 +83,8 @@ gboolean gck_object_is_token (GckObject *self);
gboolean gck_object_is_transient (GckObject *self);
-CK_RV gck_object_unlock (GckObject *self,
- GckAuthenticator *auth);
+CK_RV gck_object_unlock (GckObject *self,
+ GckCredential *cred);
void gck_object_destroy (GckObject *self,
GckTransaction *transaction);
diff --git a/pkcs11/gck/gck-private-key.c b/pkcs11/gck/gck-private-key.c
index 39216c5..edc0780 100644
--- a/pkcs11/gck/gck-private-key.c
+++ b/pkcs11/gck/gck-private-key.c
@@ -24,7 +24,7 @@
#include "pkcs11/pkcs11.h"
#include "gck-attributes.h"
-#include "gck-authenticator.h"
+#include "gck-credential.h"
#include "gck-factory.h"
#include "gck-private-key.h"
#include "gck-session.h"
@@ -167,18 +167,18 @@ factory_create_private_key (GckSession *session, GckTransaction *transaction,
}
static gboolean
-acquire_from_authenticator (GckAuthenticator *auth, GckObject *object, gpointer user_data)
+acquire_from_credential (GckCredential *cred, GckObject *object, gpointer user_data)
{
GckSexp **result = user_data;
g_assert (result);
g_assert (!*result);
- /* The sexp we stored on the authenticator */
- *result = g_object_get_data (G_OBJECT (auth), "private-key-sexp");
+ /* The sexp we stored on the credential */
+ *result = g_object_get_data (G_OBJECT (cred), "private-key-sexp");
if (*result != NULL) {
*result = gck_sexp_ref (*result);
- gck_authenticator_throw_away_one_use (auth);
+ gck_credential_throw_away_one_use (cred);
return TRUE;
}
@@ -186,10 +186,10 @@ acquire_from_authenticator (GckAuthenticator *auth, GckObject *object, gpointer
}
static gboolean
-have_from_authenticator (GckAuthenticator *auth, GckObject *object, gpointer unused)
+have_from_credential (GckCredential *cred, GckObject *object, gpointer unused)
{
- /* The sexp we stored on the authenticator */
- return g_object_get_data (G_OBJECT (auth), "private-key-sexp") ? TRUE : FALSE;
+ /* The sexp we stored on the credential */
+ return g_object_get_data (G_OBJECT (cred), "private-key-sexp") ? TRUE : FALSE;
}
/* -----------------------------------------------------------------------------
@@ -242,7 +242,7 @@ gck_private_key_real_get_attribute (GckObject *base, GckSession *session, CK_ATT
case CKA_ALWAYS_AUTHENTICATE:
have = self->pv->sexp ? TRUE : FALSE;
if (!have && session)
- have = gck_session_for_each_authenticator (session, base, have_from_authenticator, NULL);
+ have = gck_session_for_each_credential (session, base, have_from_credential, NULL);
return gck_attribute_set_bool (attr, !have);
case CKA_MODULUS:
@@ -287,11 +287,11 @@ gck_private_key_real_acquire_crypto_sexp (GckKey *base, GckSession *session)
if (self->pv->sexp)
sexp = gck_sexp_ref (self->pv->sexp);
- /* Find an authenticator, with an unlocked copy */
+ /* Find an credential, with an unlocked copy */
else
- gck_session_for_each_authenticator (session, GCK_OBJECT (self),
- acquire_from_authenticator, &sexp);
-
+ gck_session_for_each_credential (session, GCK_OBJECT (self),
+ acquire_from_credential, &sexp);
+
return sexp;
}
@@ -396,16 +396,16 @@ gck_private_key_set_unlocked_private (GckPrivateKey *self, GckSexp *sexp)
}
void
-gck_private_key_set_locked_private (GckPrivateKey *self, GckAuthenticator *auth,
+gck_private_key_set_locked_private (GckPrivateKey *self, GckCredential *cred,
GckSexp *sexp)
{
g_return_if_fail (GCK_IS_PRIVATE_KEY (self));
- g_return_if_fail (GCK_IS_AUTHENTICATOR (auth));
+ g_return_if_fail (GCK_IS_CREDENTIAL (cred));
if (sexp == NULL)
- g_object_set_data (G_OBJECT (auth), "private-key-sexp", NULL);
+ g_object_set_data (G_OBJECT (cred), "private-key-sexp", NULL);
else
- g_object_set_data_full (G_OBJECT (auth), "private-key-sexp",
+ g_object_set_data_full (G_OBJECT (cred), "private-key-sexp",
gck_sexp_ref (sexp), gck_sexp_unref);
}
diff --git a/pkcs11/gck/gck-private-key.h b/pkcs11/gck/gck-private-key.h
index 0de653b..398fd91 100644
--- a/pkcs11/gck/gck-private-key.h
+++ b/pkcs11/gck/gck-private-key.h
@@ -54,8 +54,8 @@ void gck_private_key_set_unlocked_private (GckPrivateKey
GckSexp *sexp);
void gck_private_key_set_locked_private (GckPrivateKey *self,
- GckAuthenticator *auth,
- GckSexp *sexp);
+ GckCredential *cred,
+ GckSexp *sexp);
GckFactory* gck_private_key_get_factory (void);
diff --git a/pkcs11/gck/gck-session.c b/pkcs11/gck/gck-session.c
index 98c15a6..475ec75 100644
--- a/pkcs11/gck/gck-session.c
+++ b/pkcs11/gck/gck-session.c
@@ -25,7 +25,7 @@
#include "pkcs11/pkcs11i.h"
#include "gck-attributes.h"
-#include "gck-authenticator.h"
+#include "gck-credential.h"
#include "gck-crypto.h"
#include "gck-key.h"
#include "gck-factory.h"
@@ -69,7 +69,7 @@ struct _GckSessionPrivate {
/* Used for operations */
void (*current_operation) (GckSession *self);
GckObject *current_object;
- GckAuthenticator *authenticator;
+ GckCredential *credential;
/* Used for find operations */
GArray *found_objects;
@@ -107,10 +107,10 @@ cleanup_crypto (GckSession *self)
g_object_unref (self->pv->current_object);
self->pv->current_object = NULL;
- if (self->pv->authenticator) {
- g_object_set_data (G_OBJECT (self->pv->authenticator), "owned-by-session", NULL);
- g_object_unref (self->pv->authenticator);
- self->pv->authenticator = NULL;
+ if (self->pv->credential) {
+ g_object_set_data (G_OBJECT (self->pv->credential), "owned-by-session", NULL);
+ g_object_unref (self->pv->credential);
+ self->pv->credential = NULL;
}
self->pv->current_operation = NULL;
@@ -426,10 +426,10 @@ gck_session_dispose (GObject *obj)
g_object_unref (self->pv->module);
self->pv->module = NULL;
- if (self->pv->authenticator) {
- g_object_set_data (G_OBJECT (self->pv->authenticator), "owned-by-session", NULL);
- g_object_unref (self->pv->authenticator);
- self->pv->authenticator = NULL;
+ if (self->pv->credential) {
+ g_object_set_data (G_OBJECT (self->pv->credential), "owned-by-session", NULL);
+ g_object_unref (self->pv->credential);
+ self->pv->credential = NULL;
}
g_hash_table_remove_all (self->pv->objects);
@@ -663,7 +663,7 @@ gck_session_lookup_writable_object (GckSession *self, CK_OBJECT_HANDLE handle,
CK_RV
gck_session_login_context_specific (GckSession *self, CK_UTF8CHAR_PTR pin, CK_ULONG n_pin)
{
- GckAuthenticator *authenticator;
+ GckCredential *cred;
gboolean always_auth;
gboolean is_private;
GckObject *object;
@@ -690,15 +690,15 @@ gck_session_login_context_specific (GckSession *self, CK_UTF8CHAR_PTR pin, CK_UL
g_return_val_if_fail (is_private == TRUE, CKR_GENERAL_ERROR);
/* Now create the strange object */
- rv = gck_authenticator_create (self->pv->current_object, self->pv->manager,
- pin, n_pin, &authenticator);
+ rv = gck_credential_create (self->pv->current_object, self->pv->manager,
+ pin, n_pin, &cred);
if (rv != CKR_OK)
return rv;
- if (self->pv->authenticator)
- g_object_unref (self->pv->authenticator);
- g_object_set_data (G_OBJECT (authenticator), "owned-by-session", self);
- self->pv->authenticator = authenticator;
+ if (self->pv->credential)
+ g_object_unref (self->pv->credential);
+ g_object_set_data (G_OBJECT (cred), "owned-by-session", self);
+ self->pv->credential = cred;
return CKR_OK;
}
@@ -730,16 +730,16 @@ gck_session_destroy_session_object (GckSession *self, GckTransaction *transactio
g_return_if_fail (!gck_transaction_get_failed (transaction));
}
- /* Don't actually destroy the authenticator */
- if (self->pv->authenticator && GCK_OBJECT (self->pv->authenticator) == obj)
+ /* Don't actually destroy the credential */
+ if (self->pv->credential && GCK_OBJECT (self->pv->credential) == obj)
return;
remove_object (self, transaction, obj);
}
gboolean
-gck_session_for_each_authenticator (GckSession *self, GckObject *object,
- GckAuthenticatorFunc func, gpointer user_data)
+gck_session_for_each_credential (GckSession *self, GckObject *object,
+ GckCredentialFunc func, gpointer user_data)
{
CK_OBJECT_HANDLE handle;
CK_OBJECT_CLASS klass;
@@ -751,19 +751,19 @@ gck_session_for_each_authenticator (GckSession *self, GckObject *object,
g_return_val_if_fail (func, FALSE);
/* Do we have one right on the session */
- if (self->pv->authenticator != NULL &&
- gck_authenticator_get_object (self->pv->authenticator) == object) {
- if ((func) (self->pv->authenticator, object, user_data))
+ if (self->pv->credential != NULL &&
+ gck_credential_get_object (self->pv->credential) == object) {
+ if ((func) (self->pv->credential, object, user_data))
return TRUE;
}
- klass = CKO_GNOME_AUTHENTICATOR;
+ klass = CKO_G_CREDENTIAL;
attrs[0].type = CKA_CLASS;
attrs[0].pValue = &klass;
attrs[0].ulValueLen = sizeof (klass);
handle = gck_object_get_handle (object);
- attrs[1].type = CKA_GNOME_OBJECT;
+ attrs[1].type = CKA_G_OBJECT;
attrs[1].pValue = &handle;
attrs[1].ulValueLen = sizeof (handle);
diff --git a/pkcs11/gck/gck-session.h b/pkcs11/gck/gck-session.h
index 7106c9e..62124c8 100644
--- a/pkcs11/gck/gck-session.h
+++ b/pkcs11/gck/gck-session.h
@@ -52,7 +52,7 @@ struct _GckSessionClass {
#endif
};
-typedef gboolean (*GckAuthenticatorFunc) (GckAuthenticator *auth,
+typedef gboolean (*GckCredentialFunc) (GckCredential *cred,
GckObject *object,
gpointer user_data);
@@ -99,9 +99,9 @@ void gck_session_destroy_session_object (GckSess
GckTransaction *transaction,
GckObject *obj);
-gboolean gck_session_for_each_authenticator (GckSession *self,
+gboolean gck_session_for_each_credential (GckSession *self,
GckObject *object,
- GckAuthenticatorFunc func,
+ GckCredentialFunc func,
gpointer user_data);
CK_RV gck_session_create_object_for_factory (GckSession *self,
diff --git a/pkcs11/gck/gck-types.h b/pkcs11/gck/gck-types.h
index ac06215..1b9f0a7 100644
--- a/pkcs11/gck/gck-types.h
+++ b/pkcs11/gck/gck-types.h
@@ -22,10 +22,10 @@
#ifndef __GCK_TYPES_H__
#define __GCK_TYPES_H__
-typedef struct _GckAuthenticator GckAuthenticator;
typedef struct _GckCertificate GckCertificate;
typedef struct _GckCertificateKey GckCertificateKey;
typedef struct _GckCertificateTrust GckCertificateTrust;
+typedef struct _GckCredential GckCredential;
typedef struct _GckKey GckKey;
typedef struct _GckFactory GckFactory;
typedef struct _GckManager GckManager;
diff --git a/pkcs11/gck/tests/Makefile.am b/pkcs11/gck/tests/Makefile.am
index a1fe975..1f82931 100644
--- a/pkcs11/gck/tests/Makefile.am
+++ b/pkcs11/gck/tests/Makefile.am
@@ -9,7 +9,7 @@ UNIT_AUTO = \
unit-test-data-asn1.c \
unit-test-data-der.c \
unit-test-object.c \
- unit-test-authenticator.c \
+ unit-test-credential.c \
unit-test-timer.c \
unit-test-transaction.c \
unit-test-store.c \
diff --git a/pkcs11/gck/tests/mock-locked-object.c b/pkcs11/gck/tests/mock-locked-object.c
index 059b742..9803921 100644
--- a/pkcs11/gck/tests/mock-locked-object.c
+++ b/pkcs11/gck/tests/mock-locked-object.c
@@ -24,7 +24,7 @@
#include "mock-locked-object.h"
#include "gck/gck-attributes.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
G_DEFINE_TYPE (MockLockedObject, mock_locked_object, GCK_TYPE_OBJECT);
@@ -50,12 +50,12 @@ mock_locked_object_real_get_attribute (GckObject *base, GckSession *session, CK_
}
static CK_RV
-mock_locked_object_real_unlock (GckObject *base, GckAuthenticator *auth)
+mock_locked_object_real_unlock (GckObject *base, GckCredential *auth)
{
const gchar *password;
gsize n_password;
-
- password = gck_authenticator_get_password (auth, &n_password);
+
+ password = gck_credential_get_password (auth, &n_password);
if (n_password == 4 && memcmp (password, "mock", 4) == 0)
return CKR_OK;
diff --git a/pkcs11/gck/tests/unit-test-authenticator.c b/pkcs11/gck/tests/unit-test-credential.c
similarity index 70%
rename from pkcs11/gck/tests/unit-test-authenticator.c
rename to pkcs11/gck/tests/unit-test-credential.c
index 099dea1..42dcd06 100644
--- a/pkcs11/gck/tests/unit-test-authenticator.c
+++ b/pkcs11/gck/tests/unit-test-credential.c
@@ -26,7 +26,7 @@
#include "mock-locked-object.h"
#include "gck/gck-attributes.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-object.h"
#include "gck/gck-secret.h"
#include "gck/gck-session.h"
@@ -38,216 +38,216 @@ static GckModule *module = NULL;
static GckSession *session = NULL;
static GckObject *object = NULL;
-DEFINE_SETUP(authenticator_setup)
+DEFINE_SETUP(credential_setup)
{
CK_RV rv;
module = test_module_initialize_and_enter ();
session = test_module_open_session (TRUE);
-
+
rv = gck_module_C_Login (module, gck_session_get_handle (session), CKU_USER, NULL, 0);
g_assert (rv == CKR_OK);
-
+
object = mock_locked_object_new (module, gck_module_get_manager (module));
gck_object_expose (object, TRUE);
}
-DEFINE_TEARDOWN(authenticator_teardown)
+DEFINE_TEARDOWN(credential_teardown)
{
g_object_unref (object);
object = NULL;
-
+
test_module_leave_and_finalize ();
module = NULL;
session = NULL;
}
-DEFINE_TEST(authenticator_create)
+DEFINE_TEST(credential_create)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_OBJECT_HANDLE locked = gck_object_get_handle (object);
-
+
CK_ATTRIBUTE attrs[] = {
{ CKA_CLASS, &klass, sizeof (klass) },
- { CKA_GNOME_OBJECT, &locked, sizeof (locked) },
+ { CKA_G_OBJECT, &locked, sizeof (locked) },
{ CKA_VALUE, "mock", 4 },
};
-
+
CK_OBJECT_HANDLE handle;
CK_RV rv;
-
+
rv = gck_session_C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &handle);
g_assert (rv == CKR_OK);
g_assert (handle != 0);
-
+
rv = gck_session_C_DestroyObject (session, handle);
g_assert (rv == CKR_OK);
}
-DEFINE_TEST(authenticator_create_missing_pin)
+DEFINE_TEST(credential_create_missing_pin)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_OBJECT_HANDLE locked = gck_object_get_handle (object);
-
+
CK_ATTRIBUTE attrs[] = {
{ CKA_CLASS, &klass, sizeof (klass) },
- { CKA_GNOME_OBJECT, &locked, sizeof (locked) },
+ { CKA_G_OBJECT, &locked, sizeof (locked) },
};
-
+
CK_OBJECT_HANDLE handle;
CK_RV rv;
-
+
rv = gck_session_C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &handle);
g_assert (rv == CKR_USER_NOT_LOGGED_IN);
}
-DEFINE_TEST(authenticator_create_no_object)
+DEFINE_TEST(credential_create_no_object)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_BBOOL token = CK_FALSE;
-
+
CK_ATTRIBUTE attrs[] = {
- { CKA_TOKEN, &token, sizeof (token) },
+ { CKA_TOKEN, &token, sizeof (token) },
{ CKA_CLASS, &klass, sizeof (klass) },
};
-
+
CK_OBJECT_HANDLE handle;
CK_RV rv;
-
+
rv = gck_session_C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &handle);
g_assert (rv == CKR_TEMPLATE_INCOMPLETE);
}
-DEFINE_TEST(authenticator_create_invalid_object)
+DEFINE_TEST(credential_create_invalid_object)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_OBJECT_HANDLE locked = 0;
CK_BBOOL token = CK_FALSE;
-
+
CK_ATTRIBUTE attrs[] = {
- { CKA_TOKEN, &token, sizeof (token) },
+ { CKA_TOKEN, &token, sizeof (token) },
{ CKA_CLASS, &klass, sizeof (klass) },
- { CKA_GNOME_OBJECT, &locked, sizeof (locked) },
+ { CKA_G_OBJECT, &locked, sizeof (locked) },
};
-
+
CK_OBJECT_HANDLE handle;
CK_RV rv;
-
+
rv = gck_session_C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &handle);
g_assert (rv == CKR_OBJECT_HANDLE_INVALID);
}
-DEFINE_TEST(authenticator_get_attributes)
+DEFINE_TEST(credential_get_attributes)
{
- CK_OBJECT_CLASS klass = CKO_GNOME_AUTHENTICATOR;
+ CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL;
CK_OBJECT_HANDLE locked = gck_object_get_handle (object);
-
+
CK_ATTRIBUTE attrs[] = {
{ CKA_CLASS, &klass, sizeof (klass) },
- { CKA_GNOME_OBJECT, &locked, sizeof (locked) },
+ { CKA_G_OBJECT, &locked, sizeof (locked) },
{ CKA_VALUE, "mock", 4 },
};
-
+
CK_OBJECT_HANDLE handle;
CK_ATTRIBUTE check;
CK_ULONG value;
CK_RV rv;
-
+
rv = gck_session_C_CreateObject (session, attrs, G_N_ELEMENTS (attrs), &handle);
g_assert (rv == CKR_OK);
g_assert (handle != 0);
- check.type = CKA_GNOME_OBJECT;
+ check.type = CKA_G_OBJECT;
check.pValue = &value;
check.ulValueLen = sizeof (value);
-
+
rv = gck_session_C_GetAttributeValue (session, handle, &check, 1);
g_assert (rv == CKR_OK);
g_assert (check.ulValueLen == sizeof (value));
g_assert (value == locked);
- check.type = CKA_GNOME_USES_REMAINING;
+ check.type = CKA_G_USES_REMAINING;
check.pValue = &value;
check.ulValueLen = sizeof (value);
-
+
rv = gck_session_C_GetAttributeValue (session, handle, &check, 1);
g_assert (rv == CKR_OK);
g_assert (check.ulValueLen == sizeof (value));
g_assert (value == (CK_ULONG)-1);
}
-DEFINE_TEST(authenticator_uses_property)
+DEFINE_TEST(credential_uses_property)
{
- GckAuthenticator *auth;
+ GckCredential *auth;
gint uses;
CK_RV rv;
-
- rv = gck_authenticator_create (object, NULL, (guchar*)"mock", 4, &auth);
+
+ rv = gck_credential_create (object, NULL, (guchar*)"mock", 4, &auth);
g_assert (rv == CKR_OK);
g_assert (auth);
-
+
g_object_get (auth, "uses-remaining", &uses, NULL);
g_assert (uses == -1);
- gck_authenticator_set_uses_remaining (auth, 5);
+ gck_credential_set_uses_remaining (auth, 5);
- uses = gck_authenticator_get_uses_remaining (auth);
+ uses = gck_credential_get_uses_remaining (auth);
g_assert (uses == 5);
-
- gck_authenticator_throw_away_one_use (auth);
- uses = gck_authenticator_get_uses_remaining (auth);
+
+ gck_credential_throw_away_one_use (auth);
+ uses = gck_credential_get_uses_remaining (auth);
g_assert (uses == 4);
-
+
g_object_unref (auth);
}
-DEFINE_TEST(authenticator_object_property)
+DEFINE_TEST(credential_object_property)
{
- GckAuthenticator *auth;
+ GckCredential *auth;
GckObject *check;
CK_RV rv;
-
- rv = gck_authenticator_create (object, NULL, (guchar*)"mock", 4, &auth);
+
+ rv = gck_credential_create (object, NULL, (guchar*)"mock", 4, &auth);
g_assert (rv == CKR_OK);
g_assert (auth);
-
+
g_object_get (auth, "object", &check, NULL);
g_assert (check == object);
g_object_unref (check);
- check = gck_authenticator_get_object (auth);
+ check = gck_credential_get_object (auth);
g_assert (check == object);
-
+
g_object_unref (auth);
}
-DEFINE_TEST(authenticator_login_property)
+DEFINE_TEST(credential_login_property)
{
- GckAuthenticator *auth;
- GckSecret *check, *login;
+ GckCredential *cred;
+ GckSecret *check, *secret;
const gchar *password;
gsize n_password;
CK_RV rv;
-
- rv = gck_authenticator_create (object, NULL, (guchar*)"mock", 4, &auth);
+
+ rv = gck_credential_create (object, NULL, (guchar*)"mock", 4, &cred);
g_assert (rv == CKR_OK);
- g_assert (auth);
-
- g_object_get (auth, "login", &check, NULL);
+ g_assert (cred);
+
+ g_object_get (cred, "secret", &check, NULL);
g_assert (check);
password = gck_secret_get_password (check, &n_password);
g_assert (n_password == 4);
g_assert (memcmp (password, "mock", 4) == 0);
g_object_unref (check);
- check = gck_authenticator_get_login (auth);
+ check = gck_credential_get_secret (cred);
g_assert (n_password == 4);
g_assert (memcmp (password, "mock", 4) == 0);
- login = gck_secret_new ((guchar*)"xxx", -1);
- gck_authenticator_set_login (auth, login);
- check = gck_authenticator_get_login (auth);
- g_assert (check == login);
- g_object_unref (login);
-
- g_object_unref (auth);
+ secret = gck_secret_new ((guchar*)"xxx", -1);
+ gck_credential_set_secret (cred, secret);
+ check = gck_credential_get_secret (cred);
+ g_assert (check == secret);
+ g_object_unref (secret);
+
+ g_object_unref (cred);
}
diff --git a/pkcs11/pkcs11g.h b/pkcs11/pkcs11g.h
index 74b5b0f..d141e7d 100644
--- a/pkcs11/pkcs11g.h
+++ b/pkcs11/pkcs11g.h
@@ -96,13 +96,15 @@
#define CKA_GNOME_TRANSIENT (CKA_GNOME + 201)
/* -------------------------------------------------------------------
- * AUTHENTICATOR
+ * CREDENTIAL
*/
-#define CKO_GNOME_AUTHENTICATOR (CKO_GNOME + 100)
+#define CKO_G_CREDENTIAL (CKO_GNOME + 100)
-#define CKA_GNOME_OBJECT (CKA_GNOME + 202)
+#define CKA_G_OBJECT (CKA_GNOME + 202)
-#define CKA_GNOME_USES_REMAINING (CKA_GNOME + 203)
+#define CKA_G_USES_REMAINING (CKA_GNOME + 203)
+
+#define CKA_G_CREDENTIAL (CKA_GNOME + 204)
#endif /* PKCS11G_H */
diff --git a/pkcs11/secret-store/gck-secret-collection.c b/pkcs11/secret-store/gck-secret-collection.c
index 9029aa4..42de851 100644
--- a/pkcs11/secret-store/gck-secret-collection.c
+++ b/pkcs11/secret-store/gck-secret-collection.c
@@ -28,7 +28,7 @@
#include "gck-secret-textual.h"
#include "gck/gck-attributes.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-secret.h"
#include "gck/gck-session.h"
#include "gck/gck-transaction.h"
@@ -88,7 +88,7 @@ load_collection_and_secret_data (GckSecretCollection *self, GckSecretData *sdata
}
static gboolean
-find_unlocked_secret_data (GckAuthenticator *auth, GckObject *object, gpointer user_data)
+find_unlocked_secret_data (GckCredential *cred, GckObject *object, gpointer user_data)
{
GckSecretCollection *self = GCK_SECRET_COLLECTION (object);
GckSecretData **result = user_data;
@@ -96,7 +96,7 @@ find_unlocked_secret_data (GckAuthenticator *auth, GckObject *object, gpointer u
g_return_val_if_fail (!*result, FALSE);
- sdata = g_object_get_data (G_OBJECT (auth), "collection-secret-data");
+ sdata = g_object_get_data (G_OBJECT (cred), "collection-secret-data");
if (sdata) {
g_return_val_if_fail (sdata == self->sdata, FALSE);
*result = sdata;
@@ -212,7 +212,7 @@ factory_create_collection (GckSession *session, GckTransaction *transaction,
gchar *identifier = NULL;
gchar *label = NULL;
gboolean is_token;
- GckAuthenticator *auth;
+ GckCredential *cred;
CK_RV rv;
g_return_if_fail (GCK_IS_TRANSACTION (transaction));
@@ -257,15 +257,15 @@ factory_create_collection (GckSession *session, GckTransaction *transaction,
* currently a chicken and egg problem, as there's no way to set
* credentials. Actually currently there's no way to set credentials.
*/
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- NULL, 0, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ NULL, 0, &cred);
if (rv != CKR_OK) {
gck_transaction_fail (transaction, rv);
g_object_unref (collection);
} else {
- gck_session_add_session_object (session, transaction, GCK_OBJECT (auth));
+ gck_session_add_session_object (session, transaction, GCK_OBJECT (cred));
*result = GCK_OBJECT (collection);
- g_object_unref (auth);
+ g_object_unref (cred);
}
}
@@ -285,22 +285,22 @@ gck_secret_collection_get_attribute (GckObject *base, GckSession *session, CK_AT
}
static CK_RV
-gck_secret_collection_real_unlock (GckObject *obj, GckAuthenticator *auth)
+gck_secret_collection_real_unlock (GckObject *obj, GckCredential *cred)
{
GckSecretCollection *self = GCK_SECRET_COLLECTION (obj);
GckDataResult res;
GckSecretData *sdata;
GckSecret *master;
- master = gck_authenticator_get_login (auth);
+ master = gck_credential_get_secret (cred);
/* Already unlocked, make sure pin matches */
if (self->sdata) {
if (!gck_secret_equal (gck_secret_data_get_master (self->sdata), master))
return CKR_PIN_INCORRECT;
- /* Authenticator now tracks our secret data */
- g_object_set_data_full (G_OBJECT (auth), "collection-secret-data",
+ /* Credential now tracks our secret data */
+ g_object_set_data_full (G_OBJECT (cred), "collection-secret-data",
g_object_ref (self->sdata), g_object_unref);
return CKR_OK;
}
@@ -323,7 +323,7 @@ gck_secret_collection_real_unlock (GckObject *obj, GckAuthenticator *auth)
switch (res) {
case GCK_DATA_SUCCESS:
- g_object_set_data_full (G_OBJECT (auth), "collection-secret-data", sdata, g_object_unref);
+ g_object_set_data_full (G_OBJECT (cred), "collection-secret-data", sdata, g_object_unref);
track_secret_data (self, sdata);
return CKR_OK;
case GCK_DATA_LOCKED:
@@ -630,13 +630,13 @@ gck_secret_collection_unlocked_data (GckSecretCollection *self, GckSession *sess
g_return_val_if_fail (GCK_IS_SESSION (session), NULL);
/*
- * Look for authenticator objects that this session has access
+ * Look for credential objects that this session has access
* to, and use those to find the secret data. If a secret data is
* found, it should match the one we are tracking in self->sdata.
*/
- gck_session_for_each_authenticator (session, GCK_OBJECT (self),
- find_unlocked_secret_data, &sdata);
+ gck_session_for_each_credential (session, GCK_OBJECT (self),
+ find_unlocked_secret_data, &sdata);
return sdata;
}
@@ -647,7 +647,7 @@ gck_secret_collection_unlocked_clear (GckSecretCollection *self)
/*
* TODO: This is a tough one to implement. I'm holding off and wondering
* if we don't need it, perhaps? As it currently stands, what needs to happen
- * here is we need to find each and every authenticator that references the
+ * here is we need to find each and every credential that references the
* secret data for this collection and completely delete those objects.
*/
g_warning ("Clearing of secret data needs implementing");
diff --git a/pkcs11/secret-store/tests/unit-test-secret-collection.c b/pkcs11/secret-store/tests/unit-test-secret-collection.c
index 9182c07..f26975c 100644
--- a/pkcs11/secret-store/tests/unit-test-secret-collection.c
+++ b/pkcs11/secret-store/tests/unit-test-secret-collection.c
@@ -30,7 +30,7 @@
#include "gck-secret-collection.h"
#include "gck-secret-item.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-session.h"
#include "gck/gck-transaction.h"
@@ -82,15 +82,15 @@ DEFINE_TEST(secret_collection_is_locked)
DEFINE_TEST(secret_collection_unlocked_data)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
CK_RV rv;
- /* Create authenticator, which unlocks collection */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session), NULL, 0, &auth);
+ /* Create credential, which unlocks collection */
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session), NULL, 0, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
/* Collection should now be unlocked */
sdata = gck_secret_collection_unlocked_data (collection, session);
@@ -135,7 +135,7 @@ DEFINE_TEST(secret_collection_has_item)
DEFINE_TEST(secret_collection_load_unlock_plain)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
GckDataResult res;
gchar *filename;
@@ -150,10 +150,10 @@ DEFINE_TEST(secret_collection_load_unlock_plain)
g_assert (res == GCK_DATA_SUCCESS);
/* Unlock the keyring, which should load again */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session), NULL, 0, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session), NULL, 0, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
sdata = gck_secret_collection_unlocked_data (collection, session);
g_assert (sdata != NULL && GCK_IS_SECRET_DATA (sdata));
@@ -162,7 +162,7 @@ DEFINE_TEST(secret_collection_load_unlock_plain)
DEFINE_TEST(secret_collection_load_unlock_encrypted)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
GckDataResult res;
gchar *filename;
@@ -177,11 +177,11 @@ DEFINE_TEST(secret_collection_load_unlock_encrypted)
g_assert (res == GCK_DATA_SUCCESS);
/* Unlock the keyring, which should load again */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"my-keyring-password", 19, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"my-keyring-password", 19, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
sdata = gck_secret_collection_unlocked_data (collection, session);
g_assert (sdata != NULL && GCK_IS_SECRET_DATA (sdata));
@@ -190,7 +190,7 @@ DEFINE_TEST(secret_collection_load_unlock_encrypted)
DEFINE_TEST(secret_collection_load_unlock_bad_password)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckDataResult res;
gchar *filename;
CK_RV rv;
@@ -204,14 +204,14 @@ DEFINE_TEST(secret_collection_load_unlock_bad_password)
g_assert (res == GCK_DATA_SUCCESS);
/* Unlock the keyring, which should load again */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"wrong", 5, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"wrong", 5, &cred);
g_assert (rv == CKR_PIN_INCORRECT);
}
DEFINE_TEST(secret_collection_unlock_without_load)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
gchar *filename;
CK_RV rv;
@@ -221,11 +221,11 @@ DEFINE_TEST(secret_collection_unlock_without_load)
g_free (filename);
/* Unlock the keyring, which should load it */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"my-keyring-password", 19, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"my-keyring-password", 19, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
sdata = gck_secret_collection_unlocked_data (collection, session);
g_assert (sdata != NULL && GCK_IS_SECRET_DATA (sdata));
@@ -234,7 +234,7 @@ DEFINE_TEST(secret_collection_unlock_without_load)
DEFINE_TEST(secret_collection_twice_unlock)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
gchar *filename;
CK_RV rv;
@@ -244,18 +244,18 @@ DEFINE_TEST(secret_collection_twice_unlock)
g_free (filename);
/* Unlock the keyring, which should load */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"my-keyring-password", 19, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"my-keyring-password", 19, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
/* Unlock the keyring again, which should not reload */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"my-keyring-password", 19, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"my-keyring-password", 19, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
sdata = gck_secret_collection_unlocked_data (collection, session);
g_assert (sdata != NULL && GCK_IS_SECRET_DATA (sdata));
@@ -264,7 +264,7 @@ DEFINE_TEST(secret_collection_twice_unlock)
DEFINE_TEST(secret_collection_twice_unlock_bad_password)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckSecretData *sdata;
gchar *filename;
CK_RV rv;
@@ -274,15 +274,15 @@ DEFINE_TEST(secret_collection_twice_unlock_bad_password)
g_free (filename);
/* Unlock the keyring, which should load */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"my-keyring-password", 19, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"my-keyring-password", 19, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
/* Unlock the keyring again, wrong password */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"wrong", 5, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"wrong", 5, &cred);
g_assert (rv == CKR_PIN_INCORRECT);
sdata = gck_secret_collection_unlocked_data (collection, session);
@@ -292,7 +292,7 @@ DEFINE_TEST(secret_collection_twice_unlock_bad_password)
DEFINE_TEST(secret_collection_memory_unlock)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckDataResult res;
CK_RV rv;
@@ -301,16 +301,16 @@ DEFINE_TEST(secret_collection_memory_unlock)
g_assert (res == GCK_DATA_SUCCESS);
/* Unlock the keyring, which should load again */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- NULL, 0, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ NULL, 0, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
}
DEFINE_TEST(secret_collection_memory_unlock_bad_password)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
GckDataResult res;
CK_RV rv;
@@ -319,8 +319,8 @@ DEFINE_TEST(secret_collection_memory_unlock_bad_password)
g_assert (res == GCK_DATA_SUCCESS);
/* Unlock the keyring, which should load again */
- rv = gck_authenticator_create (GCK_OBJECT (collection), gck_session_get_manager (session),
- (guchar*)"wrong", 5, &auth);
+ rv = gck_credential_create (GCK_OBJECT (collection), gck_session_get_manager (session),
+ (guchar*)"wrong", 5, &cred);
g_assert (rv == CKR_PIN_INCORRECT);
}
diff --git a/pkcs11/secret-store/tests/unit-test-secret-item.c b/pkcs11/secret-store/tests/unit-test-secret-item.c
index fb5eb9b..d40f40f 100644
--- a/pkcs11/secret-store/tests/unit-test-secret-item.c
+++ b/pkcs11/secret-store/tests/unit-test-secret-item.c
@@ -30,7 +30,7 @@
#include "gck-secret-fields.h"
#include "gck-secret-item.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-session.h"
#include "gck/gck-transaction.h"
@@ -72,17 +72,17 @@ DEFINE_TEARDOWN(secret_item)
static void
unlock_collection(void)
{
- GckAuthenticator *auth;
+ GckCredential *cred;
CK_RV rv;
- /* Create authenticator, which unlocks collection */
- rv = gck_authenticator_create (GCK_OBJECT (collection),
- gck_session_get_manager (session),
- NULL, 0, &auth);
+ /* Create credential, which unlocks collection */
+ rv = gck_credential_create (GCK_OBJECT (collection),
+ gck_session_get_manager (session),
+ NULL, 0, &cred);
g_assert (rv == CKR_OK);
- gck_session_add_session_object (session, NULL, GCK_OBJECT (auth));
- g_object_unref (auth);
+ gck_session_add_session_object (session, NULL, GCK_OBJECT (cred));
+ g_object_unref (cred);
}
DEFINE_TEST(secret_item_new)
diff --git a/pkcs11/ssh-agent/gck-ssh-agent-ops.c b/pkcs11/ssh-agent/gck-ssh-agent-ops.c
index 6b5b494..8324374 100644
--- a/pkcs11/ssh-agent/gck-ssh-agent-ops.c
+++ b/pkcs11/ssh-agent/gck-ssh-agent-ops.c
@@ -371,8 +371,8 @@ lock_key_pair (GP11Session *session, GP11Object *priv, GP11Object *pub)
/* Delete any authenticator objects */
objects = gp11_session_find_objects (session, &error,
- CKA_CLASS, GP11_ULONG, CKO_GNOME_AUTHENTICATOR,
- CKA_GNOME_OBJECT, GP11_ULONG, gp11_object_get_handle (priv),
+ CKA_CLASS, GP11_ULONG, CKO_G_CREDENTIAL,
+ CKA_G_OBJECT, GP11_ULONG, gp11_object_get_handle (priv),
GP11_INVALID);
if (error) {
diff --git a/pkcs11/ssh-store/gck-ssh-private-key.c b/pkcs11/ssh-store/gck-ssh-private-key.c
index 1099fce..fdcbc5e 100644
--- a/pkcs11/ssh-store/gck-ssh-private-key.c
+++ b/pkcs11/ssh-store/gck-ssh-private-key.c
@@ -25,7 +25,7 @@
#include "gck-ssh-private-key.h"
#include "gck/gck-attributes.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-manager.h"
#include "gck/gck-module.h"
#include "gck/gck-object.h"
@@ -160,7 +160,7 @@ gck_ssh_private_key_get_attribute (GckObject *base, GckSession *session, CK_ATTR
}
static CK_RV
-gck_ssh_private_key_unlock (GckObject *base, GckAuthenticator *auth)
+gck_ssh_private_key_unlock (GckObject *base, GckCredential *cred)
{
GckSshPrivateKey *self = GCK_SSH_PRIVATE_KEY (base);
const gchar *password;
@@ -171,11 +171,11 @@ gck_ssh_private_key_unlock (GckObject *base, GckAuthenticator *auth)
if (!self->is_encrypted)
return CKR_OK;
- password = gck_authenticator_get_password (auth, &n_password);
+ password = gck_credential_get_password (cred, &n_password);
rv = unlock_private_key (self, password, n_password, &wrapper);
if (rv == CKR_OK) {
- gck_private_key_set_locked_private (GCK_PRIVATE_KEY (self), auth, wrapper);
+ gck_private_key_set_locked_private (GCK_PRIVATE_KEY (self), cred, wrapper);
gck_sexp_unref (wrapper);
}
diff --git a/pkcs11/ssh-store/tests/unit-test-private-key.c b/pkcs11/ssh-store/tests/unit-test-private-key.c
index 9e09997..8467767 100644
--- a/pkcs11/ssh-store/tests/unit-test-private-key.c
+++ b/pkcs11/ssh-store/tests/unit-test-private-key.c
@@ -24,7 +24,7 @@
#include "run-auto-test.h"
#include "test-ssh-module.h"
-#include "gck/gck-authenticator.h"
+#include "gck/gck-credential.h"
#include "gck/gck-session.h"
#include "gck/gck-module.h"
@@ -72,7 +72,7 @@ DEFINE_TEST(private_key_parse_plain)
DEFINE_TEST(private_key_parse_and_unlock)
{
GckSshPrivateKey *key;
- GckAuthenticator *auth;
+ GckCredential *cred;
gchar *pub_path, *priv_path;
gboolean ret;
CK_RV rv;
@@ -89,9 +89,9 @@ DEFINE_TEST(private_key_parse_and_unlock)
g_free (pub_path);
g_free (priv_path);
- rv = gck_authenticator_create (GCK_OBJECT (key), NULL, (guchar*)"password", 8, &auth);
+ rv = gck_credential_create (GCK_OBJECT (key), NULL, (guchar*)"password", 8, &cred);
g_assert (rv == CKR_OK);
-
- g_object_unref (auth);
+
+ g_object_unref (cred);
g_object_unref (key);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
