[glib-networking/tls-database: 7/7] pkcs11: Complete implementation of PKCS#11 util functions.
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/tls-database: 7/7] pkcs11: Complete implementation of PKCS#11 util functions.
- Date: Tue, 28 Dec 2010 02:54:54 +0000 (UTC)
commit 66bd583dc8b6ebf1d7130cb949c285da95d9454b
Author: Stef Walter <stefw collabora co uk>
Date: Mon Dec 27 20:54:06 2010 -0600
pkcs11: Complete implementation of PKCS#11 util functions.
* Add strings for all error codes as well.
tls/pkcs11/Makefile.am | 17 ++--
tls/pkcs11/gpkcs11slot.c | 12 +-
tls/pkcs11/gpkcs11util.c | 230 ++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 246 insertions(+), 13 deletions(-)
---
diff --git a/tls/pkcs11/Makefile.am b/tls/pkcs11/Makefile.am
index be8a479..0bf6952 100644
--- a/tls/pkcs11/Makefile.am
+++ b/tls/pkcs11/Makefile.am
@@ -6,13 +6,16 @@ noinst_LTLIBRARIES = \
libgiopkcs11.la
libgiopkcs11_la_SOURCES = \
- gpkcs11array.c \
- gpkcs11array.h \
- gpkcs11slot.c \
- gpkcs11slot.h \
- gpkcs11uri.c \
- gpkcs11uri.h \
- pkcs11.h \
+ gpkcs11array.c \
+ gpkcs11array.h \
+ gpkcs11slot.c \
+ gpkcs11slot.h \
+ gpkcs11uri.c \
+ gpkcs11uri.h \
+ gpkcs11util.c \
+ gpkcs11util.h \
+ pkcs11.h \
+ pkcs11-trust-assertions.h \
$(NULL)
libgiopkcs11_la_CFLAGS = \
diff --git a/tls/pkcs11/gpkcs11slot.c b/tls/pkcs11/gpkcs11slot.c
index 43e7cc1..02bf344 100644
--- a/tls/pkcs11/gpkcs11slot.c
+++ b/tls/pkcs11/gpkcs11slot.c
@@ -72,7 +72,7 @@ session_checkout_or_open (GPkcs11Slot *self,
NULL, NULL, &session);
if (rv != CKR_OK)
{
- g_pkcs11_util_propagate_error (error, rv);
+ g_pkcs11_propagate_error (error, rv);
return 0;
}
@@ -90,7 +90,7 @@ session_close (GPkcs11Slot *self,
rv = (self->priv->module->C_CloseSession) (session);
if (rv != CKR_OK)
g_warning ("couldn't close pkcs11 session: %s",
- g_pkcs11_util_rv_to_message (rv));
+ g_pkcs11_rv_to_message (rv));
}
static void
@@ -142,7 +142,7 @@ retrieve_object_attributes (GPkcs11Slot *self,
rv != CKR_ATTRIBUTE_TYPE_INVALID)
{
g_message ("couldn't read pkcs11 object attributes: %s",
- g_pkcs11_util_rv_to_message (rv));
+ g_pkcs11_rv_to_message (rv));
g_pkcs11_array_unref (result);
return NULL;
}
@@ -164,7 +164,7 @@ retrieve_object_attributes (GPkcs11Slot *self,
rv != CKR_BUFFER_TOO_SMALL)
{
g_message ("couldn't retrieve pkcs11 object attributes: %s",
- g_pkcs11_util_rv_to_message (rv));
+ g_pkcs11_rv_to_message (rv));
g_pkcs11_array_unref (result);
return NULL;
}
@@ -320,7 +320,7 @@ g_pkcs11_slot_login (GPkcs11Slot *self,
if (rv != CKR_OK)
{
- g_pkcs11_util_propagate_error (error, rv);
+ g_pkcs11_propagate_error (error, rv);
return FALSE;
}
@@ -388,7 +388,7 @@ g_pkcs11_slot_find_objects (GPkcs11Slot *self,
if (rv != CKR_OK && rv != CKR_TOKEN_NOT_PRESENT)
{
- g_pkcs11_util_propagate_error (error, rv);
+ g_pkcs11_propagate_error (error, rv);
status = G_PKCS11_SLOT_FIND_FAILED;
}
diff --git a/tls/pkcs11/gpkcs11util.c b/tls/pkcs11/gpkcs11util.c
new file mode 100644
index 0000000..9ea942b
--- /dev/null
+++ b/tls/pkcs11/gpkcs11util.c
@@ -0,0 +1,230 @@
+/* GIO - Small GLib wrapper of PKCS#11 for use in GTls
+ *
+ * Copyright © 2010 Collabora, Ltd
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: Stef Walter <stefw collabora co uk>
+ */
+
+#include "config.h"
+
+#include "gpkcs11util.h"
+
+#include <glib/gi18n-lib.h>
+
+GQuark
+g_pkcs11_get_error_domain (void)
+{
+ static GQuark domain = 0;
+ static volatile gsize quark_inited = 0;
+
+ if (g_once_init_enter (&quark_inited))
+ {
+ domain = g_quark_from_static_string ("g-pkcs11-error");
+ g_once_init_leave (&quark_inited, 1);
+ }
+
+ return domain;
+}
+
+const gchar*
+g_pkcs11_rv_to_message (CK_RV rv)
+{
+ switch (rv) {
+
+ /* These are not really errors, or not current */
+ case CKR_OK:
+ case CKR_NO_EVENT:
+ case CKR_FUNCTION_NOT_PARALLEL:
+ case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
+ g_return_val_if_reached ("");
+
+ case CKR_CANCEL:
+ case CKR_FUNCTION_CANCELED:
+ return _("The operation was cancelled");
+
+ case CKR_HOST_MEMORY:
+ return _("Insufficient memory available");
+ case CKR_SLOT_ID_INVALID:
+ return _("The specified slot ID is not valid");
+ case CKR_GENERAL_ERROR:
+ return _("Internal error");
+ case CKR_FUNCTION_FAILED:
+ return _("The operation failed");
+ case CKR_ARGUMENTS_BAD:
+ return _("Invalid arguments");
+ case CKR_NEED_TO_CREATE_THREADS:
+ return _("The module cannot create needed threads");
+ case CKR_CANT_LOCK:
+ return _("The module cannot lock data properly");
+ case CKR_ATTRIBUTE_READ_ONLY:
+ return _("The field is read-only");
+ case CKR_ATTRIBUTE_SENSITIVE:
+ return _("The field is sensitive and cannot be revealed");
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ return _("The field is invalid or does not exist");
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ return _("Invalid value for field");
+ case CKR_DATA_INVALID:
+ return _("The data is not valid or unrecognized");
+ case CKR_DATA_LEN_RANGE:
+ return _("The data is too long");
+ case CKR_DEVICE_ERROR:
+ return _("An error occurred on the device");
+ case CKR_DEVICE_MEMORY:
+ return _("Insufficient memory available on the device");
+ case CKR_DEVICE_REMOVED:
+ return _("The device was removed or unplugged");
+ case CKR_ENCRYPTED_DATA_INVALID:
+ return _("The encrypted data is not valid or unrecognized");
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ return _("The encrypted data is too long");
+ case CKR_FUNCTION_NOT_SUPPORTED:
+ return _("This operation is not supported");
+ case CKR_KEY_HANDLE_INVALID:
+ return _("The key is missing or invalid");
+ case CKR_KEY_SIZE_RANGE:
+ return _("The key is the wrong size");
+ case CKR_KEY_TYPE_INCONSISTENT:
+ return _("The key is of the wrong type");
+ case CKR_KEY_NOT_NEEDED:
+ return _("No key is needed");
+ case CKR_KEY_CHANGED:
+ return _("The key is different than before");
+ case CKR_KEY_NEEDED:
+ return _("A key is needed");
+ case CKR_KEY_INDIGESTIBLE:
+ return _("Cannot include the key in the digest");
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ return _("This operation cannot be done with this key");
+ case CKR_KEY_NOT_WRAPPABLE:
+ return _("The key cannot be wrapped");
+ case CKR_KEY_UNEXTRACTABLE:
+ return _("Cannot export this key");
+ case CKR_MECHANISM_INVALID:
+ return _("The crypto mechanism is invalid or unrecognized");
+ case CKR_MECHANISM_PARAM_INVALID:
+ return _("The crypto mechanism has an invalid argument");
+ case CKR_OBJECT_HANDLE_INVALID:
+ return _("The object is missing or invalid");
+ case CKR_OPERATION_ACTIVE:
+ return _("Another operation is already taking place");
+ case CKR_OPERATION_NOT_INITIALIZED:
+ return _("No operation is taking place");
+ case CKR_PIN_INCORRECT:
+ return _("The password or PIN is incorrect");
+ case CKR_PIN_INVALID:
+ return _("The password or PIN is invalid");
+ case CKR_PIN_LEN_RANGE:
+ return _("The password or PIN is of an invalid length");
+ case CKR_PIN_EXPIRED:
+ return _("The password or PIN has expired");
+ case CKR_PIN_LOCKED:
+ return _("The password or PIN is locked");
+ case CKR_SESSION_CLOSED:
+ return _("The session is closed");
+ case CKR_SESSION_COUNT:
+ return _("Too many sessions are active");
+ case CKR_SESSION_HANDLE_INVALID:
+ return _("The session is invalid");
+ case CKR_SESSION_READ_ONLY:
+ return _("The session is read-only");
+ case CKR_SESSION_EXISTS:
+ return _("An open session exists");
+ case CKR_SESSION_READ_ONLY_EXISTS:
+ return _("A read-only session exists");
+ case CKR_SESSION_READ_WRITE_SO_EXISTS:
+ return _("An administrator session exists");
+ case CKR_SIGNATURE_INVALID:
+ return _("The signature is bad or corrupted");
+ case CKR_SIGNATURE_LEN_RANGE:
+ return _("The signature is unrecognized or corrupted");
+ case CKR_TEMPLATE_INCOMPLETE:
+ return _("Certain required fields are missing");
+ case CKR_TEMPLATE_INCONSISTENT:
+ return _("Certain fields have invalid values");
+ case CKR_TOKEN_NOT_PRESENT:
+ return _("The device is not present or unplugged");
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ return _("The device is invalid or unrecognizable");
+ case CKR_TOKEN_WRITE_PROTECTED:
+ return _("The device is write protected");
+ case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
+ return _("Cannot import because the key is invalid");
+ case CKR_UNWRAPPING_KEY_SIZE_RANGE:
+ return _("Cannot import because the key is of the wrong size");
+ case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
+ return _("Cannot import because the key is of the wrong type");
+ case CKR_USER_ALREADY_LOGGED_IN:
+ return _("You are already logged in");
+ case CKR_USER_NOT_LOGGED_IN:
+ return _("No user has logged in");
+ case CKR_USER_PIN_NOT_INITIALIZED:
+ return _("The user's password or PIN is not set");
+ case CKR_USER_TYPE_INVALID:
+ return _("The user is of an invalid type");
+ case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
+ return _("Another user is already logged in");
+ case CKR_USER_TOO_MANY_TYPES:
+ return _("Too many users of different types are logged in");
+ case CKR_WRAPPED_KEY_INVALID:
+ return _("Cannot import an invalid key");
+ case CKR_WRAPPED_KEY_LEN_RANGE:
+ return _("Cannot import a key of the wrong size");
+ case CKR_WRAPPING_KEY_HANDLE_INVALID:
+ return _("Cannot export because the key is invalid");
+ case CKR_WRAPPING_KEY_SIZE_RANGE:
+ return _("Cannot export because the key is of the wrong size");
+ case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
+ return _("Cannot export because the key is of the wrong type");
+ case CKR_RANDOM_SEED_NOT_SUPPORTED:
+ return _("Unable to initialize the random number generator");
+ case CKR_RANDOM_NO_RNG:
+ return _("No random number generator available");
+ case CKR_DOMAIN_PARAMS_INVALID:
+ return _("The crypto mechanism has an invalid parameter");
+ case CKR_BUFFER_TOO_SMALL:
+ return _("Not enough space to store the result");
+ case CKR_SAVED_STATE_INVALID:
+ return _("The saved state is invalid");
+ case CKR_INFORMATION_SENSITIVE:
+ return _("The information is sensitive and cannot be revealed");
+ case CKR_STATE_UNSAVEABLE:
+ return _("The state cannot be saved");
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ return _("The module has not been initialized");
+ case CKR_CRYPTOKI_ALREADY_INITIALIZED:
+ return _("The module has already been initialized");
+ case CKR_MUTEX_BAD:
+ return _("Cannot lock data");
+ case CKR_MUTEX_NOT_LOCKED:
+ return _("The data cannot be locked");
+ case CKR_FUNCTION_REJECTED:
+ return _("The signature request was rejected by the user");
+
+ default:
+ g_message ("unknown error: %lu", (gulong)rv);
+ return _("Unknown error");
+ }
+}
+
+void
+g_pkcs11_propagate_error (GError **error, CK_RV rv)
+{
+ g_set_error_literal (error, G_PKCS11_ERROR, (gint)rv,
+ g_pkcs11_rv_to_message (rv));
+}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
