[gnome-keyring] [pkcs11] Fix problem with not storing secret value properly.
- From: Stefan Walter <stefw src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [gnome-keyring] [pkcs11] Fix problem with not storing secret value properly.
- Date: Sun, 14 Feb 2010 00:24:04 +0000 (UTC)
commit 9a271ef0518949f06fb5132ecad1ed93bcf4f72c
Author: Stef Walter <stef memberwebs com>
Date: Sat Feb 13 23:43:35 2010 +0000
[pkcs11] Fix problem with not storing secret value properly.
If a new object was not created, such as when unwrapping a
secret item, then the attributes set were not stored properly.
pkcs11/gck/gck-aes-key.c | 3 ++-
pkcs11/gck/gck-certificate.c | 3 ++-
pkcs11/gck/gck-credential.c | 3 ++-
pkcs11/gck/gck-dh-private-key.c | 3 ++-
pkcs11/gck/gck-dh-public-key.c | 3 ++-
pkcs11/gck/gck-null-key.c | 3 ++-
pkcs11/gck/gck-private-xsa-key.c | 3 ++-
pkcs11/gck/gck-public-xsa-key.c | 3 ++-
pkcs11/gck/gck-session.c | 6 +++---
pkcs11/gck/gck-session.h | 1 +
pkcs11/secret-store/gck-secret-collection.c | 3 ++-
pkcs11/secret-store/gck-secret-item.c | 11 ++++-------
pkcs11/secret-store/gck-secret-search.c | 3 ++-
pkcs11/user-store/gck-user-private-key.c | 3 ++-
pkcs11/user-store/gck-user-public-key.c | 3 ++-
15 files changed, 32 insertions(+), 22 deletions(-)
---
diff --git a/pkcs11/gck/gck-aes-key.c b/pkcs11/gck/gck-aes-key.c
index 6274703..14d11e5 100644
--- a/pkcs11/gck/gck-aes-key.c
+++ b/pkcs11/gck/gck-aes-key.c
@@ -129,7 +129,8 @@ factory_create_aes_key (GckSession *session, GckTransaction *transaction,
gck_attribute_consume (value);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (key);
}
diff --git a/pkcs11/gck/gck-certificate.c b/pkcs11/gck/gck-certificate.c
index 4761731..d547b26 100644
--- a/pkcs11/gck/gck-certificate.c
+++ b/pkcs11/gck/gck-certificate.c
@@ -275,7 +275,8 @@ factory_create_certificate (GckSession *session, GckTransaction *transaction,
/* Note that we ignore the subject */
gck_attributes_consume (attrs, n_attrs, CKA_VALUE, CKA_SUBJECT, G_MAXULONG);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (cert), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (cert),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (cert);
}
diff --git a/pkcs11/gck/gck-credential.c b/pkcs11/gck/gck-credential.c
index 74ce3e6..e3a6d58 100644
--- a/pkcs11/gck/gck-credential.c
+++ b/pkcs11/gck/gck-credential.c
@@ -93,7 +93,8 @@ factory_create_credential (GckSession *session, GckTransaction *transaction,
attr ? attr->ulValueLen : 0, &cred);
if (rv == CKR_OK) {
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (cred), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (cred),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (cred);
} else {
gck_transaction_fail (transaction, rv);
diff --git a/pkcs11/gck/gck-dh-private-key.c b/pkcs11/gck/gck-dh-private-key.c
index 72af177..278dea0 100644
--- a/pkcs11/gck/gck-dh-private-key.c
+++ b/pkcs11/gck/gck-dh-private-key.c
@@ -72,7 +72,8 @@ factory_create_dh_private_key (GckSession *session, GckTransaction *transaction,
idattr ? idattr->ulValueLen : 0));
gck_attributes_consume (attrs, n_attrs, CKA_PRIME, CKA_BASE, CKA_VALUE, G_MAXULONG);
- gck_session_complete_object_creation (session, transaction, object, attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, object,
+ TRUE, attrs, n_attrs);
return object;
}
diff --git a/pkcs11/gck/gck-dh-public-key.c b/pkcs11/gck/gck-dh-public-key.c
index d6f5284..be0bb25 100644
--- a/pkcs11/gck/gck-dh-public-key.c
+++ b/pkcs11/gck/gck-dh-public-key.c
@@ -72,7 +72,8 @@ factory_create_dh_public_key (GckSession *session, GckTransaction *transaction,
idattr ? idattr->ulValueLen : 0));
gck_attributes_consume (attrs, n_attrs, CKA_PRIME, CKA_BASE, CKA_VALUE, G_MAXULONG);
- gck_session_complete_object_creation (session, transaction, object, attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, object,
+ TRUE, attrs, n_attrs);
return object;
}
diff --git a/pkcs11/gck/gck-null-key.c b/pkcs11/gck/gck-null-key.c
index 7bb912d..75d8b76 100644
--- a/pkcs11/gck/gck-null-key.c
+++ b/pkcs11/gck/gck-null-key.c
@@ -53,7 +53,8 @@ factory_create_null_key (GckSession *session, GckTransaction *transaction,
"manager", manager,
NULL);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (key);
}
diff --git a/pkcs11/gck/gck-private-xsa-key.c b/pkcs11/gck/gck-private-xsa-key.c
index 5940309..4c2704a 100644
--- a/pkcs11/gck/gck-private-xsa-key.c
+++ b/pkcs11/gck/gck-private-xsa-key.c
@@ -163,7 +163,8 @@ factory_create_private_xsa_key (GckSession *session, GckTransaction *transaction
NULL);
key->pv->sexp = sexp;
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (key);
}
diff --git a/pkcs11/gck/gck-public-xsa-key.c b/pkcs11/gck/gck-public-xsa-key.c
index e6f3eb9..f28d56a 100644
--- a/pkcs11/gck/gck-public-xsa-key.c
+++ b/pkcs11/gck/gck-public-xsa-key.c
@@ -155,7 +155,8 @@ factory_create_public_xsa_key (GckSession *session, GckTransaction *transaction,
"manager", gck_manager_for_template (attrs, n_attrs, session),
NULL);
gck_sexp_unref (sexp);
- gck_session_complete_object_creation (session, transaction, object, attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, object,
+ TRUE, attrs, n_attrs);
}
return object;
diff --git a/pkcs11/gck/gck-session.c b/pkcs11/gck/gck-session.c
index 1389d7d..d2f0ae4 100644
--- a/pkcs11/gck/gck-session.c
+++ b/pkcs11/gck/gck-session.c
@@ -836,8 +836,8 @@ gck_session_create_object_for_attributes (GckSession *self, GckTransaction *tran
}
void
-gck_session_complete_object_creation (GckSession *self, GckTransaction *transaction,
- GckObject *object, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
+gck_session_complete_object_creation (GckSession *self, GckTransaction *transaction, GckObject *object,
+ gboolean add, CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
{
gboolean is_private;
gulong i;
@@ -873,7 +873,7 @@ gck_session_complete_object_creation (GckSession *self, GckTransaction *transact
}
/* Add the object to session or token */
- if (!gck_transaction_get_failed (transaction)) {
+ if (add && !gck_transaction_get_failed (transaction)) {
if (gck_object_is_token (object))
gck_module_add_token_object (self->pv->module, transaction, object);
else
diff --git a/pkcs11/gck/gck-session.h b/pkcs11/gck/gck-session.h
index 290443d..fa4cb01 100644
--- a/pkcs11/gck/gck-session.h
+++ b/pkcs11/gck/gck-session.h
@@ -117,6 +117,7 @@ GckObject* gck_session_create_object_for_attributes (GckSess
void gck_session_complete_object_creation (GckSession *self,
GckTransaction *transaction,
GckObject *object,
+ gboolean add,
CK_ATTRIBUTE_PTR attrs,
CK_ULONG n_attrs);
diff --git a/pkcs11/secret-store/gck-secret-collection.c b/pkcs11/secret-store/gck-secret-collection.c
index 4be98dc..613c1ae 100644
--- a/pkcs11/secret-store/gck-secret-collection.c
+++ b/pkcs11/secret-store/gck-secret-collection.c
@@ -297,7 +297,8 @@ factory_create_collection (GckSession *session, GckTransaction *transaction,
g_object_unref (sdata);
gck_attributes_consume (attrs, n_attrs, CKA_G_CREDENTIAL, G_MAXULONG);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (collection), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (collection),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (collection);
}
diff --git a/pkcs11/secret-store/gck-secret-item.c b/pkcs11/secret-store/gck-secret-item.c
index 5c77723..0c7636d 100644
--- a/pkcs11/secret-store/gck-secret-item.c
+++ b/pkcs11/secret-store/gck-secret-item.c
@@ -141,7 +141,6 @@ factory_create_item (GckSession *session, GckTransaction *transaction,
CK_ATTRIBUTE *attr;
gboolean is_token;
gchar *identifier;
- CK_ULONG i;
g_return_val_if_fail (GCK_IS_TRANSACTION (transaction), NULL);
g_return_val_if_fail (attrs || !n_attrs, NULL);
@@ -176,18 +175,16 @@ factory_create_item (GckSession *session, GckTransaction *transaction,
gck_transaction_fail (transaction, CKR_TEMPLATE_INCONSISTENT);
return NULL;
} else {
- gck_attributes_consume (attrs, n_attrs, CKA_ID, CKA_TOKEN, G_MAXULONG);
- for (i = 0; i < n_attrs && !gck_transaction_get_failed (transaction); ++i) {
- if (!gck_attribute_consumed (&attrs[i]))
- gck_object_set_attribute (GCK_OBJECT (item), session, transaction, &attrs[i]);
- }
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (item),
+ FALSE, attrs, n_attrs);
return g_object_ref (item);
}
}
/* Create a new collection which will own the item */
item = gck_secret_collection_create_item (collection, transaction);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (item), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (item),
+ TRUE, attrs, n_attrs);
return g_object_ref (item);
}
diff --git a/pkcs11/secret-store/gck-secret-search.c b/pkcs11/secret-store/gck-secret-search.c
index 1315687..07bcd5f 100644
--- a/pkcs11/secret-store/gck-secret-search.c
+++ b/pkcs11/secret-store/gck-secret-search.c
@@ -240,7 +240,8 @@ factory_create_search (GckSession *session, GckTransaction *transaction,
populate_search_from_manager (search, s_manager);
populate_search_from_manager (search, m_manager);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (search), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (search),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (search);
}
diff --git a/pkcs11/user-store/gck-user-private-key.c b/pkcs11/user-store/gck-user-private-key.c
index 7577c72..5ee57a3 100644
--- a/pkcs11/user-store/gck-user-private-key.c
+++ b/pkcs11/user-store/gck-user-private-key.c
@@ -83,7 +83,8 @@ factory_create_private_key (GckSession *session, GckTransaction *transaction,
gck_sexp_unref (sexp);
- gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key), attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key),
+ TRUE, attrs, n_attrs);
return GCK_OBJECT (key);
}
diff --git a/pkcs11/user-store/gck-user-public-key.c b/pkcs11/user-store/gck-user-public-key.c
index 6b2d69c..ce20d1d 100644
--- a/pkcs11/user-store/gck-user-public-key.c
+++ b/pkcs11/user-store/gck-user-public-key.c
@@ -62,7 +62,8 @@ factory_create_public_key (GckSession *session, GckTransaction *transaction,
"manager", gck_manager_for_template (attrs, n_attrs, session),
NULL);
gck_sexp_unref (sexp);
- gck_session_complete_object_creation (session, transaction, object, attrs, n_attrs);
+ gck_session_complete_object_creation (session, transaction, object,
+ TRUE, attrs, n_attrs);
}
return object;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
