[gnome-keyring/gck-work] [gck] Simplify use of GckMechanism
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring/gck-work] [gck] Simplify use of GckMechanism
- Date: Tue, 28 Sep 2010 01:12:29 +0000 (UTC)
commit 5d43af10ea3482c14aa21c99355bee68b3b66e87
Author: Stef Walter <stef memberwebs com>
Date: Tue Sep 28 01:05:41 2010 +0000
[gck] Simplify use of GckMechanism
There's no way to do a deep copy of a GckMechanisms aka CK_MECHANISM.
The parameter may contain pointers to other memory else where. So we
do a shallow copy instead. The memory is expected to stay around just
like a buffer.
daemon/dbus/gkd-secret-session.c | 45 +++++++---------
gck/gck-misc.c | 83 -----------------------------
gck/gck-private.h | 2 +
gck/gck-session.c | 106 +++++++++++++++++++++++++++-----------
gck/gck.h | 12 +----
gck/tests/Makefile.am | 1 -
gck/tests/test-gck-crypto.c | 105 +++++++++++++++----------------------
gck/tests/test-gck-mechanism.c | 60 ---------------------
8 files changed, 140 insertions(+), 274 deletions(-)
---
diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c
index eb39afa..939360e 100644
--- a/daemon/dbus/gkd-secret-session.c
+++ b/daemon/dbus/gkd-secret-session.c
@@ -86,7 +86,6 @@ aes_create_dh_keys (GckSession *session, const gchar *group,
GckAttributes *attrs;
gconstpointer prime, base;
gsize n_prime, n_base;
- GckMechanism *mech;
GError *error = NULL;
gboolean ret;
@@ -99,13 +98,10 @@ aes_create_dh_keys (GckSession *session, const gchar *group,
gck_attributes_add_data (attrs, CKA_PRIME, prime, n_prime);
gck_attributes_add_data (attrs, CKA_BASE, base, n_base);
- mech = gck_mechanism_new (CKM_DH_PKCS_KEY_PAIR_GEN);
-
/* Perform the DH key generation */
- ret = gck_session_generate_key_pair_full (session, mech, attrs, attrs,
- pub_key, priv_key, NULL, &error);
+ ret = gck_session_generate_key_pair (session, CKM_DH_PKCS_KEY_PAIR_GEN, attrs, attrs,
+ pub_key, priv_key, NULL, &error);
- gck_mechanism_unref (mech);
gck_attributes_unref (attrs);
if (ret == FALSE) {
@@ -122,18 +118,16 @@ aes_derive_key (GckSession *session, GckObject *priv_key,
gconstpointer input, gsize n_input, GckObject **aes_key)
{
GError *error = NULL;
- GckMechanism *mech;
+ GckMechanism mech = { CKM_DH_PKCS_DERIVE, input, n_input };
GckAttributes *attrs;
- mech = gck_mechanism_new_with_param (CKM_DH_PKCS_DERIVE, input, n_input);
attrs = gck_attributes_new ();
gck_attributes_add_ulong (attrs, CKA_VALUE_LEN, 16UL);
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
gck_attributes_add_ulong (attrs, CKA_KEY_TYPE, CKK_AES);
- *aes_key = gck_session_derive_key_full (session, priv_key, mech, attrs, NULL, &error);
+ *aes_key = gck_session_derive_key_full (session, priv_key, &mech, attrs, NULL, &error);
- gck_mechanism_unref (mech);
gck_attributes_unref (attrs);
if (!*aes_key) {
@@ -576,7 +570,7 @@ GkdSecretSecret*
gkd_secret_session_get_item_secret (GkdSecretSession *self, GckObject *item,
DBusError *derr)
{
- GckMechanism *mech;
+ GckMechanism mech = { 0UL, NULL, 0 };
GckSession *session;
gpointer value, iv;
gsize n_value, n_iv;
@@ -591,16 +585,17 @@ gkd_secret_session_get_item_secret (GkdSecretSession *self, GckObject *item,
n_iv = 16;
iv = g_malloc (n_iv);
gcry_create_nonce (iv, n_iv);
- mech = gck_mechanism_new_with_param (CKM_AES_CBC_PAD, iv, n_iv);
} else {
n_iv = 0;
iv = NULL;
- mech = gck_mechanism_new (self->mech_type);
}
- value = gck_session_wrap_key_full (session, self->key, mech, item, &n_value,
+ mech.type = self->mech_type;
+ mech.parameter = iv;
+ mech.n_parameter = n_iv;
+
+ value = gck_session_wrap_key_full (session, self->key, &mech, item, &n_value,
NULL, &error);
- gck_mechanism_unref (mech);
if (value == NULL) {
if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN)) {
@@ -623,7 +618,7 @@ gboolean
gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item,
GkdSecretSecret *secret, DBusError *derr)
{
- GckMechanism *mech;
+ GckMechanism mech;
GckObject *object;
GckSession *session;
GError *error = NULL;
@@ -652,13 +647,13 @@ gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item,
session = gkd_secret_service_get_pkcs11_session (self->service, self->caller);
g_return_val_if_fail (session, FALSE);
- mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter,
- secret->n_parameter);
+ mech.type = self->mech_type;
+ mech.parameter = secret->parameter;
+ mech.n_parameter = secret->n_parameter;
- object = gck_session_unwrap_key_full (session, self->key, mech, secret->value,
+ object = gck_session_unwrap_key_full (session, self->key, &mech, secret->value,
secret->n_value, attrs, NULL, &error);
- gck_mechanism_unref (mech);
gck_attributes_unref (attrs);
if (object == NULL) {
@@ -695,7 +690,7 @@ gkd_secret_session_create_credential (GkdSecretSession *self, GckSession *sessio
DBusError *derr)
{
GckAttributes *alloc = NULL;
- GckMechanism *mech;
+ GckMechanism mech;
GckObject *object;
GError *error = NULL;
@@ -712,13 +707,13 @@ gkd_secret_session_create_credential (GkdSecretSession *self, GckSession *sessio
gck_attributes_add_boolean (attrs, CKA_TOKEN, FALSE);
}
- mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter,
- secret->n_parameter);
+ mech.type = self->mech_type;
+ mech.parameter = secret->parameter;
+ mech.n_parameter = secret->n_parameter;
- object = gck_session_unwrap_key_full (session, self->key, mech, secret->value,
+ object = gck_session_unwrap_key_full (session, self->key, &mech, secret->value,
secret->n_value, attrs, NULL, &error);
- gck_mechanism_unref (mech);
gck_attributes_unref (alloc);
if (object == NULL) {
diff --git a/gck/gck-misc.c b/gck/gck-misc.c
index a08bbc5..523e14b 100644
--- a/gck/gck-misc.c
+++ b/gck/gck-misc.c
@@ -353,89 +353,6 @@ _gck_ulong_equal (gconstpointer v1, gconstpointer v2)
return *((const gulong*)v1) == *((const gulong*)v2);
}
-static GQuark mechanism_quark = 0;
-
-static void
-free_refs (gpointer data)
-{
- gint *refs = data;
- g_assert (refs);
- g_assert (*refs == 0);
- g_slice_free (gint, data);
-}
-
-GckMechanism*
-gck_mechanism_new (gulong type)
-{
- return gck_mechanism_new_with_param (type, NULL, 0);
-}
-
-GckMechanism*
-gck_mechanism_new_with_param (gulong type, gconstpointer parameter,
- gulong n_parameter)
-{
- static volatile gsize inited_quark = 0;
- GckMechanism *mech;
- gint *refs;
-
- /* Initialize first time around */
- if (g_once_init_enter (&inited_quark)) {
- mechanism_quark = g_quark_from_static_string ("GckMechanism::refs");
- g_once_init_leave (&inited_quark, 1);
- }
-
- mech = g_slice_new (GckMechanism);
- mech->type = type;
- mech->parameter = g_memdup (parameter, n_parameter);
- mech->n_parameter = n_parameter;
-
- refs = g_slice_new (gint);
- *refs = 1;
- g_dataset_id_set_data_full (mech, mechanism_quark, refs, free_refs);
-
- return mech;
-}
-
-GckMechanism*
-gck_mechanism_ref (GckMechanism* mech)
-{
- gint *refs;
-
- g_return_val_if_fail (mech, NULL);
-
- refs = g_dataset_id_get_data (mech, mechanism_quark);
- if (refs == NULL) {
- g_warning ("Encountered invalid GckMechanism struct. Either it was unreffed or "
- "possibly allocated on the stack. Always use gck_mechanism_new () and friends.");
- return NULL;
- }
-
- g_atomic_int_add (refs, 1);
- return mech;
-}
-
-void
-gck_mechanism_unref (GckMechanism* mech)
-{
- gint *refs;
-
- if (!mech)
- return;
-
- refs = g_dataset_id_get_data (mech, mechanism_quark);
- if (refs == NULL) {
- g_warning ("Encountered invalid GckMechanism struct. Either it was unreffed or "
- "possibly allocated on the stack. Always use gck_mechanism_new () and friends.");
- return;
- }
-
- if (g_atomic_int_dec_and_test (refs)) {
- g_free (mech->parameter);
- g_dataset_id_remove_data (mech, mechanism_quark);
- g_slice_free (GckMechanism, mech);
- }
-}
-
gboolean
gck_value_to_ulong (gconstpointer value, gsize length, gulong *result)
{
diff --git a/gck/gck-private.h b/gck/gck-private.h
index 00af629..91727fe 100644
--- a/gck/gck-private.h
+++ b/gck/gck-private.h
@@ -106,6 +106,8 @@ typedef struct _GckArguments {
} GckArguments;
+#define GCK_MECHANISM_EMPTY { 0UL, NULL, 0 }
+
#define GCK_ARGUMENTS_INIT { NULL, NULL, 0 }
#define GCK_TYPE_CALL (_gck_call_get_type())
diff --git a/gck/gck-session.c b/gck/gck-session.c
index b9a419f..4c900b7 100644
--- a/gck/gck-session.c
+++ b/gck/gck-session.c
@@ -1103,7 +1103,7 @@ gck_session_find_objects_finish (GckSession *self, GAsyncResult *result, GError
typedef struct _GenerateKeyPair {
GckArguments base;
- GckMechanism *mechanism;
+ GckMechanism mechanism;
GckAttributes *public_attrs;
GckAttributes *private_attrs;
CK_OBJECT_HANDLE public_key;
@@ -1113,7 +1113,6 @@ typedef struct _GenerateKeyPair {
static void
free_generate_key_pair (GenerateKeyPair *args)
{
- gck_mechanism_unref (args->mechanism);
gck_attributes_unref (args->public_attrs);
gck_attributes_unref (args->private_attrs);
g_free (args);
@@ -1131,7 +1130,7 @@ perform_generate_key_pair (GenerateKeyPair *args)
priv_attrs = _gck_attributes_commit_out (args->private_attrs, &n_priv_attrs);
return (args->base.pkcs11->C_GenerateKeyPair) (args->base.handle,
- (CK_MECHANISM_PTR)args->mechanism,
+ (CK_MECHANISM_PTR)&(args->mechanism),
pub_attrs, n_pub_attrs,
priv_attrs, n_priv_attrs,
&args->public_key,
@@ -1139,6 +1138,32 @@ perform_generate_key_pair (GenerateKeyPair *args)
}
/**
+ * gck_session_generate_key_pair:
+ * @self: The session to use.
+ * @mech_type: The mechanism type to use for key generation.
+ * @public_attrs: Additional attributes for the generated public key.
+ * @private_attrs: Additional attributes for the generated private key.
+ * @public_key: A location to return the resulting public key.
+ * @private_key: A location to return the resulting private key.
+ * @cancellable: Optional cancellation object, or NULL.
+ * @err: A location to return an error, or NULL.
+ *
+ * Generate a new key pair of public and private keys. This call may block for an
+ * indefinite period.
+ *
+ * Return value: TRUE if the operation succeeded.
+ **/
+gboolean
+gck_session_generate_key_pair (GckSession *self, gulong mech_type,
+ GckAttributes *public_attrs, GckAttributes *private_attrs,
+ GckObject **public_key, GckObject **private_key,
+ GCancellable *cancellable, GError **err)
+{
+ GckMechanism mech = { mech_type, NULL, 0 };
+ return gck_session_generate_key_pair_full (self, &mech, public_attrs, private_attrs, public_key, private_key, cancellable, err);
+}
+
+/**
* gck_session_generate_key_pair_full:
* @self: The session to use.
* @mechanism: The mechanism to use for key generation.
@@ -1160,7 +1185,7 @@ gck_session_generate_key_pair_full (GckSession *self, GckMechanism *mechanism,
GckObject **public_key, GckObject **private_key,
GCancellable *cancellable, GError **err)
{
- GenerateKeyPair args = { GCK_ARGUMENTS_INIT, mechanism, public_attrs, private_attrs, 0, 0 };
+ GenerateKeyPair args = { GCK_ARGUMENTS_INIT, GCK_MECHANISM_EMPTY, public_attrs, private_attrs, 0, 0 };
gboolean ret;
g_return_val_if_fail (GCK_IS_SESSION (self), FALSE);
@@ -1170,6 +1195,9 @@ gck_session_generate_key_pair_full (GckSession *self, GckMechanism *mechanism,
g_return_val_if_fail (public_key, FALSE);
g_return_val_if_fail (private_key, FALSE);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
+
_gck_attributes_lock (public_attrs);
if (public_attrs != private_attrs)
_gck_attributes_lock (private_attrs);
@@ -1213,12 +1241,14 @@ gck_session_generate_key_pair_async (GckSession *self, GckMechanism *mechanism,
g_return_if_fail (public_attrs);
g_return_if_fail (private_attrs);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
+
args->public_attrs = gck_attributes_ref (public_attrs);
_gck_attributes_lock (public_attrs);
args->private_attrs = gck_attributes_ref (private_attrs);
if (public_attrs != private_attrs)
_gck_attributes_lock (private_attrs);
- args->mechanism = gck_mechanism_ref (mechanism);
_gck_call_async_ready_go (args, cancellable, callback, user_data);
}
@@ -1265,7 +1295,7 @@ gck_session_generate_key_pair_finish (GckSession *self, GAsyncResult *result,
typedef struct _WrapKey {
GckArguments base;
- GckMechanism *mechanism;
+ GckMechanism mechanism;
CK_OBJECT_HANDLE wrapper;
CK_OBJECT_HANDLE wrapped;
gpointer result;
@@ -1275,7 +1305,6 @@ typedef struct _WrapKey {
static void
free_wrap_key (WrapKey *args)
{
- gck_mechanism_unref (args->mechanism);
g_free (args->result);
g_free (args);
}
@@ -1289,7 +1318,7 @@ perform_wrap_key (WrapKey *args)
/* Get the length of the result */
rv = (args->base.pkcs11->C_WrapKey) (args->base.handle,
- (CK_MECHANISM_PTR)args->mechanism,
+ (CK_MECHANISM_PTR)&(args->mechanism),
args->wrapper, args->wrapped,
NULL, &args->n_result);
if (rv != CKR_OK)
@@ -1298,7 +1327,7 @@ perform_wrap_key (WrapKey *args)
/* And try again with a real buffer */
args->result = g_malloc0 (args->n_result);
return (args->base.pkcs11->C_WrapKey) (args->base.handle,
- (CK_MECHANISM_PTR)args->mechanism,
+ (CK_MECHANISM_PTR)&(args->mechanism),
args->wrapper, args->wrapped,
args->result, &args->n_result);
}
@@ -1345,7 +1374,7 @@ gck_session_wrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism *m
GckObject *wrapped, gsize *n_result, GCancellable *cancellable,
GError **err)
{
- WrapKey args = { GCK_ARGUMENTS_INIT, mechanism, 0, 0, NULL, 0 };
+ WrapKey args = { GCK_ARGUMENTS_INIT, GCK_MECHANISM_EMPTY, 0, 0, NULL, 0 };
gboolean ret;
g_return_val_if_fail (GCK_IS_SESSION (self), FALSE);
@@ -1354,6 +1383,9 @@ gck_session_wrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism *m
g_return_val_if_fail (GCK_IS_OBJECT (wrapper), FALSE);
g_return_val_if_fail (n_result, FALSE);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
+
g_object_get (wrapper, "handle", &args.wrapper, NULL);
g_return_val_if_fail (args.wrapper != 0, NULL);
g_object_get (wrapped, "handle", &args.wrapped, NULL);
@@ -1394,7 +1426,9 @@ gck_session_wrap_key_async (GckSession *self, GckObject *key, GckMechanism *mech
g_return_if_fail (GCK_IS_OBJECT (wrapped));
g_return_if_fail (GCK_IS_OBJECT (key));
- args->mechanism = gck_mechanism_ref (mechanism);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
+
g_object_get (key, "handle", &args->wrapper, NULL);
g_return_if_fail (args->wrapper != 0);
g_object_get (wrapped, "handle", &args->wrapped, NULL);
@@ -1443,7 +1477,7 @@ gck_session_wrap_key_finish (GckSession *self, GAsyncResult *result,
typedef struct _UnwrapKey {
GckArguments base;
- GckMechanism *mechanism;
+ GckMechanism mechanism;
GckAttributes *attrs;
CK_OBJECT_HANDLE wrapper;
gconstpointer input;
@@ -1454,7 +1488,6 @@ typedef struct _UnwrapKey {
static void
free_unwrap_key (UnwrapKey *args)
{
- gck_mechanism_unref (args->mechanism);
gck_attributes_unref (args->attrs);
g_free (args);
}
@@ -1470,7 +1503,7 @@ perform_unwrap_key (UnwrapKey *args)
attrs = _gck_attributes_commit_out (args->attrs, &n_attrs);
return (args->base.pkcs11->C_UnwrapKey) (args->base.handle,
- (CK_MECHANISM_PTR)args->mechanism,
+ (CK_MECHANISM_PTR)&(args->mechanism),
args->wrapper, (CK_BYTE_PTR)args->input,
args->n_input, attrs, n_attrs,
&args->unwrapped);
@@ -1522,7 +1555,7 @@ gck_session_unwrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism
gconstpointer input, gsize n_input, GckAttributes *attrs,
GCancellable *cancellable, GError **err)
{
- UnwrapKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, input, n_input, 0 };
+ UnwrapKey args = { GCK_ARGUMENTS_INIT, GCK_MECHANISM_EMPTY, attrs, 0, input, n_input, 0 };
gboolean ret;
g_return_val_if_fail (GCK_IS_SESSION (self), FALSE);
@@ -1530,6 +1563,9 @@ gck_session_unwrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism
g_return_val_if_fail (mechanism, FALSE);
g_return_val_if_fail (attrs, FALSE);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
+
g_object_get (wrapper, "handle", &args.wrapper, NULL);
g_return_val_if_fail (args.wrapper != 0, NULL);
@@ -1574,7 +1610,9 @@ gck_session_unwrap_key_async (GckSession *self, GckObject *wrapper, GckMechanism
g_object_get (wrapper, "handle", &args->wrapper, NULL);
g_return_if_fail (args->wrapper != 0);
- args->mechanism = gck_mechanism_ref (mechanism);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
+
args->attrs = gck_attributes_ref (attrs);
args->input = input;
args->n_input = n_input;
@@ -1614,7 +1652,7 @@ gck_session_unwrap_key_finish (GckSession *self, GAsyncResult *result, GError **
typedef struct _DeriveKey {
GckArguments base;
- GckMechanism *mechanism;
+ GckMechanism mechanism;
GckAttributes *attrs;
CK_OBJECT_HANDLE key;
CK_OBJECT_HANDLE derived;
@@ -1623,7 +1661,6 @@ typedef struct _DeriveKey {
static void
free_derive_key (DeriveKey *args)
{
- gck_mechanism_unref (args->mechanism);
gck_attributes_unref (args->attrs);
g_free (args);
}
@@ -1639,7 +1676,7 @@ perform_derive_key (DeriveKey *args)
attrs = _gck_attributes_commit_out (args->attrs, &n_attrs);
return (args->base.pkcs11->C_DeriveKey) (args->base.handle,
- (CK_MECHANISM_PTR)args->mechanism,
+ (CK_MECHANISM_PTR)&(args->mechanism),
args->key, attrs, n_attrs,
&args->derived);
}
@@ -1684,7 +1721,7 @@ GckObject*
gck_session_derive_key_full (GckSession *self, GckObject *base, GckMechanism *mechanism,
GckAttributes *attrs, GCancellable *cancellable, GError **err)
{
- DeriveKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, 0 };
+ DeriveKey args = { GCK_ARGUMENTS_INIT, GCK_MECHANISM_EMPTY, attrs, 0, 0 };
gboolean ret;
g_return_val_if_fail (GCK_IS_SESSION (self), FALSE);
@@ -1692,6 +1729,9 @@ gck_session_derive_key_full (GckSession *self, GckObject *base, GckMechanism *me
g_return_val_if_fail (mechanism, FALSE);
g_return_val_if_fail (attrs, FALSE);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
+
g_object_get (base, "handle", &args.key, NULL);
g_return_val_if_fail (args.key != 0, NULL);
@@ -1733,7 +1773,9 @@ gck_session_derive_key_async (GckSession *self, GckObject *base, GckMechanism *m
g_object_get (base, "handle", &args->key, NULL);
g_return_if_fail (args->key != 0);
- args->mechanism = gck_mechanism_ref (mechanism);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
+
args->attrs = gck_attributes_ref (attrs);
_gck_attributes_lock (attrs);
@@ -1954,7 +1996,7 @@ typedef struct _Crypt {
/* Input */
CK_OBJECT_HANDLE key;
- GckMechanism *mech;
+ GckMechanism mechanism;
guchar *input;
CK_ULONG n_input;
@@ -1976,7 +2018,7 @@ perform_crypt (Crypt *args)
g_assert (!args->n_result);
/* Initialize the crypt operation */
- rv = (args->init_func) (args->base.handle, (CK_MECHANISM_PTR)args->mech, args->key);
+ rv = (args->init_func) (args->base.handle, (CK_MECHANISM_PTR)&(args->mechanism), args->key);
if (rv != CKR_OK)
return rv;
@@ -2008,7 +2050,6 @@ static void
free_crypt (Crypt *args)
{
g_free (args->input);
- gck_mechanism_unref (args->mech);
g_free (args->result);
g_free (args);
}
@@ -2030,7 +2071,8 @@ crypt_sync (GckSession *self, GckObject *key, GckMechanism *mechanism, const guc
g_object_get (key, "handle", &args.key, NULL);
g_return_val_if_fail (args.key != 0, NULL);
- args.mech = mechanism;
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
/* No need to copy in this case */
args.input = (guchar*)input;
@@ -2068,7 +2110,8 @@ crypt_async (GckSession *self, GckObject *key, GckMechanism *mechanism, const gu
g_object_get (key, "handle", &args->key, NULL);
g_return_if_fail (args->key != 0);
- args->mech = gck_mechanism_ref (mechanism);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
args->input = input && n_input ? g_memdup (input, n_input) : NULL;
args->n_input = n_input;
@@ -2461,7 +2504,7 @@ typedef struct _Verify {
/* Input */
CK_OBJECT_HANDLE key;
- GckMechanism *mech;
+ GckMechanism mechanism;
guchar *input;
CK_ULONG n_input;
guchar *signature;
@@ -2475,7 +2518,7 @@ perform_verify (Verify *args)
CK_RV rv;
/* Initialize the crypt operation */
- rv = (args->base.pkcs11->C_VerifyInit) (args->base.handle, (CK_MECHANISM_PTR)args->mech, args->key);
+ rv = (args->base.pkcs11->C_VerifyInit) (args->base.handle, (CK_MECHANISM_PTR)&(args->mechanism), args->key);
if (rv != CKR_OK)
return rv;
@@ -2503,7 +2546,6 @@ free_verify (Verify *args)
{
g_free (args->input);
g_free (args->signature);
- gck_mechanism_unref (args->mech);
g_free (args);
}
@@ -2564,7 +2606,8 @@ gck_session_verify_full (GckSession *self, GckObject *key, GckMechanism *mechani
g_object_get (key, "handle", &args.key, NULL);
g_return_val_if_fail (args.key != 0, FALSE);
- args.mech = mechanism;
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args.mechanism, mechanism, sizeof (args.mechanism));
/* No need to copy in this case */
args.input = (guchar*)input;
@@ -2610,7 +2653,8 @@ gck_session_verify_async (GckSession *self, GckObject *key, GckMechanism *mechan
g_object_get (key, "handle", &args->key, NULL);
g_return_if_fail (args->key != 0);
- args->mech = gck_mechanism_ref (mechanism);
+ /* Shallow copy of the mechanism structure */
+ memcpy (&args->mechanism, mechanism, sizeof (args->mechanism));
args->input = input && n_input ? g_memdup (input, n_input) : NULL;
args->n_input = n_input;
diff --git a/gck/gck.h b/gck/gck.h
index 41461ca..d34ce08 100644
--- a/gck/gck.h
+++ b/gck/gck.h
@@ -53,20 +53,10 @@ typedef gpointer (*GckAllocator) (gpointer data, gsiz
typedef struct GckMechanism {
gulong type;
- gpointer parameter;
+ gconstpointer parameter;
gulong n_parameter;
} GckMechanism;
-GckMechanism* gck_mechanism_new (gulong type);
-
-GckMechanism* gck_mechanism_new_with_param (gulong type,
- gconstpointer parameter,
- gulong n_parameter);
-
-GckMechanism* gck_mechanism_ref (GckMechanism* mech);
-
-void gck_mechanism_unref (GckMechanism* mech);
-
typedef struct GckAttribute {
gulong type;
gpointer value;
diff --git a/gck/tests/Makefile.am b/gck/tests/Makefile.am
index 5ca392c..8974f06 100644
--- a/gck/tests/Makefile.am
+++ b/gck/tests/Makefile.am
@@ -2,7 +2,6 @@
# Keep these in the order they should be tested
TESTING_FILES = \
test-gck-attributes.c \
- test-gck-mechanism.c \
test-gck-module.c \
test-gck-slot.c \
test-gck-session.c \
diff --git a/gck/tests/test-gck-crypto.c b/gck/tests/test-gck-crypto.c
index b8b99e4..ae9e2a6 100644
--- a/gck/tests/test-gck-crypto.c
+++ b/gck/tests/test-gck-crypto.c
@@ -149,15 +149,13 @@ authenticate_object (GckSlot *module, GckObject *object, gchar *label, gchar **p
DEFINE_TEST(encrypt)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_CAPITALIZE, NULL, 0 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *key;
guchar *output;
gsize n_output;
- mech = gck_mechanism_new (CKM_MOCK_CAPITALIZE);
-
/* Find the right key */
key = find_key (session, CKA_ENCRYPT, CKM_MOCK_CAPITALIZE);
g_assert (key);
@@ -170,7 +168,7 @@ DEFINE_TEST(encrypt)
g_free (output);
/* Asynchronous one */
- gck_session_encrypt_async (session, key, mech, (const guchar*)"second chance", 14, NULL, fetch_async_result, &result);
+ gck_session_encrypt_async (session, key, &mech, (const guchar*)"second chance", 14, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
@@ -182,22 +180,19 @@ DEFINE_TEST(encrypt)
g_assert_cmpstr ((gchar*)output, ==, "SECOND CHANCE");
g_free (output);
- gck_mechanism_unref (mech);
g_object_unref (result);
g_object_unref (key);
}
DEFINE_TEST(decrypt)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_CAPITALIZE, NULL, 0 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *key;
guchar *output;
gsize n_output;
- mech = gck_mechanism_new (CKM_MOCK_CAPITALIZE);
-
/* Find the right key */
key = find_key (session, CKA_DECRYPT, CKM_MOCK_CAPITALIZE);
g_assert (key);
@@ -210,7 +205,7 @@ DEFINE_TEST(decrypt)
g_free (output);
/* Asynchronous one */
- gck_session_decrypt_async (session, key, mech, (const guchar*)"FAT CHANCE", 11, NULL, fetch_async_result, &result);
+ gck_session_decrypt_async (session, key, &mech, (const guchar*)"FAT CHANCE", 11, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
@@ -222,7 +217,6 @@ DEFINE_TEST(decrypt)
g_assert_cmpstr ((gchar*)output, ==, "fat chance");
g_free (output);
- gck_mechanism_unref (mech);
g_object_unref (result);
g_object_unref (key);
}
@@ -251,15 +245,13 @@ DEFINE_TEST(login_context_specific)
DEFINE_TEST(sign)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_PREFIX, "my-prefix:", 10 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *key;
guchar *output;
gsize n_output;
- mech = gck_mechanism_new_with_param (CKM_MOCK_PREFIX, "my-prefix:", 10);
-
/* Enable auto-login on this session, see previous test */
g_signal_connect (module, "authenticate-object", G_CALLBACK (authenticate_object), NULL);
@@ -275,7 +267,7 @@ DEFINE_TEST(sign)
g_free (output);
/* Asynchronous one */
- gck_session_sign_async (session_with_auth, key, mech, (const guchar*)"Conrad", 7, NULL, fetch_async_result, &result);
+ gck_session_sign_async (session_with_auth, key, &mech, (const guchar*)"Conrad", 7, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
@@ -287,21 +279,18 @@ DEFINE_TEST(sign)
g_assert_cmpstr ((gchar*)output, ==, "my-prefix:Conrad");
g_free (output);
- gck_mechanism_unref (mech);
g_object_unref (result);
g_object_unref (key);
}
DEFINE_TEST(verify)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_PREFIX, "my-prefix:", 10 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *key;
gboolean ret;
- mech = gck_mechanism_new_with_param (CKM_MOCK_PREFIX, "my-prefix:", 10);
-
/* Enable auto-login on this session, shouldn't be needed */
g_signal_connect (module, "authenticate-object", G_CALLBACK (authenticate_object), NULL);
@@ -315,12 +304,12 @@ DEFINE_TEST(verify)
SUCCESS_RES (ret, error);
/* Failure one */
- ret = gck_session_verify_full (session, key, mech, (const guchar*)"Labarbara", 10,
+ ret = gck_session_verify_full (session, key, &mech, (const guchar*)"Labarbara", 10,
(const guchar*)"my-prefix:Loborboro", 20, NULL, &error);
FAIL_RES (ret, error);
/* Asynchronous one */
- gck_session_verify_async (session, key, mech, (const guchar*)"Labarbara", 10,
+ gck_session_verify_async (session, key, &mech, (const guchar*)"Labarbara", 10,
(const guchar*)"my-prefix:Labarbara", 20, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
@@ -330,7 +319,7 @@ DEFINE_TEST(verify)
/* Asynchronous failure */
result = NULL;
- gck_session_verify_async (session, key, mech, (const guchar*)"Labarbara", 10,
+ gck_session_verify_async (session, key, &mech, (const guchar*)"Labarbara", 10,
(const guchar*)"my-prefix:Labarxoro", 20, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
@@ -338,45 +327,42 @@ DEFINE_TEST(verify)
FAIL_RES (ret, error);
g_object_unref (result);
- gck_mechanism_unref (mech);
g_object_unref (key);
}
DEFINE_TEST(generate_key_pair)
{
+ GckMechanism mech = { CKM_MOCK_GENERATE, "generate", 9 };
GckAttributes *pub_attrs, *prv_attrs;
- GckMechanism *mech;
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *pub_key, *prv_key;
gboolean ret;
- mech = gck_mechanism_new_with_param (CKM_MOCK_GENERATE, "generate", 9);
-
pub_attrs = gck_attributes_new ();
gck_attributes_add_ulong (pub_attrs, CKA_CLASS, CKO_PUBLIC_KEY);
prv_attrs = gck_attributes_new ();
gck_attributes_add_ulong (prv_attrs, CKA_CLASS, CKO_PRIVATE_KEY);
/* Full One*/
- ret = gck_session_generate_key_pair_full (session, mech, pub_attrs, prv_attrs,
+ ret = gck_session_generate_key_pair_full (session, &mech, pub_attrs, prv_attrs,
&pub_key, &prv_key, NULL, &error);
SUCCESS_RES (ret, error);
g_object_unref (pub_key);
g_object_unref (prv_key);
/* Failure one */
- mech->type = 0;
+ mech.type = 0;
pub_key = prv_key = NULL;
- ret = gck_session_generate_key_pair_full (session, mech, pub_attrs, prv_attrs,
+ ret = gck_session_generate_key_pair_full (session, &mech, pub_attrs, prv_attrs,
&pub_key, &prv_key, NULL, &error);
FAIL_RES (ret, error);
g_assert (pub_key == NULL);
g_assert (prv_key == NULL);
/* Asynchronous one */
- mech->type = CKM_MOCK_GENERATE;
- gck_session_generate_key_pair_async (session, mech, pub_attrs, prv_attrs, NULL, fetch_async_result, &result);
+ mech.type = CKM_MOCK_GENERATE;
+ gck_session_generate_key_pair_async (session, &mech, pub_attrs, prv_attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
ret = gck_session_generate_key_pair_finish (session, result, &pub_key, &prv_key, &error);
@@ -387,9 +373,9 @@ DEFINE_TEST(generate_key_pair)
/* Asynchronous failure */
result = NULL;
- mech->type = 0;
+ mech.type = 0;
pub_key = prv_key = NULL;
- gck_session_generate_key_pair_async (session, mech, pub_attrs, prv_attrs, NULL, fetch_async_result, &result);
+ gck_session_generate_key_pair_async (session, &mech, pub_attrs, prv_attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
ret = gck_session_generate_key_pair_finish (session, result, &pub_key, &prv_key, &error);
@@ -398,21 +384,19 @@ DEFINE_TEST(generate_key_pair)
g_assert (pub_key == NULL);
g_assert (prv_key == NULL);
- gck_mechanism_unref (mech);
gck_attributes_unref (pub_attrs);
gck_attributes_unref (prv_attrs);
}
DEFINE_TEST(wrap_key)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_WRAP, "wrap", 4 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *wrapper, *wrapped;
gpointer output;
gsize n_output;
- mech = gck_mechanism_new_with_param (CKM_MOCK_WRAP, "wrap", 4);
wrapper = find_key (session, CKA_WRAP, 0);
wrapped = find_key_with_value (session, "value");
@@ -425,22 +409,22 @@ DEFINE_TEST(wrap_key)
g_free (output);
/* Full One*/
- output = gck_session_wrap_key_full (session, wrapper, mech, wrapped, &n_output, NULL, &error);
+ output = gck_session_wrap_key_full (session, wrapper, &mech, wrapped, &n_output, NULL, &error);
SUCCESS_RES (output, error);
g_assert_cmpsize (n_output, ==, 5);
g_assert (memcmp (output, "value", 5) == 0);
g_free (output);
/* Failure one */
- mech->type = 0;
+ mech.type = 0;
n_output = 0;
- output = gck_session_wrap_key_full (session, wrapper, mech, wrapped, &n_output, NULL, &error);
+ output = gck_session_wrap_key_full (session, wrapper, &mech, wrapped, &n_output, NULL, &error);
FAIL_RES (output, error);
g_assert_cmpsize (n_output, ==, 0);
/* Asynchronous one */
- mech->type = CKM_MOCK_WRAP;
- gck_session_wrap_key_async (session, wrapper, mech, wrapped, NULL, fetch_async_result, &result);
+ mech.type = CKM_MOCK_WRAP;
+ gck_session_wrap_key_async (session, wrapper, &mech, wrapped, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
output = gck_session_wrap_key_finish (session, result, &n_output, &error);
@@ -452,9 +436,9 @@ DEFINE_TEST(wrap_key)
/* Asynchronous failure */
result = NULL;
- mech->type = 0;
+ mech.type = 0;
n_output = 0;
- gck_session_wrap_key_async (session, wrapper, mech, wrapped, NULL, fetch_async_result, &result);
+ gck_session_wrap_key_async (session, wrapper, &mech, wrapped, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
output = gck_session_wrap_key_finish (session, result, &n_output, &error);
@@ -464,37 +448,35 @@ DEFINE_TEST(wrap_key)
g_object_unref (wrapper);
g_object_unref (wrapped);
- gck_mechanism_unref (mech);
}
DEFINE_TEST(unwrap_key)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_WRAP, "wrap", 4 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *wrapper, *unwrapped;
GckAttributes *attrs;
- mech = gck_mechanism_new_with_param (CKM_MOCK_WRAP, "wrap", 4);
wrapper = find_key (session, CKA_UNWRAP, 0);
attrs = gck_attributes_new ();
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
/* Full One*/
- unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error);
+ unwrapped = gck_session_unwrap_key_full (session, wrapper, &mech, "special", 7, attrs, NULL, &error);
SUCCESS_RES (unwrapped, error);
g_assert (GCK_IS_OBJECT (unwrapped));
check_key_with_value (session, unwrapped, CKO_SECRET_KEY, "special");
g_object_unref (unwrapped);
/* Failure one */
- mech->type = 0;
- unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error);
+ mech.type = 0;
+ unwrapped = gck_session_unwrap_key_full (session, wrapper, &mech, "special", 7, attrs, NULL, &error);
FAIL_RES (unwrapped, error);
/* Asynchronous one */
- mech->type = CKM_MOCK_WRAP;
- gck_session_unwrap_key_async (session, wrapper, mech, "special", 7, attrs, NULL, fetch_async_result, &result);
+ mech.type = CKM_MOCK_WRAP;
+ gck_session_unwrap_key_async (session, wrapper, &mech, "special", 7, attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
unwrapped = gck_session_unwrap_key_finish (session, result, &error);
@@ -506,8 +488,8 @@ DEFINE_TEST(unwrap_key)
/* Asynchronous failure */
result = NULL;
- mech->type = 0;
- gck_session_unwrap_key_async (session, wrapper, mech, "special", 6, attrs, NULL, fetch_async_result, &result);
+ mech.type = 0;
+ gck_session_unwrap_key_async (session, wrapper, &mech, "special", 6, attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
unwrapped = gck_session_unwrap_key_finish (session, result, &error);
@@ -516,37 +498,35 @@ DEFINE_TEST(unwrap_key)
g_object_unref (wrapper);
gck_attributes_unref (attrs);
- gck_mechanism_unref (mech);
}
DEFINE_TEST(derive_key)
{
- GckMechanism *mech;
+ GckMechanism mech = { CKM_MOCK_DERIVE, "derive", 6 };
GError *error = NULL;
GAsyncResult *result = NULL;
GckObject *wrapper, *derived;
GckAttributes *attrs;
- mech = gck_mechanism_new_with_param (CKM_MOCK_DERIVE, "derive", 6);
wrapper = find_key (session, CKA_DERIVE, 0);
attrs = gck_attributes_new ();
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
/* Full One*/
- derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error);
+ derived = gck_session_derive_key_full (session, wrapper, &mech, attrs, NULL, &error);
SUCCESS_RES (derived, error);
g_assert (GCK_IS_OBJECT (derived));
check_key_with_value (session, derived, CKO_SECRET_KEY, "derived");
g_object_unref (derived);
/* Failure one */
- mech->type = 0;
- derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error);
+ mech.type = 0;
+ derived = gck_session_derive_key_full (session, wrapper, &mech, attrs, NULL, &error);
FAIL_RES (derived, error);
/* Asynchronous one */
- mech->type = CKM_MOCK_DERIVE;
- gck_session_derive_key_async (session, wrapper, mech, attrs, NULL, fetch_async_result, &result);
+ mech.type = CKM_MOCK_DERIVE;
+ gck_session_derive_key_async (session, wrapper, &mech, attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
derived = gck_session_derive_key_finish (session, result, &error);
@@ -558,8 +538,8 @@ DEFINE_TEST(derive_key)
/* Asynchronous failure */
result = NULL;
- mech->type = 0;
- gck_session_derive_key_async (session, wrapper, mech, attrs, NULL, fetch_async_result, &result);
+ mech.type = 0;
+ gck_session_derive_key_async (session, wrapper, &mech, attrs, NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
derived = gck_session_derive_key_finish (session, result, &error);
@@ -568,5 +548,4 @@ DEFINE_TEST(derive_key)
g_object_unref (wrapper);
gck_attributes_unref (attrs);
- gck_mechanism_unref (mech);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
