summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2010-09-27 23:54:24 +0000
committerStef Walter <stef@memberwebs.com>2010-09-27 23:54:24 +0000
commit77766af8777c6ffa868c271bca20a3c094c97ea8 (patch)
tree91e28ae53bd4767990f58ef56082037686c28daf
parentd5183211fe8c7e377e4e2faacb3b6896bf1d9c04 (diff)
downloadgnome-keyring-77766af8777c6ffa868c271bca20a3c094c97ea8.tar.gz
[gck] Cleanup use of 'full' functions.
* Expect GCancellable in more places. * Remove a bunch of xxx_full() functions that are redundant. * Add a few xxx_full() functions where we don't want to have to fill in full mechanisms.
Diffstat
-rw-r--r--daemon/dbus/gkd-secret-change.c6
-rw-r--r--daemon/dbus/gkd-secret-create.c2
-rw-r--r--daemon/dbus/gkd-secret-lock.c2
-rw-r--r--daemon/dbus/gkd-secret-objects.c28
-rw-r--r--daemon/dbus/gkd-secret-service.c2
-rw-r--r--daemon/dbus/gkd-secret-session.c22
-rw-r--r--daemon/dbus/gkd-secret-unlock.c2
-rw-r--r--daemon/gpg-agent/gkd-gpg-agent-ops.c8
-rw-r--r--daemon/gpg-agent/gkd-gpg-agent.c2
-rw-r--r--daemon/login/gkd-login.c10
-rw-r--r--daemon/ssh-agent/gkd-ssh-agent-ops.c26
-rw-r--r--daemon/ssh-agent/gkd-ssh-agent.c2
-rw-r--r--gck/gck-object.c138
-rw-r--r--gck/gck-session.c164
-rw-r--r--gck/gck-slot.c4
-rw-r--r--gck/gck.h76
-rw-r--r--gck/tests/test-gck-crypto.c52
-rw-r--r--gck/tests/test-gck-object.c43
-rw-r--r--gck/tests/test-gck-session.c25
-rw-r--r--tool/gkr-tool-import.c11
20 files changed, 258 insertions, 367 deletions
diff --git a/daemon/dbus/gkd-secret-change.c b/daemon/dbus/gkd-secret-change.c
index e4d00bf2..90f3ed54 100644
--- a/daemon/dbus/gkd-secret-change.c
+++ b/daemon/dbus/gkd-secret-change.c
@@ -68,7 +68,7 @@ prepare_change_prompt (GkdSecretChange *self, GckObject *collection, gboolean fi
prompt = GKU_PROMPT (self);
- data = gck_object_get_data (collection, CKA_LABEL, &n_data, &error);
+ data = gck_object_get_data (collection, CKA_LABEL, NULL, &n_data, &error);
if (!data) {
g_warning ("couldn't get label for collection: %s", egg_error_message (error));
g_clear_error (&error);
@@ -295,13 +295,13 @@ gkd_secret_change_with_secrets (GckObject *collection, GkdSecretSecret *original
cleanup:
if (ocred) {
/* Always destroy the original credential */
- gck_object_destroy (ocred, NULL);
+ gck_object_destroy (ocred, NULL, NULL);
g_object_unref (ocred);
}
if (mcred) {
/* Destroy the master credential if failed */
if (!result)
- gck_object_destroy (mcred, NULL);
+ gck_object_destroy (mcred, NULL, NULL);
g_object_unref (mcred);
}
diff --git a/daemon/dbus/gkd-secret-create.c b/daemon/dbus/gkd-secret-create.c
index 9a787712..a21a2068 100644
--- a/daemon/dbus/gkd-secret-create.c
+++ b/daemon/dbus/gkd-secret-create.c
@@ -306,7 +306,7 @@ gkd_secret_create_with_secret (GckAttributes *attrs, GkdSecretSecret *master,
return FALSE;
}
- identifier = gck_object_get_data (collection, CKA_ID, &n_identifier, &error);
+ identifier = gck_object_get_data (collection, CKA_ID, NULL, &n_identifier, &error);
g_object_unref (collection);
if (!identifier) {
diff --git a/daemon/dbus/gkd-secret-lock.c b/daemon/dbus/gkd-secret-lock.c
index 8d4b4884..ff7a080d 100644
--- a/daemon/dbus/gkd-secret-lock.c
+++ b/daemon/dbus/gkd-secret-lock.c
@@ -58,7 +58,7 @@ gkd_secret_lock (GckObject *collection, DBusError *derr)
}
for (l = objects; l; l = g_list_next (l)) {
- if (!gck_object_destroy (l->data, &error)) {
+ if (!gck_object_destroy (l->data, NULL, &error)) {
g_warning ("couldn't destroy credential object: %s", egg_error_message (error));
g_clear_error (&error);
}
diff --git a/daemon/dbus/gkd-secret-objects.c b/daemon/dbus/gkd-secret-objects.c
index 120241d6..48e56ba1 100644
--- a/daemon/dbus/gkd-secret-objects.c
+++ b/daemon/dbus/gkd-secret-objects.c
@@ -110,7 +110,7 @@ iter_append_item_path (const gchar *base, GckObject *object, DBusMessageIter *it
gchar *alloc = NULL;
if (base == NULL) {
- identifier = gck_object_get_data (object, CKA_G_COLLECTION, &n_identifier, &error);
+ identifier = gck_object_get_data (object, CKA_G_COLLECTION, NULL, &n_identifier, &error);
if (!identifier) {
g_warning ("couldn't get item collection identifier: %s", egg_error_message (error));
g_clear_error (&error);
@@ -121,7 +121,7 @@ iter_append_item_path (const gchar *base, GckObject *object, DBusMessageIter *it
g_free (identifier);
}
- identifier = gck_object_get_data (object, CKA_ID, &n_identifier, &error);
+ identifier = gck_object_get_data (object, CKA_ID, NULL, &n_identifier, &error);
if (identifier == NULL) {
g_warning ("couldn't get item identifier: %s", egg_error_message (error));
g_clear_error (&error);
@@ -163,7 +163,7 @@ iter_append_collection_paths (GList *collections, DBusMessageIter *iter)
for (l = collections; l; l = g_list_next (l)) {
- identifier = gck_object_get_data (l->data, CKA_ID, &n_identifier, &error);
+ identifier = gck_object_get_data (l->data, CKA_ID, NULL, &n_identifier, &error);
if (identifier == NULL) {
g_warning ("couldn't get collection identifier: %s", egg_error_message (error));
g_clear_error (&error);
@@ -196,7 +196,7 @@ object_property_get (GckObject *object, DBusMessage *message,
"Object does not have the '%s' property", prop_name);
/* Retrieve the actual attribute */
- attr.value = gck_object_get_data (object, attr.type, &length, &error);
+ attr.value = gck_object_get_data (object, attr.type, NULL, &length, &error);
if (error != NULL) {
reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
"Couldn't retrieve '%s' property: %s",
@@ -320,7 +320,7 @@ item_property_getall (GckObject *object, DBusMessage *message)
"Object does not have properties on interface '%s'",
interface);
- attrs = gck_object_get (object, &error,
+ attrs = gck_object_get (object, NULL, &error,
CKA_LABEL,
CKA_G_SCHEMA,
CKA_G_LOCKED,
@@ -353,7 +353,7 @@ item_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage *mess
if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID))
return NULL;
- if (!gck_object_destroy (object, &error)) {
+ if (!gck_object_destroy (object, NULL, &error)) {
if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN))
reply = dbus_message_new_error_printf (message, SECRET_ERROR_IS_LOCKED,
"Cannot delete a locked item");
@@ -472,7 +472,7 @@ item_cleanup_search_results (GckSession *session, GList *items,
*unlocked = NULL;
for (l = items; l; l = g_list_next (l)) {
- value = gck_object_get_data (l->data, CKA_G_LOCKED, &n_value, &error);
+ value = gck_object_get_data (l->data, CKA_G_LOCKED, NULL, &n_value, &error);
if (value == NULL) {
if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
g_warning ("couldn't check if item is locked: %s", egg_error_message (error));
@@ -563,7 +563,7 @@ collection_property_getall (GkdSecretObjects *self, GckObject *object, DBusMessa
"Object does not have properties on interface '%s'",
interface);
- attrs = gck_object_get (object, &error,
+ attrs = gck_object_get (object, NULL, &error,
CKA_LABEL,
CKA_G_LOCKED,
CKA_G_CREATED,
@@ -629,8 +629,8 @@ collection_find_matching_item (GkdSecretObjects *self, GckSession *session,
}
/* Get the matched item handles, and delete the search object */
- data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, NULL);
- gck_object_destroy (search, NULL);
+ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, NULL);
+ gck_object_destroy (search, NULL, NULL);
g_object_unref (search);
if (n_data >= sizeof (CK_OBJECT_HANDLE))
@@ -712,7 +712,7 @@ collection_method_create_item (GkdSecretObjects *self, GckObject *object, DBusMe
/* Set the secret */
if (!gkd_secret_session_set_item_secret (secret->session, item, secret, &derr)) {
if (created) /* If we created, then try to destroy on failure */
- gck_object_destroy (item, NULL);
+ gck_object_destroy (item, NULL, NULL);
goto cleanup;
}
@@ -763,7 +763,7 @@ collection_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage
if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID))
return NULL;
- if (!gck_object_destroy (object, &error)) {
+ if (!gck_object_destroy (object, NULL, &error)) {
reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
"Couldn't delete collection: %s",
egg_error_message (error));
@@ -1229,8 +1229,8 @@ gkd_secret_objects_handle_search_items (GkdSecretObjects *self, DBusMessage *mes
}
/* Get the matched item handles, and delete the search object */
- data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, &error);
- gck_object_destroy (search, NULL);
+ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error);
+ gck_object_destroy (search, NULL, NULL);
g_object_unref (search);
if (error != NULL) {
diff --git a/daemon/dbus/gkd-secret-service.c b/daemon/dbus/gkd-secret-service.c
index f9f39850..bac9a5f6 100644
--- a/daemon/dbus/gkd-secret-service.c
+++ b/daemon/dbus/gkd-secret-service.c
@@ -1232,7 +1232,7 @@ gkd_secret_service_get_pkcs11_session (GkdSecretService *self, const gchar *call
info = gck_slot_get_token_info (slot);
login = info && (info->flags & CKF_LOGIN_REQUIRED);
gck_token_info_free (info);
- if (login && !gck_session_login (client->pkcs11_session, CKU_USER, NULL, 0, &error)) {
+ if (login && !gck_session_login (client->pkcs11_session, CKU_USER, NULL, 0, NULL, &error)) {
g_warning ("couldn't log in to pkcs11 session for secret service: %s",
egg_error_message (error));
g_clear_error (&error);
diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c
index c1ae92ca..eb39afaa 100644
--- a/daemon/dbus/gkd-secret-session.c
+++ b/daemon/dbus/gkd-secret-session.c
@@ -131,7 +131,7 @@ aes_derive_key (GckSession *session, GckObject *priv_key,
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
gck_attributes_add_ulong (attrs, CKA_KEY_TYPE, CKK_AES);
- *aes_key = gck_session_derive_key (session, priv_key, mech, attrs, NULL, &error);
+ *aes_key = gck_session_derive_key_full (session, priv_key, mech, attrs, NULL, &error);
gck_mechanism_unref (mech);
gck_attributes_unref (attrs);
@@ -165,8 +165,8 @@ aes_negotiate (GkdSecretSession *self, DBusMessage *message, gconstpointer input
"Failed to create necessary crypto keys.");
/* Get the output data */
- output = gck_object_get_data (pub, CKA_VALUE, &n_output, &error);
- gck_object_destroy (pub, NULL);
+ output = gck_object_get_data (pub, CKA_VALUE, NULL, &n_output, &error);
+ gck_object_destroy (pub, NULL, NULL);
g_object_unref (pub);
if (output == NULL) {
@@ -179,7 +179,7 @@ aes_negotiate (GkdSecretSession *self, DBusMessage *message, gconstpointer input
ret = aes_derive_key (session, priv, input, n_input, &key);
- gck_object_destroy (priv, NULL);
+ gck_object_destroy (priv, NULL, NULL);
g_object_unref (priv);
if (ret == FALSE) {
@@ -475,8 +475,8 @@ gkd_secret_session_begin (GkdSecretSession *self, const gchar *group,
return NULL;
/* Get the output data */
- output = gck_object_get_data (public, CKA_VALUE, n_output, &error);
- gck_object_destroy (public, NULL);
+ output = gck_object_get_data (public, CKA_VALUE, NULL, n_output, &error);
+ gck_object_destroy (public, NULL, NULL);
g_object_unref (public);
if (output == NULL) {
@@ -640,7 +640,7 @@ gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item,
* the unwrap won't generate a new object, but merely set the secret.
*/
- attrs = gck_object_get (item, &error, CKA_ID, CKA_G_COLLECTION, GCK_INVALID);
+ attrs = gck_object_get (item, NULL, &error, CKA_ID, CKA_G_COLLECTION, GCK_INVALID);
if (attrs == NULL) {
g_message ("couldn't get item attributes: %s", egg_error_message (error));
dbus_set_error_const (derr, DBUS_ERROR_FAILED, "Couldn't set item secret");
@@ -655,8 +655,8 @@ gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item,
mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter,
secret->n_parameter);
- object = gck_session_unwrap_key (session, self->key, mech, secret->value,
- secret->n_value, attrs, NULL, &error);
+ object = gck_session_unwrap_key_full (session, self->key, mech, secret->value,
+ secret->n_value, attrs, NULL, &error);
gck_mechanism_unref (mech);
gck_attributes_unref (attrs);
@@ -715,8 +715,8 @@ gkd_secret_session_create_credential (GkdSecretSession *self, GckSession *sessio
mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter,
secret->n_parameter);
- object = gck_session_unwrap_key (session, self->key, mech, secret->value,
- secret->n_value, attrs, NULL, &error);
+ object = gck_session_unwrap_key_full (session, self->key, mech, secret->value,
+ secret->n_value, attrs, NULL, &error);
gck_mechanism_unref (mech);
gck_attributes_unref (alloc);
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
index 0be3a26e..2005627c 100644
--- a/daemon/dbus/gkd-secret-unlock.c
+++ b/daemon/dbus/gkd-secret-unlock.c
@@ -92,7 +92,7 @@ check_locked_collection (GckObject *collection, gboolean *locked)
gpointer value;
gsize n_value;
- value = gck_object_get_data (collection, CKA_G_LOCKED, &n_value, &error);
+ value = gck_object_get_data (collection, CKA_G_LOCKED, NULL, &n_value, &error);
if (value == NULL) {
if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
g_warning ("couldn't check locked status of collection: %s",
diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c
index f585b985..ba13808b 100644
--- a/daemon/gpg-agent/gkd-gpg-agent-ops.c
+++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c
@@ -139,8 +139,8 @@ find_saved_items (GckSession *session, GckAttributes *attrs)
return NULL;
}
- data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, &error);
- gck_object_destroy (search, NULL);
+ data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error);
+ gck_object_destroy (search, NULL, NULL);
g_object_unref (search);
if (data == NULL) {
@@ -188,7 +188,7 @@ do_save_password (GckSession *session, const gchar *keyid, const gchar *descript
/* Find a previously stored object like this, and replace if so */
previous = find_saved_items (session, attrs);
if (previous) {
- identifier = gck_object_get_data (previous->data, CKA_ID, &n_identifier, NULL);
+ identifier = gck_object_get_data (previous->data, CKA_ID, NULL, &n_identifier, NULL);
if (identifier != NULL)
gck_attributes_add_data (attrs, CKA_ID, identifier, n_identifier);
g_free (identifier);
@@ -234,7 +234,7 @@ do_clear_password (GckSession *session, const gchar *keyid)
/* Delete first item */
for (l = objects; l; l = g_list_next (l)) {
- if (gck_object_destroy (l->data, &error)) {
+ if (gck_object_destroy (l->data, NULL, &error)) {
break; /* Only delete the first item */
} else {
g_warning ("couldn't clear gpg agent password: %s",
diff --git a/daemon/gpg-agent/gkd-gpg-agent.c b/daemon/gpg-agent/gkd-gpg-agent.c
index 2440e1e6..e09b6fdb 100644
--- a/daemon/gpg-agent/gkd-gpg-agent.c
+++ b/daemon/gpg-agent/gkd-gpg-agent.c
@@ -435,7 +435,7 @@ gkd_gpg_agent_initialize_with_module (GckModule *module)
}
/* Try and open a session */
- session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_AUTHENTICATE, &error);
+ session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_AUTHENTICATE, NULL, &error);
g_object_unref (slot);
if (!session) {
diff --git a/daemon/login/gkd-login.c b/daemon/login/gkd-login.c
index 1ac69d49..a4ef5063 100644
--- a/daemon/login/gkd-login.c
+++ b/daemon/login/gkd-login.c
@@ -54,9 +54,9 @@ open_and_login_session (GckSlot *slot, CK_USER_TYPE user_type, GError **error)
if (!error)
error = &err;
- session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE, error);
+ session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE, NULL, error);
if (session != NULL) {
- if (!gck_session_login (session, user_type, NULL, 0, error)) {
+ if (!gck_session_login (session, user_type, NULL, 0, NULL, error)) {
if (g_error_matches (*error, GCK_ERROR, CKR_USER_ALREADY_LOGGED_IN)) {
g_clear_error (error);
} else {
@@ -248,7 +248,7 @@ init_pin_for_uninitialized_slots (GList *modules, const gchar *master)
if (initialize) {
session = open_and_login_session (l->data, CKU_SO, NULL);
if (session != NULL) {
- if (!gck_session_init_pin (session, (const guchar*)master, strlen (master), &error)) {
+ if (!gck_session_init_pin (session, (const guchar*)master, strlen (master), NULL, &error)) {
if (!g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED))
g_warning ("couldn't initialize slot with master password: %s",
egg_error_message (error));
@@ -349,7 +349,7 @@ change_or_create_login (GList *modules, const gchar *original, const gchar *mast
}
if (ocred) {
- gck_object_destroy (ocred, NULL);
+ gck_object_destroy (ocred, NULL, NULL);
g_object_unref (ocred);
}
if (mcred)
@@ -385,7 +385,7 @@ set_pin_for_any_slots (GList *modules, const gchar *original, const gchar *maste
session = open_and_login_session (l->data, CKU_USER, NULL);
if (session != NULL) {
if (!gck_session_set_pin (session, (const guchar*)original, strlen (original),
- (const guchar*)master, strlen (master), &error)) {
+ (const guchar*)master, strlen (master), NULL, &error)) {
if (!g_error_matches (error, GCK_ERROR, CKR_PIN_INCORRECT) &&
!g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED))
g_warning ("couldn't change slot master password: %s",
diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c
index dba36f9d..54d81dac 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-ops.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c
@@ -72,7 +72,7 @@ login_session (GckSession *session)
/* Log in the session if necessary */
if (state == CKS_RO_PUBLIC_SESSION || state == CKS_RW_PUBLIC_SESSION) {
- if (!gck_session_login (session, CKU_USER, NULL, 0, &error)) {
+ if (!gck_session_login (session, CKU_USER, NULL, 0, NULL, &error)) {
g_message ("couldn't log in to session: %s", egg_error_message (error));
ret = FALSE;
}
@@ -218,7 +218,7 @@ return_private_matching (GckObject *object, gpointer user_data)
g_return_val_if_fail (*result == NULL, FALSE);
/* Get the key identifier and token */
- attrs = gck_object_get (object, &error, CKA_ID, CKA_TOKEN, GCK_INVALID);
+ attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_TOKEN, GCK_INVALID);
if (error) {
g_warning ("error retrieving attributes for public key: %s", egg_error_message (error));
g_clear_error (&error);
@@ -275,7 +275,7 @@ load_identity_v1_attributes (GckObject *object, gpointer user_data)
* In addition V1 keys are only RSA.
*/
- attrs = gck_object_get (object, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS,
+ attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS,
CKA_PUBLIC_EXPONENT, CKA_CLASS, CKA_MODULUS_BITS, GCK_INVALID);
if (error) {
g_warning ("error retrieving attributes for public key: %s", egg_error_message (error));
@@ -305,7 +305,7 @@ load_identity_v2_attributes (GckObject *object, gpointer user_data)
g_return_val_if_fail (GCK_IS_OBJECT (object), FALSE);
g_return_val_if_fail (user_data, FALSE);
- attrs = gck_object_get (object, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS,
+ attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS,
CKA_PUBLIC_EXPONENT, CKA_PRIME, CKA_SUBPRIME, CKA_BASE,
CKA_VALUE, CKA_CLASS, CKA_MODULUS_BITS, CKA_TOKEN, GCK_INVALID);
if (error) {
@@ -349,7 +349,7 @@ remove_key_pair (GckSession *session, GckObject *priv, GckObject *pub)
return;
if (priv != NULL) {
- gck_object_destroy (priv, &error);
+ gck_object_destroy (priv, NULL, &error);
if (error) {
if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
@@ -359,7 +359,7 @@ remove_key_pair (GckSession *session, GckObject *priv, GckObject *pub)
}
if (pub != NULL) {
- gck_object_destroy (pub, &error);
+ gck_object_destroy (pub, NULL, &error);
if (error) {
if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
@@ -399,7 +399,7 @@ lock_key_pair (GckSession *session, GckObject *priv, GckObject *pub)
/* Delete them all */
for (l = objects; l; l = g_list_next (l)) {
- gck_object_destroy (l->data, &error);
+ gck_object_destroy (l->data, NULL, &error);
if (error) {
g_warning ("couldn't delete authenticator object: %s", egg_error_message (error));
g_clear_error (&error);
@@ -422,7 +422,7 @@ remove_by_public_key (GckSession *session, GckObject *pub, gboolean exclude_v1)
if (!login_session (session))
return;
- attrs = gck_object_get (pub, &error, CKA_LABEL, CKA_ID, CKA_TOKEN, GCK_INVALID);
+ attrs = gck_object_get (pub, NULL, &error, CKA_LABEL, CKA_ID, CKA_TOKEN, GCK_INVALID);
if (error) {
g_warning ("couldn't lookup attributes for key: %s", egg_error_message (error));
@@ -490,7 +490,7 @@ create_key_pair (GckSession *session, GckAttributes *priv, GckAttributes *pub)
g_clear_error (&error);
/* Failed, so remove private as well */
- gck_object_destroy (priv_key, NULL);
+ gck_object_destroy (priv_key, NULL, NULL);
g_object_unref (priv_key);
return FALSE;
@@ -511,7 +511,7 @@ destroy_replaced_keys (GckSession *session, GList *keys)
g_assert (GCK_IS_SESSION (session));
for (l = keys; l; l = g_list_next (l)) {
- if (!gck_object_destroy (l->data, &error)) {
+ if (!gck_object_destroy (l->data, NULL, &error)) {
if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
g_warning ("couldn't delete a SSH key we replaced: %s",
egg_error_message (error));
@@ -941,7 +941,7 @@ unlock_and_sign (GckSession *session, GckObject *key, gulong mech_type, const gu
gboolean always;
/* First check if we should authenticate the key */
- attrs = gck_object_get (key, err, CKA_ALWAYS_AUTHENTICATE, GCK_INVALID);
+ attrs = gck_object_get (key, NULL, err, CKA_ALWAYS_AUTHENTICATE, GCK_INVALID);
if (!attrs)
return NULL;
@@ -968,7 +968,7 @@ unlock_and_sign (GckSession *session, GckObject *key, gulong mech_type, const gu
}
/* Do the magic */
- return gck_session_sign (session, key, mech_type, input, n_input, n_result, err);
+ return gck_session_sign (session, key, mech_type, input, n_input, n_result, NULL, err);
}
static gboolean
@@ -1159,7 +1159,7 @@ op_v1_challenge (GkdSshAgentCall *call)
session = gck_object_get_session (key);
g_return_val_if_fail (session, FALSE);
- result = gck_session_decrypt (session, key, CKM_RSA_PKCS, data, n_data, &n_result, &error);
+ result = gck_session_decrypt (session, key, CKM_RSA_PKCS, data, n_data, &n_result, NULL, &error);
g_object_unref (session);
g_object_unref (key);
diff --git a/daemon/ssh-agent/gkd-ssh-agent.c b/daemon/ssh-agent/gkd-ssh-agent.c
index b744ddc9..eb8d21fe 100644
--- a/daemon/ssh-agent/gkd-ssh-agent.c
+++ b/daemon/ssh-agent/gkd-ssh-agent.c
@@ -378,7 +378,7 @@ gkd_ssh_agent_initialize_with_module (GckModule *module)
if (gck_mechanisms_check (mechs, CKM_RSA_PKCS, CKM_DSA, GCK_INVALID)) {
/* Try and open a session */
- session = gck_slot_open_session (l->data, GCK_SESSION_AUTHENTICATE, &error);
+ session = gck_slot_open_session (l->data, GCK_SESSION_AUTHENTICATE, NULL, &error);
if (!session) {
g_warning ("couldn't create pkcs#11 session: %s", egg_error_message (error));
g_clear_error (&error);
diff --git a/gck/gck-object.c b/gck/gck-object.c
index 2cea15d4..1c6fcf9c 100644
--- a/gck/gck-object.c
+++ b/gck/gck-object.c
@@ -380,24 +380,6 @@ perform_destroy (Destroy *args)
/**
* gck_object_destroy:
* @self: The object to destroy.
- * @err: A location to return an error.
- *
- * Destroy a PKCS#11 object, deleting it from storage or the session.
- * This call may block for an indefinite period.
- *
- * Return value: Whether the call was successful or not.
- **/
-gboolean
-gck_object_destroy (GckObject *self, GError **err)
-{
- g_return_val_if_fail (GCK_IS_OBJECT (self), FALSE);
- g_return_val_if_fail (!err || !*err, FALSE);
- return gck_object_destroy_full (self, NULL, err);
-}
-
-/**
- * gck_object_destroy_full:
- * @self: The object to destroy.
* @cancellable: Optional cancellable object, or NULL to ignore.
* @err: A location to return an error.
*
@@ -407,7 +389,7 @@ gck_object_destroy (GckObject *self, GError **err)
* Return value: Whether the call was successful or not.
**/
gboolean
-gck_object_destroy_full (GckObject *self, GCancellable *cancellable, GError **err)
+gck_object_destroy (GckObject *self, GCancellable *cancellable, GError **err)
{
Destroy args = { GCK_ARGUMENTS_INIT, 0 };
@@ -669,29 +651,28 @@ free_get_attributes (GetAttributes *args)
* The result must be unreffed when you're finished with it.
**/
GckAttributes*
-gck_object_get (GckObject *self, GError **err, ...)
+gck_object_get (GckObject *self, GCancellable *cancellable, GError **err, ...)
{
GckAttributes *attrs;
+ GArray *array;
va_list va;
gulong type;
g_return_val_if_fail (GCK_IS_OBJECT (self), NULL);
g_return_val_if_fail (!err || !*err, NULL);
- attrs = gck_attributes_new ();
+ array = g_array_new (FALSE, TRUE, sizeof (gulong));
va_start (va, err);
for (;;) {
type = va_arg (va, gulong);
if (type == GCK_INVALID)
break;
- gck_attributes_add_invalid (attrs, type);
+ g_array_append_val (array, type);
}
va_end (va);
- if (!gck_object_get_full (self, attrs, NULL, err)) {
- gck_attributes_unref (attrs);
- return NULL;
- }
+ attrs = gck_object_get_full (self, (gulong*)array->data, array->len, cancellable, err);
+ g_array_free (array, TRUE);
return attrs;
}
@@ -699,7 +680,8 @@ gck_object_get (GckObject *self, GError **err, ...)
/**
* gck_object_get_full:
* @self: The object to get attributes from.
- * @attrs: The attributes to get, with the types filled in.
+ * @attr_types: The types of the attributes to get.
+ * @n_attr_types: The number of attr_types
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to store an error.
*
@@ -713,16 +695,22 @@ gck_object_get (GckObject *self, GError **err, ...)
* or NULL if not.
**/
GckAttributes*
-gck_object_get_full (GckObject *self, GckAttributes *attrs,
+gck_object_get_full (GckObject *self, gulong *attr_types, guint n_attr_types,
GCancellable *cancellable, GError **err)
{
GetAttributes args;
+ GckAttributes *attrs;
gboolean ret;
+ guint i;
g_return_val_if_fail (GCK_IS_OBJECT (self), NULL);
- g_return_val_if_fail (attrs, NULL);
+ g_return_val_if_fail (n_attr_types, NULL);
g_return_val_if_fail (!err || !*err, NULL);
+ attrs = gck_attributes_new ();
+ for (i = 0; i < n_attr_types; ++i)
+ gck_attributes_add_empty (attrs, attr_types[i]);
+
_gck_attributes_lock (attrs);
memset (&args, 0, sizeof (args));
@@ -732,13 +720,19 @@ gck_object_get_full (GckObject *self, GckAttributes *attrs,
ret = _gck_call_sync (self->pv->session, perform_get_attributes, NULL, &args, cancellable, err);
_gck_attributes_unlock (attrs);
- return ret ? attrs : NULL;
+ if (!ret) {
+ gck_attributes_unref (attrs);
+ attrs = NULL;
+ }
+
+ return attrs;
}
/**
* gck_object_get_async:
* @self: The object to get attributes from.
- * @attrs: The attributes to get, initialized with their types.
+ * @attr_types: The types of the attributes to get.
+ * @n_attr_types: The number of attr_types
* @cancellable: Optional cancellation object, or NULL.
* @callback: A callback which is called when the operation completes.
* @user_data: Data to be passed to the callback.
@@ -751,19 +745,25 @@ gck_object_get_full (GckObject *self, GckAttributes *attrs,
* This call returns immediately and completes asynchronously.
**/
void
-gck_object_get_async (GckObject *self, GckAttributes *attrs, GCancellable *cancellable,
- GAsyncReadyCallback callback, gpointer user_data)
+gck_object_get_async (GckObject *self, gulong *attr_types, guint n_attr_types, GCancellable *cancellable,
+ GAsyncReadyCallback callback, gpointer user_data)
{
+ GckAttributes *attrs;
GetAttributes *args;
+ guint i;
g_return_if_fail (GCK_IS_OBJECT (self));
- g_return_if_fail (attrs);
+ g_return_if_fail (n_attr_types);
+
+ attrs = gck_attributes_new ();
+ for (i = 0; i < n_attr_types; ++i)
+ gck_attributes_add_empty (attrs, attr_types[i]);
args = _gck_call_async_prep (self->pv->session, self, perform_get_attributes,
NULL, sizeof (*args), free_get_attributes);
_gck_attributes_lock (attrs);
- args->attrs = gck_attributes_ref (attrs);
+ args->attrs = attrs;
args->object = self->pv->handle;
_gck_call_async_ready_go (args, cancellable, callback, user_data);
@@ -787,6 +787,7 @@ GckAttributes*
gck_object_get_finish (GckObject *self, GAsyncResult *result, GError **err)
{
GetAttributes *args;
+ GckAttributes *attrs;
g_return_val_if_fail (GCK_IS_OBJECT (self), NULL);
g_return_val_if_fail (GCK_IS_CALL (result), NULL);
@@ -794,11 +795,14 @@ gck_object_get_finish (GckObject *self, GAsyncResult *result, GError **err)
args = _gck_call_arguments (result, GetAttributes);
_gck_attributes_unlock (args->attrs);
+ attrs = gck_attributes_ref (args->attrs);
- if (!_gck_call_basic_finish (result, err))
- return NULL;
+ if (!_gck_call_basic_finish (result, err)) {
+ gck_attributes_unref (attrs);
+ attrs = NULL;
+ }
- return args->attrs;
+ return attrs;
}
/* ---------------------------------------------------------------------------------
@@ -873,13 +877,14 @@ free_get_attribute_data (GetAttributeData *args)
* Return value: The resulting PKCS#11 attribute data, or NULL if an error occurred.
**/
gpointer
-gck_object_get_data (GckObject *self, gulong attr_type, gsize *n_data, GError **err)
+gck_object_get_data (GckObject *self, gulong attr_type, GCancellable *cancellable,
+ gsize *n_data, GError **err)
{
g_return_val_if_fail (GCK_IS_OBJECT (self), NULL);
g_return_val_if_fail (n_data, NULL);
g_return_val_if_fail (!err || !*err, NULL);
- return gck_object_get_data_full (self, attr_type, g_realloc, NULL, n_data, err);
+ return gck_object_get_data_full (self, attr_type, g_realloc, cancellable, n_data, err);
}
/**
@@ -1042,29 +1047,6 @@ free_set_template (set_template_args *args)
* @self: The object to set an attribute template on.
* @attr_type: The attribute template type.
* @attrs: The attribute template.
- * @err: A location to store an error.
- *
- * Set an attribute template on the object. The attr_type must be for
- * an attribute which contains a template.
- *
- * This call may block for an indefinite period.
- *
- * Return value: TRUE if the operation succeeded.
- **/
-gboolean
-gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs,
- GError **err)
-{
- g_return_val_if_fail (GCK_IS_OBJECT (self), FALSE);
- g_return_val_if_fail (!err || !*err, FALSE);
- return gck_object_set_template_full (self, attr_type, attrs, NULL, err);
-}
-
-/**
- * gck_object_set_template_full:
- * @self: The object to set an attribute template on.
- * @attr_type: The attribute template type.
- * @attrs: The attribute template.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to store an error.
*
@@ -1076,8 +1058,8 @@ gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs
* Return value: TRUE if the operation succeeded.
**/
gboolean
-gck_object_set_template_full (GckObject *self, gulong attr_type, GckAttributes *attrs,
- GCancellable *cancellable, GError **err)
+gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs,
+ GCancellable *cancellable, GError **err)
{
set_template_args args;
gboolean ret = FALSE;
@@ -1225,28 +1207,6 @@ free_get_template (get_template_args *args)
/**
* gck_object_get_template:
* @self: The object to get an attribute template from.
- * @attr_type: The attribute template type.
- * @err: A location to store an error.
- *
- * Get an attribute template from the object. The attr_type must be for
- * an attribute which returns a template.
- *
- * This call may block for an indefinite period.
- *
- * Return value: The resulting PKCS#11 attribute template, or NULL if an error occurred.
- **/
-GckAttributes*
-gck_object_get_template (GckObject *self, gulong attr_type, GError **err)
-{
- g_return_val_if_fail (GCK_IS_OBJECT (self), NULL);
- g_return_val_if_fail (!err || !*err, NULL);
-
- return gck_object_get_template_full (self, attr_type, NULL, err);
-}
-
-/**
- * gck_object_get_template_full:
- * @self: The object to get an attribute template from.
* @attr_type: The template attribute type.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to store an error.
@@ -1259,8 +1219,8 @@ gck_object_get_template (GckObject *self, gulong attr_type, GError **err)
* Return value: The resulting PKCS#11 attribute template, or NULL if an error occurred.
**/
GckAttributes*
-gck_object_get_template_full (GckObject *self, gulong attr_type,
- GCancellable *cancellable, GError **err)
+gck_object_get_template (GckObject *self, gulong attr_type,
+ GCancellable *cancellable, GError **err)
{
get_template_args args;
gboolean ret;
diff --git a/gck/gck-session.c b/gck/gck-session.c
index ee72163f..b9a419f1 100644
--- a/gck/gck-session.c
+++ b/gck/gck-session.c
@@ -501,28 +501,6 @@ perform_init_pin (InitPin *args)
* @self: Initialize PIN for this session's slot.
* @pin: The user's PIN, or NULL for protected authentication path.
* @n_pin: The length of the PIN.
- * @err: A location to return an error.
- *
- * Initialize the user's pin on this slot that this session is opened on.
- * According to the PKCS#11 standards, the session must be logged in with
- * the CKU_SO user type.
- *
- * This call may block for an indefinite period.
- *
- * Return value: Whether successful or not.
- **/
-gboolean
-gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin,
- GError **err)
-{
- return gck_session_init_pin_full (self, pin, n_pin, NULL, err);
-}
-
-/**
- * gck_session_init_pin_full:
- * @self: Initialize PIN for this session's slot.
- * @pin: The user's PIN, or NULL for protected authentication path.
- * @n_pin: The length of the PIN.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to return an error.
*
@@ -535,8 +513,8 @@ gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin,
* Return value: Whether successful or not.
**/
gboolean
-gck_session_init_pin_full (GckSession *self, const guchar *pin, gsize n_pin,
- GCancellable *cancellable, GError **err)
+gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin,
+ GCancellable *cancellable, GError **err)
{
InitPin args = { GCK_ARGUMENTS_INIT, (guchar*)pin, n_pin };
return _gck_call_sync (self, perform_init_pin, NULL, &args, cancellable, err);
@@ -622,28 +600,6 @@ perform_set_pin (SetPin *args)
* @n_old_pin: The length of the PIN.
* @new_pin: The user's new PIN, or NULL for protected authentication path.
* @n_new_pin: The length of the PIN.
- * @err: A location to return an error.
- *
- * Change the user's pin on this slot that this session is opened on.
- *
- * This call may block for an indefinite period.
- *
- * Return value: Whether successful or not.
- **/
-gboolean
-gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin,
- const guchar *new_pin, gsize n_new_pin, GError **err)
-{
- return gck_session_set_pin_full (self, old_pin, n_old_pin, new_pin, n_new_pin, NULL, err);
-}
-
-/**
- * gck_session_set_pin_full:
- * @self: Change the PIN for this session's slot.
- * @old_pin: The user's old PIN, or NULL for protected authentication path.
- * @n_old_pin: The length of the PIN.
- * @new_pin: The user's new PIN, or NULL for protected authentication path.
- * @n_new_pin: The length of the PIN.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to return an error.
*
@@ -654,9 +610,9 @@ gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin,
* Return value: Whether successful or not.
**/
gboolean
-gck_session_set_pin_full (GckSession *self, const guchar *old_pin, gsize n_old_pin,
- const guchar *new_pin, gsize n_new_pin, GCancellable *cancellable,
- GError **err)
+gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin,
+ const guchar *new_pin, gsize n_new_pin, GCancellable *cancellable,
+ GError **err)
{
SetPin args = { GCK_ARGUMENTS_INIT, (guchar*)old_pin, n_old_pin, (guchar*)new_pin, n_new_pin };
return _gck_call_sync (self, perform_set_pin, NULL, &args, cancellable, err);
@@ -740,26 +696,6 @@ perform_login (Login *args)
* @user_type: The type of login user.
* @pin: The user's PIN, or NULL for protected authentication path.
* @n_pin: The length of the PIN.
- * @err: A location to return an error.
- *
- * Login the user on the session. This call may block
- * for an indefinite period.
- *
- * Return value: Whether successful or not.
- **/
-gboolean
-gck_session_login (GckSession *self, gulong user_type, const guchar *pin,
- gsize n_pin, GError **err)
-{
- return gck_session_login_full (self, user_type, pin, n_pin, NULL, err);
-}
-
-/**
- * gck_session_login_full:
- * @self: Log in to this session.
- * @user_type: The type of login user.
- * @pin: The user's PIN, or NULL for protected authentication path.
- * @n_pin: The length of the PIN.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to return an error.
*
@@ -769,8 +705,8 @@ gck_session_login (GckSession *self, gulong user_type, const guchar *pin,
* Return value: Whether successful or not.
**/
gboolean
-gck_session_login_full (GckSession *self, gulong user_type, const guchar *pin,
- gsize n_pin, GCancellable *cancellable, GError **err)
+gck_session_login (GckSession *self, gulong user_type, const guchar *pin,
+ gsize n_pin, GCancellable *cancellable, GError **err)
{
Login args = { GCK_ARGUMENTS_INIT, user_type, (guchar*)pin, n_pin };
return _gck_call_sync (self, perform_login, NULL, &args, cancellable, err);
@@ -835,21 +771,6 @@ perform_logout (GckArguments *args)
/**
* gck_session_logout:
* @self: Logout of this session.
- * @err: A location to return an error.
- *
- * Log out of the session. This call may block for an indefinite period.
- *
- * Return value: Whether the logout was successful or not.
- **/
-gboolean
-gck_session_logout (GckSession *self, GError **err)
-{
- return gck_session_logout_full (self, NULL, err);
-}
-
-/**
- * gck_session_logout_full:
- * @self: Logout of this session.
* @cancellable: Optional cancellation object, or NULL.
* @err: A location to return an error.
*
@@ -858,7 +779,7 @@ gck_session_logout (GckSession *self, GError **err)
* Return value: Whether the logout was successful or not.
**/
gboolean
-gck_session_logout_full (GckSession *self, GCancellable *cancellable, GError **err)
+gck_session_logout (GckSession *self, GCancellable *cancellable, GError **err)
{
GckArguments args = GCK_ARGUMENTS_INIT;
return _gck_call_sync (self, perform_logout, NULL, &args, cancellable, err);
@@ -1398,10 +1319,10 @@ perform_wrap_key (WrapKey *args)
**/
gpointer
gck_session_wrap_key (GckSession *self, GckObject *key, gulong mech_type,
- GckObject *wrapped, gsize *n_result, GError **err)
+ GckObject *wrapped, gsize *n_result, GCancellable *cancellable, GError **err)
{
GckMechanism mech = { mech_type, NULL, 0 };
- return gck_session_wrap_key_full (self, key, &mech, wrapped, n_result, NULL, err);
+ return gck_session_wrap_key_full (self, key, &mech, wrapped, n_result, cancellable, err);
}
/**
@@ -1559,7 +1480,7 @@ perform_unwrap_key (UnwrapKey *args)
* gck_session_unwrap_key:
* @self: The session to use.
* @wrapper: The key to use for unwrapping.
- * @mechanism: The mechanism to use for unwrapping.
+ * @mech_type: The mechanism to use for unwrapping.
* @input: The wrapped data as a byte stream.
* @n_input: The length of the wrapped data.
* @attrs: Additional attributes for the unwrapped key.
@@ -1572,10 +1493,35 @@ perform_unwrap_key (UnwrapKey *args)
* Return value: The new unwrapped key or NULL if the operation failed.
**/
GckObject*
-gck_session_unwrap_key (GckSession *self, GckObject *wrapper, GckMechanism *mechanism,
+gck_session_unwrap_key (GckSession *self, GckObject *wrapper, gulong mech_type,
gconstpointer input, gsize n_input, GckAttributes *attrs,
GCancellable *cancellable, GError **err)
{
+ GckMechanism mech = { mech_type, NULL, 0 };
+ return gck_session_unwrap_key_full (self, wrapper, &mech, input, n_input, attrs, cancellable, err);
+}
+
+/**
+ * gck_session_unwrap_key_full:
+ * @self: The session to use.
+ * @wrapper: The key to use for unwrapping.
+ * @mechanism: The mechanism to use for unwrapping.
+ * @input: The wrapped data as a byte stream.
+ * @n_input: The length of the wrapped data.
+ * @attrs: Additional attributes for the unwrapped key.
+ * @cancellable: Optional cancellation object, or NULL.
+ * @err: A location to return an error, or NULL.
+ *
+ * Unwrap a key from a byte stream. This call may block for an
+ * indefinite period.
+ *
+ * Return value: The new unwrapped key or NULL if the operation failed.
+ **/
+GckObject*
+gck_session_unwrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism *mechanism,
+ gconstpointer input, gsize n_input, GckAttributes *attrs,
+ GCancellable *cancellable, GError **err)
+{
UnwrapKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, input, n_input, 0 };
gboolean ret;
@@ -1713,9 +1659,31 @@ perform_derive_key (DeriveKey *args)
* Return value: The new derived key or NULL if the operation failed.
**/
GckObject*
-gck_session_derive_key (GckSession *self, GckObject *base, GckMechanism *mechanism,
+gck_session_derive_key (GckSession *self, GckObject *base, gulong mech_type,
GckAttributes *attrs, GCancellable *cancellable, GError **err)
{
+ GckMechanism mech = { mech_type, NULL, 0 };
+ return gck_session_derive_key_full (self, base, &mech, attrs, cancellable, err);
+}
+
+/**
+ * gck_session_derive_key_full:
+ * @self: The session to use.
+ * @base: The key to derive from.
+ * @mechanism: The mechanism to use for derivation.
+ * @attrs: Additional attributes for the derived key.
+ * @cancellable: Optional cancellation object, or NULL.
+ * @err: A location to return an error, or NULL.
+ *
+ * Derive a key from another key. This call may block for an
+ * indefinite period.
+ *
+ * Return value: The new derived key or NULL if the operation failed.
+ **/
+GckObject*
+gck_session_derive_key_full (GckSession *self, GckObject *base, GckMechanism *mechanism,
+ GckAttributes *attrs, GCancellable *cancellable, GError **err)
+{
DeriveKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, 0 };
gboolean ret;
@@ -2155,10 +2123,10 @@ crypt_finish (GckSession *self, GAsyncResult *result, gsize *n_result, GError **
*/
guchar*
gck_session_encrypt (GckSession *self, GckObject *key, gulong mech_type, const guchar *input,
- gsize n_input, gsize *n_result, GError **err)
+ gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err)
{
GckMechanism mechanism = { mech_type, NULL, 0 };
- return gck_session_encrypt_full (self, key, &mechanism, input, n_input, n_result, NULL, err);
+ return gck_session_encrypt_full (self, key, &mechanism, input, n_input, n_result, cancellable, err);
}
/**
@@ -2272,10 +2240,10 @@ gck_session_encrypt_finish (GckSession *self, GAsyncResult *result, gsize *n_res
*/
guchar*
gck_session_decrypt (GckSession *self, GckObject *key, gulong mech_type, const guchar *input,
- gsize n_input, gsize *n_result, GError **err)
+ gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err)
{
GckMechanism mechanism = { mech_type, NULL, 0 };
- return gck_session_decrypt_full (self, key, &mechanism, input, n_input, n_result, NULL, err);
+ return gck_session_decrypt_full (self, key, &mechanism, input, n_input, n_result, cancellable, err);
}
/**
@@ -2387,7 +2355,7 @@ gck_session_decrypt_finish (GckSession *self, GAsyncResult *result,
*/
guchar*
gck_session_sign (GckSession *self, GckObject *key, gulong mech_type, const guchar *input,
- gsize n_input, gsize *n_result, GError **err)
+ gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err)
{
GckMechanism mechanism = { mech_type, NULL, 0 };
return gck_session_sign_full (self, key, &mechanism, input, n_input, n_result, NULL, err);
@@ -2557,7 +2525,7 @@ free_verify (Verify *args)
*/
gboolean
gck_session_verify (GckSession *self, GckObject *key, gulong mech_type, const guchar *input,
- gsize n_input, const guchar *signature, gsize n_signature, GError **err)
+ gsize n_input, const guchar *signature, gsize n_signature, GCancellable *cancellable, GError **err)
{
GckMechanism mechanism = { mech_type, NULL, 0 };
return gck_session_verify_full (self, key, &mechanism, input, n_input,
diff --git a/gck/gck-slot.c b/gck/gck-slot.c
index dd9a1fb7..d8a4a4ef 100644
--- a/gck/gck-slot.c
+++ b/gck/gck-slot.c
@@ -940,9 +940,9 @@ free_open_session (OpenSession *args)
* Return value: A new session or NULL if an error occurs.
**/
GckSession*
-gck_slot_open_session (GckSlot *self, guint options, GError **err)
+gck_slot_open_session (GckSlot *self, guint options, GCancellable *cancellable, GError **err)
{
- return gck_slot_open_session_full (self, options, 0, NULL, NULL, NULL, err);
+ return gck_slot_open_session_full (self, options, 0, NULL, NULL, cancellable, err);
}
/**
diff --git a/gck/gck.h b/gck/gck.h
index 021ce358..41461caf 100644
--- a/gck/gck.h
+++ b/gck/gck.h
@@ -510,6 +510,7 @@ gboolean gck_slot_init_token_finish (GckSlot *self,
GckSession* gck_slot_open_session (GckSlot *self,
guint options,
+ GCancellable *cancellable,
GError **err);
GckSession* gck_slot_open_session_full (GckSlot *self,
@@ -603,11 +604,6 @@ guint gck_session_get_options (GckSession *self);
gboolean gck_session_init_pin (GckSession *self,
const guchar *pin,
gsize n_pin,
- GError **err);
-
-gboolean gck_session_init_pin_full (GckSession *self,
- const guchar *pin,
- gsize n_pin,
GCancellable *cancellable,
GError **err);
@@ -627,13 +623,6 @@ gboolean gck_session_set_pin (GckSession *self,
gsize n_old_pin,
const guchar *new_pin,
gsize n_new_pin,
- GError **err);
-
-gboolean gck_session_set_pin_full (GckSession *self,
- const guchar *old_pin,
- gsize n_old_pin,
- const guchar *new_pin,
- gsize n_new_pin,
GCancellable *cancellable,
GError **err);
@@ -654,12 +643,6 @@ gboolean gck_session_login (GckSession *self,
gulong user_type,
const guchar *pin,
gsize n_pin,
- GError **err);
-
-gboolean gck_session_login_full (GckSession *self,
- gulong user_type,
- const guchar *pin,
- gsize n_pin,
GCancellable *cancellable,
GError **err);
@@ -676,9 +659,6 @@ gboolean gck_session_login_finish (GckSession *self,
GError **err);
gboolean gck_session_logout (GckSession *self,
- GError **err);
-
-gboolean gck_session_logout_full (GckSession *self,
GCancellable *cancellable,
GError **err);
@@ -741,6 +721,15 @@ GckObject* gck_session_generate_key_finish (GckSession *self,
#endif /* UNIMPLEMENTED */
+gboolean gck_session_generate_key_pair (GckSession *self,
+ gulong mech_type,
+ GckAttributes *public_attrs,
+ GckAttributes *private_attrs,
+ GckObject **public_key,
+ GckObject **private_key,
+ GCancellable *cancellable,
+ GError **err);
+
gboolean gck_session_generate_key_pair_full (GckSession *self,
GckMechanism *mechanism,
GckAttributes *public_attrs,
@@ -770,6 +759,7 @@ guchar* gck_session_encrypt (GckSession *self,
const guchar *input,
gsize n_input,
gsize *n_result,
+ GCancellable *cancellable,
GError **err);
guchar* gck_session_encrypt_full (GckSession *self,
@@ -801,6 +791,7 @@ guchar* gck_session_decrypt (GckSession *self,
const guchar *input,
gsize n_input,
gsize *n_result,
+ GCancellable *cancellable,
GError **err);
guchar* gck_session_decrypt_full (GckSession *self,
@@ -864,6 +855,7 @@ guchar* gck_session_sign (GckSession *self,
const guchar *input,
gsize n_input,
gsize *n_result,
+ GCancellable *cancellable,
GError **err);
guchar* gck_session_sign_full (GckSession *self,
@@ -931,6 +923,7 @@ gboolean gck_session_verify (GckSession *self,
gsize n_input,
const guchar *signature,
gsize n_signature,
+ GCancellable *cancellable,
GError **err);
gboolean gck_session_verify_full (GckSession *self,
@@ -998,6 +991,7 @@ gpointer gck_session_wrap_key (GckSession *self,
gulong mech_type,
GckObject *wrapped,
gsize *n_result,
+ GCancellable *cancellable,
GError **err);
gpointer gck_session_wrap_key_full (GckSession *self,
@@ -1023,6 +1017,15 @@ gpointer gck_session_wrap_key_finish (GckSession *self,
GckObject* gck_session_unwrap_key (GckSession *self,
GckObject *wrapper,
+ gulong mech_type,
+ gconstpointer input,
+ gsize n_input,
+ GckAttributes *attrs,
+ GCancellable *cancellable,
+ GError **err);
+
+GckObject* gck_session_unwrap_key_full (GckSession *self,
+ GckObject *wrapper,
GckMechanism *mechanism,
gconstpointer input,
gsize n_input,
@@ -1046,6 +1049,13 @@ GckObject* gck_session_unwrap_key_finish (GckSession *self,
GckObject* gck_session_derive_key (GckSession *self,
GckObject *base,
+ gulong mech_type,
+ GckAttributes *attrs,
+ GCancellable *cancellable,
+ GError **err);
+
+GckObject* gck_session_derive_key_full (GckSession *self,
+ GckObject *base,
GckMechanism *mechanism,
GckAttributes *attrs,
GCancellable *cancellable,
@@ -1125,6 +1135,7 @@ gchar* gck_object_build_uri_finish (GckObject *self,
#ifdef UNIMPLEMENTED
GckObject* gck_object_copy (GckObject *self,
+ GCancellable *cancellable,
GError **err);
GckObject* gck_object_copy_full (GckObject *self,
@@ -1145,9 +1156,6 @@ GckObject* gck_object_copy_finish (GckObject *self,
#endif /* UNIMPLEMENTED */
gboolean gck_object_destroy (GckObject *self,
- GError **err);
-
-gboolean gck_object_destroy_full (GckObject *self,
GCancellable *cancellable,
GError **err);
@@ -1163,9 +1171,6 @@ gboolean gck_object_destroy_finish (GckObject *self,
#if UNIMPLEMENTED
gssize gck_object_get_size (GckObject *self,
- GError **err);
-
-gssize gck_object_get_size_full (GckObject *self,
GCancellable *cancellable,
GError **err);
@@ -1195,16 +1200,19 @@ gboolean gck_object_set_finish (GckObject *self,
GError **err);
GckAttributes* gck_object_get (GckObject *self,
+ GCancellable *cancellable,
GError **err,
...);
GckAttributes* gck_object_get_full (GckObject *self,
- GckAttributes *attrs,
+ gulong *attr_types,
+ guint n_attr_types,
GCancellable *cancellable,
GError **err);
void gck_object_get_async (GckObject *self,
- GckAttributes *attrs,
+ gulong *attr_types,
+ guint n_attr_types,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
@@ -1215,6 +1223,7 @@ GckAttributes* gck_object_get_finish (GckObject *self,
gpointer gck_object_get_data (GckObject *self,
gulong attr_type,
+ GCancellable *cancellable,
gsize *n_data,
GError **err);
@@ -1240,11 +1249,6 @@ gpointer gck_object_get_data_finish (GckObject *self,
gboolean gck_object_set_template (GckObject *self,
gulong attr_type,
GckAttributes *attrs,
- GError **err);
-
-gboolean gck_object_set_template_full (GckObject *self,
- gulong attr_type,
- GckAttributes *attrs,
GCancellable *cancellable,
GError **err);
@@ -1261,10 +1265,6 @@ gboolean gck_object_set_template_finish (GckObject *self,
GckAttributes* gck_object_get_template (GckObject *self,
gulong attr_type,
- GError **err);
-
-GckAttributes* gck_object_get_template_full (GckObject *self,
- gulong attr_type,
GCancellable *cancellable,
GError **err);
diff --git a/gck/tests/test-gck-crypto.c b/gck/tests/test-gck-crypto.c
index 631e327f..b8b99e44 100644
--- a/gck/tests/test-gck-crypto.c
+++ b/gck/tests/test-gck-crypto.c
@@ -32,7 +32,7 @@ DEFINE_SETUP(crypto_session)
slots = gck_module_get_slots (module, TRUE);
g_assert (slots != NULL);
- session = gck_slot_open_session (slots->data, 0, &err);
+ session = gck_slot_open_session (slots->data, 0, NULL, &err);
SUCCESS_RES(session, err);
slot = gck_session_get_slot (session);
@@ -78,7 +78,7 @@ find_key (GckSession *session, CK_ATTRIBUTE_TYPE method, CK_MECHANISM_TYPE mech)
for (l = objects; l; l = g_list_next (l)) {
if (mech) {
- mechs = gck_object_get_data (l->data, CKA_ALLOWED_MECHANISMS, &n_mechs, NULL);
+ mechs = gck_object_get_data (l->data, CKA_ALLOWED_MECHANISMS, NULL, &n_mechs, NULL);
g_assert (mechs);
g_assert (n_mechs == sizeof (CK_MECHANISM_TYPE));
/* We know all of them only have one allowed mech */
@@ -119,7 +119,7 @@ check_key_with_value (GckSession *session, GckObject *key, CK_OBJECT_CLASS klass
GckAttribute *attr;
gulong check;
- attrs = gck_object_get (key, NULL, CKA_CLASS, CKA_VALUE, GCK_INVALID);
+ attrs = gck_object_get (key, NULL, NULL, CKA_CLASS, CKA_VALUE, GCK_INVALID);
g_assert (attrs);
if (!gck_attributes_find_ulong (attrs, CKA_CLASS, &check))
@@ -163,14 +163,7 @@ DEFINE_TEST(encrypt)
g_assert (key);
/* Simple one */
- output = gck_session_encrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"blah blah", 10, &n_output, &error);
- SUCCESS_RES (output, error);
- g_assert (n_output == 10);
- g_assert_cmpstr ((gchar*)output, ==, "BLAH BLAH");
- g_free (output);
-
- /* Full one */
- output = gck_session_encrypt_full (session, key, mech, (const guchar*)"blah blah", 10, &n_output, NULL, &error);
+ output = gck_session_encrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"blah blah", 10, &n_output, NULL, &error);
SUCCESS_RES (output, error);
g_assert (n_output == 10);
g_assert_cmpstr ((gchar*)output, ==, "BLAH BLAH");
@@ -210,19 +203,12 @@ DEFINE_TEST(decrypt)
g_assert (key);
/* Simple one */
- output = gck_session_decrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"FRY???", 7, &n_output, &error);
+ output = gck_session_decrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"FRY???", 7, &n_output, NULL, &error);
SUCCESS_RES (output, error);
g_assert (n_output == 7);
g_assert_cmpstr ((gchar*)output, ==, "fry???");
g_free (output);
- /* Full one */
- output = gck_session_decrypt_full (session, key, mech, (const guchar*)"TENNIS instructor", 18, &n_output, NULL, &error);
- SUCCESS_RES (output, error);
- g_assert (n_output == 18);
- g_assert_cmpstr ((gchar*)output, ==, "tennis instructor");
- g_free (output);
-
/* Asynchronous one */
gck_session_decrypt_async (session, key, mech, (const guchar*)"FAT CHANCE", 11, NULL, fetch_async_result, &result);
@@ -255,7 +241,7 @@ DEFINE_TEST(login_context_specific)
g_assert (key);
/* Simple one */
- output = gck_session_sign (session, key, CKM_MOCK_PREFIX, (const guchar*)"TV Monster", 11, &n_output, &error);
+ output = gck_session_sign (session, key, CKM_MOCK_PREFIX, (const guchar*)"TV Monster", 11, &n_output, NULL, &error);
g_assert (error && error->code == CKR_USER_NOT_LOGGED_IN);
FAIL_RES (output, error);
g_assert (output == NULL);
@@ -282,19 +268,12 @@ DEFINE_TEST(sign)
g_assert (key);
/* Simple one */
- output = gck_session_sign (session_with_auth, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10, &n_output, &error);
+ output = gck_session_sign (session_with_auth, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10, &n_output, NULL, &error);
SUCCESS_RES (output, error);
g_assert_cmpuint (n_output, ==, 24);
g_assert_cmpstr ((gchar*)output, ==, "signed-prefix:Labarbara");
g_free (output);
- /* Full one */
- output = gck_session_sign_full (session_with_auth, key, mech, (const guchar*)"Labarbara", 10, &n_output, NULL, &error);
- SUCCESS_RES (output, error);
- g_assert_cmpuint (n_output, ==, 20);
- g_assert_cmpstr ((gchar*)output, ==, "my-prefix:Labarbara");
- g_free (output);
-
/* Asynchronous one */
gck_session_sign_async (session_with_auth, key, mech, (const guchar*)"Conrad", 7, NULL, fetch_async_result, &result);
@@ -332,12 +311,7 @@ DEFINE_TEST(verify)
/* Simple one */
ret = gck_session_verify (session, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10,
- (const guchar*)"signed-prefix:Labarbara", 24, &error);
- SUCCESS_RES (ret, error);
-
- /* Full one */
- ret = gck_session_verify_full (session, key, mech, (const guchar*)"Labarbara", 10,
- (const guchar*)"my-prefix:Labarbara", 20, NULL, &error);
+ (const guchar*)"signed-prefix:Labarbara", 24, NULL, &error);
SUCCESS_RES (ret, error);
/* Failure one */
@@ -443,7 +417,7 @@ DEFINE_TEST(wrap_key)
wrapped = find_key_with_value (session, "value");
/* Simple One */
- output = gck_session_wrap_key (session, wrapper, CKM_MOCK_WRAP, wrapped, &n_output, &error);
+ output = gck_session_wrap_key (session, wrapper, CKM_MOCK_WRAP, wrapped, &n_output, NULL, &error);
SUCCESS_RES (output, error);
g_assert (output);
g_assert_cmpsize (n_output, ==, 5);
@@ -507,7 +481,7 @@ DEFINE_TEST(unwrap_key)
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
/* Full One*/
- unwrapped = gck_session_unwrap_key (session, wrapper, mech, "special", 7, attrs, NULL, &error);
+ unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error);
SUCCESS_RES (unwrapped, error);
g_assert (GCK_IS_OBJECT (unwrapped));
check_key_with_value (session, unwrapped, CKO_SECRET_KEY, "special");
@@ -515,7 +489,7 @@ DEFINE_TEST(unwrap_key)
/* Failure one */
mech->type = 0;
- unwrapped = gck_session_unwrap_key (session, wrapper, mech, "special", 7, attrs, NULL, &error);
+ unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error);
FAIL_RES (unwrapped, error);
/* Asynchronous one */
@@ -559,7 +533,7 @@ DEFINE_TEST(derive_key)
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
/* Full One*/
- derived = gck_session_derive_key (session, wrapper, mech, attrs, NULL, &error);
+ derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error);
SUCCESS_RES (derived, error);
g_assert (GCK_IS_OBJECT (derived));
check_key_with_value (session, derived, CKO_SECRET_KEY, "derived");
@@ -567,7 +541,7 @@ DEFINE_TEST(derive_key)
/* Failure one */
mech->type = 0;
- derived = gck_session_derive_key (session, wrapper, mech, attrs, NULL, &error);
+ derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error);
FAIL_RES (derived, error);
/* Asynchronous one */
diff --git a/gck/tests/test-gck-object.c b/gck/tests/test-gck-object.c
index 8c9079a8..08266fc5 100644
--- a/gck/tests/test-gck-object.c
+++ b/gck/tests/test-gck-object.c
@@ -29,7 +29,7 @@ DEFINE_SETUP(prep_object)
g_object_ref (slot);
gck_list_unref_free (slots);
- session = gck_slot_open_session (slot, 0, &err);
+ session = gck_slot_open_session (slot, 0, NULL, &err);
SUCCESS_RES(session, err);
/* Our module always exports a token object with this */
@@ -73,7 +73,7 @@ DEFINE_TEST(object_equals_hash)
g_assert (gck_object_equal (object, object));
other_slot = g_object_new (GCK_TYPE_SLOT, "module", module, "handle", GCK_MOCK_SLOT_TWO_ID, NULL);
- other_session = gck_slot_open_session (other_slot, 0, &err);
+ other_session = gck_slot_open_session (other_slot, 0, NULL, &err);
SUCCESS_RES (other_session, err);
other_object = gck_object_from_handle (other_session, gck_object_get_handle (object));
g_assert (!gck_object_equal (object, other_object));
@@ -157,16 +157,7 @@ DEFINE_TEST(destroy_object)
SUCCESS_RES (object, err);
g_assert (GCK_IS_OBJECT (object));
- ret = gck_object_destroy (object, &err);
- SUCCESS_RES (ret, err);
- g_object_unref (object);
-
- /* Using full */
- object = gck_session_create_object (session, attrs, NULL, &err);
- SUCCESS_RES (object, err);
- g_assert (GCK_IS_OBJECT (object));
-
- ret = gck_object_destroy_full (object, NULL, &err);
+ ret = gck_object_destroy (object, NULL, &err);
SUCCESS_RES (ret, err);
g_object_unref (object);
@@ -189,13 +180,17 @@ DEFINE_TEST(destroy_object)
DEFINE_TEST(get_attributes)
{
GAsyncResult *result = NULL;
- GckAttributes *attrs, *attrs_ret;
+ GckAttributes *attrs;
+ gulong attr_types[2];
GError *err = NULL;
gulong klass;
gchar *value = NULL;
+ attr_types[0] = CKA_CLASS;
+ attr_types[1] = CKA_LABEL;
+
/* Simple */
- attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
+ attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
SUCCESS_RES (attrs, err);
if (attrs != NULL) {
g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA);
@@ -205,11 +200,9 @@ DEFINE_TEST(get_attributes)
gck_attributes_unref (attrs);
/* Full */
- attrs = gck_attributes_new_empty (CKA_CLASS, CKA_LABEL, GCK_INVALID);
- attrs_ret = gck_object_get_full (object, attrs, NULL, &err);
- SUCCESS_RES (attrs_ret, err);
- if (attrs_ret != NULL) {
- g_assert (attrs_ret == attrs);
+ attrs = gck_object_get_full (object, attr_types, G_N_ELEMENTS (attr_types), NULL, &err);
+ SUCCESS_RES (attrs, err);
+ if (attrs != NULL) {
g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA);
g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "TEST LABEL") == 0);
g_free (value); value = NULL;
@@ -217,16 +210,14 @@ DEFINE_TEST(get_attributes)
gck_attributes_unref (attrs);
/* Async */
- attrs = gck_attributes_new_empty (CKA_CLASS, CKA_LABEL, GCK_INVALID);
- gck_object_get_async (object, attrs, NULL, fetch_async_result, &result);
+ gck_object_get_async (object, attr_types, G_N_ELEMENTS (attr_types), NULL, fetch_async_result, &result);
testing_wait_until (500);
g_assert (result != NULL);
- attrs_ret = gck_object_get_finish (object, result, &err);
+ attrs = gck_object_get_finish (object, result, &err);
g_object_unref (result);
SUCCESS_RES (attrs, err);
if (attrs != NULL) {
- g_assert (attrs_ret == attrs);
g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA);
g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "TEST LABEL") == 0);
g_free (value); value = NULL;
@@ -242,7 +233,7 @@ DEFINE_TEST(get_data_attribute)
GError *err = NULL;
/* Simple */
- klass = gck_object_get_data (object, CKA_CLASS, &n_data, &err);
+ klass = gck_object_get_data (object, CKA_CLASS, NULL, &n_data, &err);
SUCCESS_RES (klass, err);
if (klass != NULL) {
g_assert (n_data == sizeof (CK_OBJECT_CLASS));
@@ -293,7 +284,7 @@ DEFINE_TEST(set_attributes)
gck_attributes_unref (templ);
SUCCESS_RES (ret, err);
if (ret) {
- attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
+ attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == 6);
g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "CHANGE TWO") == 0);
g_free (value); value = NULL;
@@ -313,7 +304,7 @@ DEFINE_TEST(set_attributes)
g_object_unref (result);
SUCCESS_RES (ret, err);
if (ret) {
- attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
+ attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID);
g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == 7);
g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "CHANGE THREE") == 0);
g_free (value); value = NULL;
diff --git a/gck/tests/test-gck-session.c b/gck/tests/test-gck-session.c
index f9b8eb76..4fcc464d 100644
--- a/gck/tests/test-gck-session.c
+++ b/gck/tests/test-gck-session.c
@@ -28,7 +28,7 @@ DEFINE_SETUP(load_session)
g_object_ref (slot);
gck_list_unref_free (slots);
- session = gck_slot_open_session (slot, 0, &err);
+ session = gck_slot_open_session (slot, 0, NULL, &err);
SUCCESS_RES(session, err);
}
@@ -82,7 +82,7 @@ DEFINE_TEST(open_close_session)
GAsyncResult *result = NULL;
GError *err = NULL;
- sess = gck_slot_open_session (slot, 0, &err);
+ sess = gck_slot_open_session (slot, 0, NULL, &err);
SUCCESS_RES (sess, err);
g_object_unref (sess);
@@ -108,11 +108,11 @@ DEFINE_TEST(init_set_pin)
gboolean ret;
/* init pin */
- ret = gck_session_init_pin (session, (guchar*)"booo", 4, &err);
+ ret = gck_session_init_pin (session, (guchar*)"booo", 4, NULL, &err);
SUCCESS_RES (ret, err);
/* set pin */
- ret = gck_session_set_pin (session, (guchar*)"booo", 4, (guchar*)"tooo", 4, &err);
+ ret = gck_session_set_pin (session, (guchar*)"booo", 4, (guchar*)"tooo", 4, NULL, &err);
SUCCESS_RES (ret, err);
/* init pin async */
@@ -142,17 +142,10 @@ DEFINE_TEST(login_logout)
gboolean ret;
/* login/logout */
- ret = gck_session_login (session, CKU_USER, (guchar*)"booo", 4, &err);
+ ret = gck_session_login (session, CKU_USER, (guchar*)"booo", 4, NULL, &err);
SUCCESS_RES (ret, err);
- ret = gck_session_logout (session, &err);
- SUCCESS_RES (ret, err);
-
- /* login/logout full */
- ret = gck_session_login_full (session, CKU_USER, (guchar*)"booo", 4, NULL, &err);
- SUCCESS_RES (ret, err);
-
- ret = gck_session_logout_full (session, NULL, &err);
+ ret = gck_session_logout (session, NULL, &err);
SUCCESS_RES (ret, err);
/* login async */
@@ -214,7 +207,7 @@ DEFINE_TEST(auto_login)
/* Setup for auto login */
g_signal_connect (module, "authenticate-slot", G_CALLBACK (authenticate_token), GUINT_TO_POINTER (35));
- new_session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_LOGIN_USER, &err);
+ new_session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_LOGIN_USER, NULL, &err);
SUCCESS_RES (new_session, err);
/* Try again to do something that requires a login */
@@ -223,7 +216,7 @@ DEFINE_TEST(auto_login)
g_object_unref (object);
/* We should now be logged in, try to log out */
- ret = gck_session_logout (new_session, &err);
+ ret = gck_session_logout (new_session, NULL, &err);
SUCCESS_RES (ret, err);
g_object_unref (new_session);
@@ -246,7 +239,7 @@ DEFINE_TEST(auto_login)
g_object_unref (object);
/* We should now be logged in, try to log out */
- ret = gck_session_logout (new_session, &err);
+ ret = gck_session_logout (new_session, NULL, &err);
SUCCESS_RES (ret, err);
g_object_unref (new_session);
diff --git a/tool/gkr-tool-import.c b/tool/gkr-tool-import.c
index 3c3f4888..f9355958 100644
--- a/tool/gkr-tool-import.c
+++ b/tool/gkr-tool-import.c
@@ -42,15 +42,20 @@ static GOptionEntry import_entries[] = {
static void
on_imported (GcrImporter *importer, GckObject *object)
{
+ gulong attr_types[3];
GckAttributes *attrs;
GckAttribute *id;
CK_OBJECT_CLASS klass;
const gchar *message;
GError *err = NULL;
gchar *label, *hex;
-
- attrs = gck_attributes_new_empty (CKA_LABEL, CKA_CLASS, CKA_ID, GCK_INVALID);
- if (!gck_object_get_full (object, attrs, NULL, &err)) {
+
+ attr_types[0] = CKA_LABEL;
+ attr_types[1] = CKA_CLASS;
+ attr_types[2] = CKA_ID;
+
+ attrs = gck_object_get_full (object, attr_types, G_N_ELEMENTS (attr_types), NULL, &err);
+ if (attrs == NULL) {
gkr_tool_handle_error (&err, "couldn't get imported object info");
return;
}
View Lorry Controller Status