diff options
author | Stef Walter <stef@memberwebs.com> | 2010-09-27 23:54:24 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2010-09-27 23:54:24 +0000 |
commit | 77766af8777c6ffa868c271bca20a3c094c97ea8 (patch) | |
tree | 91e28ae53bd4767990f58ef56082037686c28daf | |
parent | d5183211fe8c7e377e4e2faacb3b6896bf1d9c04 (diff) | |
download | gnome-keyring-77766af8777c6ffa868c271bca20a3c094c97ea8.tar.gz |
[gck] Cleanup use of 'full' functions.
* Expect GCancellable in more places.
* Remove a bunch of xxx_full() functions that are redundant.
* Add a few xxx_full() functions where we don't want to have
to fill in full mechanisms.
-rw-r--r-- | daemon/dbus/gkd-secret-change.c | 6 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-create.c | 2 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-lock.c | 2 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-objects.c | 28 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-service.c | 2 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-session.c | 22 | ||||
-rw-r--r-- | daemon/dbus/gkd-secret-unlock.c | 2 | ||||
-rw-r--r-- | daemon/gpg-agent/gkd-gpg-agent-ops.c | 8 | ||||
-rw-r--r-- | daemon/gpg-agent/gkd-gpg-agent.c | 2 | ||||
-rw-r--r-- | daemon/login/gkd-login.c | 10 | ||||
-rw-r--r-- | daemon/ssh-agent/gkd-ssh-agent-ops.c | 26 | ||||
-rw-r--r-- | daemon/ssh-agent/gkd-ssh-agent.c | 2 | ||||
-rw-r--r-- | gck/gck-object.c | 138 | ||||
-rw-r--r-- | gck/gck-session.c | 164 | ||||
-rw-r--r-- | gck/gck-slot.c | 4 | ||||
-rw-r--r-- | gck/gck.h | 76 | ||||
-rw-r--r-- | gck/tests/test-gck-crypto.c | 52 | ||||
-rw-r--r-- | gck/tests/test-gck-object.c | 43 | ||||
-rw-r--r-- | gck/tests/test-gck-session.c | 25 | ||||
-rw-r--r-- | tool/gkr-tool-import.c | 11 |
20 files changed, 258 insertions, 367 deletions
diff --git a/daemon/dbus/gkd-secret-change.c b/daemon/dbus/gkd-secret-change.c index e4d00bf2..90f3ed54 100644 --- a/daemon/dbus/gkd-secret-change.c +++ b/daemon/dbus/gkd-secret-change.c @@ -68,7 +68,7 @@ prepare_change_prompt (GkdSecretChange *self, GckObject *collection, gboolean fi prompt = GKU_PROMPT (self); - data = gck_object_get_data (collection, CKA_LABEL, &n_data, &error); + data = gck_object_get_data (collection, CKA_LABEL, NULL, &n_data, &error); if (!data) { g_warning ("couldn't get label for collection: %s", egg_error_message (error)); g_clear_error (&error); @@ -295,13 +295,13 @@ gkd_secret_change_with_secrets (GckObject *collection, GkdSecretSecret *original cleanup: if (ocred) { /* Always destroy the original credential */ - gck_object_destroy (ocred, NULL); + gck_object_destroy (ocred, NULL, NULL); g_object_unref (ocred); } if (mcred) { /* Destroy the master credential if failed */ if (!result) - gck_object_destroy (mcred, NULL); + gck_object_destroy (mcred, NULL, NULL); g_object_unref (mcred); } diff --git a/daemon/dbus/gkd-secret-create.c b/daemon/dbus/gkd-secret-create.c index 9a787712..a21a2068 100644 --- a/daemon/dbus/gkd-secret-create.c +++ b/daemon/dbus/gkd-secret-create.c @@ -306,7 +306,7 @@ gkd_secret_create_with_secret (GckAttributes *attrs, GkdSecretSecret *master, return FALSE; } - identifier = gck_object_get_data (collection, CKA_ID, &n_identifier, &error); + identifier = gck_object_get_data (collection, CKA_ID, NULL, &n_identifier, &error); g_object_unref (collection); if (!identifier) { diff --git a/daemon/dbus/gkd-secret-lock.c b/daemon/dbus/gkd-secret-lock.c index 8d4b4884..ff7a080d 100644 --- a/daemon/dbus/gkd-secret-lock.c +++ b/daemon/dbus/gkd-secret-lock.c @@ -58,7 +58,7 @@ gkd_secret_lock (GckObject *collection, DBusError *derr) } for (l = objects; l; l = g_list_next (l)) { - if (!gck_object_destroy (l->data, &error)) { + if (!gck_object_destroy (l->data, NULL, &error)) { g_warning ("couldn't destroy credential object: %s", egg_error_message (error)); g_clear_error (&error); } diff --git a/daemon/dbus/gkd-secret-objects.c b/daemon/dbus/gkd-secret-objects.c index 120241d6..48e56ba1 100644 --- a/daemon/dbus/gkd-secret-objects.c +++ b/daemon/dbus/gkd-secret-objects.c @@ -110,7 +110,7 @@ iter_append_item_path (const gchar *base, GckObject *object, DBusMessageIter *it gchar *alloc = NULL; if (base == NULL) { - identifier = gck_object_get_data (object, CKA_G_COLLECTION, &n_identifier, &error); + identifier = gck_object_get_data (object, CKA_G_COLLECTION, NULL, &n_identifier, &error); if (!identifier) { g_warning ("couldn't get item collection identifier: %s", egg_error_message (error)); g_clear_error (&error); @@ -121,7 +121,7 @@ iter_append_item_path (const gchar *base, GckObject *object, DBusMessageIter *it g_free (identifier); } - identifier = gck_object_get_data (object, CKA_ID, &n_identifier, &error); + identifier = gck_object_get_data (object, CKA_ID, NULL, &n_identifier, &error); if (identifier == NULL) { g_warning ("couldn't get item identifier: %s", egg_error_message (error)); g_clear_error (&error); @@ -163,7 +163,7 @@ iter_append_collection_paths (GList *collections, DBusMessageIter *iter) for (l = collections; l; l = g_list_next (l)) { - identifier = gck_object_get_data (l->data, CKA_ID, &n_identifier, &error); + identifier = gck_object_get_data (l->data, CKA_ID, NULL, &n_identifier, &error); if (identifier == NULL) { g_warning ("couldn't get collection identifier: %s", egg_error_message (error)); g_clear_error (&error); @@ -196,7 +196,7 @@ object_property_get (GckObject *object, DBusMessage *message, "Object does not have the '%s' property", prop_name); /* Retrieve the actual attribute */ - attr.value = gck_object_get_data (object, attr.type, &length, &error); + attr.value = gck_object_get_data (object, attr.type, NULL, &length, &error); if (error != NULL) { reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED, "Couldn't retrieve '%s' property: %s", @@ -320,7 +320,7 @@ item_property_getall (GckObject *object, DBusMessage *message) "Object does not have properties on interface '%s'", interface); - attrs = gck_object_get (object, &error, + attrs = gck_object_get (object, NULL, &error, CKA_LABEL, CKA_G_SCHEMA, CKA_G_LOCKED, @@ -353,7 +353,7 @@ item_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage *mess if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID)) return NULL; - if (!gck_object_destroy (object, &error)) { + if (!gck_object_destroy (object, NULL, &error)) { if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN)) reply = dbus_message_new_error_printf (message, SECRET_ERROR_IS_LOCKED, "Cannot delete a locked item"); @@ -472,7 +472,7 @@ item_cleanup_search_results (GckSession *session, GList *items, *unlocked = NULL; for (l = items; l; l = g_list_next (l)) { - value = gck_object_get_data (l->data, CKA_G_LOCKED, &n_value, &error); + value = gck_object_get_data (l->data, CKA_G_LOCKED, NULL, &n_value, &error); if (value == NULL) { if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID)) g_warning ("couldn't check if item is locked: %s", egg_error_message (error)); @@ -563,7 +563,7 @@ collection_property_getall (GkdSecretObjects *self, GckObject *object, DBusMessa "Object does not have properties on interface '%s'", interface); - attrs = gck_object_get (object, &error, + attrs = gck_object_get (object, NULL, &error, CKA_LABEL, CKA_G_LOCKED, CKA_G_CREATED, @@ -629,8 +629,8 @@ collection_find_matching_item (GkdSecretObjects *self, GckSession *session, } /* Get the matched item handles, and delete the search object */ - data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, NULL); - gck_object_destroy (search, NULL); + data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, NULL); + gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (n_data >= sizeof (CK_OBJECT_HANDLE)) @@ -712,7 +712,7 @@ collection_method_create_item (GkdSecretObjects *self, GckObject *object, DBusMe /* Set the secret */ if (!gkd_secret_session_set_item_secret (secret->session, item, secret, &derr)) { if (created) /* If we created, then try to destroy on failure */ - gck_object_destroy (item, NULL); + gck_object_destroy (item, NULL, NULL); goto cleanup; } @@ -763,7 +763,7 @@ collection_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID)) return NULL; - if (!gck_object_destroy (object, &error)) { + if (!gck_object_destroy (object, NULL, &error)) { reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED, "Couldn't delete collection: %s", egg_error_message (error)); @@ -1229,8 +1229,8 @@ gkd_secret_objects_handle_search_items (GkdSecretObjects *self, DBusMessage *mes } /* Get the matched item handles, and delete the search object */ - data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, &error); - gck_object_destroy (search, NULL); + data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error); + gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (error != NULL) { diff --git a/daemon/dbus/gkd-secret-service.c b/daemon/dbus/gkd-secret-service.c index f9f39850..bac9a5f6 100644 --- a/daemon/dbus/gkd-secret-service.c +++ b/daemon/dbus/gkd-secret-service.c @@ -1232,7 +1232,7 @@ gkd_secret_service_get_pkcs11_session (GkdSecretService *self, const gchar *call info = gck_slot_get_token_info (slot); login = info && (info->flags & CKF_LOGIN_REQUIRED); gck_token_info_free (info); - if (login && !gck_session_login (client->pkcs11_session, CKU_USER, NULL, 0, &error)) { + if (login && !gck_session_login (client->pkcs11_session, CKU_USER, NULL, 0, NULL, &error)) { g_warning ("couldn't log in to pkcs11 session for secret service: %s", egg_error_message (error)); g_clear_error (&error); diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c index c1ae92ca..eb39afaa 100644 --- a/daemon/dbus/gkd-secret-session.c +++ b/daemon/dbus/gkd-secret-session.c @@ -131,7 +131,7 @@ aes_derive_key (GckSession *session, GckObject *priv_key, gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY); gck_attributes_add_ulong (attrs, CKA_KEY_TYPE, CKK_AES); - *aes_key = gck_session_derive_key (session, priv_key, mech, attrs, NULL, &error); + *aes_key = gck_session_derive_key_full (session, priv_key, mech, attrs, NULL, &error); gck_mechanism_unref (mech); gck_attributes_unref (attrs); @@ -165,8 +165,8 @@ aes_negotiate (GkdSecretSession *self, DBusMessage *message, gconstpointer input "Failed to create necessary crypto keys."); /* Get the output data */ - output = gck_object_get_data (pub, CKA_VALUE, &n_output, &error); - gck_object_destroy (pub, NULL); + output = gck_object_get_data (pub, CKA_VALUE, NULL, &n_output, &error); + gck_object_destroy (pub, NULL, NULL); g_object_unref (pub); if (output == NULL) { @@ -179,7 +179,7 @@ aes_negotiate (GkdSecretSession *self, DBusMessage *message, gconstpointer input ret = aes_derive_key (session, priv, input, n_input, &key); - gck_object_destroy (priv, NULL); + gck_object_destroy (priv, NULL, NULL); g_object_unref (priv); if (ret == FALSE) { @@ -475,8 +475,8 @@ gkd_secret_session_begin (GkdSecretSession *self, const gchar *group, return NULL; /* Get the output data */ - output = gck_object_get_data (public, CKA_VALUE, n_output, &error); - gck_object_destroy (public, NULL); + output = gck_object_get_data (public, CKA_VALUE, NULL, n_output, &error); + gck_object_destroy (public, NULL, NULL); g_object_unref (public); if (output == NULL) { @@ -640,7 +640,7 @@ gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item, * the unwrap won't generate a new object, but merely set the secret. */ - attrs = gck_object_get (item, &error, CKA_ID, CKA_G_COLLECTION, GCK_INVALID); + attrs = gck_object_get (item, NULL, &error, CKA_ID, CKA_G_COLLECTION, GCK_INVALID); if (attrs == NULL) { g_message ("couldn't get item attributes: %s", egg_error_message (error)); dbus_set_error_const (derr, DBUS_ERROR_FAILED, "Couldn't set item secret"); @@ -655,8 +655,8 @@ gkd_secret_session_set_item_secret (GkdSecretSession *self, GckObject *item, mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter, secret->n_parameter); - object = gck_session_unwrap_key (session, self->key, mech, secret->value, - secret->n_value, attrs, NULL, &error); + object = gck_session_unwrap_key_full (session, self->key, mech, secret->value, + secret->n_value, attrs, NULL, &error); gck_mechanism_unref (mech); gck_attributes_unref (attrs); @@ -715,8 +715,8 @@ gkd_secret_session_create_credential (GkdSecretSession *self, GckSession *sessio mech = gck_mechanism_new_with_param (self->mech_type, secret->parameter, secret->n_parameter); - object = gck_session_unwrap_key (session, self->key, mech, secret->value, - secret->n_value, attrs, NULL, &error); + object = gck_session_unwrap_key_full (session, self->key, mech, secret->value, + secret->n_value, attrs, NULL, &error); gck_mechanism_unref (mech); gck_attributes_unref (alloc); diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c index 0be3a26e..2005627c 100644 --- a/daemon/dbus/gkd-secret-unlock.c +++ b/daemon/dbus/gkd-secret-unlock.c @@ -92,7 +92,7 @@ check_locked_collection (GckObject *collection, gboolean *locked) gpointer value; gsize n_value; - value = gck_object_get_data (collection, CKA_G_LOCKED, &n_value, &error); + value = gck_object_get_data (collection, CKA_G_LOCKED, NULL, &n_value, &error); if (value == NULL) { if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID)) g_warning ("couldn't check locked status of collection: %s", diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c index f585b985..ba13808b 100644 --- a/daemon/gpg-agent/gkd-gpg-agent-ops.c +++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c @@ -139,8 +139,8 @@ find_saved_items (GckSession *session, GckAttributes *attrs) return NULL; } - data = gck_object_get_data (search, CKA_G_MATCHED, &n_data, &error); - gck_object_destroy (search, NULL); + data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error); + gck_object_destroy (search, NULL, NULL); g_object_unref (search); if (data == NULL) { @@ -188,7 +188,7 @@ do_save_password (GckSession *session, const gchar *keyid, const gchar *descript /* Find a previously stored object like this, and replace if so */ previous = find_saved_items (session, attrs); if (previous) { - identifier = gck_object_get_data (previous->data, CKA_ID, &n_identifier, NULL); + identifier = gck_object_get_data (previous->data, CKA_ID, NULL, &n_identifier, NULL); if (identifier != NULL) gck_attributes_add_data (attrs, CKA_ID, identifier, n_identifier); g_free (identifier); @@ -234,7 +234,7 @@ do_clear_password (GckSession *session, const gchar *keyid) /* Delete first item */ for (l = objects; l; l = g_list_next (l)) { - if (gck_object_destroy (l->data, &error)) { + if (gck_object_destroy (l->data, NULL, &error)) { break; /* Only delete the first item */ } else { g_warning ("couldn't clear gpg agent password: %s", diff --git a/daemon/gpg-agent/gkd-gpg-agent.c b/daemon/gpg-agent/gkd-gpg-agent.c index 2440e1e6..e09b6fdb 100644 --- a/daemon/gpg-agent/gkd-gpg-agent.c +++ b/daemon/gpg-agent/gkd-gpg-agent.c @@ -435,7 +435,7 @@ gkd_gpg_agent_initialize_with_module (GckModule *module) } /* Try and open a session */ - session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_AUTHENTICATE, &error); + session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_AUTHENTICATE, NULL, &error); g_object_unref (slot); if (!session) { diff --git a/daemon/login/gkd-login.c b/daemon/login/gkd-login.c index 1ac69d49..a4ef5063 100644 --- a/daemon/login/gkd-login.c +++ b/daemon/login/gkd-login.c @@ -54,9 +54,9 @@ open_and_login_session (GckSlot *slot, CK_USER_TYPE user_type, GError **error) if (!error) error = &err; - session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE, error); + session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE, NULL, error); if (session != NULL) { - if (!gck_session_login (session, user_type, NULL, 0, error)) { + if (!gck_session_login (session, user_type, NULL, 0, NULL, error)) { if (g_error_matches (*error, GCK_ERROR, CKR_USER_ALREADY_LOGGED_IN)) { g_clear_error (error); } else { @@ -248,7 +248,7 @@ init_pin_for_uninitialized_slots (GList *modules, const gchar *master) if (initialize) { session = open_and_login_session (l->data, CKU_SO, NULL); if (session != NULL) { - if (!gck_session_init_pin (session, (const guchar*)master, strlen (master), &error)) { + if (!gck_session_init_pin (session, (const guchar*)master, strlen (master), NULL, &error)) { if (!g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED)) g_warning ("couldn't initialize slot with master password: %s", egg_error_message (error)); @@ -349,7 +349,7 @@ change_or_create_login (GList *modules, const gchar *original, const gchar *mast } if (ocred) { - gck_object_destroy (ocred, NULL); + gck_object_destroy (ocred, NULL, NULL); g_object_unref (ocred); } if (mcred) @@ -385,7 +385,7 @@ set_pin_for_any_slots (GList *modules, const gchar *original, const gchar *maste session = open_and_login_session (l->data, CKU_USER, NULL); if (session != NULL) { if (!gck_session_set_pin (session, (const guchar*)original, strlen (original), - (const guchar*)master, strlen (master), &error)) { + (const guchar*)master, strlen (master), NULL, &error)) { if (!g_error_matches (error, GCK_ERROR, CKR_PIN_INCORRECT) && !g_error_matches (error, GCK_ERROR, CKR_FUNCTION_NOT_SUPPORTED)) g_warning ("couldn't change slot master password: %s", diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c index dba36f9d..54d81dac 100644 --- a/daemon/ssh-agent/gkd-ssh-agent-ops.c +++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c @@ -72,7 +72,7 @@ login_session (GckSession *session) /* Log in the session if necessary */ if (state == CKS_RO_PUBLIC_SESSION || state == CKS_RW_PUBLIC_SESSION) { - if (!gck_session_login (session, CKU_USER, NULL, 0, &error)) { + if (!gck_session_login (session, CKU_USER, NULL, 0, NULL, &error)) { g_message ("couldn't log in to session: %s", egg_error_message (error)); ret = FALSE; } @@ -218,7 +218,7 @@ return_private_matching (GckObject *object, gpointer user_data) g_return_val_if_fail (*result == NULL, FALSE); /* Get the key identifier and token */ - attrs = gck_object_get (object, &error, CKA_ID, CKA_TOKEN, GCK_INVALID); + attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_TOKEN, GCK_INVALID); if (error) { g_warning ("error retrieving attributes for public key: %s", egg_error_message (error)); g_clear_error (&error); @@ -275,7 +275,7 @@ load_identity_v1_attributes (GckObject *object, gpointer user_data) * In addition V1 keys are only RSA. */ - attrs = gck_object_get (object, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS, + attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS, CKA_PUBLIC_EXPONENT, CKA_CLASS, CKA_MODULUS_BITS, GCK_INVALID); if (error) { g_warning ("error retrieving attributes for public key: %s", egg_error_message (error)); @@ -305,7 +305,7 @@ load_identity_v2_attributes (GckObject *object, gpointer user_data) g_return_val_if_fail (GCK_IS_OBJECT (object), FALSE); g_return_val_if_fail (user_data, FALSE); - attrs = gck_object_get (object, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS, + attrs = gck_object_get (object, NULL, &error, CKA_ID, CKA_LABEL, CKA_KEY_TYPE, CKA_MODULUS, CKA_PUBLIC_EXPONENT, CKA_PRIME, CKA_SUBPRIME, CKA_BASE, CKA_VALUE, CKA_CLASS, CKA_MODULUS_BITS, CKA_TOKEN, GCK_INVALID); if (error) { @@ -349,7 +349,7 @@ remove_key_pair (GckSession *session, GckObject *priv, GckObject *pub) return; if (priv != NULL) { - gck_object_destroy (priv, &error); + gck_object_destroy (priv, NULL, &error); if (error) { if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID)) @@ -359,7 +359,7 @@ remove_key_pair (GckSession *session, GckObject *priv, GckObject *pub) } if (pub != NULL) { - gck_object_destroy (pub, &error); + gck_object_destroy (pub, NULL, &error); if (error) { if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID)) @@ -399,7 +399,7 @@ lock_key_pair (GckSession *session, GckObject *priv, GckObject *pub) /* Delete them all */ for (l = objects; l; l = g_list_next (l)) { - gck_object_destroy (l->data, &error); + gck_object_destroy (l->data, NULL, &error); if (error) { g_warning ("couldn't delete authenticator object: %s", egg_error_message (error)); g_clear_error (&error); @@ -422,7 +422,7 @@ remove_by_public_key (GckSession *session, GckObject *pub, gboolean exclude_v1) if (!login_session (session)) return; - attrs = gck_object_get (pub, &error, CKA_LABEL, CKA_ID, CKA_TOKEN, GCK_INVALID); + attrs = gck_object_get (pub, NULL, &error, CKA_LABEL, CKA_ID, CKA_TOKEN, GCK_INVALID); if (error) { g_warning ("couldn't lookup attributes for key: %s", egg_error_message (error)); @@ -490,7 +490,7 @@ create_key_pair (GckSession *session, GckAttributes *priv, GckAttributes *pub) g_clear_error (&error); /* Failed, so remove private as well */ - gck_object_destroy (priv_key, NULL); + gck_object_destroy (priv_key, NULL, NULL); g_object_unref (priv_key); return FALSE; @@ -511,7 +511,7 @@ destroy_replaced_keys (GckSession *session, GList *keys) g_assert (GCK_IS_SESSION (session)); for (l = keys; l; l = g_list_next (l)) { - if (!gck_object_destroy (l->data, &error)) { + if (!gck_object_destroy (l->data, NULL, &error)) { if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID)) g_warning ("couldn't delete a SSH key we replaced: %s", egg_error_message (error)); @@ -941,7 +941,7 @@ unlock_and_sign (GckSession *session, GckObject *key, gulong mech_type, const gu gboolean always; /* First check if we should authenticate the key */ - attrs = gck_object_get (key, err, CKA_ALWAYS_AUTHENTICATE, GCK_INVALID); + attrs = gck_object_get (key, NULL, err, CKA_ALWAYS_AUTHENTICATE, GCK_INVALID); if (!attrs) return NULL; @@ -968,7 +968,7 @@ unlock_and_sign (GckSession *session, GckObject *key, gulong mech_type, const gu } /* Do the magic */ - return gck_session_sign (session, key, mech_type, input, n_input, n_result, err); + return gck_session_sign (session, key, mech_type, input, n_input, n_result, NULL, err); } static gboolean @@ -1159,7 +1159,7 @@ op_v1_challenge (GkdSshAgentCall *call) session = gck_object_get_session (key); g_return_val_if_fail (session, FALSE); - result = gck_session_decrypt (session, key, CKM_RSA_PKCS, data, n_data, &n_result, &error); + result = gck_session_decrypt (session, key, CKM_RSA_PKCS, data, n_data, &n_result, NULL, &error); g_object_unref (session); g_object_unref (key); diff --git a/daemon/ssh-agent/gkd-ssh-agent.c b/daemon/ssh-agent/gkd-ssh-agent.c index b744ddc9..eb8d21fe 100644 --- a/daemon/ssh-agent/gkd-ssh-agent.c +++ b/daemon/ssh-agent/gkd-ssh-agent.c @@ -378,7 +378,7 @@ gkd_ssh_agent_initialize_with_module (GckModule *module) if (gck_mechanisms_check (mechs, CKM_RSA_PKCS, CKM_DSA, GCK_INVALID)) { /* Try and open a session */ - session = gck_slot_open_session (l->data, GCK_SESSION_AUTHENTICATE, &error); + session = gck_slot_open_session (l->data, GCK_SESSION_AUTHENTICATE, NULL, &error); if (!session) { g_warning ("couldn't create pkcs#11 session: %s", egg_error_message (error)); g_clear_error (&error); diff --git a/gck/gck-object.c b/gck/gck-object.c index 2cea15d4..1c6fcf9c 100644 --- a/gck/gck-object.c +++ b/gck/gck-object.c @@ -380,24 +380,6 @@ perform_destroy (Destroy *args) /** * gck_object_destroy: * @self: The object to destroy. - * @err: A location to return an error. - * - * Destroy a PKCS#11 object, deleting it from storage or the session. - * This call may block for an indefinite period. - * - * Return value: Whether the call was successful or not. - **/ -gboolean -gck_object_destroy (GckObject *self, GError **err) -{ - g_return_val_if_fail (GCK_IS_OBJECT (self), FALSE); - g_return_val_if_fail (!err || !*err, FALSE); - return gck_object_destroy_full (self, NULL, err); -} - -/** - * gck_object_destroy_full: - * @self: The object to destroy. * @cancellable: Optional cancellable object, or NULL to ignore. * @err: A location to return an error. * @@ -407,7 +389,7 @@ gck_object_destroy (GckObject *self, GError **err) * Return value: Whether the call was successful or not. **/ gboolean -gck_object_destroy_full (GckObject *self, GCancellable *cancellable, GError **err) +gck_object_destroy (GckObject *self, GCancellable *cancellable, GError **err) { Destroy args = { GCK_ARGUMENTS_INIT, 0 }; @@ -669,29 +651,28 @@ free_get_attributes (GetAttributes *args) * The result must be unreffed when you're finished with it. **/ GckAttributes* -gck_object_get (GckObject *self, GError **err, ...) +gck_object_get (GckObject *self, GCancellable *cancellable, GError **err, ...) { GckAttributes *attrs; + GArray *array; va_list va; gulong type; g_return_val_if_fail (GCK_IS_OBJECT (self), NULL); g_return_val_if_fail (!err || !*err, NULL); - attrs = gck_attributes_new (); + array = g_array_new (FALSE, TRUE, sizeof (gulong)); va_start (va, err); for (;;) { type = va_arg (va, gulong); if (type == GCK_INVALID) break; - gck_attributes_add_invalid (attrs, type); + g_array_append_val (array, type); } va_end (va); - if (!gck_object_get_full (self, attrs, NULL, err)) { - gck_attributes_unref (attrs); - return NULL; - } + attrs = gck_object_get_full (self, (gulong*)array->data, array->len, cancellable, err); + g_array_free (array, TRUE); return attrs; } @@ -699,7 +680,8 @@ gck_object_get (GckObject *self, GError **err, ...) /** * gck_object_get_full: * @self: The object to get attributes from. - * @attrs: The attributes to get, with the types filled in. + * @attr_types: The types of the attributes to get. + * @n_attr_types: The number of attr_types * @cancellable: Optional cancellation object, or NULL. * @err: A location to store an error. * @@ -713,16 +695,22 @@ gck_object_get (GckObject *self, GError **err, ...) * or NULL if not. **/ GckAttributes* -gck_object_get_full (GckObject *self, GckAttributes *attrs, +gck_object_get_full (GckObject *self, gulong *attr_types, guint n_attr_types, GCancellable *cancellable, GError **err) { GetAttributes args; + GckAttributes *attrs; gboolean ret; + guint i; g_return_val_if_fail (GCK_IS_OBJECT (self), NULL); - g_return_val_if_fail (attrs, NULL); + g_return_val_if_fail (n_attr_types, NULL); g_return_val_if_fail (!err || !*err, NULL); + attrs = gck_attributes_new (); + for (i = 0; i < n_attr_types; ++i) + gck_attributes_add_empty (attrs, attr_types[i]); + _gck_attributes_lock (attrs); memset (&args, 0, sizeof (args)); @@ -732,13 +720,19 @@ gck_object_get_full (GckObject *self, GckAttributes *attrs, ret = _gck_call_sync (self->pv->session, perform_get_attributes, NULL, &args, cancellable, err); _gck_attributes_unlock (attrs); - return ret ? attrs : NULL; + if (!ret) { + gck_attributes_unref (attrs); + attrs = NULL; + } + + return attrs; } /** * gck_object_get_async: * @self: The object to get attributes from. - * @attrs: The attributes to get, initialized with their types. + * @attr_types: The types of the attributes to get. + * @n_attr_types: The number of attr_types * @cancellable: Optional cancellation object, or NULL. * @callback: A callback which is called when the operation completes. * @user_data: Data to be passed to the callback. @@ -751,19 +745,25 @@ gck_object_get_full (GckObject *self, GckAttributes *attrs, * This call returns immediately and completes asynchronously. **/ void -gck_object_get_async (GckObject *self, GckAttributes *attrs, GCancellable *cancellable, - GAsyncReadyCallback callback, gpointer user_data) +gck_object_get_async (GckObject *self, gulong *attr_types, guint n_attr_types, GCancellable *cancellable, + GAsyncReadyCallback callback, gpointer user_data) { + GckAttributes *attrs; GetAttributes *args; + guint i; g_return_if_fail (GCK_IS_OBJECT (self)); - g_return_if_fail (attrs); + g_return_if_fail (n_attr_types); + + attrs = gck_attributes_new (); + for (i = 0; i < n_attr_types; ++i) + gck_attributes_add_empty (attrs, attr_types[i]); args = _gck_call_async_prep (self->pv->session, self, perform_get_attributes, NULL, sizeof (*args), free_get_attributes); _gck_attributes_lock (attrs); - args->attrs = gck_attributes_ref (attrs); + args->attrs = attrs; args->object = self->pv->handle; _gck_call_async_ready_go (args, cancellable, callback, user_data); @@ -787,6 +787,7 @@ GckAttributes* gck_object_get_finish (GckObject *self, GAsyncResult *result, GError **err) { GetAttributes *args; + GckAttributes *attrs; g_return_val_if_fail (GCK_IS_OBJECT (self), NULL); g_return_val_if_fail (GCK_IS_CALL (result), NULL); @@ -794,11 +795,14 @@ gck_object_get_finish (GckObject *self, GAsyncResult *result, GError **err) args = _gck_call_arguments (result, GetAttributes); _gck_attributes_unlock (args->attrs); + attrs = gck_attributes_ref (args->attrs); - if (!_gck_call_basic_finish (result, err)) - return NULL; + if (!_gck_call_basic_finish (result, err)) { + gck_attributes_unref (attrs); + attrs = NULL; + } - return args->attrs; + return attrs; } /* --------------------------------------------------------------------------------- @@ -873,13 +877,14 @@ free_get_attribute_data (GetAttributeData *args) * Return value: The resulting PKCS#11 attribute data, or NULL if an error occurred. **/ gpointer -gck_object_get_data (GckObject *self, gulong attr_type, gsize *n_data, GError **err) +gck_object_get_data (GckObject *self, gulong attr_type, GCancellable *cancellable, + gsize *n_data, GError **err) { g_return_val_if_fail (GCK_IS_OBJECT (self), NULL); g_return_val_if_fail (n_data, NULL); g_return_val_if_fail (!err || !*err, NULL); - return gck_object_get_data_full (self, attr_type, g_realloc, NULL, n_data, err); + return gck_object_get_data_full (self, attr_type, g_realloc, cancellable, n_data, err); } /** @@ -1042,29 +1047,6 @@ free_set_template (set_template_args *args) * @self: The object to set an attribute template on. * @attr_type: The attribute template type. * @attrs: The attribute template. - * @err: A location to store an error. - * - * Set an attribute template on the object. The attr_type must be for - * an attribute which contains a template. - * - * This call may block for an indefinite period. - * - * Return value: TRUE if the operation succeeded. - **/ -gboolean -gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs, - GError **err) -{ - g_return_val_if_fail (GCK_IS_OBJECT (self), FALSE); - g_return_val_if_fail (!err || !*err, FALSE); - return gck_object_set_template_full (self, attr_type, attrs, NULL, err); -} - -/** - * gck_object_set_template_full: - * @self: The object to set an attribute template on. - * @attr_type: The attribute template type. - * @attrs: The attribute template. * @cancellable: Optional cancellation object, or NULL. * @err: A location to store an error. * @@ -1076,8 +1058,8 @@ gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs * Return value: TRUE if the operation succeeded. **/ gboolean -gck_object_set_template_full (GckObject *self, gulong attr_type, GckAttributes *attrs, - GCancellable *cancellable, GError **err) +gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs, + GCancellable *cancellable, GError **err) { set_template_args args; gboolean ret = FALSE; @@ -1225,28 +1207,6 @@ free_get_template (get_template_args *args) /** * gck_object_get_template: * @self: The object to get an attribute template from. - * @attr_type: The attribute template type. - * @err: A location to store an error. - * - * Get an attribute template from the object. The attr_type must be for - * an attribute which returns a template. - * - * This call may block for an indefinite period. - * - * Return value: The resulting PKCS#11 attribute template, or NULL if an error occurred. - **/ -GckAttributes* -gck_object_get_template (GckObject *self, gulong attr_type, GError **err) -{ - g_return_val_if_fail (GCK_IS_OBJECT (self), NULL); - g_return_val_if_fail (!err || !*err, NULL); - - return gck_object_get_template_full (self, attr_type, NULL, err); -} - -/** - * gck_object_get_template_full: - * @self: The object to get an attribute template from. * @attr_type: The template attribute type. * @cancellable: Optional cancellation object, or NULL. * @err: A location to store an error. @@ -1259,8 +1219,8 @@ gck_object_get_template (GckObject *self, gulong attr_type, GError **err) * Return value: The resulting PKCS#11 attribute template, or NULL if an error occurred. **/ GckAttributes* -gck_object_get_template_full (GckObject *self, gulong attr_type, - GCancellable *cancellable, GError **err) +gck_object_get_template (GckObject *self, gulong attr_type, + GCancellable *cancellable, GError **err) { get_template_args args; gboolean ret; diff --git a/gck/gck-session.c b/gck/gck-session.c index ee72163f..b9a419f1 100644 --- a/gck/gck-session.c +++ b/gck/gck-session.c @@ -501,28 +501,6 @@ perform_init_pin (InitPin *args) * @self: Initialize PIN for this session's slot. * @pin: The user's PIN, or NULL for protected authentication path. * @n_pin: The length of the PIN. - * @err: A location to return an error. - * - * Initialize the user's pin on this slot that this session is opened on. - * According to the PKCS#11 standards, the session must be logged in with - * the CKU_SO user type. - * - * This call may block for an indefinite period. - * - * Return value: Whether successful or not. - **/ -gboolean -gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin, - GError **err) -{ - return gck_session_init_pin_full (self, pin, n_pin, NULL, err); -} - -/** - * gck_session_init_pin_full: - * @self: Initialize PIN for this session's slot. - * @pin: The user's PIN, or NULL for protected authentication path. - * @n_pin: The length of the PIN. * @cancellable: Optional cancellation object, or NULL. * @err: A location to return an error. * @@ -535,8 +513,8 @@ gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin, * Return value: Whether successful or not. **/ gboolean -gck_session_init_pin_full (GckSession *self, const guchar *pin, gsize n_pin, - GCancellable *cancellable, GError **err) +gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin, + GCancellable *cancellable, GError **err) { InitPin args = { GCK_ARGUMENTS_INIT, (guchar*)pin, n_pin }; return _gck_call_sync (self, perform_init_pin, NULL, &args, cancellable, err); @@ -622,28 +600,6 @@ perform_set_pin (SetPin *args) * @n_old_pin: The length of the PIN. * @new_pin: The user's new PIN, or NULL for protected authentication path. * @n_new_pin: The length of the PIN. - * @err: A location to return an error. - * - * Change the user's pin on this slot that this session is opened on. - * - * This call may block for an indefinite period. - * - * Return value: Whether successful or not. - **/ -gboolean -gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin, - const guchar *new_pin, gsize n_new_pin, GError **err) -{ - return gck_session_set_pin_full (self, old_pin, n_old_pin, new_pin, n_new_pin, NULL, err); -} - -/** - * gck_session_set_pin_full: - * @self: Change the PIN for this session's slot. - * @old_pin: The user's old PIN, or NULL for protected authentication path. - * @n_old_pin: The length of the PIN. - * @new_pin: The user's new PIN, or NULL for protected authentication path. - * @n_new_pin: The length of the PIN. * @cancellable: Optional cancellation object, or NULL. * @err: A location to return an error. * @@ -654,9 +610,9 @@ gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin, * Return value: Whether successful or not. **/ gboolean -gck_session_set_pin_full (GckSession *self, const guchar *old_pin, gsize n_old_pin, - const guchar *new_pin, gsize n_new_pin, GCancellable *cancellable, - GError **err) +gck_session_set_pin (GckSession *self, const guchar *old_pin, gsize n_old_pin, + const guchar *new_pin, gsize n_new_pin, GCancellable *cancellable, + GError **err) { SetPin args = { GCK_ARGUMENTS_INIT, (guchar*)old_pin, n_old_pin, (guchar*)new_pin, n_new_pin }; return _gck_call_sync (self, perform_set_pin, NULL, &args, cancellable, err); @@ -740,26 +696,6 @@ perform_login (Login *args) * @user_type: The type of login user. * @pin: The user's PIN, or NULL for protected authentication path. * @n_pin: The length of the PIN. - * @err: A location to return an error. - * - * Login the user on the session. This call may block - * for an indefinite period. - * - * Return value: Whether successful or not. - **/ -gboolean -gck_session_login (GckSession *self, gulong user_type, const guchar *pin, - gsize n_pin, GError **err) -{ - return gck_session_login_full (self, user_type, pin, n_pin, NULL, err); -} - -/** - * gck_session_login_full: - * @self: Log in to this session. - * @user_type: The type of login user. - * @pin: The user's PIN, or NULL for protected authentication path. - * @n_pin: The length of the PIN. * @cancellable: Optional cancellation object, or NULL. * @err: A location to return an error. * @@ -769,8 +705,8 @@ gck_session_login (GckSession *self, gulong user_type, const guchar *pin, * Return value: Whether successful or not. **/ gboolean -gck_session_login_full (GckSession *self, gulong user_type, const guchar *pin, - gsize n_pin, GCancellable *cancellable, GError **err) +gck_session_login (GckSession *self, gulong user_type, const guchar *pin, + gsize n_pin, GCancellable *cancellable, GError **err) { Login args = { GCK_ARGUMENTS_INIT, user_type, (guchar*)pin, n_pin }; return _gck_call_sync (self, perform_login, NULL, &args, cancellable, err); @@ -835,21 +771,6 @@ perform_logout (GckArguments *args) /** * gck_session_logout: * @self: Logout of this session. - * @err: A location to return an error. - * - * Log out of the session. This call may block for an indefinite period. - * - * Return value: Whether the logout was successful or not. - **/ -gboolean -gck_session_logout (GckSession *self, GError **err) -{ - return gck_session_logout_full (self, NULL, err); -} - -/** - * gck_session_logout_full: - * @self: Logout of this session. * @cancellable: Optional cancellation object, or NULL. * @err: A location to return an error. * @@ -858,7 +779,7 @@ gck_session_logout (GckSession *self, GError **err) * Return value: Whether the logout was successful or not. **/ gboolean -gck_session_logout_full (GckSession *self, GCancellable *cancellable, GError **err) +gck_session_logout (GckSession *self, GCancellable *cancellable, GError **err) { GckArguments args = GCK_ARGUMENTS_INIT; return _gck_call_sync (self, perform_logout, NULL, &args, cancellable, err); @@ -1398,10 +1319,10 @@ perform_wrap_key (WrapKey *args) **/ gpointer gck_session_wrap_key (GckSession *self, GckObject *key, gulong mech_type, - GckObject *wrapped, gsize *n_result, GError **err) + GckObject *wrapped, gsize *n_result, GCancellable *cancellable, GError **err) { GckMechanism mech = { mech_type, NULL, 0 }; - return gck_session_wrap_key_full (self, key, &mech, wrapped, n_result, NULL, err); + return gck_session_wrap_key_full (self, key, &mech, wrapped, n_result, cancellable, err); } /** @@ -1559,7 +1480,7 @@ perform_unwrap_key (UnwrapKey *args) * gck_session_unwrap_key: * @self: The session to use. * @wrapper: The key to use for unwrapping. - * @mechanism: The mechanism to use for unwrapping. + * @mech_type: The mechanism to use for unwrapping. * @input: The wrapped data as a byte stream. * @n_input: The length of the wrapped data. * @attrs: Additional attributes for the unwrapped key. @@ -1572,10 +1493,35 @@ perform_unwrap_key (UnwrapKey *args) * Return value: The new unwrapped key or NULL if the operation failed. **/ GckObject* -gck_session_unwrap_key (GckSession *self, GckObject *wrapper, GckMechanism *mechanism, +gck_session_unwrap_key (GckSession *self, GckObject *wrapper, gulong mech_type, gconstpointer input, gsize n_input, GckAttributes *attrs, GCancellable *cancellable, GError **err) { + GckMechanism mech = { mech_type, NULL, 0 }; + return gck_session_unwrap_key_full (self, wrapper, &mech, input, n_input, attrs, cancellable, err); +} + +/** + * gck_session_unwrap_key_full: + * @self: The session to use. + * @wrapper: The key to use for unwrapping. + * @mechanism: The mechanism to use for unwrapping. + * @input: The wrapped data as a byte stream. + * @n_input: The length of the wrapped data. + * @attrs: Additional attributes for the unwrapped key. + * @cancellable: Optional cancellation object, or NULL. + * @err: A location to return an error, or NULL. + * + * Unwrap a key from a byte stream. This call may block for an + * indefinite period. + * + * Return value: The new unwrapped key or NULL if the operation failed. + **/ +GckObject* +gck_session_unwrap_key_full (GckSession *self, GckObject *wrapper, GckMechanism *mechanism, + gconstpointer input, gsize n_input, GckAttributes *attrs, + GCancellable *cancellable, GError **err) +{ UnwrapKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, input, n_input, 0 }; gboolean ret; @@ -1713,9 +1659,31 @@ perform_derive_key (DeriveKey *args) * Return value: The new derived key or NULL if the operation failed. **/ GckObject* -gck_session_derive_key (GckSession *self, GckObject *base, GckMechanism *mechanism, +gck_session_derive_key (GckSession *self, GckObject *base, gulong mech_type, GckAttributes *attrs, GCancellable *cancellable, GError **err) { + GckMechanism mech = { mech_type, NULL, 0 }; + return gck_session_derive_key_full (self, base, &mech, attrs, cancellable, err); +} + +/** + * gck_session_derive_key_full: + * @self: The session to use. + * @base: The key to derive from. + * @mechanism: The mechanism to use for derivation. + * @attrs: Additional attributes for the derived key. + * @cancellable: Optional cancellation object, or NULL. + * @err: A location to return an error, or NULL. + * + * Derive a key from another key. This call may block for an + * indefinite period. + * + * Return value: The new derived key or NULL if the operation failed. + **/ +GckObject* +gck_session_derive_key_full (GckSession *self, GckObject *base, GckMechanism *mechanism, + GckAttributes *attrs, GCancellable *cancellable, GError **err) +{ DeriveKey args = { GCK_ARGUMENTS_INIT, mechanism, attrs, 0, 0 }; gboolean ret; @@ -2155,10 +2123,10 @@ crypt_finish (GckSession *self, GAsyncResult *result, gsize *n_result, GError ** */ guchar* gck_session_encrypt (GckSession *self, GckObject *key, gulong mech_type, const guchar *input, - gsize n_input, gsize *n_result, GError **err) + gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err) { GckMechanism mechanism = { mech_type, NULL, 0 }; - return gck_session_encrypt_full (self, key, &mechanism, input, n_input, n_result, NULL, err); + return gck_session_encrypt_full (self, key, &mechanism, input, n_input, n_result, cancellable, err); } /** @@ -2272,10 +2240,10 @@ gck_session_encrypt_finish (GckSession *self, GAsyncResult *result, gsize *n_res */ guchar* gck_session_decrypt (GckSession *self, GckObject *key, gulong mech_type, const guchar *input, - gsize n_input, gsize *n_result, GError **err) + gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err) { GckMechanism mechanism = { mech_type, NULL, 0 }; - return gck_session_decrypt_full (self, key, &mechanism, input, n_input, n_result, NULL, err); + return gck_session_decrypt_full (self, key, &mechanism, input, n_input, n_result, cancellable, err); } /** @@ -2387,7 +2355,7 @@ gck_session_decrypt_finish (GckSession *self, GAsyncResult *result, */ guchar* gck_session_sign (GckSession *self, GckObject *key, gulong mech_type, const guchar *input, - gsize n_input, gsize *n_result, GError **err) + gsize n_input, gsize *n_result, GCancellable *cancellable, GError **err) { GckMechanism mechanism = { mech_type, NULL, 0 }; return gck_session_sign_full (self, key, &mechanism, input, n_input, n_result, NULL, err); @@ -2557,7 +2525,7 @@ free_verify (Verify *args) */ gboolean gck_session_verify (GckSession *self, GckObject *key, gulong mech_type, const guchar *input, - gsize n_input, const guchar *signature, gsize n_signature, GError **err) + gsize n_input, const guchar *signature, gsize n_signature, GCancellable *cancellable, GError **err) { GckMechanism mechanism = { mech_type, NULL, 0 }; return gck_session_verify_full (self, key, &mechanism, input, n_input, diff --git a/gck/gck-slot.c b/gck/gck-slot.c index dd9a1fb7..d8a4a4ef 100644 --- a/gck/gck-slot.c +++ b/gck/gck-slot.c @@ -940,9 +940,9 @@ free_open_session (OpenSession *args) * Return value: A new session or NULL if an error occurs. **/ GckSession* -gck_slot_open_session (GckSlot *self, guint options, GError **err) +gck_slot_open_session (GckSlot *self, guint options, GCancellable *cancellable, GError **err) { - return gck_slot_open_session_full (self, options, 0, NULL, NULL, NULL, err); + return gck_slot_open_session_full (self, options, 0, NULL, NULL, cancellable, err); } /** @@ -510,6 +510,7 @@ gboolean gck_slot_init_token_finish (GckSlot *self, GckSession* gck_slot_open_session (GckSlot *self, guint options, + GCancellable *cancellable, GError **err); GckSession* gck_slot_open_session_full (GckSlot *self, @@ -603,11 +604,6 @@ guint gck_session_get_options (GckSession *self); gboolean gck_session_init_pin (GckSession *self, const guchar *pin, gsize n_pin, - GError **err); - -gboolean gck_session_init_pin_full (GckSession *self, - const guchar *pin, - gsize n_pin, GCancellable *cancellable, GError **err); @@ -627,13 +623,6 @@ gboolean gck_session_set_pin (GckSession *self, gsize n_old_pin, const guchar *new_pin, gsize n_new_pin, - GError **err); - -gboolean gck_session_set_pin_full (GckSession *self, - const guchar *old_pin, - gsize n_old_pin, - const guchar *new_pin, - gsize n_new_pin, GCancellable *cancellable, GError **err); @@ -654,12 +643,6 @@ gboolean gck_session_login (GckSession *self, gulong user_type, const guchar *pin, gsize n_pin, - GError **err); - -gboolean gck_session_login_full (GckSession *self, - gulong user_type, - const guchar *pin, - gsize n_pin, GCancellable *cancellable, GError **err); @@ -676,9 +659,6 @@ gboolean gck_session_login_finish (GckSession *self, GError **err); gboolean gck_session_logout (GckSession *self, - GError **err); - -gboolean gck_session_logout_full (GckSession *self, GCancellable *cancellable, GError **err); @@ -741,6 +721,15 @@ GckObject* gck_session_generate_key_finish (GckSession *self, #endif /* UNIMPLEMENTED */ +gboolean gck_session_generate_key_pair (GckSession *self, + gulong mech_type, + GckAttributes *public_attrs, + GckAttributes *private_attrs, + GckObject **public_key, + GckObject **private_key, + GCancellable *cancellable, + GError **err); + gboolean gck_session_generate_key_pair_full (GckSession *self, GckMechanism *mechanism, GckAttributes *public_attrs, @@ -770,6 +759,7 @@ guchar* gck_session_encrypt (GckSession *self, const guchar *input, gsize n_input, gsize *n_result, + GCancellable *cancellable, GError **err); guchar* gck_session_encrypt_full (GckSession *self, @@ -801,6 +791,7 @@ guchar* gck_session_decrypt (GckSession *self, const guchar *input, gsize n_input, gsize *n_result, + GCancellable *cancellable, GError **err); guchar* gck_session_decrypt_full (GckSession *self, @@ -864,6 +855,7 @@ guchar* gck_session_sign (GckSession *self, const guchar *input, gsize n_input, gsize *n_result, + GCancellable *cancellable, GError **err); guchar* gck_session_sign_full (GckSession *self, @@ -931,6 +923,7 @@ gboolean gck_session_verify (GckSession *self, gsize n_input, const guchar *signature, gsize n_signature, + GCancellable *cancellable, GError **err); gboolean gck_session_verify_full (GckSession *self, @@ -998,6 +991,7 @@ gpointer gck_session_wrap_key (GckSession *self, gulong mech_type, GckObject *wrapped, gsize *n_result, + GCancellable *cancellable, GError **err); gpointer gck_session_wrap_key_full (GckSession *self, @@ -1023,6 +1017,15 @@ gpointer gck_session_wrap_key_finish (GckSession *self, GckObject* gck_session_unwrap_key (GckSession *self, GckObject *wrapper, + gulong mech_type, + gconstpointer input, + gsize n_input, + GckAttributes *attrs, + GCancellable *cancellable, + GError **err); + +GckObject* gck_session_unwrap_key_full (GckSession *self, + GckObject *wrapper, GckMechanism *mechanism, gconstpointer input, gsize n_input, @@ -1046,6 +1049,13 @@ GckObject* gck_session_unwrap_key_finish (GckSession *self, GckObject* gck_session_derive_key (GckSession *self, GckObject *base, + gulong mech_type, + GckAttributes *attrs, + GCancellable *cancellable, + GError **err); + +GckObject* gck_session_derive_key_full (GckSession *self, + GckObject *base, GckMechanism *mechanism, GckAttributes *attrs, GCancellable *cancellable, @@ -1125,6 +1135,7 @@ gchar* gck_object_build_uri_finish (GckObject *self, #ifdef UNIMPLEMENTED GckObject* gck_object_copy (GckObject *self, + GCancellable *cancellable, GError **err); GckObject* gck_object_copy_full (GckObject *self, @@ -1145,9 +1156,6 @@ GckObject* gck_object_copy_finish (GckObject *self, #endif /* UNIMPLEMENTED */ gboolean gck_object_destroy (GckObject *self, - GError **err); - -gboolean gck_object_destroy_full (GckObject *self, GCancellable *cancellable, GError **err); @@ -1163,9 +1171,6 @@ gboolean gck_object_destroy_finish (GckObject *self, #if UNIMPLEMENTED gssize gck_object_get_size (GckObject *self, - GError **err); - -gssize gck_object_get_size_full (GckObject *self, GCancellable *cancellable, GError **err); @@ -1195,16 +1200,19 @@ gboolean gck_object_set_finish (GckObject *self, GError **err); GckAttributes* gck_object_get (GckObject *self, + GCancellable *cancellable, GError **err, ...); GckAttributes* gck_object_get_full (GckObject *self, - GckAttributes *attrs, + gulong *attr_types, + guint n_attr_types, GCancellable *cancellable, GError **err); void gck_object_get_async (GckObject *self, - GckAttributes *attrs, + gulong *attr_types, + guint n_attr_types, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data); @@ -1215,6 +1223,7 @@ GckAttributes* gck_object_get_finish (GckObject *self, gpointer gck_object_get_data (GckObject *self, gulong attr_type, + GCancellable *cancellable, gsize *n_data, GError **err); @@ -1240,11 +1249,6 @@ gpointer gck_object_get_data_finish (GckObject *self, gboolean gck_object_set_template (GckObject *self, gulong attr_type, GckAttributes *attrs, - GError **err); - -gboolean gck_object_set_template_full (GckObject *self, - gulong attr_type, - GckAttributes *attrs, GCancellable *cancellable, GError **err); @@ -1261,10 +1265,6 @@ gboolean gck_object_set_template_finish (GckObject *self, GckAttributes* gck_object_get_template (GckObject *self, gulong attr_type, - GError **err); - -GckAttributes* gck_object_get_template_full (GckObject *self, - gulong attr_type, GCancellable *cancellable, GError **err); diff --git a/gck/tests/test-gck-crypto.c b/gck/tests/test-gck-crypto.c index 631e327f..b8b99e44 100644 --- a/gck/tests/test-gck-crypto.c +++ b/gck/tests/test-gck-crypto.c @@ -32,7 +32,7 @@ DEFINE_SETUP(crypto_session) slots = gck_module_get_slots (module, TRUE); g_assert (slots != NULL); - session = gck_slot_open_session (slots->data, 0, &err); + session = gck_slot_open_session (slots->data, 0, NULL, &err); SUCCESS_RES(session, err); slot = gck_session_get_slot (session); @@ -78,7 +78,7 @@ find_key (GckSession *session, CK_ATTRIBUTE_TYPE method, CK_MECHANISM_TYPE mech) for (l = objects; l; l = g_list_next (l)) { if (mech) { - mechs = gck_object_get_data (l->data, CKA_ALLOWED_MECHANISMS, &n_mechs, NULL); + mechs = gck_object_get_data (l->data, CKA_ALLOWED_MECHANISMS, NULL, &n_mechs, NULL); g_assert (mechs); g_assert (n_mechs == sizeof (CK_MECHANISM_TYPE)); /* We know all of them only have one allowed mech */ @@ -119,7 +119,7 @@ check_key_with_value (GckSession *session, GckObject *key, CK_OBJECT_CLASS klass GckAttribute *attr; gulong check; - attrs = gck_object_get (key, NULL, CKA_CLASS, CKA_VALUE, GCK_INVALID); + attrs = gck_object_get (key, NULL, NULL, CKA_CLASS, CKA_VALUE, GCK_INVALID); g_assert (attrs); if (!gck_attributes_find_ulong (attrs, CKA_CLASS, &check)) @@ -163,14 +163,7 @@ DEFINE_TEST(encrypt) g_assert (key); /* Simple one */ - output = gck_session_encrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"blah blah", 10, &n_output, &error); - SUCCESS_RES (output, error); - g_assert (n_output == 10); - g_assert_cmpstr ((gchar*)output, ==, "BLAH BLAH"); - g_free (output); - - /* Full one */ - output = gck_session_encrypt_full (session, key, mech, (const guchar*)"blah blah", 10, &n_output, NULL, &error); + output = gck_session_encrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"blah blah", 10, &n_output, NULL, &error); SUCCESS_RES (output, error); g_assert (n_output == 10); g_assert_cmpstr ((gchar*)output, ==, "BLAH BLAH"); @@ -210,19 +203,12 @@ DEFINE_TEST(decrypt) g_assert (key); /* Simple one */ - output = gck_session_decrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"FRY???", 7, &n_output, &error); + output = gck_session_decrypt (session, key, CKM_MOCK_CAPITALIZE, (const guchar*)"FRY???", 7, &n_output, NULL, &error); SUCCESS_RES (output, error); g_assert (n_output == 7); g_assert_cmpstr ((gchar*)output, ==, "fry???"); g_free (output); - /* Full one */ - output = gck_session_decrypt_full (session, key, mech, (const guchar*)"TENNIS instructor", 18, &n_output, NULL, &error); - SUCCESS_RES (output, error); - g_assert (n_output == 18); - g_assert_cmpstr ((gchar*)output, ==, "tennis instructor"); - g_free (output); - /* Asynchronous one */ gck_session_decrypt_async (session, key, mech, (const guchar*)"FAT CHANCE", 11, NULL, fetch_async_result, &result); @@ -255,7 +241,7 @@ DEFINE_TEST(login_context_specific) g_assert (key); /* Simple one */ - output = gck_session_sign (session, key, CKM_MOCK_PREFIX, (const guchar*)"TV Monster", 11, &n_output, &error); + output = gck_session_sign (session, key, CKM_MOCK_PREFIX, (const guchar*)"TV Monster", 11, &n_output, NULL, &error); g_assert (error && error->code == CKR_USER_NOT_LOGGED_IN); FAIL_RES (output, error); g_assert (output == NULL); @@ -282,19 +268,12 @@ DEFINE_TEST(sign) g_assert (key); /* Simple one */ - output = gck_session_sign (session_with_auth, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10, &n_output, &error); + output = gck_session_sign (session_with_auth, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10, &n_output, NULL, &error); SUCCESS_RES (output, error); g_assert_cmpuint (n_output, ==, 24); g_assert_cmpstr ((gchar*)output, ==, "signed-prefix:Labarbara"); g_free (output); - /* Full one */ - output = gck_session_sign_full (session_with_auth, key, mech, (const guchar*)"Labarbara", 10, &n_output, NULL, &error); - SUCCESS_RES (output, error); - g_assert_cmpuint (n_output, ==, 20); - g_assert_cmpstr ((gchar*)output, ==, "my-prefix:Labarbara"); - g_free (output); - /* Asynchronous one */ gck_session_sign_async (session_with_auth, key, mech, (const guchar*)"Conrad", 7, NULL, fetch_async_result, &result); @@ -332,12 +311,7 @@ DEFINE_TEST(verify) /* Simple one */ ret = gck_session_verify (session, key, CKM_MOCK_PREFIX, (const guchar*)"Labarbara", 10, - (const guchar*)"signed-prefix:Labarbara", 24, &error); - SUCCESS_RES (ret, error); - - /* Full one */ - ret = gck_session_verify_full (session, key, mech, (const guchar*)"Labarbara", 10, - (const guchar*)"my-prefix:Labarbara", 20, NULL, &error); + (const guchar*)"signed-prefix:Labarbara", 24, NULL, &error); SUCCESS_RES (ret, error); /* Failure one */ @@ -443,7 +417,7 @@ DEFINE_TEST(wrap_key) wrapped = find_key_with_value (session, "value"); /* Simple One */ - output = gck_session_wrap_key (session, wrapper, CKM_MOCK_WRAP, wrapped, &n_output, &error); + output = gck_session_wrap_key (session, wrapper, CKM_MOCK_WRAP, wrapped, &n_output, NULL, &error); SUCCESS_RES (output, error); g_assert (output); g_assert_cmpsize (n_output, ==, 5); @@ -507,7 +481,7 @@ DEFINE_TEST(unwrap_key) gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY); /* Full One*/ - unwrapped = gck_session_unwrap_key (session, wrapper, mech, "special", 7, attrs, NULL, &error); + unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error); SUCCESS_RES (unwrapped, error); g_assert (GCK_IS_OBJECT (unwrapped)); check_key_with_value (session, unwrapped, CKO_SECRET_KEY, "special"); @@ -515,7 +489,7 @@ DEFINE_TEST(unwrap_key) /* Failure one */ mech->type = 0; - unwrapped = gck_session_unwrap_key (session, wrapper, mech, "special", 7, attrs, NULL, &error); + unwrapped = gck_session_unwrap_key_full (session, wrapper, mech, "special", 7, attrs, NULL, &error); FAIL_RES (unwrapped, error); /* Asynchronous one */ @@ -559,7 +533,7 @@ DEFINE_TEST(derive_key) gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY); /* Full One*/ - derived = gck_session_derive_key (session, wrapper, mech, attrs, NULL, &error); + derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error); SUCCESS_RES (derived, error); g_assert (GCK_IS_OBJECT (derived)); check_key_with_value (session, derived, CKO_SECRET_KEY, "derived"); @@ -567,7 +541,7 @@ DEFINE_TEST(derive_key) /* Failure one */ mech->type = 0; - derived = gck_session_derive_key (session, wrapper, mech, attrs, NULL, &error); + derived = gck_session_derive_key_full (session, wrapper, mech, attrs, NULL, &error); FAIL_RES (derived, error); /* Asynchronous one */ diff --git a/gck/tests/test-gck-object.c b/gck/tests/test-gck-object.c index 8c9079a8..08266fc5 100644 --- a/gck/tests/test-gck-object.c +++ b/gck/tests/test-gck-object.c @@ -29,7 +29,7 @@ DEFINE_SETUP(prep_object) g_object_ref (slot); gck_list_unref_free (slots); - session = gck_slot_open_session (slot, 0, &err); + session = gck_slot_open_session (slot, 0, NULL, &err); SUCCESS_RES(session, err); /* Our module always exports a token object with this */ @@ -73,7 +73,7 @@ DEFINE_TEST(object_equals_hash) g_assert (gck_object_equal (object, object)); other_slot = g_object_new (GCK_TYPE_SLOT, "module", module, "handle", GCK_MOCK_SLOT_TWO_ID, NULL); - other_session = gck_slot_open_session (other_slot, 0, &err); + other_session = gck_slot_open_session (other_slot, 0, NULL, &err); SUCCESS_RES (other_session, err); other_object = gck_object_from_handle (other_session, gck_object_get_handle (object)); g_assert (!gck_object_equal (object, other_object)); @@ -157,16 +157,7 @@ DEFINE_TEST(destroy_object) SUCCESS_RES (object, err); g_assert (GCK_IS_OBJECT (object)); - ret = gck_object_destroy (object, &err); - SUCCESS_RES (ret, err); - g_object_unref (object); - - /* Using full */ - object = gck_session_create_object (session, attrs, NULL, &err); - SUCCESS_RES (object, err); - g_assert (GCK_IS_OBJECT (object)); - - ret = gck_object_destroy_full (object, NULL, &err); + ret = gck_object_destroy (object, NULL, &err); SUCCESS_RES (ret, err); g_object_unref (object); @@ -189,13 +180,17 @@ DEFINE_TEST(destroy_object) DEFINE_TEST(get_attributes) { GAsyncResult *result = NULL; - GckAttributes *attrs, *attrs_ret; + GckAttributes *attrs; + gulong attr_types[2]; GError *err = NULL; gulong klass; gchar *value = NULL; + attr_types[0] = CKA_CLASS; + attr_types[1] = CKA_LABEL; + /* Simple */ - attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); + attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); SUCCESS_RES (attrs, err); if (attrs != NULL) { g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA); @@ -205,11 +200,9 @@ DEFINE_TEST(get_attributes) gck_attributes_unref (attrs); /* Full */ - attrs = gck_attributes_new_empty (CKA_CLASS, CKA_LABEL, GCK_INVALID); - attrs_ret = gck_object_get_full (object, attrs, NULL, &err); - SUCCESS_RES (attrs_ret, err); - if (attrs_ret != NULL) { - g_assert (attrs_ret == attrs); + attrs = gck_object_get_full (object, attr_types, G_N_ELEMENTS (attr_types), NULL, &err); + SUCCESS_RES (attrs, err); + if (attrs != NULL) { g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA); g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "TEST LABEL") == 0); g_free (value); value = NULL; @@ -217,16 +210,14 @@ DEFINE_TEST(get_attributes) gck_attributes_unref (attrs); /* Async */ - attrs = gck_attributes_new_empty (CKA_CLASS, CKA_LABEL, GCK_INVALID); - gck_object_get_async (object, attrs, NULL, fetch_async_result, &result); + gck_object_get_async (object, attr_types, G_N_ELEMENTS (attr_types), NULL, fetch_async_result, &result); testing_wait_until (500); g_assert (result != NULL); - attrs_ret = gck_object_get_finish (object, result, &err); + attrs = gck_object_get_finish (object, result, &err); g_object_unref (result); SUCCESS_RES (attrs, err); if (attrs != NULL) { - g_assert (attrs_ret == attrs); g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == CKO_DATA); g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "TEST LABEL") == 0); g_free (value); value = NULL; @@ -242,7 +233,7 @@ DEFINE_TEST(get_data_attribute) GError *err = NULL; /* Simple */ - klass = gck_object_get_data (object, CKA_CLASS, &n_data, &err); + klass = gck_object_get_data (object, CKA_CLASS, NULL, &n_data, &err); SUCCESS_RES (klass, err); if (klass != NULL) { g_assert (n_data == sizeof (CK_OBJECT_CLASS)); @@ -293,7 +284,7 @@ DEFINE_TEST(set_attributes) gck_attributes_unref (templ); SUCCESS_RES (ret, err); if (ret) { - attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); + attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == 6); g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "CHANGE TWO") == 0); g_free (value); value = NULL; @@ -313,7 +304,7 @@ DEFINE_TEST(set_attributes) g_object_unref (result); SUCCESS_RES (ret, err); if (ret) { - attrs = gck_object_get (object, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); + attrs = gck_object_get (object, NULL, &err, CKA_CLASS, CKA_LABEL, GCK_INVALID); g_assert (gck_attributes_find_ulong (attrs, CKA_CLASS, &klass) && klass == 7); g_assert (gck_attributes_find_string (attrs, CKA_LABEL, &value) && strcmp (value, "CHANGE THREE") == 0); g_free (value); value = NULL; diff --git a/gck/tests/test-gck-session.c b/gck/tests/test-gck-session.c index f9b8eb76..4fcc464d 100644 --- a/gck/tests/test-gck-session.c +++ b/gck/tests/test-gck-session.c @@ -28,7 +28,7 @@ DEFINE_SETUP(load_session) g_object_ref (slot); gck_list_unref_free (slots); - session = gck_slot_open_session (slot, 0, &err); + session = gck_slot_open_session (slot, 0, NULL, &err); SUCCESS_RES(session, err); } @@ -82,7 +82,7 @@ DEFINE_TEST(open_close_session) GAsyncResult *result = NULL; GError *err = NULL; - sess = gck_slot_open_session (slot, 0, &err); + sess = gck_slot_open_session (slot, 0, NULL, &err); SUCCESS_RES (sess, err); g_object_unref (sess); @@ -108,11 +108,11 @@ DEFINE_TEST(init_set_pin) gboolean ret; /* init pin */ - ret = gck_session_init_pin (session, (guchar*)"booo", 4, &err); + ret = gck_session_init_pin (session, (guchar*)"booo", 4, NULL, &err); SUCCESS_RES (ret, err); /* set pin */ - ret = gck_session_set_pin (session, (guchar*)"booo", 4, (guchar*)"tooo", 4, &err); + ret = gck_session_set_pin (session, (guchar*)"booo", 4, (guchar*)"tooo", 4, NULL, &err); SUCCESS_RES (ret, err); /* init pin async */ @@ -142,17 +142,10 @@ DEFINE_TEST(login_logout) gboolean ret; /* login/logout */ - ret = gck_session_login (session, CKU_USER, (guchar*)"booo", 4, &err); + ret = gck_session_login (session, CKU_USER, (guchar*)"booo", 4, NULL, &err); SUCCESS_RES (ret, err); - ret = gck_session_logout (session, &err); - SUCCESS_RES (ret, err); - - /* login/logout full */ - ret = gck_session_login_full (session, CKU_USER, (guchar*)"booo", 4, NULL, &err); - SUCCESS_RES (ret, err); - - ret = gck_session_logout_full (session, NULL, &err); + ret = gck_session_logout (session, NULL, &err); SUCCESS_RES (ret, err); /* login async */ @@ -214,7 +207,7 @@ DEFINE_TEST(auto_login) /* Setup for auto login */ g_signal_connect (module, "authenticate-slot", G_CALLBACK (authenticate_token), GUINT_TO_POINTER (35)); - new_session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_LOGIN_USER, &err); + new_session = gck_slot_open_session (slot, GCK_SESSION_READ_WRITE | GCK_SESSION_LOGIN_USER, NULL, &err); SUCCESS_RES (new_session, err); /* Try again to do something that requires a login */ @@ -223,7 +216,7 @@ DEFINE_TEST(auto_login) g_object_unref (object); /* We should now be logged in, try to log out */ - ret = gck_session_logout (new_session, &err); + ret = gck_session_logout (new_session, NULL, &err); SUCCESS_RES (ret, err); g_object_unref (new_session); @@ -246,7 +239,7 @@ DEFINE_TEST(auto_login) g_object_unref (object); /* We should now be logged in, try to log out */ - ret = gck_session_logout (new_session, &err); + ret = gck_session_logout (new_session, NULL, &err); SUCCESS_RES (ret, err); g_object_unref (new_session); diff --git a/tool/gkr-tool-import.c b/tool/gkr-tool-import.c index 3c3f4888..f9355958 100644 --- a/tool/gkr-tool-import.c +++ b/tool/gkr-tool-import.c @@ -42,15 +42,20 @@ static GOptionEntry import_entries[] = { static void on_imported (GcrImporter *importer, GckObject *object) { + gulong attr_types[3]; GckAttributes *attrs; GckAttribute *id; CK_OBJECT_CLASS klass; const gchar *message; GError *err = NULL; gchar *label, *hex; - - attrs = gck_attributes_new_empty (CKA_LABEL, CKA_CLASS, CKA_ID, GCK_INVALID); - if (!gck_object_get_full (object, attrs, NULL, &err)) { + + attr_types[0] = CKA_LABEL; + attr_types[1] = CKA_CLASS; + attr_types[2] = CKA_ID; + + attrs = gck_object_get_full (object, attr_types, G_N_ELEMENTS (attr_types), NULL, &err); + if (attrs == NULL) { gkr_tool_handle_error (&err, "couldn't get imported object info"); return; } |