[pkcs11] Add schema attribute to secret items.

This will be used for the Type secret API property.

6 files changed, 112 insertions, 45 deletions

diff --git a/pkcs11/secret-store/gck-secret-binary.c b/pkcs11/secret-store/gck-secret-binary.c
index bf4474e5..6e685947 100644
--- a/pkcs11/secret-store/gck-secret-binary.c
+++ b/pkcs11/secret-store/gck-secret-binary.c
@@ -543,12 +543,12 @@ generate_hashed_items (GckSecretCollection *collection, EggBuffer *buffer)
 			continue;
 		}
 		egg_buffer_add_uint32 (buffer, id);
-		
-		attributes = gck_secret_item_get_fields (l->data);
-		value = g_hash_table_lookup (attributes, "gkr:item-type");
+
+		value = gck_secret_item_get_schema (l->data);
 		type = gck_secret_compat_parse_item_type (value);
 		egg_buffer_add_uint32 (buffer, type);
-		
+
+		attributes = gck_secret_item_get_fields (l->data);
 		buffer_add_attributes (buffer, attributes, TRUE);
 	}
 	
@@ -736,7 +736,7 @@ setup_item_from_info (GckSecretItem *item, GckSecretData *data, ItemInfo *info)
 	gck_secret_object_set_modified (obj, info->mtime);
 	
 	type = gck_secret_compat_format_item_type (info->type);
-	gck_secret_fields_add (info->attributes, "gkr:item-type", type);
+	gck_secret_item_set_schema (item, type);
 	gck_secret_item_set_fields (item, info->attributes);
 
 	/* Collection is locked */
diff --git a/pkcs11/secret-store/gck-secret-compat.c b/pkcs11/secret-store/gck-secret-compat.c
index 10c4851a..17837fcf 100644
--- a/pkcs11/secret-store/gck-secret-compat.c
+++ b/pkcs11/secret-store/gck-secret-compat.c
@@ -50,17 +50,17 @@ gck_secret_compat_parse_item_type (const gchar *value)
 {
 	if (value == NULL)
 		return 0; /* The default */
-	if (strcmp (value, "generic-secret") == 0)
+	if (strcmp (value, "org.freedesktop.Secret.Generic") == 0)
 		return 0; /* GNOME_KEYRING_ITEM_GENERIC_SECRET */
-	if (strcmp (value, "network-password") == 0)
+	if (strcmp (value, "org.gnome.keyring.NetworkPassword") == 0)
 		return 1; /* GNOME_KEYRING_ITEM_NETWORK_PASSWORD */
-	if (strcmp (value, "note") == 0)
+	if (strcmp (value, "org.gnome.keyring.Note") == 0)
 		return 2; /* GNOME_KEYRING_ITEM_NOTE */
-	if (strcmp (value, "chained-keyring-password") == 0)
+	if (strcmp (value, "org.gnome.keyring.ChainedKeyring") == 0)
 		return 3; /* GNOME_KEYRING_ITEM_CHAINED_KEYRING_PASSWORD */
-	if (strcmp (value, "encryption-key-password") == 0)
+	if (strcmp (value, "org.gnome.keyring.EncryptionKey") == 0)
 		return 4; /* GNOME_KEYRING_ITEM_ENCRYPTION_KEY_PASSWORD */
-	if (strcmp (value, "pk-storage") == 0)
+	if (strcmp (value, "org.gnome.keyring.PkStorage") == 0)
 		return 0x100; /* GNOME_KEYRING_ITEM_PK_STORAGE */
 
 	/* The default: GNOME_KEYRING_ITEM_GENERIC_SECRET */
@@ -74,17 +74,17 @@ gck_secret_compat_format_item_type (guint value)
 	switch (value & 0x0000ffff)
 	{
 	case 0: /* GNOME_KEYRING_ITEM_GENERIC_SECRET */
-		return "generic-secret";
+		return "org.freedesktop.Secret.Generic";
 	case 1: /* GNOME_KEYRING_ITEM_NETWORK_PASSWORD */
-		return "network-password";
+		return "org.gnome.keyring.NetworkPassword";
 	case 2: /* GNOME_KEYRING_ITEM_NOTE */
-		return "note";
+		return "org.gnome.keyring.Note";
 	case 3: /* GNOME_KEYRING_ITEM_CHAINED_KEYRING_PASSWORD */
-		return "chained-keyring-password";
+		return "org.gnome.keyring.ChainedKeyring";
 	case 4: /* GNOME_KEYRING_ITEM_ENCRYPTION_KEY_PASSWORD */
-		return "encryption-key-password";
+		return "org.gnome.keyring.EncryptionKey";
 	case 0x100: /* GNOME_KEYRING_ITEM_PK_STORAGE */
-		return "pk-storage";
+		return "org.gnome.keyring.PkStorage";
 	default:
 		return NULL;
 	};
diff --git a/pkcs11/secret-store/gck-secret-item.c b/pkcs11/secret-store/gck-secret-item.c
index 238998dc..90086ad6 100644
--- a/pkcs11/secret-store/gck-secret-item.c
+++ b/pkcs11/secret-store/gck-secret-item.c
@@ -38,12 +38,14 @@
 enum {
 	PROP_0,
 	PROP_COLLECTION,
-	PROP_FIELDS
+	PROP_FIELDS,
+	PROP_SCHEMA
 };
 
 struct _GckSecretItem {
 	GckSecretObject parent;
 	GHashTable *fields;
+	gchar *schema;
 	GckSecretCollection *collection;
 };
 
@@ -54,6 +56,37 @@ G_DEFINE_TYPE (GckSecretItem, gck_secret_item, GCK_TYPE_SECRET_OBJECT);
  */
 
 static gboolean
+complete_set_schema (GckTransaction *transaction, GObject *obj, gpointer user_data)
+{
+	GckSecretItem *self = GCK_SECRET_ITEM (obj);
+	gchar *old_schema = user_data;
+
+	if (gck_transaction_get_failed (transaction)) {
+		g_free (self->schema);
+		self->schema = old_schema;
+	} else {
+		gck_object_notify_attribute (GCK_OBJECT (obj), CKA_G_SCHEMA);
+		g_object_notify (G_OBJECT (obj), "schema");
+		gck_secret_object_was_modified (GCK_SECRET_OBJECT (self));
+		g_free (old_schema);
+	}
+
+	return TRUE;
+}
+
+static void
+begin_set_schema (GckSecretItem *self, GckTransaction *transaction, gchar *schema)
+{
+	g_assert (GCK_IS_SECRET_OBJECT (self));
+	g_assert (!gck_transaction_get_failed (transaction));
+
+	if (self->schema != schema) {
+		gck_transaction_add (transaction, self, complete_set_schema, self->schema);
+		self->schema = schema;
+	}
+}
+
+static gboolean
 complete_set_secret (GckTransaction *transaction, GObject *obj, gpointer user_data)
 {
 	GckSecretItem *self = GCK_SECRET_ITEM (obj);
@@ -198,6 +231,9 @@ gck_secret_item_real_get_attribute (GckObject *base, GckSession *session, CK_ATT
 		if (!self->fields)
 			return gck_attribute_set_data (attr, NULL, 0);
 		return gck_secret_fields_serialize (attr, self->fields);
+
+	case CKA_G_SCHEMA:
+		return gck_attribute_set_string (attr, self->schema);
 	}
 
 	return GCK_OBJECT_CLASS (gck_secret_item_parent_class)->get_attribute (base, session, attr);
@@ -212,6 +248,7 @@ gck_secret_item_real_set_attribute (GckObject *base, GckSession *session,
 	GckSecretData *sdata;
 	GHashTable *fields;
 	GckSecret *secret;
+	gchar *schema;
 	CK_RV rv;
 
 	if (!self->collection) {
@@ -243,6 +280,13 @@ gck_secret_item_real_set_attribute (GckObject *base, GckSession *session,
 		else
 			begin_set_fields (self, transaction, fields);
 		return;
+
+	case CKA_G_SCHEMA:
+		rv = gck_attribute_get_string (attr, &schema);
+		if (rv != CKR_OK)
+			gck_transaction_fail (transaction, rv);
+		else
+			begin_set_schema (self, transaction, schema);
 	}
 
 	GCK_OBJECT_CLASS (gck_secret_item_parent_class)->set_attribute (base, session, transaction, attr);
@@ -282,6 +326,9 @@ gck_secret_item_set_property (GObject *obj, guint prop_id, const GValue *value,
 	case PROP_FIELDS:
 		gck_secret_item_set_fields (self, g_value_get_boxed (value));
 		break;
+	case PROP_SCHEMA:
+		gck_secret_item_set_schema (self, g_value_get_string (value));
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
 		break;
@@ -301,6 +348,9 @@ gck_secret_item_get_property (GObject *obj, guint prop_id, GValue *value,
 	case PROP_FIELDS:
 		g_value_set_boxed (value, gck_secret_item_get_fields (self));
 		break;
+	case PROP_SCHEMA:
+		g_value_set_string (value, gck_secret_item_get_schema (self));
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
 		break;
@@ -361,6 +411,10 @@ gck_secret_item_class_init (GckSecretItemClass *klass)
 	g_object_class_install_property (gobject_class, PROP_FIELDS,
 	           g_param_spec_boxed ("fields", "Fields", "Item's fields",
 	                               GCK_BOXED_SECRET_FIELDS, G_PARAM_READWRITE));
+
+	g_object_class_install_property (gobject_class, PROP_SCHEMA,
+	           g_param_spec_string ("schema", "Schema", "Item's type or schema",
+	                                NULL, G_PARAM_READWRITE));
 }
 
 /* -----------------------------------------------------------------------------
@@ -415,3 +469,23 @@ gck_secret_item_set_fields (GckSecretItem *self, GHashTable *fields)
 	g_object_notify (G_OBJECT (self), "fields");
 	gck_object_notify_attribute (GCK_OBJECT (self), CKA_G_FIELDS);
 }
+
+const gchar*
+gck_secret_item_get_schema (GckSecretItem *self)
+{
+	g_return_val_if_fail (GCK_IS_SECRET_ITEM (self), NULL);
+	return self->schema;
+}
+
+void
+gck_secret_item_set_schema (GckSecretItem *self, const gchar *schema)
+{
+	g_return_if_fail (GCK_IS_SECRET_ITEM (self));
+
+	if (schema != self->schema) {
+		g_free (self->schema);
+		self->schema = g_strdup (schema);
+		g_object_notify (G_OBJECT (self), "schema");
+		gck_object_notify_attribute (GCK_OBJECT (self), CKA_G_SCHEMA);
+	}
+}
diff --git a/pkcs11/secret-store/gck-secret-item.h b/pkcs11/secret-store/gck-secret-item.h
index f992cc9d..725e0e2b 100644
--- a/pkcs11/secret-store/gck-secret-item.h
+++ b/pkcs11/secret-store/gck-secret-item.h
@@ -53,4 +53,9 @@ GHashTable*            gck_secret_item_get_fields             (GckSecretItem *se
 void                   gck_secret_item_set_fields             (GckSecretItem *self,
                                                                GHashTable *fields);
 
+const gchar*           gck_secret_item_get_schema             (GckSecretItem *self);
+
+void                   gck_secret_item_set_schema             (GckSecretItem *self,
+                                                               const gchar *type);
+
 #endif /* __GCK_SECRET_ITEM_H__ */
diff --git a/pkcs11/secret-store/gck-secret-textual.c b/pkcs11/secret-store/gck-secret-textual.c
index 44d2f231..029e46a0 100644
--- a/pkcs11/secret-store/gck-secret-textual.c
+++ b/pkcs11/secret-store/gck-secret-textual.c
@@ -279,12 +279,7 @@ generate_item (GKeyFile *file, GckSecretItem *item, GckSecretData *sdata)
 	identifier = gck_secret_object_get_identifier (obj);
 	attributes = gck_secret_item_get_fields (item);
 
-	/* 
-	 * COMPATIBILITY: We no longer have the concept of an item type.
-	 * The gkr:item-type field serves that purpose.
-	 */
-
-	value = gck_secret_fields_get (attributes, "gkr:item-type");
+	value = gck_secret_item_get_schema (item);
 	g_key_file_set_integer (file, identifier, "item-type",
 	                        gck_secret_compat_parse_item_type (value));
 
@@ -334,19 +329,12 @@ parse_item (GKeyFile *file, GckSecretItem *item, GckSecretData *sdata,
 	identifier = gck_secret_object_get_identifier (obj);
 	attributes = gck_secret_item_get_fields (item);
 
-	/* 
-	 * COMPATIBILITY: We no longer have the concept of an item type.
-	 * The gkr:item-type field serves that purpose.
-	 */
-
 	type = g_key_file_get_integer (file, identifier, "item-type", &err);
 	if (err) {
 		g_clear_error (&err);
 		type = 0;
 	}
-
-	gck_secret_fields_add (attributes, "gkr:item-type",
-	                       gck_secret_compat_format_item_type (type));
+	gck_secret_item_set_schema (item, gck_secret_compat_format_item_type (type));
 
 	val = g_key_file_get_string (file, identifier, "display-name", NULL);
 	gck_secret_object_set_label (obj, val);
diff --git a/pkcs11/secret-store/tests/unit-test-secret-compat.c b/pkcs11/secret-store/tests/unit-test-secret-compat.c
index 2d1b34dd..29602033 100644
--- a/pkcs11/secret-store/tests/unit-test-secret-compat.c
+++ b/pkcs11/secret-store/tests/unit-test-secret-compat.c
@@ -66,17 +66,17 @@ DEFINE_TEST(parse_item_type)
 {
 	guint type;
 
-	type = gck_secret_compat_parse_item_type ("generic-secret");
+	type = gck_secret_compat_parse_item_type ("org.freedesktop.Secret.Generic");
 	g_assert_cmpuint (type, ==, 0);
-	type = gck_secret_compat_parse_item_type ("network-password");
+	type = gck_secret_compat_parse_item_type ("org.gnome.keyring.NetworkPassword");
 	g_assert_cmpuint (type, ==, 1);
-	type = gck_secret_compat_parse_item_type ("note");
+	type = gck_secret_compat_parse_item_type ("org.gnome.keyring.Note");
 	g_assert_cmpuint (type, ==, 2);
-	type = gck_secret_compat_parse_item_type ("chained-keyring-password");
+	type = gck_secret_compat_parse_item_type ("org.gnome.keyring.ChainedKeyring");
 	g_assert_cmpuint (type, ==, 3);
-	type = gck_secret_compat_parse_item_type ("encryption-key-password");
+	type = gck_secret_compat_parse_item_type ("org.gnome.keyring.EncryptionKey");
 	g_assert_cmpuint (type, ==, 4);
-	type = gck_secret_compat_parse_item_type ("pk-storage");
+	type = gck_secret_compat_parse_item_type ("org.gnome.keyring.PkStorage");
 	g_assert_cmpuint (type, ==, 0x100);
 
 	/* Invalid returns generic secret */
@@ -93,21 +93,21 @@ DEFINE_TEST(format_item_type)
 	const gchar *type;
 
 	type = gck_secret_compat_format_item_type (0);
-	g_assert_cmpstr (type, ==, "generic-secret");
+	g_assert_cmpstr (type, ==, "org.freedesktop.Secret.Generic");
 	type = gck_secret_compat_format_item_type (1);
-	g_assert_cmpstr (type, ==, "network-password");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.NetworkPassword");
 	type = gck_secret_compat_format_item_type (2);
-	g_assert_cmpstr (type, ==, "note");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.Note");
 	type = gck_secret_compat_format_item_type (3);
-	g_assert_cmpstr (type, ==, "chained-keyring-password");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.ChainedKeyring");
 	type = gck_secret_compat_format_item_type (4);
-	g_assert_cmpstr (type, ==, "encryption-key-password");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.EncryptionKey");
 	type = gck_secret_compat_format_item_type (0x100);
-	g_assert_cmpstr (type, ==, "pk-storage");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.PkStorage");
 
 	/* Higher bits shouldn't make a difference */
 	type = gck_secret_compat_format_item_type (0xF0000001);
-	g_assert_cmpstr (type, ==, "network-password");
+	g_assert_cmpstr (type, ==, "org.gnome.keyring.NetworkPassword");
 
 	/* Unrecognized should be null */
 	type = gck_secret_compat_format_item_type (32);