p11tool: added --set-id and --set-label options

4 files changed, 79 insertions, 0 deletions

diff --git a/src/p11tool-args.def b/src/p11tool-args.def
index 5f8b390b2f..a66f4104e3 100644
--- a/src/p11tool-args.def
+++ b/src/p11tool-args.def
@@ -136,6 +136,20 @@ flag = {
 };
 
 flag = {
+    name      = set-id;
+    descrip   = "Set the CKA_ID (in hex) for the specified by the URL object";
+    doc = "Sets the CKA_ID in the specified by the URL object. The ID should be specified in hexadecimal format without a '0x' prefix.";
+    arg-type  = string;
+};
+
+flag = {
+    name      = set-label;
+    descrip   = "Set the CKA_LABEL for the specified by the URL object";
+    doc = "Sets the CKA_LABEL in the specified by the URL object";
+    arg-type  = string;
+};
+
+flag = {
     name      = label;
     arg-type  = string;
     descrip   = "Sets a label for the write operation";
diff --git a/src/p11tool.c b/src/p11tool.c
index ff1a507c26..2abf23a272 100644
--- a/src/p11tool.c
+++ b/src/p11tool.c
@@ -310,6 +310,10 @@ static void cmd_parser(int argc, char **argv)
 				flags, &cinfo);
 	} else if (HAVE_OPT(EXPORT_PUBKEY)) {
 		pkcs11_export_pubkey(outfile, url, detailed_url, flags, &cinfo);
+	} else if (HAVE_OPT(SET_ID)) {
+		pkcs11_set_id(outfile, url, detailed_url, flags, &cinfo, OPT_ARG(SET_ID));
+	} else if (HAVE_OPT(SET_LABEL)) {
+		pkcs11_set_label(outfile, url, detailed_url, flags, &cinfo, OPT_ARG(SET_LABEL));
 	} else {
 		USAGE(1);
 	}
diff --git a/src/p11tool.h b/src/p11tool.h
index 9acd7732c3..fe72a4a8a0 100644
--- a/src/p11tool.h
+++ b/src/p11tool.h
@@ -54,6 +54,14 @@ void pkcs11_generate(FILE * outfile, const char *url,
 void pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed,
 		     unsigned int flags, common_info_st * info);
 
+void pkcs11_set_id(FILE * outfile, const char *url, int detailed,
+		   unsigned int flags, common_info_st * info,
+		   const char *id);
+
+void pkcs11_set_label(FILE * outfile, const char *url, int detailed,
+		   unsigned int flags, common_info_st * info,
+		   const char *label);
+
 #define PKCS11_TYPE_CRT_ALL 1
 #define PKCS11_TYPE_TRUSTED 2
 #define PKCS11_TYPE_PK 3
diff --git a/src/pkcs11.c b/src/pkcs11.c
index b80b16be5a..8e247b35b6 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -1057,3 +1057,56 @@ pkcs11_get_random(FILE * outfile, const char *url, unsigned bytes,
 
 	return;
 }
+
+static
+void pkcs11_set_val(FILE * outfile, const char *url, int detailed,
+		   unsigned int flags, common_info_st * info,
+		   gnutls_pkcs11_obj_info_t val_type, const char *val)
+{
+	int ret;
+	gnutls_pkcs11_obj_t obj;
+
+	pkcs11_common(info);
+
+	FIX(url, outfile, detailed, info);
+	CHECK_LOGIN_FLAG(flags);
+
+	ret = gnutls_pkcs11_obj_init(&obj);
+	if (ret < 0) {
+		fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
+			gnutls_strerror(ret));
+		exit(1);
+	}
+
+	ret = gnutls_pkcs11_obj_import_url(obj, url, flags);
+	if (ret < 0) {
+		fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
+			gnutls_strerror(ret));
+		exit(1);
+	}
+
+	ret =
+	    gnutls_pkcs11_obj_set_info(obj, val_type, val, strlen(val), flags);
+	if (ret < 0) {
+		fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
+			gnutls_strerror(ret));
+		exit(1);
+	}
+	gnutls_pkcs11_obj_deinit(obj);
+
+	return;
+}
+
+void pkcs11_set_id(FILE * outfile, const char *url, int detailed,
+		   unsigned int flags, common_info_st * info,
+		   const char *id)
+{
+	return pkcs11_set_val(outfile, url, detailed, flags, info, GNUTLS_PKCS11_OBJ_ID_HEX, id);
+}
+
+void pkcs11_set_label(FILE * outfile, const char *url, int detailed,
+		   unsigned int flags, common_info_st * info,
+		   const char *label)
+{
+	return pkcs11_set_val(outfile, url, detailed, flags, info, GNUTLS_PKCS11_OBJ_LABEL, label);
+}