summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ckcapi-builtin.c6
-rw-r--r--ckcapi-token.c15
-rw-r--r--ckcapi-token.h6
-rw-r--r--ckcapi-trust.c7
4 files changed, 21 insertions, 13 deletions
diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c
index 47782ee..cc1cb78 100644
--- a/ckcapi-builtin.c
+++ b/ckcapi-builtin.c
@@ -58,7 +58,7 @@ typedef struct _BuiltinMatch
BuiltinMatch;
static const BuiltinMatch all_builtins[] = {
- { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA },
+ { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS },
{ NULL, 0 }
};
@@ -234,9 +234,9 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m
{
/* Only apply built in objects to appropriate slots */
fl = ckcapi_token_get_flags(sess->slot) & all_builtins[i].slot_flags;
- /* if(fl != all_builtins[i].slot_flags)
+ if(fl != all_builtins[i].slot_flags)
continue;
- */
+
bdata.attr = all_builtins[i].attr;
bdata.base.object = 0;
bdata.base.data_funcs = &builtin_objdata_vtable;
diff --git a/ckcapi-token.c b/ckcapi-token.c
index c0a6977..acebd16 100644
--- a/ckcapi-token.c
+++ b/ckcapi-token.c
@@ -35,13 +35,14 @@ SlotInfo;
#define SLOT_OFFSET 0x00001000
static const SlotInfo slot_info[] = {
- { "My", "Personal Certificates", CKCAPI_SLOT_TRUSTED },
- { "AddressBook", "Address Book Certificates", 0 },
- { "CA", "Certificate Authorities", CKCAPI_SLOT_CA },
- { "Root", "Root Authorities", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA },
- { "Trust", "Trust", 0 },
- { "TrustedPeople", "Trusted People", CKCAPI_SLOT_TRUSTED },
- { "AuthRoot", "Auth Root", 0 },
+ { "My", "Personal Certificates", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CERTS },
+ { "AddressBook", "Address Book Certificates", CKCAPI_SLOT_CERTS },
+ { "CA", "Certificate Authorities", CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS},
+ { "Root", "Root Authorities", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS},
+ { "Trust", "Trust", CKCAPI_SLOT_CERTS },
+ { "TrustedPeople", "Trusted People", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CERTS },
+ { "AuthRoot", "Auth Root", CKCAPI_SLOT_CERTS },
+ { "", "All User Keys", CKCAPI_SLOT_ANYKEY }
};
#define SLOT_TO_OFFSET(slot) \
diff --git a/ckcapi-token.h b/ckcapi-token.h
index 6927241..2024fa6 100644
--- a/ckcapi-token.h
+++ b/ckcapi-token.h
@@ -22,8 +22,10 @@
#include "ckcapi.h"
-#define CKCAPI_SLOT_CA 0x00000001
-#define CKCAPI_SLOT_TRUSTED 0x00000002
+#define CKCAPI_SLOT_CERTS 0x00000001
+#define CKCAPI_SLOT_ANYKEY 0x00000002
+#define CKCAPI_SLOT_CA 0x00000100
+#define CKCAPI_SLOT_TRUSTED 0x00000200
/* Register a new object, a handle will be assigned to obj->id */
CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj);
diff --git a/ckcapi-trust.c b/ckcapi-trust.c
index 2212d42..98c0046 100644
--- a/ckcapi-trust.c
+++ b/ckcapi-trust.c
@@ -520,7 +520,12 @@ ckcapi_trust_find(CkCapiSession* sess, CK_OBJECT_CLASS cls,
CK_RV ret = CKR_OK;
CK_ULONG i;
- if(cls != CKO_NETSCAPE_TRUST)
+ /* We only have trust objects in here */
+ if(cls != CKO_NETSCAPE_TRUST && cls != CKO_ANY)
+ return CKR_OK;
+
+ /* Only work with slots that have certificates */
+ if(!(ckcapi_token_get_flags (sess->slot) & CKCAPI_SLOT_CERTS))
return CKR_OK;
/* Get a list of all certificates */