summaryrefslogtreecommitdiff
path: root/ckcapi-builtin.c
diff options
context:
space:
mode:
Diffstat (limited to 'ckcapi-builtin.c')
-rw-r--r--ckcapi-builtin.c42
1 files changed, 26 insertions, 16 deletions
diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c
index 6788701..26e9cd9 100644
--- a/ckcapi-builtin.c
+++ b/ckcapi-builtin.c
@@ -46,9 +46,16 @@ static const CK_ATTRIBUTE builtin_root[] = {
{ CK_END_LIST, NULL, 0 }
};
-static const CK_ATTRIBUTE_PTR all_builtins[] = {
- (CK_ATTRIBUTE_PTR)&builtin_root,
- NULL,
+typedef struct _BuiltinMatch
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ULONG slot_flags;
+}
+BuiltinMatch;
+
+static const BuiltinMatch all_builtins[] = {
+ { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA },
+ { NULL, 0 }
};
/* This is filled in later */
@@ -68,7 +75,7 @@ typedef struct _BuiltinObject
* laid out together in memory.
*/
unsigned int otype;
- CK_ULONG builtin_index;
+ CK_ATTRIBUTE_PTR attr;
}
BuiltinObject;
@@ -144,14 +151,12 @@ builtin_load_data(CkCapiSession* sess, CkCapiObject* obj, CkCapiObjectData** obj
ASSERT(objdata);
ASSERT(num_builtins > 0);
- if(bobj->builtin_index > num_builtins)
- return CKR_OBJECT_HANDLE_INVALID;
-
bdata = (BuiltinObjectData*)calloc(sizeof(BuiltinObjectData), 1);
if(!bdata)
return CKR_HOST_MEMORY;
- bdata->attr = all_builtins[bobj->builtin_index];
+ /* Simple, just use same data */
+ bdata->attr = bobj->attr;
bdata->base.object = obj->id;
bdata->base.data_funcs = &builtin_objdata_vtable;
@@ -174,7 +179,7 @@ static const CkCapiObjectVtable builtin_object_vtable = {
};
static CK_RV
-register_builtin_object(CkCapiSession* sess, CK_ULONG index, CkCapiObject** obj)
+register_builtin_object(CkCapiSession* sess, CK_ATTRIBUTE_PTR attr, CkCapiObject** obj)
{
BuiltinObject* bobj;
CK_RV ret;
@@ -184,14 +189,14 @@ register_builtin_object(CkCapiSession* sess, CK_ULONG index, CkCapiObject** obj)
return CKR_HOST_MEMORY;
bobj->otype = OBJECT_BUILTIN;
- bobj->builtin_index = index;
+ bobj->attr = attr;
bobj->obj.id = 0;
bobj->obj.obj_funcs = &builtin_object_vtable;
bobj->obj.unique_key = UNIQUE_KEY_AT(bobj, otype);
- bobj->obj.unique_len = UNIQUE_KEY_LEN(bobj, otype, builtin_index);
+ bobj->obj.unique_len = UNIQUE_KEY_LEN(bobj, otype, attr);
- ret = ckcapi_object_register(sess, &(bobj->obj));
+ ret = ckcapi_token_register_object(sess->slot, &(bobj->obj));
if(ret != CKR_OK)
{
free(bobj);
@@ -210,12 +215,12 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m
CkCapiObject* obj;
BuiltinObjectData bdata;
CK_RV ret = CKR_OK;
- CK_ULONG i;
+ CK_ULONG i, fl;
/* First time around count total number */
if(!num_builtins)
{
- while(all_builtins[num_builtins])
+ while(all_builtins[num_builtins].attr)
++num_builtins;
ASSERT(num_builtins > 0);
}
@@ -223,13 +228,18 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m
/* Match each certificate */
for(i = 0; i < num_builtins; ++i)
{
- bdata.attr = all_builtins[i];
+ /* Only apply built in objects to appropriate slots */
+ fl = ckcapi_token_get_flags(sess->slot) & all_builtins[i].slot_flags;
+ if(fl != all_builtins[i].slot_flags)
+ continue;
+
+ bdata.attr = all_builtins[i].attr;
bdata.base.object = 0;
bdata.base.data_funcs = &builtin_objdata_vtable;
if(ckcapi_object_data_match(&bdata.base, match, count))
{
- ret = register_builtin_object(sess, i, &obj);
+ ret = register_builtin_object(sess, all_builtins[i].attr, &obj);
if(ret != CKR_OK)
break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 21:56:33 +0000