diff options
Diffstat (limited to 'ckcapi-builtin.c')
-rw-r--r-- | ckcapi-builtin.c | 42 |
1 files changed, 26 insertions, 16 deletions
diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c index 6788701..26e9cd9 100644 --- a/ckcapi-builtin.c +++ b/ckcapi-builtin.c @@ -46,9 +46,16 @@ static const CK_ATTRIBUTE builtin_root[] = { { CK_END_LIST, NULL, 0 } }; -static const CK_ATTRIBUTE_PTR all_builtins[] = { - (CK_ATTRIBUTE_PTR)&builtin_root, - NULL, +typedef struct _BuiltinMatch +{ + CK_ATTRIBUTE_PTR attr; + CK_ULONG slot_flags; +} +BuiltinMatch; + +static const BuiltinMatch all_builtins[] = { + { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA }, + { NULL, 0 } }; /* This is filled in later */ @@ -68,7 +75,7 @@ typedef struct _BuiltinObject * laid out together in memory. */ unsigned int otype; - CK_ULONG builtin_index; + CK_ATTRIBUTE_PTR attr; } BuiltinObject; @@ -144,14 +151,12 @@ builtin_load_data(CkCapiSession* sess, CkCapiObject* obj, CkCapiObjectData** obj ASSERT(objdata); ASSERT(num_builtins > 0); - if(bobj->builtin_index > num_builtins) - return CKR_OBJECT_HANDLE_INVALID; - bdata = (BuiltinObjectData*)calloc(sizeof(BuiltinObjectData), 1); if(!bdata) return CKR_HOST_MEMORY; - bdata->attr = all_builtins[bobj->builtin_index]; + /* Simple, just use same data */ + bdata->attr = bobj->attr; bdata->base.object = obj->id; bdata->base.data_funcs = &builtin_objdata_vtable; @@ -174,7 +179,7 @@ static const CkCapiObjectVtable builtin_object_vtable = { }; static CK_RV -register_builtin_object(CkCapiSession* sess, CK_ULONG index, CkCapiObject** obj) +register_builtin_object(CkCapiSession* sess, CK_ATTRIBUTE_PTR attr, CkCapiObject** obj) { BuiltinObject* bobj; CK_RV ret; @@ -184,14 +189,14 @@ register_builtin_object(CkCapiSession* sess, CK_ULONG index, CkCapiObject** obj) return CKR_HOST_MEMORY; bobj->otype = OBJECT_BUILTIN; - bobj->builtin_index = index; + bobj->attr = attr; bobj->obj.id = 0; bobj->obj.obj_funcs = &builtin_object_vtable; bobj->obj.unique_key = UNIQUE_KEY_AT(bobj, otype); - bobj->obj.unique_len = UNIQUE_KEY_LEN(bobj, otype, builtin_index); + bobj->obj.unique_len = UNIQUE_KEY_LEN(bobj, otype, attr); - ret = ckcapi_object_register(sess, &(bobj->obj)); + ret = ckcapi_token_register_object(sess->slot, &(bobj->obj)); if(ret != CKR_OK) { free(bobj); @@ -210,12 +215,12 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m CkCapiObject* obj; BuiltinObjectData bdata; CK_RV ret = CKR_OK; - CK_ULONG i; + CK_ULONG i, fl; /* First time around count total number */ if(!num_builtins) { - while(all_builtins[num_builtins]) + while(all_builtins[num_builtins].attr) ++num_builtins; ASSERT(num_builtins > 0); } @@ -223,13 +228,18 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m /* Match each certificate */ for(i = 0; i < num_builtins; ++i) { - bdata.attr = all_builtins[i]; + /* Only apply built in objects to appropriate slots */ + fl = ckcapi_token_get_flags(sess->slot) & all_builtins[i].slot_flags; + if(fl != all_builtins[i].slot_flags) + continue; + + bdata.attr = all_builtins[i].attr; bdata.base.object = 0; bdata.base.data_funcs = &builtin_objdata_vtable; if(ckcapi_object_data_match(&bdata.base, match, count)) { - ret = register_builtin_object(sess, i, &obj); + ret = register_builtin_object(sess, all_builtins[i].attr, &obj); if(ret != CKR_OK) break; |