From 4b5eb21486d188f57f2bf7a91cd5da225dd3e0d1 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 2 Dec 2008 20:56:41 +0000 Subject: Add concept of slots without any certificates. --- ckcapi-builtin.c | 6 +++--- ckcapi-token.c | 15 ++++++++------- ckcapi-token.h | 6 ++++-- ckcapi-trust.c | 7 ++++++- 4 files changed, 21 insertions(+), 13 deletions(-) diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c index 47782ee..cc1cb78 100644 --- a/ckcapi-builtin.c +++ b/ckcapi-builtin.c @@ -58,7 +58,7 @@ typedef struct _BuiltinMatch BuiltinMatch; static const BuiltinMatch all_builtins[] = { - { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA }, + { (CK_ATTRIBUTE_PTR)&builtin_root, CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS }, { NULL, 0 } }; @@ -234,9 +234,9 @@ ckcapi_builtin_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_ATTRIBUTE_PTR m { /* Only apply built in objects to appropriate slots */ fl = ckcapi_token_get_flags(sess->slot) & all_builtins[i].slot_flags; - /* if(fl != all_builtins[i].slot_flags) + if(fl != all_builtins[i].slot_flags) continue; - */ + bdata.attr = all_builtins[i].attr; bdata.base.object = 0; bdata.base.data_funcs = &builtin_objdata_vtable; diff --git a/ckcapi-token.c b/ckcapi-token.c index c0a6977..acebd16 100644 --- a/ckcapi-token.c +++ b/ckcapi-token.c @@ -35,13 +35,14 @@ SlotInfo; #define SLOT_OFFSET 0x00001000 static const SlotInfo slot_info[] = { - { "My", "Personal Certificates", CKCAPI_SLOT_TRUSTED }, - { "AddressBook", "Address Book Certificates", 0 }, - { "CA", "Certificate Authorities", CKCAPI_SLOT_CA }, - { "Root", "Root Authorities", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA }, - { "Trust", "Trust", 0 }, - { "TrustedPeople", "Trusted People", CKCAPI_SLOT_TRUSTED }, - { "AuthRoot", "Auth Root", 0 }, + { "My", "Personal Certificates", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CERTS }, + { "AddressBook", "Address Book Certificates", CKCAPI_SLOT_CERTS }, + { "CA", "Certificate Authorities", CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS}, + { "Root", "Root Authorities", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CA | CKCAPI_SLOT_CERTS}, + { "Trust", "Trust", CKCAPI_SLOT_CERTS }, + { "TrustedPeople", "Trusted People", CKCAPI_SLOT_TRUSTED | CKCAPI_SLOT_CERTS }, + { "AuthRoot", "Auth Root", CKCAPI_SLOT_CERTS }, + { "", "All User Keys", CKCAPI_SLOT_ANYKEY } }; #define SLOT_TO_OFFSET(slot) \ diff --git a/ckcapi-token.h b/ckcapi-token.h index 6927241..2024fa6 100644 --- a/ckcapi-token.h +++ b/ckcapi-token.h @@ -22,8 +22,10 @@ #include "ckcapi.h" -#define CKCAPI_SLOT_CA 0x00000001 -#define CKCAPI_SLOT_TRUSTED 0x00000002 +#define CKCAPI_SLOT_CERTS 0x00000001 +#define CKCAPI_SLOT_ANYKEY 0x00000002 +#define CKCAPI_SLOT_CA 0x00000100 +#define CKCAPI_SLOT_TRUSTED 0x00000200 /* Register a new object, a handle will be assigned to obj->id */ CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj); diff --git a/ckcapi-trust.c b/ckcapi-trust.c index 2212d42..98c0046 100644 --- a/ckcapi-trust.c +++ b/ckcapi-trust.c @@ -520,7 +520,12 @@ ckcapi_trust_find(CkCapiSession* sess, CK_OBJECT_CLASS cls, CK_RV ret = CKR_OK; CK_ULONG i; - if(cls != CKO_NETSCAPE_TRUST) + /* We only have trust objects in here */ + if(cls != CKO_NETSCAPE_TRUST && cls != CKO_ANY) + return CKR_OK; + + /* Only work with slots that have certificates */ + if(!(ckcapi_token_get_flags (sess->slot) & CKCAPI_SLOT_CERTS)) return CKR_OK; /* Get a list of all certificates */ -- cgit v1.2.3