pkcs11: Method added to library to extract a single attribute from an object.
authorTobias Brunner <tobias@strongswan.org>
Fri, 28 Oct 2011 16:36:44 +0000 (18:36 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 31 Oct 2011 17:45:36 +0000 (18:45 +0100)
src/libstrongswan/plugins/pkcs11/pkcs11_library.c
src/libstrongswan/plugins/pkcs11/pkcs11_library.h

index ef20fa7..4839ce3 100644 (file)
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2011 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -824,6 +827,32 @@ METHOD(pkcs11_library_t, create_mechanism_enumerator, enumerator_t*,
        return &enumerator->public;
 }
 
+METHOD(pkcs11_library_t, get_ck_attribute, bool,
+       private_pkcs11_library_t *this, CK_SESSION_HANDLE session,
+       CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_TYPE type, chunk_t *data)
+{
+       CK_ATTRIBUTE attr = { type, NULL, 0 };
+       CK_RV rv;
+       rv = this->public.f->C_GetAttributeValue(session, obj, &attr, 1);
+       if (rv != CKR_OK)
+       {
+               DBG1(DBG_CFG, "C_GetAttributeValue(%N) error: %N", ck_attr_names, type,
+                        ck_rv_names, rv);
+               return FALSE;
+       }
+       *data = chunk_alloc(attr.ulValueLen);
+       attr.pValue = data->ptr;
+       rv = this->public.f->C_GetAttributeValue(session, obj, &attr, 1);
+       if (rv != CKR_OK)
+       {
+               DBG1(DBG_CFG, "C_GetAttributeValue(%N) error: %N", ck_attr_names, type,
+                        ck_rv_names, rv);
+               chunk_free(data);
+               return FALSE;
+       }
+       return TRUE;
+}
+
 METHOD(pkcs11_library_t, destroy, void,
        private_pkcs11_library_t *this)
 {
@@ -1007,6 +1036,7 @@ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking)
                        .get_features = _get_features,
                        .create_object_enumerator = _create_object_enumerator,
                        .create_mechanism_enumerator = _create_mechanism_enumerator,
+                       .get_ck_attribute = _get_ck_attribute,
                        .destroy = _destroy,
                },
                .name = name,
index e0db653..9cfc016 100644 (file)
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2011 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -27,6 +30,7 @@ typedef struct pkcs11_library_t pkcs11_library_t;
 #include "pkcs11.h"
 
 #include <enum.h>
+#include <chunk.h>
 #include <utils/enumerator.h>
 
 /**
@@ -93,6 +97,21 @@ struct pkcs11_library_t {
                                                                                                 CK_SLOT_ID slot);
 
        /**
+        * Retrieve a single attribute from the given object.
+        *
+        * Memory for the data is allocated.
+        *
+        * @param session                       session with the PKCS#11 library
+        * @param obj                           object handle
+        * @param type                          attribute type to extract
+        * @param data                          extracted data
+        * @return                                      TRUE if successful
+        */
+       bool (*get_ck_attribute)(pkcs11_library_t *this, CK_SESSION_HANDLE session,
+                                                        CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_TYPE type,
+                                                        chunk_t *data);
+
+       /**
         * Destroy a pkcs11_library_t.
         */
        void (*destroy)(pkcs11_library_t *this);
@@ -114,7 +133,7 @@ extern enum_name_t *ck_mech_names;
 extern enum_name_t *ck_attr_names;
 
 /**
- * Trim/null terminate a string returned by the varius PKCS#11 functions.
+ * Trim/null terminate a string returned by the various PKCS#11 functions.
  *
  * @param str          string to trim
  * @param len          max length of the string