Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
From 24d6615bf3a32cdfef6ef36713eb34612ed94311 Mon Sep 17 00:00:00 2001
Bug 1162897, Add NSSTrustDomain_FindTokensByURI(), r=rrelyea
  • Loading branch information
varunnaganathan committed Aug 15, 2016
1 parent 760e903 commit 2db396d
Show file tree
Hide file tree
Showing 4 changed files with 86 additions and 0 deletions.
2 changes: 2 additions & 0 deletions lib/pk11wrap/pk11priv.h
Expand Up @@ -14,6 +14,7 @@
#include "seccomon.h"
#include "pkcs7t.h"
#include "cmsreclist.h"
#include "pkcs11uri.h"

/*
* These are the private NSS functions. They are not exported by nss.def, and
Expand All @@ -39,6 +40,7 @@ int PK11_GetMaxKeyLength(CK_MECHANISM_TYPE type);
* Generic Slot Management
************************************************************/
CK_OBJECT_HANDLE PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject);
PRBool pk11_MatchUriTokenInfo(PK11SlotInfo *slot, PK11URI *uri);
SECStatus PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
CK_ATTRIBUTE_TYPE type, PLArenaPool *arena, SECItem *result);
CK_ULONG PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
Expand Down
40 changes: 40 additions & 0 deletions lib/pk11wrap/pk11slot.c
Expand Up @@ -1851,6 +1851,46 @@ PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info)
return SECSuccess;
}

PRBool
pk11_MatchUriTokenInfo(PK11SlotInfo *slot, PK11URI *uri)
{
const char *value;

value = PK11URI_GetPathAttribute(uri, PK11URI_PATTR_TOKEN);
if (value) {
if (!pk11_MatchString(value, (char *)slot->tokenInfo.label,
sizeof(slot->tokenInfo.label))) {
return PR_FALSE;
}
}

value = PK11URI_GetPathAttribute(uri, PK11URI_PATTR_MANUFACTURER);
if (value) {
if (!pk11_MatchString(value, (char *)slot->tokenInfo.manufacturerID,
sizeof(slot->tokenInfo.manufacturerID))) {
return PR_FALSE;
}
}

value = PK11URI_GetPathAttribute(uri, PK11URI_PATTR_SERIAL);
if (value) {
if (!pk11_MatchString(value, (char *)slot->tokenInfo.serialNumber,
sizeof(slot->tokenInfo.serialNumber))) {
return PR_FALSE;
}
}

value = PK11URI_GetPathAttribute(uri, PK11URI_PATTR_MODEL);
if (value) {
if (!pk11_MatchString(value, (char *)slot->tokenInfo.model,
sizeof(slot->tokenInfo.model))) {
return PR_FALSE;
}
}

return PR_TRUE;
}

/* Find out if we need to initialize the user's pin */
PRBool
PK11_NeedUserInit(PK11SlotInfo *slot)
Expand Down
12 changes: 12 additions & 0 deletions lib/pki/nsspki.h
Expand Up @@ -23,6 +23,8 @@
#include "base.h"
#endif /* BASE_H */

#include "pkcs11uri.h"

PR_BEGIN_EXTERN_C

/*
Expand Down Expand Up @@ -1301,6 +1303,16 @@ NSSTrustDomain_IsTokenEnabled(
NSSToken *token,
NSSError *whyOpt);

/*
* NSSTrustDomain_FindTokensByURI
*
*/

NSS_EXTERN NSSToken **
NSSTrustDomain_FindTokensByURI(
NSSTrustDomain *td,
PK11URI *uri);

/*
* NSSTrustDomain_FindSlotByName
*
Expand Down
32 changes: 32 additions & 0 deletions lib/pki/trustdomain.c
Expand Up @@ -14,6 +14,7 @@
#include "pki3hack.h"
#include "pk11pub.h"
#include "nssrwlk.h"
#include "pk11priv.h"

#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32

Expand Down Expand Up @@ -234,6 +235,37 @@ NSSTrustDomain_FindSlotByName(
return NULL;
}

NSS_IMPLEMENT NSSToken **
NSSTrustDomain_FindTokensByURI(
NSSTrustDomain *td,
PK11URI *uri)
{
NSSToken *tok = NULL;
PK11SlotInfo *slotinfo;
NSSToken **tokens;
int count, i = 0;

NSSRWLock_LockRead(td->tokensLock);
count = nssList_Count(td->tokenList);
tokens = nss_ZNEWARRAY(NULL, NSSToken *, count + 1);
if (!tokens) {
return NULL;
}
for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
tok != (NSSToken *)NULL;
tok = (NSSToken *)nssListIterator_Next(td->tokens)) {
if (nssToken_IsPresent(tok)) {
slotinfo = tok->pk11slot;
if (pk11_MatchUriTokenInfo(slotinfo, uri))
tokens[i++] = nssToken_AddRef(tok);
}
}
tokens[i] = NULL;
nssListIterator_Finish(td->tokens);
NSSRWLock_UnlockRead(td->tokensLock);
return tokens;
}

NSS_IMPLEMENT NSSToken *
NSSTrustDomain_FindTokenByName(
NSSTrustDomain *td,
Expand Down

0 comments on commit 2db396d

Please sign in to comment.