Update object in the session (when the object wasn't there to begin with).
This commit is contained in:
+43
-28
@@ -559,10 +559,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_CloseSession)(
|
|||||||
DBG(("Unknown session %lu", hSession));
|
DBG(("Unknown session %lu", hSession));
|
||||||
return CKR_SESSION_HANDLE_INVALID;
|
return CKR_SESSION_HANDLE_INVALID;
|
||||||
}
|
}
|
||||||
|
DBG(("HI"));
|
||||||
free(session.slot->token->objects); // TODO: make objects survive a session so there is no need to get them again?
|
free(session.slot->token->objects); // TODO: make objects survive a session so there is no need to get them again?
|
||||||
session.slot->token->objects = NULL;
|
session.slot->token->objects = NULL;
|
||||||
|
DBG(("HI2"));
|
||||||
memset(&session, 0, sizeof(ykcs11_session_t));
|
memset(&session, 0, sizeof(ykcs11_session_t));
|
||||||
session.handle = CK_INVALID_HANDLE;
|
session.handle = CK_INVALID_HANDLE;
|
||||||
|
|
||||||
@@ -1683,12 +1683,12 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
|
|||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
rv = token.get_token_objects_num(piv_state, &n_objs, &n_certs);
|
/* rv = token.get_token_objects_num(piv_state, &n_objs, &n_certs); */
|
||||||
if (rv != CKR_OK) {
|
/* if (rv != CKR_OK) { */
|
||||||
DBG(("Unable to retrieve token objects"));
|
/* DBG(("Unable to retrieve token objects")); */
|
||||||
return rv;
|
/* return rv; */
|
||||||
}
|
/* } */
|
||||||
DBG(("There were %lu objs and %lu certs, there are %lu objs and %lu certs", session.slot->token->n_objects, session.slot->token->n_certs, n_objs, n_certs));
|
/* DBG(("There were %lu objs and %lu certs, there are %lu objs and %lu certs", session.slot->token->n_objects, session.slot->token->n_certs, n_objs, n_certs)); */
|
||||||
|
|
||||||
is_new = CK_TRUE;
|
is_new = CK_TRUE;
|
||||||
for (i = 0; i < session.slot->token->n_objects; i++) {
|
for (i = 0; i < session.slot->token->n_objects; i++) {
|
||||||
@@ -1703,25 +1703,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
|
|||||||
|
|
||||||
// Check whether we created a new object or updated an existing one
|
// Check whether we created a new object or updated an existing one
|
||||||
if (is_new == CK_TRUE) {
|
if (is_new == CK_TRUE) {
|
||||||
// New object created
|
// New object created, add it to the object list
|
||||||
DBG(("OBJECT NOT FOUND!"));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// Updated old object
|
|
||||||
cert_len = sizeof(cert_data);
|
|
||||||
rv = token.get_token_raw_certificate(piv_state, cert_id, cert_data, cert_len); // TODO: double check len here (check inside, never changed but used below). One more time above
|
|
||||||
if (rv != CKR_OK) {
|
|
||||||
DBG(("Unable to get certificate data from token"));
|
|
||||||
return CKR_FUNCTION_FAILED; // TODO: although key generation succeeded at this point
|
|
||||||
}
|
|
||||||
|
|
||||||
rv = store_cert(cert_id, cert_data, cert_len);
|
// Each object counts as four
|
||||||
if (rv != CKR_OK) {
|
session.slot->token->n_objects += 4;
|
||||||
DBG(("Unable to store certificate data"));
|
|
||||||
return CKR_FUNCTION_FAILED; // TODO: although key generation succeeded at this point
|
|
||||||
}
|
|
||||||
|
|
||||||
/*session.slot->token->n_objects += 4;
|
|
||||||
session.slot->token->n_certs++;
|
session.slot->token->n_certs++;
|
||||||
|
|
||||||
obj_ptr = realloc(session.slot->token->objects, session.slot->token->n_objects * sizeof(piv_obj_id_t));
|
obj_ptr = realloc(session.slot->token->objects, session.slot->token->n_objects * sizeof(piv_obj_id_t));
|
||||||
@@ -1729,14 +1714,44 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
|
|||||||
DBG(("Unable to store new item in the session"));
|
DBG(("Unable to store new item in the session"));
|
||||||
return CKR_HOST_MEMORY;
|
return CKR_HOST_MEMORY;
|
||||||
}
|
}
|
||||||
|
session.slot->token->objects = obj_ptr;
|
||||||
|
|
||||||
|
obj_ptr = session.slot->token->objects + session.slot->token->n_objects - 4;
|
||||||
|
*obj_ptr++ = dobj_id;
|
||||||
|
*obj_ptr++ = cert_id;
|
||||||
|
*obj_ptr++ = pvtk_id;
|
||||||
|
*obj_ptr++ = pubk_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Write/Update the object
|
||||||
|
cert_len = sizeof(cert_data);
|
||||||
|
rv = token.get_token_raw_certificate(piv_state, cert_id, cert_data, cert_len); // TODO: double check len here (check inside, never changed but used below). One more time above
|
||||||
|
if (rv != CKR_OK) {
|
||||||
|
DBG(("Unable to get certificate data from token"));
|
||||||
|
return CKR_FUNCTION_FAILED; // TODO: although key generation succeeded at this point
|
||||||
|
}
|
||||||
|
|
||||||
|
rv = store_cert(cert_id, cert_data, cert_len);
|
||||||
|
if (rv != CKR_OK) {
|
||||||
|
DBG(("Unable to store certificate data"));
|
||||||
|
return CKR_FUNCTION_FAILED; // TODO: although key generation succeeded at this point
|
||||||
|
}
|
||||||
|
|
||||||
|
/*session.slot->token->n_objects += 4;
|
||||||
|
session.slot->token->n_certs++;
|
||||||
|
|
||||||
|
obj_ptr = realloc(session.slot->token->objects, session.slot->token->n_objects * sizeof(piv_obj_id_t));
|
||||||
|
if (obj_ptr == NULL) {
|
||||||
|
DBG(("Unable to store new item in the session"));
|
||||||
|
return CKR_HOST_MEMORY;
|
||||||
|
}
|
||||||
|
|
||||||
obj_ptr = session.slot->token->objects + session.slot->token->n_objects - 4;
|
obj_ptr = session.slot->token->objects + session.slot->token->n_objects - 4;
|
||||||
*obj_ptr++ = dobj_id;
|
*obj_ptr++ = dobj_id;
|
||||||
*obj_ptr++ = cert_id;
|
*obj_ptr++ = cert_id;
|
||||||
*obj_ptr++ = pvtk_id;
|
*obj_ptr++ = pvtk_id;
|
||||||
*obj_ptr++ = pubk_id;*/
|
*obj_ptr++ = pubk_id;*/
|
||||||
}
|
|
||||||
|
|
||||||
*phPrivateKey = op_info.op.gen.key_id;
|
*phPrivateKey = op_info.op.gen.key_id;
|
||||||
*phPublicKey = op_info.op.gen.key_id - PIV_PVTK_OBJ_KM + PIV_PUBK_OBJ_KM; // TODO: make function for these?
|
*phPublicKey = op_info.op.gen.key_id - PIV_PVTK_OBJ_KM + PIV_PUBK_OBJ_KM; // TODO: make function for these?
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user