diff options
| -rw-r--r-- | common/attrs.c | 49 | ||||
| -rw-r--r-- | common/attrs.h | 14 | ||||
| -rw-r--r-- | common/tests/test-attrs.c | 2 | ||||
| -rw-r--r-- | trust/tests/test-data.c | 15 | ||||
| -rw-r--r-- | trust/tests/test-data.h | 3 |
5 files changed, 63 insertions, 20 deletions
diff --git a/common/attrs.c b/common/attrs.c index cce1aaf..e656189 100644 --- a/common/attrs.c +++ b/common/attrs.c @@ -274,7 +274,7 @@ p11_attrs_findn (CK_ATTRIBUTE *attrs, } bool -p11_attrs_find_bool (CK_ATTRIBUTE *attrs, +p11_attrs_find_bool (const CK_ATTRIBUTE *attrs, CK_ATTRIBUTE_TYPE type, CK_BBOOL *value) { @@ -293,7 +293,7 @@ p11_attrs_find_bool (CK_ATTRIBUTE *attrs, } bool -p11_attrs_findn_bool (CK_ATTRIBUTE *attrs, +p11_attrs_findn_bool (const CK_ATTRIBUTE *attrs, CK_ULONG count, CK_ATTRIBUTE_TYPE type, CK_BBOOL *value) @@ -313,7 +313,7 @@ p11_attrs_findn_bool (CK_ATTRIBUTE *attrs, } bool -p11_attrs_find_ulong (CK_ATTRIBUTE *attrs, +p11_attrs_find_ulong (const CK_ATTRIBUTE *attrs, CK_ATTRIBUTE_TYPE type, CK_ULONG *value) { @@ -331,6 +331,26 @@ p11_attrs_find_ulong (CK_ATTRIBUTE *attrs, return false; } +bool +p11_attrs_findn_ulong (const CK_ATTRIBUTE *attrs, + CK_ULONG count, + CK_ATTRIBUTE_TYPE type, + CK_ULONG *value) +{ + CK_ULONG i; + + for (i = 0; i < count; i++) { + if (attrs[i].type == type && + attrs[i].ulValueLen == sizeof (CK_ULONG) && + attrs[i].pValue != NULL) { + *value = *((CK_ULONG *)attrs[i].pValue); + return true; + } + } + + return false; +} + void * p11_attrs_find_value (CK_ATTRIBUTE *attrs, CK_ATTRIBUTE_TYPE type, @@ -551,7 +571,8 @@ attribute_is_trust_value (const CK_ATTRIBUTE *attr) } static bool -attribute_is_sensitive (const CK_ATTRIBUTE *attr) +attribute_is_sensitive (const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass) { /* * Don't print any just attribute, since they may contain @@ -667,6 +688,9 @@ attribute_is_sensitive (const CK_ATTRIBUTE *attr) X (CKA_TRUST_STEP_UP_APPROVED) X (CKA_CERT_SHA1_HASH) X (CKA_CERT_MD5_HASH) + case CKA_VALUE: + return (klass != CKO_CERTIFICATE && + klass != CKO_X_CERTIFICATE_EXTENSION); #undef X } @@ -786,7 +810,8 @@ format_some_bytes (p11_buffer *buffer, static void format_attribute (p11_buffer *buffer, - const CK_ATTRIBUTE *attr) + const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass) { p11_buffer_add (buffer, "{ ", -1); format_attribute_type (buffer, attr->type); @@ -805,7 +830,7 @@ format_attribute (p11_buffer *buffer, format_key_type (buffer, *((CK_KEY_TYPE *)attr->pValue)); } else if (attribute_is_trust_value (attr)) { format_trust_value (buffer, *((CK_TRUST *)attr->pValue)); - } else if (attribute_is_sensitive (attr)) { + } else if (attribute_is_sensitive (attr, klass)) { buffer_append_printf (buffer, "(%lu) NOT-PRINTED", attr->ulValueLen); } else { buffer_append_printf (buffer, "(%lu) ", attr->ulValueLen); @@ -820,10 +845,15 @@ format_attributes (p11_buffer *buffer, int count) { CK_BBOOL first = CK_TRUE; + CK_OBJECT_CLASS klass; int i; if (count < 0) count = p11_attrs_count (attrs); + + if (!p11_attrs_findn_ulong (attrs, CKA_CLASS, count, &klass)) + klass = CKA_INVALID; + buffer_append_printf (buffer, "(%d) [", count); for (i = 0; i < count; i++) { if (first) @@ -831,7 +861,7 @@ format_attributes (p11_buffer *buffer, else p11_buffer_add (buffer, ", ", 2); first = CK_FALSE; - format_attribute (buffer, attrs + i); + format_attribute (buffer, attrs + i, klass); } p11_buffer_add (buffer, " ]", -1); } @@ -848,11 +878,12 @@ p11_attrs_to_string (const CK_ATTRIBUTE *attrs, } char * -p11_attr_to_string (const CK_ATTRIBUTE *attr) +p11_attr_to_string (const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass) { p11_buffer buffer; if (!p11_buffer_init_null (&buffer, 32)) return_val_if_reached (NULL); - format_attribute (&buffer, attr); + format_attribute (&buffer, attr, klass); return p11_buffer_steal (&buffer, NULL); } diff --git a/common/attrs.h b/common/attrs.h index 87e0af1..233ac79 100644 --- a/common/attrs.h +++ b/common/attrs.h @@ -74,16 +74,21 @@ CK_ATTRIBUTE * p11_attrs_findn (CK_ATTRIBUTE *attrs, CK_ULONG count, CK_ATTRIBUTE_TYPE type); -bool p11_attrs_find_bool (CK_ATTRIBUTE *attrs, +bool p11_attrs_find_bool (const CK_ATTRIBUTE *attrs, CK_ATTRIBUTE_TYPE type, CK_BBOOL *value); -bool p11_attrs_findn_bool (CK_ATTRIBUTE *attrs, +bool p11_attrs_findn_bool (const CK_ATTRIBUTE *attrs, CK_ULONG count, CK_ATTRIBUTE_TYPE type, CK_BBOOL *value); -bool p11_attrs_find_ulong (CK_ATTRIBUTE *attrs, +bool p11_attrs_find_ulong (const CK_ATTRIBUTE *attrs, + CK_ATTRIBUTE_TYPE type, + CK_ULONG *value); + +bool p11_attrs_findn_ulong (const CK_ATTRIBUTE *attrs, + CK_ULONG count, CK_ATTRIBUTE_TYPE type, CK_ULONG *value); @@ -107,7 +112,8 @@ bool p11_attrs_matchn (const CK_ATTRIBUTE *attrs, char * p11_attrs_to_string (const CK_ATTRIBUTE *attrs, int count); -char * p11_attr_to_string (const CK_ATTRIBUTE *attr); +char * p11_attr_to_string (const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass); bool p11_attr_equal (const void *one, const void *two); diff --git a/common/tests/test-attrs.c b/common/tests/test-attrs.c index 61fcef3..324ed90 100644 --- a/common/tests/test-attrs.c +++ b/common/tests/test-attrs.c @@ -470,7 +470,7 @@ test_to_string (CuTest *tc) char *string; - string = p11_attr_to_string (&one); + string = p11_attr_to_string (&one, CKA_INVALID); CuAssertStrEquals (tc, "{ CKA_LABEL = (3) \"yay\" }", string); free (string); diff --git a/trust/tests/test-data.c b/trust/tests/test-data.c index b235f33..6c55fd0 100644 --- a/trust/tests/test-data.c +++ b/trust/tests/test-data.c @@ -104,7 +104,7 @@ test_check_id_msg (CuTest *cu, one = p11_attrs_find (expected, CKA_ID); two = p11_attrs_find (attr, CKA_ID); - test_check_attr_msg (cu, file, line, one, two); + test_check_attr_msg (cu, file, line, CKA_INVALID, one, two); } void @@ -114,11 +114,15 @@ test_check_attrs_msg (CuTest *cu, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attrs) { + CK_OBJECT_CLASS klass; CK_ATTRIBUTE *attr; + if (!p11_attrs_find_ulong (expected, CKA_CLASS, &klass)) + klass = CKA_INVALID; + while (!p11_attrs_terminator (expected)) { attr = p11_attrs_find (attrs, expected->type); - test_check_attr_msg (cu, file, line, expected, attr); + test_check_attr_msg (cu, file, line, klass, expected, attr); expected++; } } @@ -127,6 +131,7 @@ void test_check_attr_msg (CuTest *cu, const char *file, int line, + CK_OBJECT_CLASS klass, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr) { @@ -135,14 +140,14 @@ test_check_attr_msg (CuTest *cu, if (attr == NULL) { asprintf (&message, "expected %s but found NULL", - p11_attr_to_string (expected)); + p11_attr_to_string (expected, klass)); CuFail_Line (cu, file, line, "attribute does not match", message); } if (!p11_attr_equal (attr, expected)) { asprintf (&message, "expected %s but found %s", - p11_attr_to_string (expected), - p11_attr_to_string (attr)); + p11_attr_to_string (expected, klass), + p11_attr_to_string (attr, klass)); CuFail_Line (cu, file, line, "attribute does not match", message); } } diff --git a/trust/tests/test-data.h b/trust/tests/test-data.h index 9daff87..275dd70 100644 --- a/trust/tests/test-data.h +++ b/trust/tests/test-data.h @@ -68,11 +68,12 @@ void test_check_attrs_msg (CuTest *cu, CK_ATTRIBUTE *attrs); #define test_check_attr(cu, expected, attr) \ - test_check_attr_msg (cu, __FILE__, __LINE__, expected, attr) + test_check_attr_msg (cu, __FILE__, __LINE__, CKA_INVALID, expected, attr) void test_check_attr_msg (CuTest *cu, const char *file, int line, + CK_OBJECT_CLASS klass, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr); |