summaryrefslogtreecommitdiff
path: root/common
diff options
context:
space:
mode:
Diffstat (limited to 'common')
-rw-r--r--common/attrs.c49
-rw-r--r--common/attrs.h14
-rw-r--r--common/tests/test-attrs.c2
3 files changed, 51 insertions, 14 deletions
diff --git a/common/attrs.c b/common/attrs.c
index cce1aaf..e656189 100644
--- a/common/attrs.c
+++ b/common/attrs.c
@@ -274,7 +274,7 @@ p11_attrs_findn (CK_ATTRIBUTE *attrs,
}
bool
-p11_attrs_find_bool (CK_ATTRIBUTE *attrs,
+p11_attrs_find_bool (const CK_ATTRIBUTE *attrs,
CK_ATTRIBUTE_TYPE type,
CK_BBOOL *value)
{
@@ -293,7 +293,7 @@ p11_attrs_find_bool (CK_ATTRIBUTE *attrs,
}
bool
-p11_attrs_findn_bool (CK_ATTRIBUTE *attrs,
+p11_attrs_findn_bool (const CK_ATTRIBUTE *attrs,
CK_ULONG count,
CK_ATTRIBUTE_TYPE type,
CK_BBOOL *value)
@@ -313,7 +313,7 @@ p11_attrs_findn_bool (CK_ATTRIBUTE *attrs,
}
bool
-p11_attrs_find_ulong (CK_ATTRIBUTE *attrs,
+p11_attrs_find_ulong (const CK_ATTRIBUTE *attrs,
CK_ATTRIBUTE_TYPE type,
CK_ULONG *value)
{
@@ -331,6 +331,26 @@ p11_attrs_find_ulong (CK_ATTRIBUTE *attrs,
return false;
}
+bool
+p11_attrs_findn_ulong (const CK_ATTRIBUTE *attrs,
+ CK_ULONG count,
+ CK_ATTRIBUTE_TYPE type,
+ CK_ULONG *value)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < count; i++) {
+ if (attrs[i].type == type &&
+ attrs[i].ulValueLen == sizeof (CK_ULONG) &&
+ attrs[i].pValue != NULL) {
+ *value = *((CK_ULONG *)attrs[i].pValue);
+ return true;
+ }
+ }
+
+ return false;
+}
+
void *
p11_attrs_find_value (CK_ATTRIBUTE *attrs,
CK_ATTRIBUTE_TYPE type,
@@ -551,7 +571,8 @@ attribute_is_trust_value (const CK_ATTRIBUTE *attr)
}
static bool
-attribute_is_sensitive (const CK_ATTRIBUTE *attr)
+attribute_is_sensitive (const CK_ATTRIBUTE *attr,
+ CK_OBJECT_CLASS klass)
{
/*
* Don't print any just attribute, since they may contain
@@ -667,6 +688,9 @@ attribute_is_sensitive (const CK_ATTRIBUTE *attr)
X (CKA_TRUST_STEP_UP_APPROVED)
X (CKA_CERT_SHA1_HASH)
X (CKA_CERT_MD5_HASH)
+ case CKA_VALUE:
+ return (klass != CKO_CERTIFICATE &&
+ klass != CKO_X_CERTIFICATE_EXTENSION);
#undef X
}
@@ -786,7 +810,8 @@ format_some_bytes (p11_buffer *buffer,
static void
format_attribute (p11_buffer *buffer,
- const CK_ATTRIBUTE *attr)
+ const CK_ATTRIBUTE *attr,
+ CK_OBJECT_CLASS klass)
{
p11_buffer_add (buffer, "{ ", -1);
format_attribute_type (buffer, attr->type);
@@ -805,7 +830,7 @@ format_attribute (p11_buffer *buffer,
format_key_type (buffer, *((CK_KEY_TYPE *)attr->pValue));
} else if (attribute_is_trust_value (attr)) {
format_trust_value (buffer, *((CK_TRUST *)attr->pValue));
- } else if (attribute_is_sensitive (attr)) {
+ } else if (attribute_is_sensitive (attr, klass)) {
buffer_append_printf (buffer, "(%lu) NOT-PRINTED", attr->ulValueLen);
} else {
buffer_append_printf (buffer, "(%lu) ", attr->ulValueLen);
@@ -820,10 +845,15 @@ format_attributes (p11_buffer *buffer,
int count)
{
CK_BBOOL first = CK_TRUE;
+ CK_OBJECT_CLASS klass;
int i;
if (count < 0)
count = p11_attrs_count (attrs);
+
+ if (!p11_attrs_findn_ulong (attrs, CKA_CLASS, count, &klass))
+ klass = CKA_INVALID;
+
buffer_append_printf (buffer, "(%d) [", count);
for (i = 0; i < count; i++) {
if (first)
@@ -831,7 +861,7 @@ format_attributes (p11_buffer *buffer,
else
p11_buffer_add (buffer, ", ", 2);
first = CK_FALSE;
- format_attribute (buffer, attrs + i);
+ format_attribute (buffer, attrs + i, klass);
}
p11_buffer_add (buffer, " ]", -1);
}
@@ -848,11 +878,12 @@ p11_attrs_to_string (const CK_ATTRIBUTE *attrs,
}
char *
-p11_attr_to_string (const CK_ATTRIBUTE *attr)
+p11_attr_to_string (const CK_ATTRIBUTE *attr,
+ CK_OBJECT_CLASS klass)
{
p11_buffer buffer;
if (!p11_buffer_init_null (&buffer, 32))
return_val_if_reached (NULL);
- format_attribute (&buffer, attr);
+ format_attribute (&buffer, attr, klass);
return p11_buffer_steal (&buffer, NULL);
}
diff --git a/common/attrs.h b/common/attrs.h
index 87e0af1..233ac79 100644
--- a/common/attrs.h
+++ b/common/attrs.h
@@ -74,16 +74,21 @@ CK_ATTRIBUTE * p11_attrs_findn (CK_ATTRIBUTE *attrs,
CK_ULONG count,
CK_ATTRIBUTE_TYPE type);
-bool p11_attrs_find_bool (CK_ATTRIBUTE *attrs,
+bool p11_attrs_find_bool (const CK_ATTRIBUTE *attrs,
CK_ATTRIBUTE_TYPE type,
CK_BBOOL *value);
-bool p11_attrs_findn_bool (CK_ATTRIBUTE *attrs,
+bool p11_attrs_findn_bool (const CK_ATTRIBUTE *attrs,
CK_ULONG count,
CK_ATTRIBUTE_TYPE type,
CK_BBOOL *value);
-bool p11_attrs_find_ulong (CK_ATTRIBUTE *attrs,
+bool p11_attrs_find_ulong (const CK_ATTRIBUTE *attrs,
+ CK_ATTRIBUTE_TYPE type,
+ CK_ULONG *value);
+
+bool p11_attrs_findn_ulong (const CK_ATTRIBUTE *attrs,
+ CK_ULONG count,
CK_ATTRIBUTE_TYPE type,
CK_ULONG *value);
@@ -107,7 +112,8 @@ bool p11_attrs_matchn (const CK_ATTRIBUTE *attrs,
char * p11_attrs_to_string (const CK_ATTRIBUTE *attrs,
int count);
-char * p11_attr_to_string (const CK_ATTRIBUTE *attr);
+char * p11_attr_to_string (const CK_ATTRIBUTE *attr,
+ CK_OBJECT_CLASS klass);
bool p11_attr_equal (const void *one,
const void *two);
diff --git a/common/tests/test-attrs.c b/common/tests/test-attrs.c
index 61fcef3..324ed90 100644
--- a/common/tests/test-attrs.c
+++ b/common/tests/test-attrs.c
@@ -470,7 +470,7 @@ test_to_string (CuTest *tc)
char *string;
- string = p11_attr_to_string (&one);
+ string = p11_attr_to_string (&one, CKA_INVALID);
CuAssertStrEquals (tc, "{ CKA_LABEL = (3) \"yay\" }", string);
free (string);