aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-11-14 18:02:07 -0500
committerRob Austein <sra@hactrn.net>2016-11-14 18:02:07 -0500
commitb448b28f538517556f3d35dee81dbf07d433df60 (patch)
tree42e9868767e80b2707d559fbcab442030a096e19
parentd6e9917d07ddb0a5f8218fecdcd8bda3a1104912 (diff)
More API cleanup: remove hal_rpc_pkey_list().
hal_rpc_pkey_list() was a simplistic solution that worked when the keystore only supported a handful of keys and we needed a quick temporary solution in time for a workshop. It doesn't handle large numbers of keys well, and while we could fix that, all of its functionality is now available via more robust API functions, so simplifying the API by deleting it seems best. Since this change required mucking with dispatch vectors yet again, it converts them to use C99 "designated initializer" syntax.
-rw-r--r--hal.h15
-rw-r--r--hal_internal.h31
-rw-r--r--ks_flash.c62
-rw-r--r--ks_volatile.c62
-rw-r--r--libhal.py11
-rw-r--r--rpc_api.c12
-rw-r--r--rpc_client.c145
-rw-r--r--rpc_hash.c12
-rw-r--r--rpc_misc.c14
-rw-r--r--rpc_pkey.c60
-rw-r--r--rpc_server.c50
-rw-r--r--unit-tests.py11
12 files changed, 97 insertions, 388 deletions
diff --git a/hal.h b/hal.h
index 4e39133..df330ae 100644
--- a/hal.h
+++ b/hal.h
@@ -760,21 +760,6 @@ extern hal_error_t hal_rpc_pkey_verify(const hal_pkey_handle_t pkey,
const uint8_t * const signature, const size_t signature_len);
typedef struct {
- hal_key_type_t type;
- hal_curve_name_t curve;
- hal_key_flags_t flags;
- hal_uuid_t name;
- /* ... */
-} hal_pkey_info_t;
-
-extern hal_error_t hal_rpc_pkey_list(const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max,
- hal_key_flags_t flags);
-
-typedef struct {
uint32_t type;
size_t length;
const uint8_t *value;
diff --git a/hal_internal.h b/hal_internal.h
index e0c7d5a..20b89af 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -238,13 +238,6 @@ typedef struct {
const uint8_t * const input, const size_t input_len,
const uint8_t * const signature, const size_t signature_len);
- hal_error_t (*list)(const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max,
- hal_key_flags_t flags);
-
hal_error_t (*match)(const hal_client_handle_t client,
const hal_session_handle_t session,
const hal_key_type_t type,
@@ -480,13 +473,6 @@ struct hal_ks_driver {
hal_error_t (*delete)(hal_ks_t *ks,
hal_pkey_slot_t *slot);
- hal_error_t (*list)(hal_ks_t *ks,
- const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max);
-
hal_error_t (*match)(hal_ks_t *ks,
const hal_client_handle_t client,
const hal_session_handle_t session,
@@ -615,22 +601,6 @@ static inline hal_error_t hal_ks_delete(hal_ks_t *ks,
return ks->driver->delete(ks, slot);
}
-static inline hal_error_t hal_ks_list(hal_ks_t *ks,
- const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max)
-{
- if (ks == NULL || ks->driver == NULL)
- return HAL_ERROR_BAD_ARGUMENTS;
-
- if (ks->driver->list == NULL)
- return HAL_ERROR_NOT_IMPLEMENTED;
-
- return ks->driver->list(ks, client, session, result, result_len, result_max);
-}
-
static inline hal_error_t hal_ks_match(hal_ks_t *ks,
const hal_client_handle_t client,
const hal_session_handle_t session,
@@ -894,7 +864,6 @@ typedef enum {
RPC_FUNC_PKEY_GET_PUBLIC_KEY,
RPC_FUNC_PKEY_SIGN,
RPC_FUNC_PKEY_VERIFY,
- RPC_FUNC_PKEY_LIST,
RPC_FUNC_PKEY_MATCH,
RPC_FUNC_PKEY_GET_KEY_CURVE,
RPC_FUNC_PKEY_SET_ATTRIBUTES,
diff --git a/ks_flash.c b/ks_flash.c
index 957ded3..cc18e9d 100644
--- a/ks_flash.c
+++ b/ks_flash.c
@@ -373,7 +373,7 @@ static hal_error_t block_read(const unsigned blockno, flash_block_t *block)
/*
* Read a block using the cache. Marking the block as used is left
* for the caller, so we can avoid blowing out the cache when we
- * perform a ks_list() operation.
+ * perform a ks_match() operation.
*/
static hal_error_t block_read_cached(const unsigned blockno, flash_block_t **block)
@@ -1087,43 +1087,6 @@ static hal_error_t ks_delete(hal_ks_t *ks,
return block_erase_maybe(db.ksi.index[db.ksi.used]);
}
-static hal_error_t ks_list(hal_ks_t *ks,
- const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max)
-{
- if (ks != &db.ks || result == NULL || result_len == NULL)
- return HAL_ERROR_BAD_ARGUMENTS;
-
- flash_block_t *block;
- hal_error_t err;
-
- *result_len = 0;
-
- for (int i = 0; i < db.ksi.used; i++) {
- unsigned b = db.ksi.index[i];
-
- if (*result_len >= result_max)
- return HAL_ERROR_RESULT_TOO_LONG;
-
- if ((err = block_read_cached(b, &block)) != HAL_OK)
- return err;
-
- if (block_get_type(block) != BLOCK_TYPE_KEY || block->header.this_chunk > 0)
- continue;
-
- result[*result_len].type = block->key.type;
- result[*result_len].curve = block->key.curve;
- result[*result_len].flags = block->key.flags;
- result[*result_len].name = block->key.name;
- ++ *result_len;
- }
-
- return HAL_OK;
-}
-
static inline hal_error_t locate_attributes(flash_block_t *block, const unsigned chunk,
uint8_t **bytes, size_t *bytes_len,
unsigned **attrs_len)
@@ -1163,7 +1126,7 @@ static hal_error_t ks_match(hal_ks_t *ks,
const unsigned result_max,
const hal_uuid_t * const previous_uuid)
{
- if (ks == NULL || attributes == NULL ||
+ if (ks == NULL || (attributes == NULL && attributes_len > 0) ||
result == NULL || result_len == NULL || previous_uuid == NULL)
return HAL_ERROR_BAD_ARGUMENTS;
@@ -1681,17 +1644,16 @@ static hal_error_t ks_get_attributes(hal_ks_t *ks,
}
const hal_ks_driver_t hal_ks_token_driver[1] = {{
- ks_init,
- ks_shutdown,
- ks_open,
- ks_close,
- ks_store,
- ks_fetch,
- ks_delete,
- ks_list,
- ks_match,
- ks_set_attributes,
- ks_get_attributes
+ .init = ks_init,
+ .shutdown = ks_shutdown,
+ .open = ks_open,
+ .close = ks_close,
+ .store = ks_store,
+ .fetch = ks_fetch,
+ .delete = ks_delete,
+ .match = ks_match,
+ .set_attributes = ks_set_attributes,
+ .get_attributes = ks_get_attributes
}};
/*
diff --git a/ks_volatile.c b/ks_volatile.c
index 8767458..0ee19c8 100644
--- a/ks_volatile.c
+++ b/ks_volatile.c
@@ -345,45 +345,6 @@ static hal_error_t ks_delete(hal_ks_t *ks,
return HAL_OK;
}
-static hal_error_t ks_list(hal_ks_t *ks,
- hal_client_handle_t client,
- hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max)
-{
- if (ks == NULL || result == NULL || result_len == NULL)
- return HAL_ERROR_BAD_ARGUMENTS;
-
- ks_t *ksv = ks_to_ksv(ks);
-
- if (ksv->db == NULL)
- return HAL_ERROR_KEYSTORE_ACCESS;
-
- *result_len = 0;
-
- for (int i = 0; i < ksv->db->ksi.used; i++) {
- unsigned b = ksv->db->ksi.index[i];
-
- if (ksv->db->ksi.names[b].chunk > 0)
- continue;
-
- if (!key_visible_to_session(ksv, client, session, &ksv->db->keys[b]))
- continue;
-
- if (*result_len >= result_max)
- return HAL_ERROR_RESULT_TOO_LONG;
-
- result[i].name = ksv->db->ksi.names[b].name;
- result[i].type = ksv->db->keys[b].type;
- result[i].curve = ksv->db->keys[b].curve;
- result[i].flags = ksv->db->keys[b].flags;
- ++ *result_len;
- }
-
- return HAL_OK;
-}
-
static hal_error_t ks_match(hal_ks_t *ks,
hal_client_handle_t client,
hal_session_handle_t session,
@@ -397,7 +358,7 @@ static hal_error_t ks_match(hal_ks_t *ks,
const unsigned result_max,
const hal_uuid_t * const previous_uuid)
{
- if (ks == NULL || attributes == NULL ||
+ if (ks == NULL || (attributes == NULL && attributes_len > 0) ||
result == NULL || result_len == NULL || previous_uuid == NULL)
return HAL_ERROR_BAD_ARGUMENTS;
@@ -572,17 +533,16 @@ static hal_error_t ks_get_attributes(hal_ks_t *ks,
}
const hal_ks_driver_t hal_ks_volatile_driver[1] = {{
- ks_volatile_init,
- ks_volatile_shutdown,
- ks_volatile_open,
- ks_volatile_close,
- ks_store,
- ks_fetch,
- ks_delete,
- ks_list,
- ks_match,
- ks_set_attributes,
- ks_get_attributes
+ .init = ks_volatile_init,
+ .shutdown = ks_volatile_shutdown,
+ .open = ks_volatile_open,
+ .close = ks_volatile_close,
+ .store = ks_store,
+ .fetch = ks_fetch,
+ .delete = ks_delete,
+ .match = ks_match,
+ .set_attributes = ks_set_attributes,
+ .get_attributes = ks_get_attributes
}};
#endif /* STATIC_KS_VOLATILE_SLOTS > 0 */
diff --git a/libhal.py b/libhal.py
index bd345a8..8dad622 100644
--- a/libhal.py
+++ b/libhal.py
@@ -178,7 +178,6 @@ RPCFunc.define('''
RPC_FUNC_PKEY_GET_PUBLIC_KEY,
RPC_FUNC_PKEY_SIGN,
RPC_FUNC_PKEY_VERIFY,
- RPC_FUNC_PKEY_LIST,
RPC_FUNC_PKEY_MATCH,
RPC_FUNC_PKEY_GET_KEY_CURVE,
RPC_FUNC_PKEY_SET_ATTRIBUTES,
@@ -629,16 +628,6 @@ class HSM(object):
with self.rpc(RPC_FUNC_PKEY_VERIFY, pkey, hash, data, signature):
return
- def pkey_list(self, flags = 0, client = 0, session = 0, length = 512):
- with self.rpc(RPC_FUNC_PKEY_LIST, session, length, flags, client = client) as r:
- n = r.unpack_uint()
- for i in xrange(n):
- key_type = HALKeyType.index[r.unpack_uint()]
- key_curve = HALCurve.index[r.unpack_uint()]
- key_flags = r.unpack_uint()
- key_name = UUID(bytes = r.unpack_bytes())
- yield key_type, key_curve, key_flags, key_name
-
def pkey_match(self, type = 0, curve = 0, flags = 0, attributes = {},
length = 64, client = 0, session = 0):
u = UUID(int = 0)
diff --git a/rpc_api.c b/rpc_api.c
index 75172bf..e239008 100644
--- a/rpc_api.c
+++ b/rpc_api.c
@@ -334,18 +334,6 @@ hal_error_t hal_rpc_pkey_verify(const hal_pkey_handle_t pkey,
return hal_rpc_pkey_dispatch->verify(pkey, hash, input, input_len, signature, signature_len);
}
-hal_error_t hal_rpc_pkey_list(const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max,
- hal_key_flags_t flags)
-{
- if (result == NULL || result_len == NULL || result_max == 0)
- return HAL_ERROR_BAD_ARGUMENTS;
- return hal_rpc_pkey_dispatch->list(client, session, result, result_len, result_max, flags);
-}
-
hal_error_t hal_rpc_pkey_match(const hal_client_handle_t client,
const hal_session_handle_t session,
const hal_key_type_t type,
diff --git a/rpc_client.c b/rpc_client.c
index ffe5e54..0c57d51 100644
--- a/rpc_client.c
+++ b/rpc_client.c
@@ -772,59 +772,6 @@ static hal_error_t pkey_remote_verify(const hal_pkey_handle_t pkey,
return rpc_ret;
}
-static hal_error_t hal_xdr_decode_pkey_info(const uint8_t **iptr, const uint8_t * const ilimit,
- hal_pkey_info_t *info)
-{
- uint32_t u32;
-
- check(hal_xdr_decode_int(iptr, ilimit, &u32)); info->type = u32;
- check(hal_xdr_decode_int(iptr, ilimit, &u32)); info->curve = u32;
- check(hal_xdr_decode_int(iptr, ilimit, &u32)); info->flags = u32;
-
- u32 = sizeof(info->name.uuid);
- check(hal_xdr_decode_buffer(iptr, ilimit, info->name.uuid, &u32));
- if (u32 != sizeof(info->name.uuid))
- return HAL_ERROR_KEY_NAME_TOO_LONG;
-
- return HAL_OK;
-}
-
-static hal_error_t pkey_remote_list(const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max,
- hal_key_flags_t flags)
-{
- uint8_t outbuf[nargs(5)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
- uint8_t inbuf[nargs(4) + pad(result_max * sizeof(hal_pkey_info_t))];
- const uint8_t *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
- uint32_t len;
- hal_error_t ret, rpc_ret;
-
- check(hal_xdr_encode_int(&optr, olimit, RPC_FUNC_PKEY_LIST));
- check(hal_xdr_encode_int(&optr, olimit, client.handle));
- check(hal_xdr_encode_int(&optr, olimit, session.handle));
- check(hal_xdr_encode_int(&optr, olimit, result_max));
- check(hal_xdr_encode_int(&optr, olimit, flags));
- check(hal_rpc_send(outbuf, optr - outbuf));
-
- check(read_matching_packet(RPC_FUNC_PKEY_LIST, inbuf, sizeof(inbuf), &iptr, &ilimit));
-
- check(hal_xdr_decode_int(&iptr, ilimit, &rpc_ret));
- if (rpc_ret == HAL_OK) {
- check(hal_xdr_decode_int(&iptr, ilimit, &len));
- *result_len = len;
- for (int i = 0; i < len; ++i) {
- if ((ret = hal_xdr_decode_pkey_info(&iptr, ilimit, &result[i])) != HAL_OK) {
- *result_len = 0;
- return ret;
- }
- }
- }
- return rpc_ret;
-}
-
static hal_error_t pkey_remote_match(const hal_client_handle_t client,
const hal_session_handle_t session,
const hal_key_type_t type,
@@ -1052,63 +999,61 @@ static hal_error_t pkey_mixed_verify(const hal_pkey_handle_t pkey,
*/
const hal_rpc_misc_dispatch_t hal_rpc_remote_misc_dispatch = {
- set_pin,
- login,
- logout,
- logout_all,
- is_logged_in,
- get_random,
- get_version
+ .set_pin = set_pin,
+ .login = login,
+ .logout = logout,
+ .logout_all = logout_all,
+ .is_logged_in = is_logged_in,
+ .get_random = get_random,
+ .get_version = get_version
};
const hal_rpc_hash_dispatch_t hal_rpc_remote_hash_dispatch = {
- hash_get_digest_len,
- hash_get_digest_algorithm_id,
- hash_get_algorithm,
- hash_initialize,
- hash_update,
- hash_finalize
+ .get_digest_length = hash_get_digest_len,
+ .get_digest_algorithm_id = hash_get_digest_algorithm_id,
+ .get_algorithm = hash_get_algorithm,
+ .initialize = hash_initialize,
+ .update = hash_update,
+ .finalize = hash_finalize
};
const hal_rpc_pkey_dispatch_t hal_rpc_remote_pkey_dispatch = {
- pkey_remote_load,
- pkey_remote_open,
- pkey_remote_generate_rsa,
- pkey_remote_generate_ec,
- pkey_remote_close,
- pkey_remote_delete,
- pkey_remote_get_key_type,
- pkey_remote_get_key_curve,
- pkey_remote_get_key_flags,
- pkey_remote_get_public_key_len,
- pkey_remote_get_public_key,
- pkey_remote_sign,
- pkey_remote_verify,
- pkey_remote_list,
- pkey_remote_match,
- pkey_remote_set_attributes,
- pkey_remote_get_attributes
+ .load = pkey_remote_load,
+ .open = pkey_remote_open,
+ .generate_rsa = pkey_remote_generate_rsa,
+ .generate_ec = pkey_remote_generate_ec,
+ .close = pkey_remote_close,
+ .delete = pkey_remote_delete,
+ .get_key_type = pkey_remote_get_key_type,
+ .get_key_curve = pkey_remote_get_key_curve,
+ .get_key_flags = pkey_remote_get_key_flags,
+ .get_public_key_len = pkey_remote_get_public_key_len,
+ .get_public_key = pkey_remote_get_public_key,
+ .sign = pkey_remote_sign,
+ .verify = pkey_remote_verify,
+ .match = pkey_remote_match,
+ .set_attributes = pkey_remote_set_attributes,
+ .get_attributes = pkey_remote_get_attributes
};
#if RPC_CLIENT == RPC_CLIENT_MIXED
const hal_rpc_pkey_dispatch_t hal_rpc_mixed_pkey_dispatch = {
- pkey_remote_load,
- pkey_remote_open,
- pkey_remote_generate_rsa,
- pkey_remote_generate_ec,
- pkey_remote_close,
- pkey_remote_delete,
- pkey_remote_get_key_type,
- pkey_remote_get_key_curve,
- pkey_remote_get_key_flags,
- pkey_remote_get_public_key_len,
- pkey_remote_get_public_key,
- pkey_mixed_sign,
- pkey_mixed_verify,
- pkey_remote_list,
- pkey_remote_match,
- pkey_remote_set_attributes,
- pkey_remote_get_attributes
+ .load = pkey_remote_load,
+ .open = pkey_remote_open,
+ .generate_rsa = pkey_remote_generate_rsa,
+ .generate_ec = pkey_remote_generate_ec,
+ .close = pkey_remote_close,
+ .delete = pkey_remote_delete,
+ .get_key_type = pkey_remote_get_key_type,
+ .get_key_curve = pkey_remote_get_key_curve,
+ .get_key_flags = pkey_remote_get_key_flags,
+ .get_public_key_len = pkey_remote_get_public_key_len,
+ .get_public_key = pkey_remote_get_public_key,
+ .sign = pkey_mixed_sign,
+ .verify = pkey_mixed_verify,
+ .match = pkey_remote_match,
+ .set_attributes = pkey_remote_set_attributes,
+ .get_attributes = pkey_remote_get_attributes
};
#endif /* RPC_CLIENT == RPC_CLIENT_MIXED */
diff --git a/rpc_hash.c b/rpc_hash.c
index 4b0f8c6..0811e81 100644
--- a/rpc_hash.c
+++ b/rpc_hash.c
@@ -303,12 +303,12 @@ static hal_error_t finalize(const hal_hash_handle_t handle,
}
const hal_rpc_hash_dispatch_t hal_rpc_local_hash_dispatch = {
- get_digest_length,
- get_digest_algorithm_id,
- get_algorithm,
- initialize,
- update,
- finalize
+ .get_digest_length = get_digest_length,
+ .get_digest_algorithm_id = get_digest_algorithm_id,
+ .get_algorithm = get_algorithm,
+ .initialize = initialize,
+ .update = update,
+ .finalize = finalize
};
/*
diff --git a/rpc_misc.c b/rpc_misc.c
index c3ff44c..d6fc71d 100644
--- a/rpc_misc.c
+++ b/rpc_misc.c
@@ -238,13 +238,13 @@ hal_error_t hal_set_pin_default_iterations(const hal_client_handle_t client,
}
const hal_rpc_misc_dispatch_t hal_rpc_local_misc_dispatch = {
- set_pin,
- login,
- logout,
- logout_all,
- is_logged_in,
- get_random,
- get_version
+ .set_pin = set_pin,
+ .login = login,
+ .logout = logout,
+ .logout_all = logout_all,
+ .is_logged_in = is_logged_in,
+ .get_random = get_random,
+ .get_version = get_version
};
/*
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 787f811..52b6b0e 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -922,33 +922,6 @@ static hal_error_t pkey_local_verify(const hal_pkey_handle_t pkey,
return err;
}
-
-/*
- * List keys in the key store.
- */
-
-static hal_error_t pkey_local_list(const hal_client_handle_t client,
- const hal_session_handle_t session,
- hal_pkey_info_t *result,
- unsigned *result_len,
- const unsigned result_max,
- hal_key_flags_t flags)
-{
- hal_ks_t *ks = NULL;
- hal_error_t err;
-
- if ((err = check_readable(client, flags)) != HAL_OK)
- return err;
-
- if ((err = ks_open_from_flags(&ks, flags)) == HAL_OK &&
- (err = hal_ks_list(ks, client, session, result, result_len, result_max)) == HAL_OK)
- err = hal_ks_close(ks);
- else if (ks != NULL)
- (void) hal_ks_close(ks);
-
- return err;
-}
-
static hal_error_t pkey_local_match(const hal_client_handle_t client,
const hal_session_handle_t session,
const hal_key_type_t type,
@@ -1026,23 +999,22 @@ static hal_error_t pkey_local_get_attributes(const hal_pkey_handle_t pkey,
}
const hal_rpc_pkey_dispatch_t hal_rpc_local_pkey_dispatch = {
- pkey_local_load,
- pkey_local_open,
- pkey_local_generate_rsa,
- pkey_local_generate_ec,
- pkey_local_close,
- pkey_local_delete,
- pkey_local_get_key_type,
- pkey_local_get_key_curve,
- pkey_local_get_key_flags,
- pkey_local_get_public_key_len,
- pkey_local_get_public_key,
- pkey_local_sign,
- pkey_local_verify,
- pkey_local_list,
- pkey_local_match,
- pkey_local_set_attributes,
- pkey_local_get_attributes
+ .load = pkey_local_load,
+ .open = pkey_local_open,
+ .generate_rsa = pkey_local_generate_rsa,
+ .generate_ec = pkey_local_generate_ec,
+ .close = pkey_local_close,
+ .delete = pkey_local_delete,
+ .get_key_type = pkey_local_get_key_type,
+ .get_key_curve = pkey_local_get_key_curve,
+ .get_key_flags = pkey_local_get_key_flags,
+ .get_public_key_len = pkey_local_get_public_key_len,
+ .get_public_key = pkey_local_get_public_key,
+ .sign = pkey_local_sign,
+ .verify = pkey_local_verify,
+ .match = pkey_local_match,
+ .set_attributes = pkey_local_set_attributes,
+ .get_attributes = pkey_local_get_attributes
};
/*
diff --git a/rpc_server.c b/rpc_server.c
index f96fcf1..b6c755e 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -640,53 +640,6 @@ static hal_error_t pkey_verify(const uint8_t **iptr, const uint8_t * const ilimi
return ret;
}
-static hal_error_t hal_xdr_encode_pkey_info(uint8_t **optr, const uint8_t * const olimit, const hal_pkey_info_t *info)
-{
- uint8_t *optr_orig = *optr;
- hal_error_t ret;
-
- if ((ret = hal_xdr_encode_int(optr, olimit, info->type)) != HAL_OK ||
- (ret = hal_xdr_encode_int(optr, olimit, info->curve)) != HAL_OK ||
- (ret = hal_xdr_encode_int(optr, olimit, info->flags)) != HAL_OK ||
- (ret = hal_xdr_encode_buffer(optr, olimit, info->name.uuid, sizeof(info->name.uuid))) != HAL_OK)
- *optr = optr_orig;
- return ret;
-}
-
-static hal_error_t pkey_list(const uint8_t **iptr, const uint8_t * const ilimit,
- uint8_t **optr, const uint8_t * const olimit)
-{
- hal_client_handle_t client;
- hal_session_handle_t session;
- uint8_t *optr_orig = *optr;
- uint32_t result_max;
- hal_key_flags_t flags;
- hal_error_t ret;
-
- check(hal_xdr_decode_int(iptr, ilimit, &client.handle));
- check(hal_xdr_decode_int(iptr, ilimit, &session.handle));
- check(hal_xdr_decode_int(iptr, ilimit, &result_max));
- check(hal_xdr_decode_int(iptr, ilimit, &flags));
-
- hal_pkey_info_t result[result_max];
- unsigned result_len;
-
- /* call the local function */
- ret = hal_rpc_pkey_list(client, session, result, &result_len, result_max, flags);
-
- if (ret == HAL_OK) {
- check(hal_xdr_encode_int(optr, olimit, result_len));
- for (int i = 0; i < result_len; ++i) {
- if ((ret = hal_xdr_encode_pkey_info(optr, olimit, &result[i])) != HAL_OK) {
- *optr = optr_orig;
- break;
- }
- }
- }
-
- return ret;
-}
-
static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit,
uint8_t **optr, const uint8_t * const olimit)
{
@@ -913,9 +866,6 @@ hal_error_t hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ile
case RPC_FUNC_PKEY_VERIFY:
handler = pkey_verify;
break;
- case RPC_FUNC_PKEY_LIST:
- handler = pkey_list;
- break;
case RPC_FUNC_PKEY_MATCH:
handler = pkey_match;
break;
diff --git a/unit-tests.py b/unit-tests.py
index 2b2433d..8ae9c74 100644
--- a/unit-tests.py
+++ b/unit-tests.py
@@ -508,17 +508,6 @@ class TestPKeyList(TestCaseLoggedIn):
k.set_attributes(dict((i, a) for i, a in enumerate((str(obj.keytype), str(obj.fn2)))))
return uuids
- def ks_list(self, flags):
- uuids = self.load_keys(flags)
- self.assertLessEqual(len(uuids), len(set(hsm.pkey_list(flags = flags))))
- self.assertLessEqual(uuids, set(hsm.pkey_match(flags = flags)))
-
- def test_ks_list_volatile(self):
- self.ks_list(0)
-
- def test_ks_list_token(self):
- self.ks_list(HAL_KEY_FLAG_TOKEN)
-
def match(self, flags, **kwargs):
uuids = kwargs.pop("uuids", None)
kwargs.update(flags = flags)