From 015eefa32f54f84c56bb7c6d36c0edcc104a69e8 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 9 Oct 2016 23:02:03 -0400
Subject: Per-session objects in ks_volatile; more untested ks_attribute code.

Mostly this is another checkpoint (still passes PKCS #11 "make test").

ks_volatile.c now contains support for per-session object visibility;
this may need more work to support things like a CLI view of all
objects regardless of session.  Adding this required minor changes to
the keystore and pkey APIs, mostly because sessions are per-client.

ks_volatile.c also contains an untested first cut at attribute
support.  Attribute support in ks_flash.c still under construction.
---
 hal_internal.h | 31 +++++++++++++------------------
 1 file changed, 13 insertions(+), 18 deletions(-)

(limited to 'hal_internal.h')

diff --git a/hal_internal.h b/hal_internal.h
index fe1cb1f..61d8489 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -235,13 +235,15 @@ typedef struct {
                          const uint8_t * const input, const size_t input_len,
                          const uint8_t * const signature, const size_t signature_len);
 
-  hal_error_t  (*list)(const hal_session_handle_t session,
+  hal_error_t  (*list)(const hal_client_handle_t client,
+                       const hal_session_handle_t session,
                        hal_pkey_info_t *result,
                        unsigned *result_len,
                        const unsigned result_max,
                        hal_key_flags_t flags);
 
-  hal_error_t (*match)(const hal_session_handle_t session,
+  hal_error_t (*match)(const hal_client_handle_t client,
+                       const hal_session_handle_t session,
                        const hal_key_type_t type,
                        const hal_curve_name_t curve,
                        const hal_key_flags_t flags,
@@ -438,18 +440,7 @@ typedef struct {
   hal_curve_name_t curve;
   hal_key_flags_t flags;
   hal_uuid_t name;
-
-  /*
-   * We used to stash a "hint" value here for the keystore driver to
-   * speed things up when we had multiple operations on the same key.
-   * Removed as premature optimization during keystore rewrite, but we
-   * may want to put something like this back once the new API has
-   * stablized.  If so, form would probably be a union containing
-   * keystore-driver-specific data, which everything else (including
-   * the pkey code) should treat as opaque: making it really opaque
-   * would complicate memory allocation and isn't worth it for an
-   * internal API.
-   */
+  int hint;
 
   /*
    * This might be where we'd stash a (hal_core_t *) pointing to a
@@ -480,7 +471,7 @@ struct hal_ks_driver {
   hal_error_t (*close)(hal_ks_t *ks);
 
   hal_error_t (*store)(hal_ks_t *ks,
-                       const hal_pkey_slot_t * const slot,
+                       hal_pkey_slot_t *slot,
 		       const uint8_t * const der,  const size_t der_len);
 
   hal_error_t (*fetch)(hal_ks_t *ks,
@@ -488,15 +479,17 @@ struct hal_ks_driver {
 		       uint8_t *der, size_t *der_len, const size_t der_max);
 
   hal_error_t (*delete)(hal_ks_t *ks,
-                        const hal_pkey_slot_t * const slot);
+                        hal_pkey_slot_t *slot);
 
   hal_error_t (*list)(hal_ks_t *ks,
+                      const hal_client_handle_t client,
                       const hal_session_handle_t session,
 		      hal_pkey_info_t *result,
 		      unsigned *result_len,
 		      const unsigned result_max);
 
   hal_error_t (*match)(hal_ks_t *ks,
+                       const hal_client_handle_t client,
                        const hal_session_handle_t session,
                        const hal_key_type_t type,
                        const hal_curve_name_t curve,
@@ -608,6 +601,7 @@ static inline hal_error_t hal_ks_delete(hal_ks_t *ks,
 }
 
 static inline hal_error_t hal_ks_list(hal_ks_t *ks,
+                                      const hal_client_handle_t client,
                                       const hal_session_handle_t session,
                                       hal_pkey_info_t *result,
                                       unsigned *result_len,
@@ -616,10 +610,11 @@ static inline hal_error_t hal_ks_list(hal_ks_t *ks,
   if (ks == NULL || ks->driver == NULL || ks->driver->list == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  return ks->driver->list(ks, session, result, result_len, result_max);
+  return ks->driver->list(ks, client, session, result, result_len, result_max);
 }
 
 static inline hal_error_t hal_ks_match(hal_ks_t *ks,
+                                       const hal_client_handle_t client,
                                        const hal_session_handle_t session,
                                        const hal_key_type_t type,
                                        const hal_curve_name_t curve,
@@ -634,7 +629,7 @@ static inline hal_error_t hal_ks_match(hal_ks_t *ks,
   if (ks == NULL || ks->driver == NULL || ks->driver->match == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  return ks->driver->match(ks, session, type, curve, flags, attributes, attributes_len,
+  return ks->driver->match(ks, client, session, type, curve, flags, attributes, attributes_len,
                            result, result_len, result_max, previous_uuid);
 }
 
-- 
cgit v1.2.3