diff options
| author | Rob Austein <sra@hactrn.net> | 2016-06-28 16:11:44 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2016-06-28 16:11:44 -0400 |
| commit | 5b29ea6472dd5ac71771ce9dc61c1193f81267a5 (patch) | |
| tree | b096b0bb7ba8fd64c4f9fbf670c05ac76dfc2fff /pkcs11.c | |
| parent | f13948ea98afb9cb1e8ea0f7a15554621c1fe08a (diff) | |
Move hal_pkey_* columns from the object table into
{session,token}_object tables to preserve the mapping from pkcs11 token
objects to libhal pkey objects.
Diffstat (limited to 'pkcs11.c')
| -rw-r--r-- | pkcs11.c | 39 |
1 files changed, 23 insertions, 16 deletions
@@ -1449,8 +1449,12 @@ static int p11_object_bind_pkey(const p11_session_t * const session, { assert(session != NULL && der != NULL && ski != NULL); - static const char update_pkey_ski[] = - " UPDATE object SET hal_pkey_type = ?1, hal_pkey_ski = ?2 WHERE object_handle = ?3"; + static const char update_format[] = + " UPDATE %s_object SET hal_pkey_type = ?1, hal_pkey_ski = ?2" + " WHERE %s_object_id = (SELECT %s_object_id FROM object WHERE object_handle = ?3)"; + + const char *flavor_1 = is_token_handle(object_handle_1) ? "token" : "session"; + const char *flavor_2 = is_token_handle(object_handle_2) ? "token" : "session"; hal_hash_handle_t hash = {HAL_HANDLE_NONE}; @@ -1466,21 +1470,23 @@ static int p11_object_bind_pkey(const p11_session_t * const session, if (!ok) return 0; - sqlite3_stmt *q = NULL; + sqlite3_stmt *q1 = NULL, *q2 = NULL; - ok = (sql_check_ok(sql_prepare(&q, update_pkey_ski)) && - sql_check_ok(sqlite3_bind_int64(q, 1, pkey_type_1)) && - sql_check_ok(sqlite3_bind_blob( q, 2, ski, ski_len, NULL)) && - sql_check_ok(sqlite3_bind_int64(q, 3, object_handle_1)) && - sql_check_done(sqlite3_step(q))); + ok = (sql_check_ok(sql_prepare(&q1, update_format, flavor_1, flavor_1, flavor_1)) && + sql_check_ok(sqlite3_bind_int64(q1, 1, pkey_type_1)) && + sql_check_ok(sqlite3_bind_blob( q1, 2, ski, ski_len, NULL)) && + sql_check_ok(sqlite3_bind_int64(q1, 3, object_handle_1)) && + sql_check_done(sqlite3_step(q1))); if (ok && object_handle_2 != CK_INVALID_HANDLE) - ok = (sql_check_ok(sqlite3_reset(q)) && - sql_check_ok(sqlite3_bind_int64(q, 1, pkey_type_2)) && - sql_check_ok(sqlite3_bind_int64(q, 3, object_handle_2)) && - sql_check_done(sqlite3_step(q))); + ok = (sql_check_ok(sql_prepare(&q2, update_format, flavor_2, flavor_2, flavor_2)) && + sql_check_ok(sqlite3_bind_int64(q2, 1, pkey_type_2)) && + sql_check_ok(sqlite3_bind_blob( q2, 2, ski, ski_len, NULL)) && + sql_check_ok(sqlite3_bind_int64(q2, 3, object_handle_2)) && + sql_check_done(sqlite3_step(q2))); - sqlite3_finalize(q); + sqlite3_finalize(q1); + sqlite3_finalize(q2); return ok; } @@ -1744,16 +1750,17 @@ static int p11_object_get_pkey_handle(const p11_session_t * const session, const CK_OBJECT_HANDLE object_handle, hal_pkey_handle_t *pkey_handle) { - static const char select_query[] = - " SELECT hal_pkey_type, hal_pkey_ski FROM object WHERE object_handle = ?1"; + static const char select_format[] = + " SELECT hal_pkey_type, hal_pkey_ski FROM %s_object NATURAL JOIN object WHERE object_handle = ?1"; hal_key_flags_t flags = is_token_handle(object_handle) ? 0 : HAL_KEY_FLAG_PROXIMATE; + const char *flavor = is_token_handle(object_handle) ? "token" : "session"; sqlite3_stmt *q = NULL; int ok = 0; assert(pkey_handle != NULL); - if (!sql_check_ok(sql_prepare(&q, select_query)) || + if (!sql_check_ok(sql_prepare(&q, select_format, flavor)) || !sql_check_ok(sqlite3_bind_int64(q, 1, object_handle)) || !sql_check_row(sqlite3_step(q)) || sqlite3_column_type(q, 0) != SQLITE_INTEGER || |