1 /* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
2 /* gck-password.c - the GObject PKCS#11 wrapper library
3
4 Copyright (C) 2011 Collabora Ltd.
5
6 The Gnome Keyring Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Library General Public License as
8 published by the Free Software Foundation; either version 2 of the
9 License, or (at your option) any later version.
10
11 The Gnome Keyring Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Library General Public License for more details.
15
16 You should have received a copy of the GNU Library General Public
17 License along with the Gnome Library; see the file COPYING.LIB. If not,
18 see <http://www.gnu.org/licenses/>.
19
20 Author: Stef Walter <stefw@collabora.co.uk>
21 */
22
23 #include "config.h"
24
25 #include "gck.h"
26 #include "gck-private.h"
27
28 #include "egg/egg-timegm.h"
29
30 #include <string.h>
31
32 /**
33 * SECTION:gck-password
34 * @title: GckPassword
35 * @short_description: Represents a password hich is requested of the user
36 *
37 * This is used in conjuction with GTlsInteraction. #GckPassword is a
38 * GTlsPassword which contains additional information about which PKCS\#11
39 * token or key the password is being requested for.
40 */
41
42 /**
43 * GckPassword:
44 *
45 * A #GTlsPasswordClass that contains information about the PKCS\#11 token
46 * or key the password is being requested for.
47 */
48
49 /**
50 * GckPasswordClass:
51 * @parent: parent class
52 *
53 * The class for #GTlsPassword.
54 */
55 enum {
56 PROP_0,
57 PROP_MODULE,
58 PROP_TOKEN,
59 PROP_KEY
60 };
61
62 struct _GckPasswordPrivate {
63 gboolean for_token;
64 gpointer token_or_key;
65 };
66
67 G_DEFINE_TYPE_WITH_PRIVATE (GckPassword, gck_password, G_TYPE_TLS_PASSWORD);
68
69 static void
gck_password_init(GckPassword * self)70 gck_password_init (GckPassword *self)
71 {
72 self->pv = gck_password_get_instance_private (self);
73 }
74
75 static void
gck_password_constructed(GObject * obj)76 gck_password_constructed (GObject *obj)
77 {
78 GckPassword *self = GCK_PASSWORD (obj);
79
80 G_OBJECT_CLASS (gck_password_parent_class)->constructed (obj);
81
82 g_return_if_fail (GCK_IS_SLOT (self->pv->token_or_key) ||
83 GCK_IS_OBJECT (self->pv->token_or_key));
84 }
85
86 static void
gck_password_get_property(GObject * obj,guint prop_id,GValue * value,GParamSpec * pspec)87 gck_password_get_property (GObject *obj,
88 guint prop_id,
89 GValue *value,
90 GParamSpec *pspec)
91 {
92 GckPassword *self = GCK_PASSWORD (obj);
93
94 switch (prop_id) {
95 case PROP_MODULE:
96 g_value_take_object (value, gck_password_get_module (self));
97 break;
98 case PROP_TOKEN:
99 g_value_take_object (value, gck_password_get_token (self));
100 break;
101 case PROP_KEY:
102 g_value_take_object (value, gck_password_get_key (self));
103 break;
104 default:
105 G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
106 break;
107 }
108 }
109
110 static void
gck_password_set_property(GObject * obj,guint prop_id,const GValue * value,GParamSpec * pspec)111 gck_password_set_property (GObject *obj,
112 guint prop_id,
113 const GValue *value,
114 GParamSpec *pspec)
115 {
116 GckPassword *self = GCK_PASSWORD (obj);
117 gpointer object;
118
119 /* All writes to data members below, happen only during construct phase */
120
121 switch (prop_id) {
122 case PROP_TOKEN:
123 object = g_value_dup_object (value);
124 if (object != NULL) {
125 g_assert (self->pv->token_or_key == NULL);
126 self->pv->token_or_key = object;
127 self->pv->for_token = TRUE;
128 }
129 break;
130 case PROP_KEY:
131 object = g_value_dup_object (value);
132 if (object != NULL) {
133 g_assert (self->pv->token_or_key == NULL);
134 self->pv->token_or_key = object;
135 self->pv->for_token = FALSE;
136 }
137 break;
138 default:
139 G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
140 break;
141 }
142 }
143
144 static void
gck_password_finalize(GObject * obj)145 gck_password_finalize (GObject *obj)
146 {
147 GckPassword *self = GCK_PASSWORD (obj);
148
149 g_clear_object (&self->pv->token_or_key);
150
151 G_OBJECT_CLASS (gck_password_parent_class)->finalize (obj);
152 }
153
154 static void
gck_password_class_init(GckPasswordClass * klass)155 gck_password_class_init (GckPasswordClass *klass)
156 {
157 GObjectClass *gobject_class = (GObjectClass*)klass;
158
159 gobject_class->constructed = gck_password_constructed;
160 gobject_class->get_property = gck_password_get_property;
161 gobject_class->set_property = gck_password_set_property;
162 gobject_class->finalize = gck_password_finalize;
163
164 /**
165 * GckPassword:module:
166 *
167 * The PKCS\#11 module that is requesting the password
168 */
169 g_object_class_install_property (gobject_class, PROP_MODULE,
170 g_param_spec_object ("module", "Module", "PKCS11 Module",
171 GCK_TYPE_MODULE, G_PARAM_READABLE | G_PARAM_STATIC_STRINGS));
172
173 /**
174 * GckPassword:token:
175 *
176 * The PKCS\#11 token the password is for, if this is set then
177 * the GckPassword:object property will be %NULL
178 */
179 g_object_class_install_property (gobject_class, PROP_TOKEN,
180 g_param_spec_object ("token", "Token", "PKCS11 Token",
181 GCK_TYPE_SLOT, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS));
182
183 /**
184 * GckPassword:key:
185 *
186 * The PKCS\#11 key that the password is being requested for. If this
187 * is set then the GckPassword:token property will be %NULL
188 */
189 g_object_class_install_property (gobject_class, PROP_KEY,
190 g_param_spec_object ("key", "Object", "PKCS11 Key Object",
191 GCK_TYPE_OBJECT, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS));
192 }
193
194 /**
195 * gck_password_get_module:
196 * @self: the password object
197 *
198 * Get the PKCS\#11 module that is requesting the password.
199 *
200 * Returns: (transfer full): the module that is requesting the password, which
201 * must be unreferenced after use
202 */
203 GckModule *
gck_password_get_module(GckPassword * self)204 gck_password_get_module (GckPassword *self)
205 {
206 g_return_val_if_fail (GCK_IS_PASSWORD (self), NULL);
207 if (self->pv->for_token)
208 return gck_slot_get_module (self->pv->token_or_key);
209 else
210 return gck_object_get_module (self->pv->token_or_key);
211 }
212
213 /**
214 * gck_password_get_token:
215 * @self: the password object
216 *
217 * If the password request is to unlock a PKCS\#11 token, then this is the
218 * slot containing that token.
219 *
220 * Returns: (transfer full): the slot that contains the token, or %NULL if not
221 * being requested for a token; must be unreferenced after use
222 */
223 GckSlot *
gck_password_get_token(GckPassword * self)224 gck_password_get_token (GckPassword *self)
225 {
226 g_return_val_if_fail (GCK_IS_PASSWORD (self), NULL);
227 if (!self->pv->for_token)
228 return NULL;
229 g_return_val_if_fail (GCK_IS_SLOT (self->pv->token_or_key), NULL);
230 return g_object_ref (self->pv->token_or_key);
231 }
232
233 /**
234 * gck_password_get_key:
235 * @self: the password object
236 *
237 * If the password request is to unlock a PKCS\#11 key, then this is the
238 * the object representing that key.
239 *
240 * Returns: (transfer full): the password is for this key, or %NULL if not
241 * being requested for a key; must be unreferenced after use
242 */
243 GckObject *
gck_password_get_key(GckPassword * self)244 gck_password_get_key (GckPassword *self)
245 {
246 g_return_val_if_fail (GCK_IS_PASSWORD (self), NULL);
247 if (self->pv->for_token)
248 return NULL;
249 g_return_val_if_fail (GCK_IS_OBJECT (self->pv->token_or_key), NULL);
250 return g_object_ref (self->pv->token_or_key);
251 }
252