trust: Don't write out internal attributes when persisting

4 files changed, 63 insertions, 15 deletions

diff --git a/trust/Makefile.am b/trust/Makefile.am
index 582b4f5..70a7946 100644
--- a/trust/Makefile.am
+++ b/trust/Makefile.am
@@ -37,6 +37,7 @@ MODULE_SRCS = \
 	module.c module.h \
 	session.c session.h \
 	token.c token.h \
+	types.h \
 	$(NULL)
 
 configdir = $(p11_package_config_modules)
diff --git a/trust/index.h b/trust/index.h
index 0072fee..6603092 100644
--- a/trust/index.h
+++ b/trust/index.h
@@ -38,21 +38,7 @@
 #include "array.h"
 #include "compat.h"
 #include "pkcs11.h"
-#include "pkcs11x.h"
-
-/*
- * A boolean value which denotes whether we auto generated
- * this object, as opposed to coming from outside the builder.
- *
- * We set this on all objects. It will always be either CK_TRUE
- * or CK_FALSE for all objects built by this builder.
- */
-#define CKA_X_GENERATED (CKA_X_VENDOR + 8000)
-
-/*
- * A string pointing to the filename from which this was loaded.
- */
-#define CKA_X_ORIGIN    (CKA_X_VENDOR + 8001)
+#include "types.h"
 
 typedef struct _p11_index p11_index;
 
diff --git a/trust/persist.c b/trust/persist.c
index ad80683..0e98b46 100644
--- a/trust/persist.c
+++ b/trust/persist.c
@@ -43,6 +43,7 @@
 #include "persist.h"
 #include "pkcs11.h"
 #include "pkcs11x.h"
+#include "types.h"
 #include "url.h"
 
 #include "basic.asn.h"
@@ -716,6 +717,12 @@ p11_persist_write (p11_persist *persist,
 		     attrs[i].type == CKA_VALUE))
 			continue;
 
+		/* These are never written */
+		if (attrs[i].type == CKA_TOKEN ||
+		    attrs[i].type == CKA_X_ORIGIN ||
+		    attrs[i].type == CKA_X_GENERATED)
+			continue;
+
 		if (attrs[i].ulValueLen == CK_UNAVAILABLE_INFORMATION)
 			continue;
 
diff --git a/trust/types.h b/trust/types.h
new file mode 100644
index 0000000..64a92b1
--- /dev/null
+++ b/trust/types.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2013 Red Hat Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *     * Redistributions of source code must retain the above
+ *       copyright notice, this list of conditions and the
+ *       following disclaimer.
+ *     * Redistributions in binary form must reproduce the
+ *       above copyright notice, this list of conditions and
+ *       the following disclaimer in the documentation and/or
+ *       other materials provided with the distribution.
+ *     * The names of contributors to this software may not be
+ *       used to endorse or promote products derived from this
+ *       software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ *
+ * Author: Stef Walter <stefw@redhat.com>
+ */
+
+#ifndef TYPES_H_
+#define TYPES_H_ 1
+
+#include "pkcs11x.h"
+
+/*
+ * A boolean value which denotes whether we auto generated
+ * this object, as opposed to coming from outside the builder.
+ *
+ * We set this on all objects. It will always be either CK_TRUE
+ * or CK_FALSE for all objects built by this builder.
+ */
+#define CKA_X_GENERATED (CKA_X_VENDOR + 8000)
+
+/*
+ * A string pointing to the filename from which this was loaded.
+ */
+#define CKA_X_ORIGIN    (CKA_X_VENDOR + 8001)
+
+#endif	/* TYPES_H_ */