2 files changed, 50 insertions, 1 deletions

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
index ef20fa793..4839ce3c8 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2011 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -824,6 +827,32 @@ METHOD(pkcs11_library_t, create_mechanism_enumerator, enumerator_t*,
 	return &enumerator->public;
 }
 
+METHOD(pkcs11_library_t, get_ck_attribute, bool,
+	private_pkcs11_library_t *this, CK_SESSION_HANDLE session,
+	CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_TYPE type, chunk_t *data)
+{
+	CK_ATTRIBUTE attr = { type, NULL, 0 };
+	CK_RV rv;
+	rv = this->public.f->C_GetAttributeValue(session, obj, &attr, 1);
+	if (rv != CKR_OK)
+	{
+		DBG1(DBG_CFG, "C_GetAttributeValue(%N) error: %N", ck_attr_names, type,
+			 ck_rv_names, rv);
+		return FALSE;
+	}
+	*data = chunk_alloc(attr.ulValueLen);
+	attr.pValue = data->ptr;
+	rv = this->public.f->C_GetAttributeValue(session, obj, &attr, 1);
+	if (rv != CKR_OK)
+	{
+		DBG1(DBG_CFG, "C_GetAttributeValue(%N) error: %N", ck_attr_names, type,
+			 ck_rv_names, rv);
+		chunk_free(data);
+		return FALSE;
+	}
+	return TRUE;
+}
+
 METHOD(pkcs11_library_t, destroy, void,
 	private_pkcs11_library_t *this)
 {
@@ -1007,6 +1036,7 @@ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking)
 			.get_features = _get_features,
 			.create_object_enumerator = _create_object_enumerator,
 			.create_mechanism_enumerator = _create_mechanism_enumerator,
+			.get_ck_attribute = _get_ck_attribute,
 			.destroy = _destroy,
 		},
 		.name = name,
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
index e0db653d2..9cfc0169d 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2011 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -27,6 +30,7 @@ typedef struct pkcs11_library_t pkcs11_library_t;
 #include "pkcs11.h"
 
 #include <enum.h>
+#include <chunk.h>
 #include <utils/enumerator.h>
 
 /**
@@ -93,6 +97,21 @@ struct pkcs11_library_t {
 												 CK_SLOT_ID slot);
 
 	/**
+	 * Retrieve a single attribute from the given object.
+	 *
+	 * Memory for the data is allocated.
+	 *
+	 * @param session			session with the PKCS#11 library
+	 * @param obj				object handle
+	 * @param type				attribute type to extract
+	 * @param data				extracted data
+	 * @return					TRUE if successful
+	 */
+	bool (*get_ck_attribute)(pkcs11_library_t *this, CK_SESSION_HANDLE session,
+							 CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_TYPE type,
+							 chunk_t *data);
+
+	/**
 	 * Destroy a pkcs11_library_t.
 	 */
 	void (*destroy)(pkcs11_library_t *this);
@@ -114,7 +133,7 @@ extern enum_name_t *ck_mech_names;
 extern enum_name_t *ck_attr_names;
 
 /**
- * Trim/null terminate a string returned by the varius PKCS#11 functions.
+ * Trim/null terminate a string returned by the various PKCS#11 functions.
  *
  * @param str		string to trim
  * @param len		max length of the string