C_FindObjectsInit

Initializes an object search operation.

CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE hSession,
                                                 CK_ATTRIBUTE_PTR pTemplate,
                                                 CK_ULONG ulCount )
{
    P11Session_t * pxSession = prvSessionPointerFromHandle( hSession );
    CK_RV xResult = prvCheckValidSessionAndModule( pxSession );
    CK_BYTE * pxFindObjectLabel = NULL;
    uint32_t ulIndex;
    CK_ATTRIBUTE xAttribute;
 
    if( NULL == pTemplate )
    {
        xResult = CKR_ARGUMENTS_BAD;
    }
 
    if( ( ulCount != 1UL ) && ( ulCount != 2UL ) )
    {
        xResult = CKR_ARGUMENTS_BAD;
        LogError( ( "Failed to initialize find object operation. Find objects "
                    "does not support searching by %lu attributes. Expected to "
                    "search with either 1 or 2 attributes.", ( unsigned long int ) ulCount ) );
    }
 
    if( xResult == CKR_OK )
    {
        /* See explanation in prvCheckValidSessionAndModule for this exception. */
        /* coverity[misra_c_2012_rule_10_5_violation] */
        if( prvOperationActive( pxSession ) == ( CK_BBOOL ) CK_TRUE )
        {
            xResult = CKR_OPERATION_ACTIVE;
            LogError( ( "Failed to initialize find object operation. Find "
                        "object operation was already in progress." ) );
        }
    }
 
    /* Search template for label.
     * NOTE: This port only supports looking up objects by CKA_LABEL and all
     * other search attributes are ignored. */
    if( xResult == CKR_OK )
    {
        xResult = CKR_TEMPLATE_INCOMPLETE;
 
        for( ulIndex = 0; ulIndex < ulCount; ulIndex++ )
        {
            xAttribute = pTemplate[ ulIndex ];
 
            if( ( xAttribute.type == CKA_LABEL ) && ( xAttribute.ulValueLen <= pkcs11configMAX_LABEL_LENGTH ) )
            {
                /* Plus one to leave room for a NULL terminator. */
                pxFindObjectLabel = mbedtls_calloc( 1, xAttribute.ulValueLen + 1UL );
 
                if( pxFindObjectLabel != NULL )
                {
                    pxSession->xFindObjectLabelLen = xAttribute.ulValueLen;
                    pxSession->pxFindObjectLabel = pxFindObjectLabel;
                    ( void ) memcpy( pxSession->pxFindObjectLabel, xAttribute.pValue, xAttribute.ulValueLen );
                    xResult = CKR_OK;
                }
                else
                {
                    LogError( ( "Failed to initialize find object operation. Failed to "
                                "allocate %lu bytes.", ( unsigned long int ) xAttribute.ulValueLen + 1UL ) );
                    xResult = CKR_HOST_MEMORY;
                }
            }
            else
            {
                LogDebug( ( "Search parameters other than label are ignored." ) );
            }
        }
    }
 
    /* Clean up memory if there was an error parsing the template. */
    if( ( pxSession != NULL ) && ( xResult != CKR_OK ) && ( xResult != CKR_OPERATION_ACTIVE ) )
    {
        mbedtls_free( pxFindObjectLabel );
        pxSession->pxFindObjectLabel = NULL;
        pxSession->xFindObjectLabelLen = 0;
    }
 
    return xResult;
}

See also

C_FindObjects() and C_FindObjectsFinal() which must be called after C_FindObjectsInit().

Note

FindObjects parameters are shared by a session. Calling C_FindObjectsInit(), C_FindObjects(), and C_FindObjectsFinal() with the same session across different tasks may lead to unexpected results.

Parameters

[in]	hSession	Handle of a valid PKCS #11 session.
[in]	pTemplate	Pointer to a template which specifies the object attributes to match. In this port, the only searchable attribute is object label. All other attributes will be ignored.
[in]	ulCount	The number of attributes in pTemplate.

Returns

CKR_OK if successful.