diff options
author | Sandeep Nair | 2014-04-08 21:31:56 -0500 |
---|---|---|
committer | Sandeep Nair | 2014-04-08 21:31:56 -0500 |
commit | 7e6182d9b8460a91825f41e79c2de2dca606b858 (patch) | |
tree | dd1377d6d63292a215973cabfc2e466a1d601777 | |
parent | a7583ecf639daab533859c6129243a313ee7bceb (diff) | |
download | libp11-7e6182d9b8460a91825f41e79c2de2dca606b858.tar.gz libp11-7e6182d9b8460a91825f41e79c2de2dca606b858.tar.xz libp11-7e6182d9b8460a91825f41e79c2de2dca606b858.zip |
Optimization to request multiple certificates
This patch adds a minor optimization to retreive multiple certificate
objects in one PKCS11 operation. This will help to reduce the number
of interaaction with secure store while retrieving multiple certificates.
Signed-off-by: Sandeep Nair <sandeep_n@ti.com>
-rw-r--r-- | src/p11_cert.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/p11_cert.c b/src/p11_cert.c index c5e0cee..4b54bec 100644 --- a/src/p11_cert.c +++ b/src/p11_cert.c | |||
@@ -117,22 +117,25 @@ static int pkcs11_find_certs(PKCS11_TOKEN * token) | |||
117 | return (res < 0) ? -1 : 0; | 117 | return (res < 0) ? -1 : 0; |
118 | } | 118 | } |
119 | 119 | ||
120 | #define FIND_OBJ_CERT_CNT 10 | ||
120 | static int pkcs11_next_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token, | 121 | static int pkcs11_next_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token, |
121 | CK_SESSION_HANDLE session) | 122 | CK_SESSION_HANDLE session) |
122 | { | 123 | { |
123 | CK_OBJECT_HANDLE obj; | 124 | CK_OBJECT_HANDLE obj[FIND_OBJ_CERT_CNT]; |
124 | CK_ULONG count; | 125 | CK_ULONG count, i; |
125 | int rv; | 126 | int rv; |
126 | 127 | ||
127 | /* Get the next matching object */ | 128 | /* Get the next matching objects */ |
128 | rv = CRYPTOKI_call(ctx, C_FindObjects(session, &obj, 1, &count)); | 129 | rv = CRYPTOKI_call(ctx, C_FindObjects(session, &obj, |
130 | FIND_OBJ_CERT_CNT, &count)); | ||
129 | CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_CERTS, rv); | 131 | CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_CERTS, rv); |
130 | 132 | ||
131 | if (count == 0) | 133 | if (count == 0) |
132 | return 1; | 134 | return 1; |
133 | 135 | ||
134 | if (pkcs11_init_cert(ctx, token, session, obj, NULL)) | 136 | for (i = 0; i < count; i++) |
135 | return -1; | 137 | if (pkcs11_init_cert(ctx, token, session, obj, NULL)) |
138 | return -1; | ||
136 | 139 | ||
137 | return 0; | 140 | return 0; |
138 | } | 141 | } |