From 66c6a7e912d39d66cd4cc91375ac7be418bf7176 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Thu, 18 May 2017 11:11:45 +0200
Subject: trust: Check magic comment in persist file for modifiablity

A persistent file written by the trust module starts with the line "#
This file has been auto-generated and written by p11-kit".  This can
be used as a magic word to determine whether the objects read from a
.p11-kit file are read-only.
---
 trust/parser.c     | 6 +++++-
 trust/persist.c    | 9 ++++++++-
 trust/test-token.c | 1 +
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/trust/parser.c b/trust/parser.c
index 41513d4..abe86fc 100644
--- a/trust/parser.c
+++ b/trust/parser.c
@@ -49,6 +49,7 @@
 #include "pem.h"
 #include "pkcs11x.h"
 #include "persist.h"
+#include "types.h"
 #include "x509.h"
 
 #include <libtasn1.h>
@@ -630,7 +631,10 @@ p11_parser_format_persist (p11_parser *parser,
 	ret = p11_persist_read (parser->persist, parser->basename, data, length, objects);
 	if (ret) {
 		for (i = 0; i < objects->num; i++) {
-			attrs = p11_attrs_build (objects->elem[i], &modifiable, NULL);
+			CK_BBOOL generatedv;
+			attrs = objects->elem[i];
+			if (p11_attrs_find_bool (attrs, CKA_X_GENERATED, &generatedv) && generatedv)
+				attrs = p11_attrs_build (attrs, &modifiable, NULL);
 			sink_object (parser, attrs);
 		}
 	}
diff --git a/trust/persist.c b/trust/persist.c
index 63a531e..928260e 100644
--- a/trust/persist.c
+++ b/trust/persist.c
@@ -631,6 +631,9 @@ p11_persist_read (p11_persist *persist,
 	CK_ATTRIBUTE *attrs;
 	bool failed;
 	bool skip;
+	CK_BBOOL generatedv = CK_FALSE;
+	CK_ATTRIBUTE generated = { CKA_X_GENERATED, &generatedv, sizeof (generatedv) };
+	static const char comment[] = "# This file has been auto-generated and written by p11-kit.";
 
 	return_val_if_fail (persist != NULL, false);
 	return_val_if_fail (objects != NULL, false);
@@ -639,6 +642,10 @@ p11_persist_read (p11_persist *persist,
 	attrs = NULL;
 	failed = false;
 
+	if (length >= sizeof (comment) - 1 &&
+	    memcmp ((const char *)data, comment, sizeof (comment) - 1) == 0)
+		generatedv = CK_TRUE;
+
 	p11_lexer_init (&lexer, filename, (const char *)data, length);
 	while (p11_lexer_next (&lexer, &failed)) {
 		switch (lexer.tok_type) {
@@ -650,7 +657,7 @@ p11_persist_read (p11_persist *persist,
 				p11_lexer_msg (&lexer, "unrecognized or invalid section header");
 				skip = true;
 			} else {
-				attrs = p11_attrs_build (NULL, NULL);
+				attrs = p11_attrs_build (NULL, &generated, NULL);
 				return_val_if_fail (attrs != NULL, false);
 				skip = false;
 			}
diff --git a/trust/test-token.c b/trust/test-token.c
index ad22fcb..3e7d735 100644
--- a/trust/test-token.c
+++ b/trust/test-token.c
@@ -610,6 +610,7 @@ static void
 test_modify_multiple (void)
 {
 	const char *test_data =
+		"# This file has been auto-generated and written by p11-kit.\n"
 		"[p11-kit-object-v1]\n"
 		"class: data\n"
 		"label: \"first\"\n"
-- 
cgit v1.1