From 29bc85e76ac224277dd70b5f4081331eb9cbf2de Mon Sep 17 00:00:00 2001
From: Joel Ferrier <joelferrier@google.com>
Date: Fri, 3 Jun 2022 14:35:09 -0700
Subject: [PATCH] p11kit: allow servers to overwrite generated object
 CK_OBJECT_HANDLE

---
 p11kit/attribute.go   |  9 +++++++++
 p11kit/p11kit_test.go | 31 +++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/p11kit/attribute.go b/p11kit/attribute.go
index 2044143..eb6ed0b 100644
--- a/p11kit/attribute.go
+++ b/p11kit/attribute.go
@@ -70,6 +70,15 @@ func (o *Object) matches(tmpl attribute) bool {
 	return false
 }
 
+// SetID assigns a pre-determined identifier for an object, overriding the
+// random one generated by this package. This is required for some clients,
+// such as Chrome, to identify the same object over multiple sessions.
+//
+// SetID should only be required when combined with Slot.GetObjects.
+func (o *Object) SetID(id uint64) {
+	o.id = id
+}
+
 // SetLabel applies a label to the object, allowing clients to differentiate
 // between different objects of the same type on a single slot.
 func (o *Object) SetLabel(label string) {
diff --git a/p11kit/p11kit_test.go b/p11kit/p11kit_test.go
index 3f3ec4a..279da9c 100644
--- a/p11kit/p11kit_test.go
+++ b/p11kit/p11kit_test.go
@@ -207,6 +207,15 @@ func newTestServer(t *testing.T) *Handler {
 	if err := ecdsaPrivObj.SetCertificate(ecdsaCert); err != nil {
 		t.Fatalf("ecdsaPrivObject.SetCertificate failed: %v", err)
 	}
+	ecdsaCertObj2, ecdsaCert2 := parseCert(t, testECDSACert)
+	ecdsaPubObj2 := parsePub(t, testECDSAPrivKey)
+	ecdsaPrivObj2 := parsePriv(t, testECDSAPrivKey)
+	if err := ecdsaPubObj2.SetCertificate(ecdsaCert2); err != nil {
+		t.Fatalf("ecdsaPubObject.SetCertificate failed: %v", err)
+	}
+	if err := ecdsaPrivObj2.SetCertificate(ecdsaCert2); err != nil {
+		t.Fatalf("ecdsaPrivObject2.SetCertificate failed: %v", err)
+	}
 
 	rsaCertObj.SetLabel("foo")
 	rsaPubObj.SetLabel("foo")
@@ -214,6 +223,13 @@ func newTestServer(t *testing.T) *Handler {
 	ecdsaCertObj.SetLabel("bar")
 	ecdsaPubObj.SetLabel("bar")
 	ecdsaPrivObj.SetLabel("barkey")
+	ecdsaCertObj2.SetLabel("baz")
+	ecdsaPubObj2.SetLabel("baz")
+	ecdsaPrivObj2.SetLabel("bazkey")
+
+	ecdsaCertObj2.SetID(1)
+	ecdsaPubObj2.SetID(2)
+	ecdsaPrivObj2.SetID(3)
 
 	objects := []Object{
 		rsaCertObj,
@@ -225,6 +241,11 @@ func newTestServer(t *testing.T) *Handler {
 		ecdsaPubObj,
 		ecdsaPrivObj,
 	}
+	objects3 := []Object{
+		ecdsaCertObj2,
+		ecdsaPubObj2,
+		ecdsaPrivObj2,
+	}
 
 	hwVersion := Version{0x01, 0x01}
 	fwVersion := Version{0x02, 0x02}
@@ -256,6 +277,16 @@ func newTestServer(t *testing.T) *Handler {
 				FirmwareVersion: fwVersion,
 				Objects:         objects2,
 			},
+			{
+				ID:              0x03,
+				Label:           "slot-0x03",
+				Manufacturer:    "test_man",
+				Model:           "test_model",
+				Serial:          "serial-0x03",
+				HardwareVersion: hwVersion,
+				FirmwareVersion: fwVersion,
+				Objects:         objects3,
+			},
 		},
 	}
 }