diff --git a/doc/manual/p11-kit.xml b/doc/manual/p11-kit.xml
index d9d4d75e..de7c1f33 100644
--- a/doc/manual/p11-kit.xml
+++ b/doc/manual/p11-kit.xml
@@ -130,6 +130,13 @@ $ p11-kit list-tokens pkcs11:token
Print only the matching token URIs.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -153,6 +160,13 @@ $ p11-kit list-objects pkcs11:object_on_token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -189,6 +203,13 @@ $ p11-kit import-object --file=file.pem [--label=label] pkcs11:token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -211,6 +232,13 @@ $ p11-kit export-object pkcs11:object_on_token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -232,6 +260,13 @@ $ p11-kit delete-object pkcs11:object_on_token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -281,6 +316,13 @@ $ p11-kit generate-keypair --type=algorithm {--bits=n|--curve=name} &l
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -303,6 +345,13 @@ $ p11-kit list-profiles pkcs11:token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -336,6 +385,13 @@ $ p11-kit add-profile --profile=profile pkcs11:token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
@@ -368,6 +424,13 @@ $ p11-kit delete-profile --profile=profile pkcs11:token
Authenticate to the token before enumerating objects. The PIN value is read from either the pin-value attribute in the URI or from the terminal.
+
+
+ Load only the given PKCS#11 module instead of enumerating modules installed on the system. If module_path is a relative path, the module is loaded from the default module path. This path can be determined by running:
+
+$ pkg-config p11-kit-1 --variable p11_module_path
+/usr/lib64/pkcs11
+
diff --git a/p11-kit/add-profile.c b/p11-kit/add-profile.c
index fbd9bf2c..52add743 100644
--- a/p11-kit/add-profile.c
+++ b/p11-kit/add-profile.c
@@ -45,6 +45,7 @@
#include "tool.h"
#include
+#include
#include
#include
@@ -147,6 +148,7 @@ p11_kit_add_profile (int argc,
p11_dict *profile_nicks = NULL;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
@@ -154,6 +156,7 @@ p11_kit_add_profile (int argc,
opt_help = 'h',
opt_profile = 'p',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -162,6 +165,7 @@ p11_kit_add_profile (int argc,
{ "help", no_argument, NULL, opt_help },
{ "profile", required_argument, NULL, opt_profile },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
@@ -169,6 +173,7 @@ p11_kit_add_profile (int argc,
{ 0, "usage: p11-kit add-profile --profile profile pkcs11:token" },
{ opt_profile, "specify the profile to add" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -207,6 +212,9 @@ p11_kit_add_profile (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case '?':
goto cleanup;
default:
@@ -239,6 +247,11 @@ p11_kit_add_profile (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = add_profile (tool, profile);
diff --git a/p11-kit/delete-object.c b/p11-kit/delete-object.c
index fc4a313c..a45d7601 100644
--- a/p11-kit/delete-object.c
+++ b/p11-kit/delete-object.c
@@ -43,6 +43,7 @@
#include "tool.h"
#include
+#include
#include
#ifdef ENABLE_NLS
@@ -99,12 +100,14 @@ p11_kit_delete_object (int argc,
int opt, ret = 2;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -112,12 +115,14 @@ p11_kit_delete_object (int argc,
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
p11_tool_desc usages[] = {
{ 0, "usage: p11-kit delete-object pkcs11:token" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -126,6 +131,9 @@ p11_kit_delete_object (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case opt_verbose:
p11_kit_be_loud ();
break;
@@ -162,6 +170,11 @@ p11_kit_delete_object (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = delete_object (tool);
diff --git a/p11-kit/delete-profile.c b/p11-kit/delete-profile.c
index fe6e46a7..9ad6a31b 100644
--- a/p11-kit/delete-profile.c
+++ b/p11-kit/delete-profile.c
@@ -45,6 +45,7 @@
#include "tool.h"
#include
+#include
#include
#include
@@ -147,6 +148,7 @@ p11_kit_delete_profile (int argc,
p11_dict *profile_nicks = NULL;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
@@ -154,6 +156,7 @@ p11_kit_delete_profile (int argc,
opt_help = 'h',
opt_profile = 'p',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -162,6 +165,7 @@ p11_kit_delete_profile (int argc,
{ "help", no_argument, NULL, opt_help },
{ "profile", required_argument, NULL, opt_profile },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
@@ -169,6 +173,7 @@ p11_kit_delete_profile (int argc,
{ 0, "usage: p11-kit delete-profile --profile profile pkcs11:token" },
{ opt_profile, "specify the profile to delete" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -207,6 +212,9 @@ p11_kit_delete_profile (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case '?':
goto cleanup;
default:
@@ -239,6 +247,11 @@ p11_kit_delete_profile (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = delete_profile (tool, profile);
diff --git a/p11-kit/export-object.c b/p11-kit/export-object.c
index 1b32185a..ca61b7a7 100644
--- a/p11-kit/export-object.c
+++ b/p11-kit/export-object.c
@@ -493,12 +493,14 @@ p11_kit_export_object (int argc,
int opt, ret = 2;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -506,12 +508,14 @@ p11_kit_export_object (int argc,
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
p11_tool_desc usages[] = {
{ 0, "usage: p11-kit export-object pkcs11:token" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -529,6 +533,9 @@ p11_kit_export_object (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case '?':
return 2;
default:
@@ -556,6 +563,11 @@ p11_kit_export_object (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = export_object (tool);
diff --git a/p11-kit/generate-keypair.c b/p11-kit/generate-keypair.c
index bb21c299..bcb94fa0 100644
--- a/p11-kit/generate-keypair.c
+++ b/p11-kit/generate-keypair.c
@@ -49,6 +49,7 @@
#endif
#include
+#include
#include
#include
#include
@@ -324,6 +325,7 @@ p11_kit_generate_keypair (int argc,
CK_MECHANISM mechanism = { CKA_INVALID, NULL_PTR, 0 };
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
@@ -334,6 +336,7 @@ p11_kit_generate_keypair (int argc,
opt_bits = 'b',
opt_curve = 'c',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -345,6 +348,7 @@ p11_kit_generate_keypair (int argc,
{ "bits", required_argument, NULL, opt_bits },
{ "curve", required_argument, NULL, opt_curve },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
@@ -356,6 +360,7 @@ p11_kit_generate_keypair (int argc,
{ opt_bits, "number of bits for key generation" },
{ opt_curve, "name of the curve for key generation" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -388,6 +393,9 @@ p11_kit_generate_keypair (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case opt_verbose:
p11_kit_be_loud ();
break;
@@ -427,6 +435,11 @@ p11_kit_generate_keypair (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = generate_keypair (tool, label, mechanism, bits, ec_params, ec_params_len);
diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c
index 98a75800..28cb964a 100644
--- a/p11-kit/import-object.c
+++ b/p11-kit/import-object.c
@@ -493,6 +493,7 @@ p11_kit_import_object (int argc,
char *file = NULL;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
@@ -501,6 +502,7 @@ p11_kit_import_object (int argc,
opt_label = 'L',
opt_file = 'f',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -510,6 +512,7 @@ p11_kit_import_object (int argc,
{ "label", required_argument, NULL, opt_label },
{ "file", required_argument, NULL, opt_file },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
@@ -519,6 +522,7 @@ p11_kit_import_object (int argc,
{ opt_label, "label to be associated with imported object" },
{ opt_file, "object data to import" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -533,6 +537,9 @@ p11_kit_import_object (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case opt_verbose:
p11_kit_be_loud ();
break;
@@ -574,6 +581,11 @@ p11_kit_import_object (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = import_object (tool, file, label);
diff --git a/p11-kit/list-mechanisms.c b/p11-kit/list-mechanisms.c
index 0ef3fee4..1c0cdd66 100644
--- a/p11-kit/list-mechanisms.c
+++ b/p11-kit/list-mechanisms.c
@@ -48,6 +48,7 @@
#include "uri.h"
#include
+#include
#include
#include
@@ -214,27 +215,34 @@ p11_kit_list_mechanisms (int argc,
{
int opt, ret = 2;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
{ "verbose", no_argument, NULL, opt_verbose },
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
p11_tool_desc usages[] = {
{ 0, "usage: p11-kit list-mechanisms pkcs11:token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
while ((opt = p11_tool_getopt (argc, argv, options)) != -1) {
switch (opt) {
+ case opt_provider:
+ provider = optarg;
+ break;
case opt_verbose:
p11_kit_be_loud ();
break;
@@ -271,6 +279,11 @@ p11_kit_list_mechanisms (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
ret = list_mechanisms (tool);
cleanup:
p11_tool_free (tool);
diff --git a/p11-kit/list-objects.c b/p11-kit/list-objects.c
index c9b019ac..977f736e 100644
--- a/p11-kit/list-objects.c
+++ b/p11-kit/list-objects.c
@@ -50,6 +50,7 @@
#include "uri.h"
#include
+#include
#include
#include
@@ -376,12 +377,14 @@ p11_kit_list_objects (int argc,
int opt, ret = 2;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -389,12 +392,14 @@ p11_kit_list_objects (int argc,
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
p11_tool_desc usages[] = {
{ 0, "usage: p11-kit list-objects pkcs11:token" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -412,6 +417,9 @@ p11_kit_list_objects (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case '?':
return 2;
default:
@@ -439,6 +447,11 @@ p11_kit_list_objects (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = list_objects (tool);
diff --git a/p11-kit/list-profiles.c b/p11-kit/list-profiles.c
index aed968f2..ada31923 100644
--- a/p11-kit/list-profiles.c
+++ b/p11-kit/list-profiles.c
@@ -44,7 +44,9 @@
#include "tool.h"
#include
+#include
#include
+#include
#include
#ifdef ENABLE_NLS
@@ -149,12 +151,14 @@ p11_kit_list_profiles (int argc,
int opt, ret = 2;
bool login = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
opt_login = 'l',
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
@@ -162,12 +166,14 @@ p11_kit_list_profiles (int argc,
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
{ "login", no_argument, NULL, opt_login },
+ { "provider", required_argument, NULL, opt_provider },
{ 0 },
};
p11_tool_desc usages[] = {
{ 0, "usage: p11-kit list-profiles pkcs11:token" },
{ opt_login, "login to the token" },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -185,6 +191,9 @@ p11_kit_list_profiles (int argc,
case opt_login:
login = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
case '?':
return 2;
default:
@@ -212,6 +221,11 @@ p11_kit_list_profiles (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
p11_tool_set_login (tool, login);
ret = list_profiles (tool);
diff --git a/p11-kit/list-tokens.c b/p11-kit/list-tokens.c
index 9ede7026..ab68cbdc 100644
--- a/p11-kit/list-tokens.c
+++ b/p11-kit/list-tokens.c
@@ -109,18 +109,21 @@ p11_kit_list_tokens (int argc,
int opt, ret = 2;
bool only_uris = false;
p11_tool *tool = NULL;
+ const char *provider = NULL;
enum {
opt_verbose = 'v',
opt_quiet = 'q',
opt_help = 'h',
opt_only_urls = CHAR_MAX + 1,
+ opt_provider = CHAR_MAX + 2,
};
struct option options[] = {
{ "verbose", no_argument, NULL, opt_verbose },
{ "quiet", no_argument, NULL, opt_quiet },
{ "only-uris", no_argument, NULL, opt_only_urls },
+ { "provider", required_argument, NULL, opt_provider },
{ "help", no_argument, NULL, opt_help },
{ 0 },
};
@@ -130,6 +133,7 @@ p11_kit_list_tokens (int argc,
{ opt_verbose, "show verbose debug output", },
{ opt_quiet, "suppress command output", },
{ opt_only_urls, "only print token URIs", },
+ { opt_provider, "specify the module to use" },
{ 0 },
};
@@ -148,6 +152,10 @@ p11_kit_list_tokens (int argc,
only_uris = true;
break;
+ case opt_provider:
+ provider = optarg;
+ break;
+
case opt_help:
p11_tool_usage (usages, options);
return 0;
@@ -178,6 +186,11 @@ p11_kit_list_tokens (int argc,
goto cleanup;
}
+ if (!p11_tool_set_provider (tool, provider)) {
+ p11_message (_("failed to allocate memory"));
+ goto cleanup;
+ }
+
ret = list_tokens (tool, only_uris);
cleanup:
p11_tool_free (tool);
diff --git a/p11-kit/test-list-tokens.sh b/p11-kit/test-list-tokens.sh
index f933792e..6d7ae27e 100755
--- a/p11-kit/test-list-tokens.sh
+++ b/p11-kit/test-list-tokens.sh
@@ -26,6 +26,7 @@ usage: p11-kit list-tokens [--only-uris] pkcs11:token
-v, --verbose show verbose debug output
-q, --quiet suppress command output
--only-uris only print token URIs
+ --provider=<...> specify the module to use
EOF
if "$abs_top_builddir"/p11-kit/p11-kit-testable list-tokens -q 2>&1 > list.out; then
assert_fail "p11-kit list-tokens succeeded without token URI"
@@ -79,4 +80,30 @@ EOF
fi
}
-run test_list_tokens_without_uri test_list_tokens test_list_tokens_only_uris
+test_list_tokens_provider() {
+ cat > list.exp < list.out; then
+ assert_fail "unable to run: p11-kit list-tokens --provider"
+ fi
+
+ : ${DIFF=diff}
+ if ! ${DIFF} list.exp list.out > list.diff; then
+ sed 's/^/# /' list.diff
+ assert_fail "output contains incorrect result"
+ fi
+}
+
+run test_list_tokens_without_uri test_list_tokens test_list_tokens_only_uris test_list_tokens_provider
diff --git a/p11-kit/tool.c b/p11-kit/tool.c
index 9cbdcbe4..cfc302a8 100644
--- a/p11-kit/tool.c
+++ b/p11-kit/tool.c
@@ -49,6 +49,7 @@
struct p11_tool {
P11KitUri *uri;
bool login;
+ char *provider;
CK_FUNCTION_LIST **modules;
};
@@ -72,6 +73,7 @@ p11_tool_free (p11_tool *tool)
p11_kit_pin_unregister_callback ("tty", p11_pin_tty_callback, NULL);
#endif
+ free (tool->provider);
free (tool);
}
@@ -114,6 +116,21 @@ p11_tool_set_login (p11_tool *tool,
#endif
}
+bool
+p11_tool_set_provider (p11_tool *tool,
+ const char *provider)
+{
+ free (tool->provider);
+
+ if (provider) {
+ tool->provider = strdup (provider);
+ return tool->provider != NULL;
+ } else {
+ tool->provider = NULL;
+ return true;
+ }
+}
+
P11KitIter *
p11_tool_begin_iter (p11_tool *tool,
P11KitIterBehavior behavior)
@@ -125,7 +142,29 @@ p11_tool_begin_iter (p11_tool *tool,
/* Iteration is already in progress */
return_val_if_fail (!tool->modules, NULL);
- tool->modules = p11_kit_modules_load_and_initialize (0);
+ if (tool->provider) {
+ CK_FUNCTION_LIST **modules;
+
+ modules = calloc (2, sizeof (CK_FUNCTION_LIST *));
+ return_val_if_fail (modules, NULL);
+
+ modules[0] = p11_kit_module_load (tool->provider, 0);
+ if (!modules[0]) {
+ free (modules);
+ return NULL;
+ }
+
+ if (p11_kit_module_initialize (modules[0]) != CKR_OK) {
+ p11_kit_module_release (modules[0]);
+ free (modules);
+ return NULL;
+ }
+
+ tool->modules = modules;
+ } else {
+ tool->modules = p11_kit_modules_load_and_initialize (0);
+ }
+
if (!tool->modules)
return NULL;
diff --git a/p11-kit/tool.h b/p11-kit/tool.h
index b1975ed2..1817c34d 100644
--- a/p11-kit/tool.h
+++ b/p11-kit/tool.h
@@ -51,6 +51,9 @@ P11KitUriResult p11_tool_set_uri (p11_tool *tool,
P11KitUriType type);
void p11_tool_set_login (p11_tool *tool,
bool login);
+bool p11_tool_set_provider
+ (p11_tool *tool,
+ const char *provider);
P11KitIter *p11_tool_begin_iter (p11_tool *tool,
P11KitIterBehavior behavior);
void p11_tool_end_iter (p11_tool *tool,