diff options
-rw-r--r-- | src/manager/service/ckm-logic.cpp | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index 7d322289..36f2ea77 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -993,33 +993,38 @@ int CKMLogic::getPKCS12Helper( retCode = readDataHelper(true, cred, DataType::DB_KEY_FIRST, name, label, keyPassword, keyObj); - if (retCode != CKM_API_SUCCESS) - return retCode; - - privKey = CKM::Key::create(keyObj->getBinary()); + if (retCode != CKM_API_SUCCESS) { + if (retCode != CKM_API_ERROR_NOT_EXPORTABLE) + return retCode; + } else { + privKey = CKM::Key::create(keyObj->getBinary()); + } // read certificate (mandatory) Crypto::GObjUPtr certObj; retCode = readDataHelper(true, cred, DataType::CERTIFICATE, name, label, certPassword, certObj); - if (retCode != CKM_API_SUCCESS) - return retCode; - - cert = CKM::Certificate::create(certObj->getBinary(), DataFormat::FORM_DER); + if (retCode != CKM_API_SUCCESS) { + if (retCode != CKM_API_ERROR_NOT_EXPORTABLE) + return retCode; + } else { + cert = CKM::Certificate::create(certObj->getBinary(), DataFormat::FORM_DER); + } // read CA cert chain (optional) Crypto::GObjUPtrVector caChainObjs; retCode = readDataHelper(true, cred, DataType::DB_CHAIN_FIRST, name, label, certPassword, caChainObjs); - if (retCode != CKM_API_SUCCESS && - retCode != CKM_API_ERROR_DB_ALIAS_UNKNOWN) - return retCode; - - for (auto &caCertObj : caChainObjs) - caChain.push_back(CKM::Certificate::create(caCertObj->getBinary(), - DataFormat::FORM_DER)); + if (retCode != CKM_API_SUCCESS && retCode != CKM_API_ERROR_DB_ALIAS_UNKNOWN) { + if (retCode != CKM_API_ERROR_NOT_EXPORTABLE) + return retCode; + } else { + for (auto &caCertObj : caChainObjs) + caChain.push_back(CKM::Certificate::create(caCertObj->getBinary(), + DataFormat::FORM_DER)); + } // if anything found, return it if (privKey || cert || caChain.size() > 0) |