Beispiel #1
0
void UserTests::testLogout()
{
	CK_RV rv;
	CK_UTF8CHAR pin[] = SLOT_0_SO1_PIN;
	CK_ULONG pinLength = sizeof(pin) - 1;
	CK_SESSION_HANDLE hSession;

	// Just make sure that we finalize any previous tests
	C_Finalize(NULL_PTR);

	rv = C_Logout(hSession);
	CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);

	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_SO, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Logout(CK_INVALID_HANDLE);
	CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);

	rv = C_Logout(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Logout(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);
}
void logout_and_close_session()
{
	C_Logout(hSession);
	C_CloseSession(hSession);
	C_Finalize(NULL_PTR);
	hSession = CK_INVALID_HANDLE;
}
Beispiel #3
0
void
logout(CK_SESSION_HANDLE session) {
    CK_RV rv;
    rv = C_Logout(session);
    if (rv != CKR_USER_NOT_LOGGED_IN) {
        check_return_value(rv, "log out");
    }
}
Beispiel #4
0
static void crypto_token_logout(CK_SESSION_HANDLE hSession)
{
	CK_RV rv = CKR_OK;

	rv = C_Logout(hSession);
	assert(rv == CKR_OK);

	rv = C_CloseSession(hSession);
	assert(rv == CKR_OK);

	rv = C_Finalize(NULL_PTR);
	assert(rv == CKR_OK);
}
Beispiel #5
0
static void shutdownFunction( DEVICE_INFO *deviceInfo )
	{
	PKCS11_INFO *pkcs11Info = deviceInfo->devicePKCS11;

	assert( isWritePtr( deviceInfo, sizeof( DEVICE_INFO ) ) );

	/* Log out and close the session with the device */
	if( deviceInfo->flags & DEVICE_LOGGEDIN )
		C_Logout( pkcs11Info->hSession );
	C_CloseSession( pkcs11Info->hSession );
	pkcs11Info->hSession = CK_OBJECT_NONE;
	deviceInfo->flags &= ~( DEVICE_ACTIVE | DEVICE_LOGGEDIN );

	/* Free the device capability information */
	freeCapabilities( deviceInfo );
	}
Beispiel #6
0
/*
 * Log out
 */
int PKCS11_logout(PKCS11_SLOT * slot)
{
	PKCS11_SLOT_private *priv = PRIVSLOT(slot);
	PKCS11_CTX *ctx = priv->parent;
	int rv;

	CHECK_SLOT_FORK(slot);

	/* Calling PKCS11_logout invalidates all cached
	 * keys we have */
	if (slot->token) {
		pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
		pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
	}
	if (!priv->haveSession) {
		PKCS11err(PKCS11_F_PKCS11_LOGOUT, PKCS11_NO_SESSION);
		return -1;
	}

	rv = CRYPTOKI_call(ctx, C_Logout(priv->session));
	CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGOUT, rv);
	priv->loggedIn = 0;
	return 0;
}
Beispiel #7
0
void ECCSpeedTest()
{
	CK_RV rv = 0;
	CK_SLOT_ID SlotId = 0;
	CK_SESSION_HANDLE hSession = 0;
	CK_OBJECT_HANDLE hECCPubKey = 0;
	CK_OBJECT_HANDLE hECCPriKey = 0;
	CK_BBOOL isTrue = FALSE;
	CK_ULONG ECCPubKeyClass = CKO_PUBLIC_KEY;
	CK_ULONG ECCPriKeyClass = CKO_PRIVATE_KEY;
	CK_BYTE Id[] = "MY_ECC_KEY";
	
	CK_ATTRIBUTE ECCPubKey[] = {
		{CKA_CLASS, &ECCPubKeyClass, sizeof(ECCPubKeyClass)},
		{CKA_ID, &Id, strlen(Id)},
		{CKA_TOKEN, &isTrue, sizeof(isTrue)}
	};
	
	CK_ATTRIBUTE ECCPriKey[] = {
		{CKA_CLASS, &ECCPriKeyClass, sizeof(ECCPriKeyClass)},
		{CKA_ID, &Id, strlen(Id)},
		{CKA_TOKEN, &isTrue, sizeof(isTrue)}
	};
	
	CK_MECHANISM ECCGenKey = {CKM_ECDSA_KEY_PAIR_GEN, NULL_PTR, 0};
	CK_MECHANISM mECCEncrypt = {CKM_ECDSA_PKCS, NULL_PTR, 0};
	CK_BYTE indata[160] = {0x00};
	CK_BYTE outdata[300] = {0x00};
	CK_BYTE temp[300] = {0x00};
	CK_ULONG outlength = 0;
	CK_ULONG templength = 0;
	CK_ULONG i = 0;

	LARGE_INTEGER Frequency;
	LARGE_INTEGER StartNum;
	LARGE_INTEGER EndNum;
	double Second;

	memset(indata, 0x42, 111);
	memset(outdata, 0x00, 300);
	memset(temp, 0x00, 300);

	rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession);
#ifdef DEVICE_KEY
	C_Login(hSession, CKU_SO, "11111111", 8);
#endif
	QueryPerformanceFrequency(&Frequency);
	QueryPerformanceCounter(&StartNum);
	for (i=0; i<LOOPTIMES; i++)
	{
		C_GenerateKeyPair(hSession, &ECCGenKey, ECCPubKey, 3, ECCPriKey, 3, &hECCPubKey, &hECCPriKey);
	}
	QueryPerformanceCounter(&EndNum);
	Second = (double)(((EndNum.QuadPart - StartNum.QuadPart)+0.0)/Frequency.QuadPart);
	printf("Generate ECC Key Time is: %03f s\n", Second/LOOPTIMES);
	
	QueryPerformanceCounter(&StartNum);
	for (i=0; i<LOOPTIMES; i++)
	{
		C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey);
		C_Encrypt(hSession, indata, 111, outdata, &outlength);
		C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey);
		C_Decrypt(hSession, outdata, outlength, temp, &templength);
	}
	QueryPerformanceCounter(&EndNum);
	Second = (double)(((EndNum.QuadPart - StartNum.QuadPart)+0.0)/Frequency.QuadPart);
	printf("ECC Encrypt and Decrypt Time is: %03f s\n", Second/LOOPTIMES);
#ifdef DEVICE_KEY
	C_Logout(hSession);
#endif
	C_CloseSession(hSession);

}
Beispiel #8
0
FLAG ECCTest_out()
{
	CK_RV rv = 0;
	CK_SLOT_ID SlotId = 0;
	CK_SESSION_HANDLE hSession = 0;
	CK_OBJECT_HANDLE hECCPubKey = 0;
	CK_OBJECT_HANDLE hECCPriKey = 0;
	CK_BBOOL isTrue = TRUE;
	CK_ULONG ECCPubKeyClass = CKO_PUBLIC_KEY;
	CK_ULONG ECCPriKeyClass = CKO_PRIVATE_KEY;
	CK_BYTE Id[] = "MY_ECC_KEY";

	CK_ATTRIBUTE ECCPubKey[] = {
		{CKA_CLASS, &ECCPubKeyClass, sizeof(ECCPubKeyClass)},
		{CKA_ID, &Id, strlen(Id)},
		{CKA_TOKEN, &isTrue, sizeof(isTrue)}
								};

	CK_ATTRIBUTE ECCPriKey[] = {
		{CKA_CLASS, &ECCPriKeyClass, sizeof(ECCPriKeyClass)},
		{CKA_ID, &Id, strlen(Id)},
		{CKA_TOKEN, &isTrue, sizeof(isTrue)}
								};

	CK_ATTRIBUTE CreateECCPubKey[] = {
		{CKA_CLASS, NULL_PTR, 0},
		{CKA_MODULUS_BITS, NULL_PTR, 0},
		{CKA_ID, NULL_PTR, 0},
		{CKA_EC_POINT, NULL_PTR, 0}
								};

	CK_ATTRIBUTE CreateECCPriKey[] = {
		{CKA_CLASS, NULL_PTR, 0},
		{CKA_ID, NULL_PTR, 0},
		{CKA_MODULUS_BITS, NULL_PTR, 0},
		{CKA_VALUE, NULL_PTR, 0}
								};
	
	CK_MECHANISM ECCGenKey = {CKM_ECDSA_KEY_PAIR_GEN, NULL_PTR, 0};
	CK_MECHANISM mECCEncrypt = {CKM_ECDSA_PKCS, NULL_PTR, 0};
	CK_BYTE indata[160] = {0x00};
	CK_BYTE outdata[300] = {0x00};
	CK_BYTE temp[300] = {0x00};
	CK_ULONG outlength = 0;
	CK_ULONG templength = 0;

	printf("ECC Outside Encrypt and Decrypt!\n");
	rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession);
#ifdef DEVICE_KEY
	C_Login(hSession, CKU_SO, "11111111", 8);
#endif
	rv = C_GenerateKeyPair(hSession, &ECCGenKey, ECCPubKey, 3, ECCPriKey, 3, &hECCPubKey, &hECCPriKey);
	rv = C_CloseSession(hSession);

	rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession);
#ifdef DEVICE_KEY
	C_Login(hSession, CKU_SO, "11111111", 8);
#endif
	rv = C_GetAttributeValue(hSession, hECCPubKey, CreateECCPubKey, 4);
	if (rv == 0)
	{
		CreateECCPubKey[0].pValue = malloc(CreateECCPubKey[0].ulValueLen);
		if (CreateECCPubKey[0].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			return -1;
		}
		CreateECCPubKey[1].pValue = malloc(CreateECCPubKey[1].ulValueLen);
		if (CreateECCPubKey[1].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPubKey, 1);
			return -1;
		}
		CreateECCPubKey[2].pValue = malloc(CreateECCPubKey[2].ulValueLen);
		if (CreateECCPubKey[2].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPubKey, 2);
			return -1;
		}
		CreateECCPubKey[3].pValue = malloc(CreateECCPubKey[3].ulValueLen);
		if (CreateECCPubKey[3].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPubKey, 3);
			return -1;
		}
		rv = C_GetAttributeValue(hSession, hECCPubKey, CreateECCPubKey, 4);
		rv = C_DestroyObject(hSession, hECCPubKey);
		rv = C_CreateObject(hSession, CreateECCPubKey, 4, &hECCPubKey);
	}
	FreeAttribute(CreateECCPubKey, 4);

	memset(indata, 0x33, 110);
	memset(outdata, 0x00, 300);
	memset(temp, 0x00, 300);
	
	rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey);
	rv = C_Encrypt(hSession, indata, 110, outdata, &outlength);

	rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 4);
	if (rv == 0)
	{
		CreateECCPriKey[0].pValue = malloc(CreateECCPriKey[0].ulValueLen);
		if (CreateECCPriKey[0].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			return -1;
		}
		CreateECCPriKey[1].pValue = malloc(CreateECCPriKey[1].ulValueLen);
		if (CreateECCPriKey[1].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPriKey, 1);
			return -1;
		}
	
		CreateECCPriKey[2].pValue = malloc(CreateECCPriKey[2].ulValueLen);
		if (CreateECCPriKey[2].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPriKey, 2);
			return -1;
		}
		CreateECCPriKey[3].pValue = malloc(CreateECCPriKey[3].ulValueLen);
		if (CreateECCPriKey[3].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPriKey, 3);
			return -1;
		}
		rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 4);
		rv = C_DestroyObject(hSession, hECCPriKey);
		rv = C_CreateObject(hSession, CreateECCPriKey, 4, &hECCPriKey);
	}
	FreeAttribute(CreateECCPriKey, 4);

	rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey);
	rv = C_Decrypt(hSession, outdata, outlength, temp, &templength);
#ifdef DEVICE_KEY
	C_Logout(hSession);
#endif
	rv = C_CloseSession(hSession);

	if (memcmp(indata, temp, 110) == 0 && templength == 110)
	{
		printf("OK ECC OUT!\n");
	}
	else
	{
		printf("ERROR ECC OUT!\n");
	}
	return 0;
}
Beispiel #9
0
FLAG ECCTest_in()
{
	CK_RV rv = 0;
	CK_SLOT_ID SlotId = 0;
	CK_SESSION_HANDLE hSession = 0;
	CK_ULONG ECCPubKeyClass = CKO_PUBLIC_KEY;
	CK_ULONG ECCPriKeyClass = CKO_PRIVATE_KEY;
	CK_BYTE ECCPubLabel[] = "ECC_PUBLIC_KEY_7";
	CK_BYTE ECCPriLabel[] = "ECC_PRIVATE_KEY_7";
	CK_BBOOL isFalse = TRUE;
#if 0	/* CKA_LABEL TEST*/
	CK_ATTRUBUTE ECCKeyLabel = {
		CAK_LABEL,//type
		ECCPub//value
		//value_len
	};
#endif	/* END CAK_LABEL TEST*/
	
	CK_ATTRIBUTE ECCPubKey[] = {
		{CKA_CLASS, &ECCPubKeyClass, sizeof(ECCPubKeyClass)},
		{CKA_LABEL, &ECCPubLabel, sizeof(ECCPubLabel)},
		{CKA_TOKEN, &isFalse, sizeof(isFalse)}
							};
	
	CK_ATTRIBUTE ECCPriKey[] = {
		{CKA_CLASS, &ECCPriKeyClass, sizeof(ECCPriKeyClass)},
		{CKA_LABEL, &ECCPriLabel, sizeof(ECCPriLabel)},
		{CKA_TOKEN, &isFalse, sizeof(isFalse)}
							};

	CK_ATTRIBUTE CreateECCPriKey[] = {
		{CKA_CLASS, NULL_PTR, 0},
		{CKA_MODULUS_BITS, NULL_PTR, 0},
		{CKA_VALUE, NULL_PTR, 0}
							};

	CK_MECHANISM ECCGenKey = {CKM_ECDSA_KEY_PAIR_GEN, NULL_PTR, 0};
	CK_MECHANISM mECCEncrypt = {CKM_ECDSA_PKCS, NULL_PTR, 0};
	CK_OBJECT_HANDLE hECCPubKey = 0;
	CK_OBJECT_HANDLE hECCPriKey = 0;

	CK_BYTE indata[160] = {0x00};
	CK_BYTE outdata[300] = {0x00};
	CK_BYTE temp[300] = {0x00};
	CK_ULONG outlength = 0;
	CK_ULONG templength = 0;
	
	memset(indata, 0x31, 40);
	memset(outdata, 0x00, 300);
	memset(temp, 0x00, 300);
	
	printf("ECC Inside Encrypt and Decrypt!\n");
	rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession);
#ifdef DEVICE_KEY
	C_Login(hSession, CKU_SO, "11111111", 8);
#endif
	rv = C_GenerateKeyPair(hSession, &ECCGenKey, ECCPubKey, 3, ECCPriKey, 3, &hECCPubKey, &hECCPriKey);

	rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey);
	rv = C_Encrypt(hSession, indata, 40, outdata, &outlength);
	rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey);
	rv = C_Decrypt(hSession, outdata, outlength, temp, &templength);
	if (memcmp(indata, temp, 40) == 0 && templength == 40)
	{
		printf("OK ECC IN!\n");
	}
	else
	{
		printf("ERROR ECC IN!\n");
	}

	printf("ECC Crossing Encrypt and Decrypt!\n");
	memset(indata, 0x33, 110);
	memset(outdata, 0x00, 300);
	memset(temp, 0x00, 300);

	rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 3);
	if (rv == 0)
	{
		CreateECCPriKey[0].pValue = malloc(CreateECCPriKey[0].ulValueLen);
		if (CreateECCPriKey[0].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			return -1;
		}
		CreateECCPriKey[1].pValue = malloc(CreateECCPriKey[1].ulValueLen);
		if (CreateECCPriKey[1].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPriKey, 1);
			return -1;
		}
		
		CreateECCPriKey[2].pValue = malloc(CreateECCPriKey[2].ulValueLen);
		if (CreateECCPriKey[2].pValue == NULL)
		{
			printf("ECCTest_out->malloc ERROR!\n");
			FreeAttribute(CreateECCPriKey, 2);
			return -1;
		}
		rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 3);
		rv = C_CreateObject(hSession, CreateECCPriKey, 3, &hECCPriKey);
	}
	FreeAttribute(CreateECCPriKey, 3);

	rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey);
	rv = C_Encrypt(hSession, indata, 110, outdata, &outlength);
	rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey);
	rv = C_Decrypt(hSession, outdata, outlength, temp, &templength);
	if (memcmp(indata, temp, 110) == 0 && templength == 110)
	{
		printf("OK ECC Crossing!\n");
	}
	else
	{
		printf("ERROR ECC Crossing!\n");
	}
#ifdef DEVICE_KEY
	C_Logout(hSession);
#endif
	C_CloseSession(hSession);

	return 0;
}
Beispiel #10
0
void UserTests::testSetPIN()
{
	CK_RV rv;
	CK_UTF8CHAR pin1[] = SLOT_0_USER1_PIN;
	CK_ULONG pin1Length = sizeof(pin1) - 1;
	CK_UTF8CHAR pin2[] = SLOT_0_USER2_PIN;
	CK_ULONG pin2Length = sizeof(pin2) - 1;
	CK_UTF8CHAR so1pin[] = SLOT_0_SO1_PIN;
	CK_ULONG so1pinLength = sizeof(so1pin) - 1;
	CK_UTF8CHAR so2pin[] = SLOT_0_SO2_PIN;
	CK_ULONG so2pinLength = sizeof(so2pin) - 1;
	CK_SESSION_HANDLE hSession;

	// Just make sure that we finalize any previous tests
	C_Finalize(NULL_PTR);

	// Set up user PIN
	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_InitPIN(hSession, pin1, pin1Length);
	CPPUNIT_ASSERT(rv == CKR_OK);
	C_Finalize(NULL_PTR);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);

	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(CK_INVALID_HANDLE, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY);

	rv = C_CloseSession(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, NULL_PTR, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);

	rv = C_SetPIN(hSession, pin1, pin1Length, NULL_PTR, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, 0);
	CPPUNIT_ASSERT(rv == CKR_PIN_LEN_RANGE);

	rv = C_SetPIN(hSession, pin2, pin2Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_USER, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, pin2, pin2Length, pin1, pin1Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);

	rv = C_Logout(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, so2pin, so2pinLength, so2pin, so2pinLength);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, so1pin, so1pinLength, so2pin, so2pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, so1pin, so1pinLength, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, so2pin, so2pinLength, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
}
Beispiel #11
0
void UserTests::testLogin()
{
	CK_RV rv;
	CK_UTF8CHAR pin[] = SLOT_0_USER1_PIN;
	CK_ULONG pinLength = sizeof(pin) - 1;
	CK_UTF8CHAR sopin[] = SLOT_0_SO1_PIN;
	CK_ULONG sopinLength = sizeof(sopin) - 1;
	CK_SESSION_HANDLE hSession[2];

	// Just make sure that we finalize any previous tests
	C_Finalize(NULL_PTR);

	// Set up user PIN
	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession[0]);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_PIN_NOT_INITIALIZED);
	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_InitPIN(hSession[0], pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
	C_Finalize(NULL_PTR);

	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);

	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession[0]);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(CK_INVALID_HANDLE, CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);

	rv = C_Login(hSession[0], CKU_SO, NULL_PTR, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);

	rv = C_Login(hSession[0], CKU_SO, sopin, 0);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession[1]);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY_EXISTS);

	rv = C_CloseSession(hSession[1]);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);

	rv = C_Logout(hSession[0]);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ALREADY_LOGGED_IN);

	rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);

	rv = C_Logout(hSession[0]);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_USER, pin, pinLength - 1);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ALREADY_LOGGED_IN);
}