Beispiel #1
0
CK_RV RunC_SetPIN(
				  CK_SESSION_HANDLE		hSession,	// the session's handle
				  CK_CHAR_PTR			pOldPin,	// the old PIN
				  CK_ULONG				ulOldLen,	// length of the old PIN
				  CK_CHAR_PTR			pNewPin,	// the new PIN
				  CK_ULONG				ulNewLen	// length of the new PIN)
				  )
{
	//convert ANSI to UTF8
	CK_ULONG ulOldPinUtf8_length = 0;
	char *pszOldPinUtf8 = NULL;	
	if(ulOldLen > 0)
	{
		ulOldPinUtf8_length = AppStringToUtf8String((const char *)pOldPin,ulOldLen, NULL);
		if(ulOldPinUtf8_length > 0)
		{
			pszOldPinUtf8 = new char[ulOldPinUtf8_length+1];
			memset(pszOldPinUtf8, 0x00, ulOldPinUtf8_length+1);
			AppStringToUtf8String((const char *)pOldPin,ulOldLen,  pszOldPinUtf8);	
		}
	}
	CK_ULONG ulNewPinUtf8_length = 0;
	char *pszNewPinUtf8 = NULL;	
	if(ulNewLen > 0)
	{
		ulNewPinUtf8_length = AppStringToUtf8String((const char *)pNewPin,ulNewLen, NULL);
		if(ulNewPinUtf8_length > 0)
		{
			pszNewPinUtf8 = new char[ulNewPinUtf8_length+1];
			memset(pszNewPinUtf8, 0x00, ulNewPinUtf8_length+1);
			AppStringToUtf8String((const char *)pNewPin,ulNewLen,  pszNewPinUtf8);	
		}
	}
	//end convert
	CK_RV rv = C_SetPIN(hSession, (unsigned char *)pszOldPinUtf8, ulOldPinUtf8_length, (unsigned char *)pszNewPinUtf8, ulNewPinUtf8_length);
	
	if(pszOldPinUtf8 != NULL)
	{
		delete[] pszOldPinUtf8;
		pszOldPinUtf8 = NULL;
	}
	if(pszNewPinUtf8 != NULL)
	{
		delete[] pszNewPinUtf8;
		pszNewPinUtf8 = NULL;
	}
	return rv;
}
Beispiel #2
0
/*
 * Change the User PIN
 */
int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
		const char *new_pin)
{
	PKCS11_SLOT_private *priv = PRIVSLOT(slot);
	PKCS11_CTX *ctx = priv->parent;
	int old_len, new_len, rv;

	CHECK_SLOT_FORK(slot);

	if (!priv->haveSession) {
		PKCS11err(PKCS11_F_PKCS11_CHANGE_PIN, PKCS11_NO_SESSION);
		return -1;
	}

	old_len = old_pin ? strlen(old_pin) : 0;
	new_len = new_pin ? strlen(new_pin) : 0;
	rv = CRYPTOKI_call(ctx,
		C_SetPIN(priv->session, (CK_UTF8CHAR *) old_pin, old_len,
			(CK_UTF8CHAR *) new_pin, new_len));
	CRYPTOKI_checkerr(PKCS11_F_PKCS11_CHANGE_PIN, rv);

	return pkcs11_check_token(ctx, slot);
}
Beispiel #3
0
void UserTests::testSetPIN()
{
	CK_RV rv;
	CK_UTF8CHAR pin1[] = SLOT_0_USER1_PIN;
	CK_ULONG pin1Length = sizeof(pin1) - 1;
	CK_UTF8CHAR pin2[] = SLOT_0_USER2_PIN;
	CK_ULONG pin2Length = sizeof(pin2) - 1;
	CK_UTF8CHAR so1pin[] = SLOT_0_SO1_PIN;
	CK_ULONG so1pinLength = sizeof(so1pin) - 1;
	CK_UTF8CHAR so2pin[] = SLOT_0_SO2_PIN;
	CK_ULONG so2pinLength = sizeof(so2pin) - 1;
	CK_SESSION_HANDLE hSession;

	// Just make sure that we finalize any previous tests
	C_Finalize(NULL_PTR);

	// Set up user PIN
	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
	rv = C_InitPIN(hSession, pin1, pin1Length);
	CPPUNIT_ASSERT(rv == CKR_OK);
	C_Finalize(NULL_PTR);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);

	rv = C_Initialize(NULL_PTR);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(CK_INVALID_HANDLE, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY);

	rv = C_CloseSession(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, NULL_PTR, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);

	rv = C_SetPIN(hSession, pin1, pin1Length, NULL_PTR, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, 0);
	CPPUNIT_ASSERT(rv == CKR_PIN_LEN_RANGE);

	rv = C_SetPIN(hSession, pin2, pin2Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_USER, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, pin2, pin2Length, pin1, pin1Length);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);

	rv = C_Logout(hSession);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, so2pin, so2pinLength, so2pin, so2pinLength);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, so1pin, so1pinLength, so2pin, so2pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);

	rv = C_SetPIN(hSession, so1pin, so1pinLength, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);

	rv = C_SetPIN(hSession, so2pin, so2pinLength, so1pin, so1pinLength);
	CPPUNIT_ASSERT(rv == CKR_OK);
}