CK_RV RunC_SetPIN(
CK_SESSION_HANDLE hSession, // the session's handle
CK_CHAR_PTR pOldPin, // the old PIN
CK_ULONG ulOldLen, // length of the old PIN
CK_CHAR_PTR pNewPin, // the new PIN
CK_ULONG ulNewLen // length of the new PIN)
)
{
//convert ANSI to UTF8
CK_ULONG ulOldPinUtf8_length = 0;
char *pszOldPinUtf8 = NULL;
if(ulOldLen > 0)
{
ulOldPinUtf8_length = AppStringToUtf8String((const char *)pOldPin,ulOldLen, NULL);
if(ulOldPinUtf8_length > 0)
{
pszOldPinUtf8 = new char[ulOldPinUtf8_length+1];
memset(pszOldPinUtf8, 0x00, ulOldPinUtf8_length+1);
AppStringToUtf8String((const char *)pOldPin,ulOldLen, pszOldPinUtf8);
}
}
CK_ULONG ulNewPinUtf8_length = 0;
char *pszNewPinUtf8 = NULL;
if(ulNewLen > 0)
{
ulNewPinUtf8_length = AppStringToUtf8String((const char *)pNewPin,ulNewLen, NULL);
if(ulNewPinUtf8_length > 0)
{
pszNewPinUtf8 = new char[ulNewPinUtf8_length+1];
memset(pszNewPinUtf8, 0x00, ulNewPinUtf8_length+1);
AppStringToUtf8String((const char *)pNewPin,ulNewLen, pszNewPinUtf8);
}
}
//end convert
CK_RV rv = C_SetPIN(hSession, (unsigned char *)pszOldPinUtf8, ulOldPinUtf8_length, (unsigned char *)pszNewPinUtf8, ulNewPinUtf8_length);
if(pszOldPinUtf8 != NULL)
{
delete[] pszOldPinUtf8;
pszOldPinUtf8 = NULL;
}
if(pszNewPinUtf8 != NULL)
{
delete[] pszNewPinUtf8;
pszNewPinUtf8 = NULL;
}
return rv;
}
/*
* Change the User PIN
*/
int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
const char *new_pin)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_CTX *ctx = priv->parent;
int old_len, new_len, rv;
CHECK_SLOT_FORK(slot);
if (!priv->haveSession) {
PKCS11err(PKCS11_F_PKCS11_CHANGE_PIN, PKCS11_NO_SESSION);
return -1;
}
old_len = old_pin ? strlen(old_pin) : 0;
new_len = new_pin ? strlen(new_pin) : 0;
rv = CRYPTOKI_call(ctx,
C_SetPIN(priv->session, (CK_UTF8CHAR *) old_pin, old_len,
(CK_UTF8CHAR *) new_pin, new_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CHANGE_PIN, rv);
return pkcs11_check_token(ctx, slot);
}
void UserTests::testSetPIN()
{
CK_RV rv;
CK_UTF8CHAR pin1[] = SLOT_0_USER1_PIN;
CK_ULONG pin1Length = sizeof(pin1) - 1;
CK_UTF8CHAR pin2[] = SLOT_0_USER2_PIN;
CK_ULONG pin2Length = sizeof(pin2) - 1;
CK_UTF8CHAR so1pin[] = SLOT_0_SO1_PIN;
CK_ULONG so1pinLength = sizeof(so1pin) - 1;
CK_UTF8CHAR so2pin[] = SLOT_0_SO2_PIN;
CK_ULONG so2pinLength = sizeof(so2pin) - 1;
CK_SESSION_HANDLE hSession;
// Just make sure that we finalize any previous tests
C_Finalize(NULL_PTR);
// Set up user PIN
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitPIN(hSession, pin1, pin1Length);
CPPUNIT_ASSERT(rv == CKR_OK);
C_Finalize(NULL_PTR);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(CK_INVALID_HANDLE, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY);
rv = C_CloseSession(hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, NULL_PTR, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);
rv = C_SetPIN(hSession, pin1, pin1Length, NULL_PTR, pin2Length);
CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, 0);
CPPUNIT_ASSERT(rv == CKR_PIN_LEN_RANGE);
rv = C_SetPIN(hSession, pin2, pin2Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_USER, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, pin2, pin2Length, pin1, pin1Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);
rv = C_Logout(hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, so2pin, so2pinLength, so2pin, so2pinLength);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, so1pin, so1pinLength, so2pin, so2pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, so1pin, so1pinLength, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, so2pin, so2pinLength, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
}