int do_inittoken( void ) { CK_BYTE label[32]; CK_BYTE so_pin[PKCS11_MAX_PIN_LEN]; CK_ULONG so_pin_len; int len; CK_RV rc; if (get_so_pin(so_pin)) return CKR_FUNCTION_FAILED; so_pin_len = (CK_ULONG)strlen((char *)so_pin); // memcpy( label, "A new label ", 32 ); memcpy( label, " ", 32 ); printf("Enter Token Label:"); if (!fgets(label, 32, stdin)) { show_error("fgets failed", CKR_FUNCTION_FAILED); rc = FALSE; goto done; } printf("\nLabel is: %s",label); for (len = 0; len <31;len++){ if (label[len] == '\0'){ label[len] = ' '; break; } } printf("\n"); // memcpy( label, "RemoteLeeds ", 32 ); rc = funcs->C_InitToken( SLOT_ID, NULL, so_pin_len, label ); if (rc != CKR_ARGUMENTS_BAD) { show_error(" C_InitToken Fail #1",rc); rc = FALSE; goto done; } rc = funcs->C_InitToken( SLOT_ID, so_pin, so_pin_len, NULL ); if (rc != CKR_ARGUMENTS_BAD) { show_error(" C_InitToken Fail #2",rc); rc = FALSE; goto done; } rc = funcs->C_InitToken( SLOT_ID, so_pin, so_pin_len, label ); if (rc != CKR_OK) { show_error(" C_InitToken #1", rc ); rc = FALSE; goto done; } rc = TRUE; done: return rc; }
int do_setUserPIN( void ) { CK_BYTE so_pin[PKCS11_MAX_PIN_LEN]; CK_BYTE user_pin[PKCS11_MAX_PIN_LEN]; CK_ULONG user_pin_len, so_pin_len; CK_FLAGS flags; CK_SESSION_HANDLE h_session; CK_ULONG rc; if (get_user_pin(user_pin)) return CKR_FUNCTION_FAILED; user_pin_len = (CK_ULONG)strlen((char *)user_pin); if (get_so_pin(so_pin)) return CKR_FUNCTION_FAILED; so_pin_len = (CK_ULONG)strlen((char *)so_pin); flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; rc = funcs->C_OpenSession( SLOT_ID, flags, NULL, NULL, &h_session ); if (rc != CKR_OK) { show_error(" C_OpenSession #1", rc ); rc = FALSE; goto done; } rc = funcs->C_Login( h_session, CKU_SO, so_pin, so_pin_len ); if (rc != CKR_OK) { show_error(" C_Login #1", rc ); rc = FALSE; goto done; } rc = funcs->C_InitPIN( h_session, user_pin, user_pin_len ); if (rc != CKR_OK) { show_error(" C_InitPIN #1", rc ); rc = FALSE; goto done; } rc = TRUE; done: funcs->C_CloseAllSessions( SLOT_ID ); return rc; }
CK_RV do_SetPIN(void) { CK_SLOT_ID slot_id; CK_FLAGS flags; CK_SESSION_HANDLE session; CK_CHAR old_pin[PKCS11_MAX_PIN_LEN]; CK_CHAR new_pin[PKCS11_MAX_PIN_LEN]; CK_ULONG old_len; CK_ULONG new_len; CK_RV rc; testcase_begin("Testing C_SetPIN"); // first, try to get the user PIN if (get_user_pin(old_pin)) return CKR_FUNCTION_FAILED; old_len = (CK_ULONG)strlen((char *)old_pin); memcpy(new_pin, "ABCDEF", 6); new_len = 6; slot_id = SLOT_ID; /* try to call C_SetPIN from a R/O public session, it should fail. */ flags = CKF_SERIAL_SESSION; testcase_new_assertion(); rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session); if (rc != CKR_OK) { testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc)); return rc; } rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len); if (rc != CKR_SESSION_READ_ONLY) { testcase_fail("C_SetPIN #1 returned %s instead of " "CKR_SESSION_READ_ONLY.", p11_get_ckr(rc)); rc = CKR_FUNCTION_FAILED; goto testcase_cleanup; } else testcase_pass("C_SetPIN successful in pubic session."); if (funcs->C_CloseSession(session) != CKR_OK) { testcase_error("C_CloseSession #1 failed."); goto testcase_cleanup; } /* try to call C_SetPIN from a R/W public session, it should work. */ flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session); if (rc != CKR_OK) { testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc)); return rc; } rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len); if (rc != CKR_OK) { testcase_fail("C_SetPIN failed: rc = %s", p11_get_ckr(rc)); } else testcase_pass("C_SetPIN successful in r/w pubic session."); if (funcs->C_CloseSession(session) != CKR_OK) { testcase_error("C_CloseSession #1 failed."); goto testcase_cleanup; } if (rc != CKR_OK) // above C_SetPIN failed so leave goto testcase_cleanup; /* open a new session and try logging in with new pin */ flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session); if (rc != CKR_OK) { testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc)); return rc; } testcase_new_assertion(); rc = funcs->C_Login(session, CKU_USER, new_pin, new_len); if (rc != CKR_OK) { testcase_fail("C_Login #1 failed: rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } else testcase_pass("Successfully logged in with new pin."); /* try to call C_SetPIN from a normal user session, r/w user. * set back to original user pin. this should work. */ testcase_new_assertion(); rc = funcs->C_SetPIN(session, new_pin, new_len, old_pin, old_len); if (rc != CKR_OK) testcase_fail("C_SetPIN #2 rc=%s", p11_get_ckr(rc)); else testcase_pass("C_SetPIN successful."); if ((funcs->C_Logout(session)) != CKR_OK) { testcase_error("C_Logout #1 falied: rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } if (rc != CKR_OK) // above C_SetPIN failed. goto testcase_cleanup; /* * done with user tests...now try with the SO */ if (get_so_pin(old_pin)) return CKR_FUNCTION_FAILED; /* try to call C_SetPIN from a normal user session */ testcase_new_assertion(); rc = funcs->C_Login(session, CKU_SO, old_pin, old_len); if (rc != CKR_OK) { testcase_error("C_Login #3failed: rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len); if (rc != CKR_OK) testcase_fail("C_SetPIN #4 failed: rc=%s", p11_get_ckr(rc)); else testcase_pass("C_SetPIN successfully set SO PIN."); if ((funcs->C_Logout(session)) != CKR_OK) { testcase_error("C_Logout #3 failed."); goto testcase_cleanup; } if (rc != CKR_OK) // above C_SetPIN failed goto testcase_cleanup; /* now login with new pin. should work. */ testcase_new_assertion(); rc = funcs->C_Login(session, CKU_SO, new_pin, new_len); if (rc != CKR_OK) { testcase_fail("C_Login #5 failed: rc=%s", p11_get_ckr(rc)); } else testcase_pass("C_Login #5 was successful."); /* change the PIN back to the original so the rest of this program * doesn't break */ if (funcs->C_SetPIN(session, new_pin, new_len, old_pin, old_len) != CKR_OK) testcase_error("C_SetPIN #5 failed to set back to the original " "SO PIN, rc=%s", p11_get_ckr(rc)); if ((funcs->C_Logout(session)) != CKR_OK) testcase_error("C_Logout #4 failed."); testcase_cleanup: if (funcs->C_CloseSession(session) != CKR_OK) testcase_error("C_CloseSession #1 failed."); return rc; }
CK_RV do_InitPIN(void) { CK_SLOT_ID slot_id; CK_FLAGS flags; CK_SESSION_HANDLE session; CK_CHAR so_pin[PKCS11_MAX_PIN_LEN]; CK_CHAR user_pin[PKCS11_MAX_PIN_LEN]; CK_ULONG so_pin_len; CK_ULONG user_pin_len; CK_RV rc; testcase_begin("Testing C_InitPIN"); if (get_user_pin(user_pin)) return CKR_FUNCTION_FAILED; user_pin_len = (CK_ULONG)strlen((char *)user_pin); if (get_so_pin(so_pin)) return CKR_FUNCTION_FAILED; so_pin_len = (CK_ULONG)strlen((char *)so_pin); slot_id = SLOT_ID; flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; // try to call C_InitPIN from a public session testcase_new_assertion(); rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session); if (rc != CKR_OK) { testcase_error("C_OpenSession rc=%s", p11_get_ckr(rc)); return rc; } rc = funcs->C_InitPIN(session, user_pin, user_pin_len); if (rc != CKR_USER_NOT_LOGGED_IN) { testcase_fail("C_InitPIN returned %s instead of " "CKR_USER_NOT_LOGGED_IN", p11_get_ckr(rc)); goto testcase_cleanup; } else testcase_pass("C_InitPin correctly returned CKR_USER_NOT_LOGGED_IN."); // try to call C_InitPIN from an SO session testcase_new_assertion(); rc = funcs->C_Login(session, CKU_SO, so_pin, so_pin_len); if (rc != CKR_OK) { testcase_error("C_Login #1 failed: rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } rc = funcs->C_InitPIN(session, user_pin, user_pin_len); if (rc != CKR_OK) testcase_fail("C_InitPIN failed: rc=%s", p11_get_ckr(rc)); else testcase_pass("C_InitPIN #1 was successful."); if ((funcs->C_Logout(session)) != CKR_OK) { testcase_error("C_Logout #1 failed."); if (rc != CKR_OK) goto testcase_cleanup; } // try to call C_InitPIN from a normal user session testcase_new_assertion(); rc = funcs->C_Login( session, CKU_USER, user_pin, user_pin_len ); if (rc != CKR_OK) { testcase_error("C_Login failed: rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } rc = funcs->C_InitPIN(session, user_pin, user_pin_len); if (rc != CKR_USER_NOT_LOGGED_IN) { testcase_fail("C_InitPIN returned %s instead of " "CKR_USER_NOT_LOGGED_IN.", p11_get_ckr(rc)); rc = CKR_FUNCTION_FAILED; } else { testcase_pass("C_InitPIN #2 was successful."); rc = CKR_OK; } if ((funcs->C_Logout(session)) != CKR_OK) testcase_error("C_Logout #2 rc=%s", p11_get_ckr(rc)); testcase_cleanup: if (funcs->C_CloseAllSessions(slot_id) != CKR_OK) testcase_error("C_CloseAllSessions #1 rc=%s", p11_get_ckr(rc)); return rc; }