CK_RV RunC_InitPIN(
CK_SESSION_HANDLE hSession, // the session's handle
CK_CHAR_PTR pPin, // the normal user's PIN
CK_ULONG ulPinLen // length in bytes of the PIN
)
{
//convert ANSI to UTF8
CK_ULONG ulPinUtf8_length = 0;
char *pszPinUtf8 = NULL;
if(ulPinLen > 0)
{
ulPinUtf8_length = AppStringToUtf8String((const char *)pPin,ulPinLen, NULL);
if(ulPinUtf8_length > 0)
{
pszPinUtf8 = new char[ulPinUtf8_length+1];
memset(pszPinUtf8, 0x00, ulPinUtf8_length+1);
AppStringToUtf8String((const char *)pPin,ulPinLen, pszPinUtf8);
}
}
//end convert
CK_RV rv = C_InitPIN(hSession, (unsigned char *)pszPinUtf8, ulPinUtf8_length);
if(pszPinUtf8 != NULL)
{
delete[] pszPinUtf8;
pszPinUtf8 = NULL;
}
return rv;
return CKR_OK;
}
void SymmetricAlgorithmTests::setUp()
{
// printf("\nObjectTests\n");
setenv("SOFTHSM2_CONF", "./softhsm2.conf", 1);
CK_RV rv;
CK_UTF8CHAR pin[] = SLOT_0_USER1_PIN;
CK_ULONG pinLength = sizeof(pin) - 1;
CK_UTF8CHAR sopin[] = SLOT_0_SO1_PIN;
CK_ULONG sopinLength = sizeof(sopin) - 1;
CK_SESSION_HANDLE hSession;
CK_UTF8CHAR label[32];
memset(label, ' ', 32);
memcpy(label, "token1", strlen("token1"));
// (Re)initialize the token
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitToken(SLOT_INIT_TOKEN, sopin,sopinLength, label);
CPPUNIT_ASSERT(rv == CKR_OK);
// Open session
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
// Login SO
rv = C_Login(hSession,CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
// Initialize the user pin
rv = C_InitPIN(hSession, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
}
void TestsBase::setUp() {
TestsNoPINInitBase::setUp();
CK_SESSION_HANDLE hSession;
// Open session
CPPUNIT_ASSERT( CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession)==CKR_OK ) );
// Login SO
CPPUNIT_ASSERT( CRYPTOKI_F_PTR( C_Login(hSession,CKU_SO, m_soPin1, m_soPin1Length)==CKR_OK ) );
// Initialize the user pin
CPPUNIT_ASSERT( CRYPTOKI_F_PTR( C_InitPIN(hSession, m_userPin1, m_userPin1Length)==CKR_OK ) );
}
void UserTests::testInitPIN()
{
CK_RV rv;
CK_UTF8CHAR pin[] = SLOT_0_USER1_PIN;
CK_ULONG pinLength = sizeof(pin) - 1;
CK_UTF8CHAR sopin[] = SLOT_0_SO1_PIN;
CK_ULONG sopinLength = sizeof(sopin) - 1;
CK_SESSION_HANDLE hSession;
// Just make sure that we finalize any previous tests
C_Finalize(NULL_PTR);
rv = C_InitPIN(hSession, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitPIN(hSession, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_NOT_LOGGED_IN);
rv = C_Login(hSession, CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitPIN(CK_INVALID_HANDLE, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);
rv = C_InitPIN(hSession, pin, 0);
CPPUNIT_ASSERT(rv == CKR_PIN_LEN_RANGE);
rv = C_InitPIN(hSession, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
}
/*
* Set the User PIN
*/
int PKCS11_init_pin(PKCS11_TOKEN * token, const char *pin)
{
PKCS11_SLOT_private *priv = PRIVSLOT(TOKEN2SLOT(token));
PKCS11_CTX *ctx = priv->parent;
int len, rv;
CHECK_FORK(ctx);
if (!priv->haveSession) {
PKCS11err(PKCS11_F_PKCS11_INIT_PIN, PKCS11_NO_SESSION);
return -1;
}
len = pin ? strlen(pin) : 0;
rv = CRYPTOKI_call(ctx, C_InitPIN(priv->session, (CK_UTF8CHAR *) pin, len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_PIN, rv);
return pkcs11_check_token(ctx, TOKEN2SLOT(token));
}
void UserTests::testSetPIN()
{
CK_RV rv;
CK_UTF8CHAR pin1[] = SLOT_0_USER1_PIN;
CK_ULONG pin1Length = sizeof(pin1) - 1;
CK_UTF8CHAR pin2[] = SLOT_0_USER2_PIN;
CK_ULONG pin2Length = sizeof(pin2) - 1;
CK_UTF8CHAR so1pin[] = SLOT_0_SO1_PIN;
CK_ULONG so1pinLength = sizeof(so1pin) - 1;
CK_UTF8CHAR so2pin[] = SLOT_0_SO2_PIN;
CK_ULONG so2pinLength = sizeof(so2pin) - 1;
CK_SESSION_HANDLE hSession;
// Just make sure that we finalize any previous tests
C_Finalize(NULL_PTR);
// Set up user PIN
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitPIN(hSession, pin1, pin1Length);
CPPUNIT_ASSERT(rv == CKR_OK);
C_Finalize(NULL_PTR);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(CK_INVALID_HANDLE, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY);
rv = C_CloseSession(hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, NULL_PTR, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);
rv = C_SetPIN(hSession, pin1, pin1Length, NULL_PTR, pin2Length);
CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, 0);
CPPUNIT_ASSERT(rv == CKR_PIN_LEN_RANGE);
rv = C_SetPIN(hSession, pin2, pin2Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_USER, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, pin1, pin1Length, pin2, pin2Length);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, pin2, pin2Length, pin1, pin1Length);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);
rv = C_Logout(hSession);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession, CKU_SO, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, so2pin, so2pinLength, so2pin, so2pinLength);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, so1pin, so1pinLength, so2pin, so2pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_SetPIN(hSession, so1pin, so1pinLength, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_SetPIN(hSession, so2pin, so2pinLength, so1pin, so1pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
}
void UserTests::testLogin()
{
CK_RV rv;
CK_UTF8CHAR pin[] = SLOT_0_USER1_PIN;
CK_ULONG pinLength = sizeof(pin) - 1;
CK_UTF8CHAR sopin[] = SLOT_0_SO1_PIN;
CK_ULONG sopinLength = sizeof(sopin) - 1;
CK_SESSION_HANDLE hSession[2];
// Just make sure that we finalize any previous tests
C_Finalize(NULL_PTR);
// Set up user PIN
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession[0]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_PIN_NOT_INITIALIZED);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_InitPIN(hSession[0], pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
C_Finalize(NULL_PTR);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
rv = C_Initialize(NULL_PTR);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSession[0]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(CK_INVALID_HANDLE, CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID);
rv = C_Login(hSession[0], CKU_SO, NULL_PTR, sopinLength);
CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD);
rv = C_Login(hSession[0], CKU_SO, sopin, 0);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_OpenSession(SLOT_INIT_TOKEN, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession[1]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_SESSION_READ_ONLY_EXISTS);
rv = C_CloseSession(hSession[1]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);
rv = C_Logout(hSession[0]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_SO, sopin, sopinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ALREADY_LOGGED_IN);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN);
rv = C_Logout(hSession[0]);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength - 1);
CPPUNIT_ASSERT(rv == CKR_PIN_INCORRECT);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_OK);
rv = C_Login(hSession[0], CKU_USER, pin, pinLength);
CPPUNIT_ASSERT(rv == CKR_USER_ALREADY_LOGGED_IN);
}
