/*
* Determines if user is authenticated with token
*/
int PKCS11_is_logged_in(PKCS11_SLOT * slot, int so, int * res)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_CTX *ctx = priv->parent;
CK_SESSION_INFO session_info;
int rv;
if (priv->loggedIn) {
*res = 1;
return 0;
}
if (!priv->haveSession) {
/* SO gets a r/w session by default,
* user gets a r/o session by default. */
if (PKCS11_open_session(slot, so))
return -1;
}
rv = CRYPTOKI_call(ctx, C_GetSessionInfo(priv->session, &session_info));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_GETSESSIONINFO, rv);
if (so) {
*res = session_info.state == CKS_RW_SO_FUNCTIONS;
} else {
*res = session_info.state == CKS_RO_USER_FUNCTIONS || session_info.state == CKS_RW_USER_FUNCTIONS;
}
return 0;
}
CK_BBOOL can_enter_pin(CK_SLOT_ID slot) {
CK_SESSION_HANDLE session;
CK_SESSION_INFO info;
CK_BBOOL retval = CK_TRUE;
if(C_OpenSession(slot, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &session) != CKR_OK) {
printf("Could not open a session\n");
return CK_FALSE;
}
if(C_GetSessionInfo(session, &info) != CKR_OK) {
printf("Could not request session info\n");
return CK_FALSE;
}
if(info.flags & CKF_PROTECTED_AUTHENTICATION_PATH) {
if(have_robot() && !is_manual_robot()) {
fprintf(stderr, "E: robot cannot enter a pin code on a protected auth path SC reader\n");
retval = CK_FALSE;
}
}
C_CloseSession(session);
return retval;
}
