int do_inittoken( void )
{
CK_BYTE label[32];
CK_BYTE so_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG so_pin_len;
int len;
CK_RV rc;
if (get_so_pin(so_pin))
return CKR_FUNCTION_FAILED;
so_pin_len = (CK_ULONG)strlen((char *)so_pin);
// memcpy( label, "A new label ", 32 );
memcpy( label, " ", 32 );
printf("Enter Token Label:");
if (!fgets(label, 32, stdin)) {
show_error("fgets failed", CKR_FUNCTION_FAILED);
rc = FALSE;
goto done;
}
printf("\nLabel is: %s",label);
for (len = 0; len <31;len++){
if (label[len] == '\0'){
label[len] = ' ';
break;
}
}
printf("\n");
// memcpy( label, "RemoteLeeds ", 32 );
rc = funcs->C_InitToken( SLOT_ID, NULL, so_pin_len, label );
if (rc != CKR_ARGUMENTS_BAD) {
show_error(" C_InitToken Fail #1",rc);
rc = FALSE;
goto done;
}
rc = funcs->C_InitToken( SLOT_ID, so_pin, so_pin_len, NULL );
if (rc != CKR_ARGUMENTS_BAD) {
show_error(" C_InitToken Fail #2",rc);
rc = FALSE;
goto done;
}
rc = funcs->C_InitToken( SLOT_ID, so_pin, so_pin_len, label );
if (rc != CKR_OK) {
show_error(" C_InitToken #1", rc );
rc = FALSE;
goto done;
}
rc = TRUE;
done:
return rc;
}
int do_setUserPIN( void )
{
CK_BYTE so_pin[PKCS11_MAX_PIN_LEN];
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG user_pin_len, so_pin_len;
CK_FLAGS flags;
CK_SESSION_HANDLE h_session;
CK_ULONG rc;
if (get_user_pin(user_pin))
return CKR_FUNCTION_FAILED;
user_pin_len = (CK_ULONG)strlen((char *)user_pin);
if (get_so_pin(so_pin))
return CKR_FUNCTION_FAILED;
so_pin_len = (CK_ULONG)strlen((char *)so_pin);
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
rc = funcs->C_OpenSession( SLOT_ID, flags, NULL, NULL, &h_session );
if (rc != CKR_OK) {
show_error(" C_OpenSession #1", rc );
rc = FALSE;
goto done;
}
rc = funcs->C_Login( h_session, CKU_SO, so_pin, so_pin_len );
if (rc != CKR_OK) {
show_error(" C_Login #1", rc );
rc = FALSE;
goto done;
}
rc = funcs->C_InitPIN( h_session, user_pin, user_pin_len );
if (rc != CKR_OK) {
show_error(" C_InitPIN #1", rc );
rc = FALSE;
goto done;
}
rc = TRUE;
done:
funcs->C_CloseAllSessions( SLOT_ID );
return rc;
}
CK_RV do_SetPIN(void)
{
CK_SLOT_ID slot_id;
CK_FLAGS flags;
CK_SESSION_HANDLE session;
CK_CHAR old_pin[PKCS11_MAX_PIN_LEN];
CK_CHAR new_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG old_len;
CK_ULONG new_len;
CK_RV rc;
testcase_begin("Testing C_SetPIN");
// first, try to get the user PIN
if (get_user_pin(old_pin))
return CKR_FUNCTION_FAILED;
old_len = (CK_ULONG)strlen((char *)old_pin);
memcpy(new_pin, "ABCDEF", 6);
new_len = 6;
slot_id = SLOT_ID;
/* try to call C_SetPIN from a R/O public session, it should fail.
*/
flags = CKF_SERIAL_SESSION;
testcase_new_assertion();
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session);
if (rc != CKR_OK) {
testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc));
return rc;
}
rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len);
if (rc != CKR_SESSION_READ_ONLY) {
testcase_fail("C_SetPIN #1 returned %s instead of "
"CKR_SESSION_READ_ONLY.", p11_get_ckr(rc));
rc = CKR_FUNCTION_FAILED;
goto testcase_cleanup;
} else
testcase_pass("C_SetPIN successful in pubic session.");
if (funcs->C_CloseSession(session) != CKR_OK) {
testcase_error("C_CloseSession #1 failed.");
goto testcase_cleanup;
}
/* try to call C_SetPIN from a R/W public session, it should work.
*/
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session);
if (rc != CKR_OK) {
testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc));
return rc;
}
rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len);
if (rc != CKR_OK) {
testcase_fail("C_SetPIN failed: rc = %s", p11_get_ckr(rc));
} else
testcase_pass("C_SetPIN successful in r/w pubic session.");
if (funcs->C_CloseSession(session) != CKR_OK) {
testcase_error("C_CloseSession #1 failed.");
goto testcase_cleanup;
}
if (rc != CKR_OK) // above C_SetPIN failed so leave
goto testcase_cleanup;
/* open a new session and try logging in with new pin */
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session);
if (rc != CKR_OK) {
testcase_error("C_OpenSession #1 rc=%s", p11_get_ckr(rc));
return rc;
}
testcase_new_assertion();
rc = funcs->C_Login(session, CKU_USER, new_pin, new_len);
if (rc != CKR_OK) {
testcase_fail("C_Login #1 failed: rc=%s", p11_get_ckr(rc));
goto testcase_cleanup;
} else
testcase_pass("Successfully logged in with new pin.");
/* try to call C_SetPIN from a normal user session, r/w user.
* set back to original user pin. this should work.
*/
testcase_new_assertion();
rc = funcs->C_SetPIN(session, new_pin, new_len, old_pin, old_len);
if (rc != CKR_OK)
testcase_fail("C_SetPIN #2 rc=%s", p11_get_ckr(rc));
else
testcase_pass("C_SetPIN successful.");
if ((funcs->C_Logout(session)) != CKR_OK) {
testcase_error("C_Logout #1 falied: rc=%s", p11_get_ckr(rc));
goto testcase_cleanup;
}
if (rc != CKR_OK) // above C_SetPIN failed.
goto testcase_cleanup;
/*
* done with user tests...now try with the SO
*/
if (get_so_pin(old_pin))
return CKR_FUNCTION_FAILED;
/* try to call C_SetPIN from a normal user session */
testcase_new_assertion();
rc = funcs->C_Login(session, CKU_SO, old_pin, old_len);
if (rc != CKR_OK) {
testcase_error("C_Login #3failed: rc=%s", p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_SetPIN(session, old_pin, old_len, new_pin, new_len);
if (rc != CKR_OK)
testcase_fail("C_SetPIN #4 failed: rc=%s", p11_get_ckr(rc));
else
testcase_pass("C_SetPIN successfully set SO PIN.");
if ((funcs->C_Logout(session)) != CKR_OK) {
testcase_error("C_Logout #3 failed.");
goto testcase_cleanup;
}
if (rc != CKR_OK) // above C_SetPIN failed
goto testcase_cleanup;
/* now login with new pin. should work. */
testcase_new_assertion();
rc = funcs->C_Login(session, CKU_SO, new_pin, new_len);
if (rc != CKR_OK) {
testcase_fail("C_Login #5 failed: rc=%s", p11_get_ckr(rc));
} else
testcase_pass("C_Login #5 was successful.");
/* change the PIN back to the original so the rest of this program
* doesn't break
*/
if (funcs->C_SetPIN(session, new_pin, new_len, old_pin, old_len) != CKR_OK)
testcase_error("C_SetPIN #5 failed to set back to the original "
"SO PIN, rc=%s", p11_get_ckr(rc));
if ((funcs->C_Logout(session)) != CKR_OK)
testcase_error("C_Logout #4 failed.");
testcase_cleanup:
if (funcs->C_CloseSession(session) != CKR_OK)
testcase_error("C_CloseSession #1 failed.");
return rc;
}
CK_RV do_InitPIN(void)
{
CK_SLOT_ID slot_id;
CK_FLAGS flags;
CK_SESSION_HANDLE session;
CK_CHAR so_pin[PKCS11_MAX_PIN_LEN];
CK_CHAR user_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG so_pin_len;
CK_ULONG user_pin_len;
CK_RV rc;
testcase_begin("Testing C_InitPIN");
if (get_user_pin(user_pin))
return CKR_FUNCTION_FAILED;
user_pin_len = (CK_ULONG)strlen((char *)user_pin);
if (get_so_pin(so_pin))
return CKR_FUNCTION_FAILED;
so_pin_len = (CK_ULONG)strlen((char *)so_pin);
slot_id = SLOT_ID;
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
// try to call C_InitPIN from a public session
testcase_new_assertion();
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session);
if (rc != CKR_OK) {
testcase_error("C_OpenSession rc=%s", p11_get_ckr(rc));
return rc;
}
rc = funcs->C_InitPIN(session, user_pin, user_pin_len);
if (rc != CKR_USER_NOT_LOGGED_IN) {
testcase_fail("C_InitPIN returned %s instead of "
"CKR_USER_NOT_LOGGED_IN", p11_get_ckr(rc));
goto testcase_cleanup;
} else
testcase_pass("C_InitPin correctly returned CKR_USER_NOT_LOGGED_IN.");
// try to call C_InitPIN from an SO session
testcase_new_assertion();
rc = funcs->C_Login(session, CKU_SO, so_pin, so_pin_len);
if (rc != CKR_OK) {
testcase_error("C_Login #1 failed: rc=%s", p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_InitPIN(session, user_pin, user_pin_len);
if (rc != CKR_OK)
testcase_fail("C_InitPIN failed: rc=%s", p11_get_ckr(rc));
else
testcase_pass("C_InitPIN #1 was successful.");
if ((funcs->C_Logout(session)) != CKR_OK) {
testcase_error("C_Logout #1 failed.");
if (rc != CKR_OK)
goto testcase_cleanup;
}
// try to call C_InitPIN from a normal user session
testcase_new_assertion();
rc = funcs->C_Login( session, CKU_USER, user_pin, user_pin_len );
if (rc != CKR_OK) {
testcase_error("C_Login failed: rc=%s", p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_InitPIN(session, user_pin, user_pin_len);
if (rc != CKR_USER_NOT_LOGGED_IN) {
testcase_fail("C_InitPIN returned %s instead of "
"CKR_USER_NOT_LOGGED_IN.", p11_get_ckr(rc));
rc = CKR_FUNCTION_FAILED;
} else {
testcase_pass("C_InitPIN #2 was successful.");
rc = CKR_OK;
}
if ((funcs->C_Logout(session)) != CKR_OK)
testcase_error("C_Logout #2 rc=%s", p11_get_ckr(rc));
testcase_cleanup:
if (funcs->C_CloseAllSessions(slot_id) != CKR_OK)
testcase_error("C_CloseAllSessions #1 rc=%s", p11_get_ckr(rc));
return rc;
}
