int main(){
//Prints to browser
printf("<html>");
printf(“Content-Type:text/html\n\n”);
//Gets data from CGI
char *data = getenv("QUERY_STRING");
//Stores the login
char *login = loginToken(data);
//Checks if the login is not already in use
int loginIsValid = doesLoginExist(login);
//If login is invalid, directs user to either the landing page or the
//login page
if (loginIsValid == 0){
print("<head><body>Wrong login. Please click
<a href="LOGIN PAGE HERE">here</a> to return to the login page. Please click <a href="LANDING PAGE HERE">here</a>
to return to the landing page </head></body></html>");
}
int
main( int a_iArgc,
char **a_pszArgv ) {
int rc = 1;
// Create buffers for PIN prompts for formatting using sprintf
char szSoNewPinPrompt[ strlen( TOKEN_SO_NEW_PIN_PROMPT ) + 16 ];
char szUserNewPinPrompt[ strlen( TOKEN_USER_NEW_PIN_PROMPT ) + 16 ];
char *pszReply = NULL;
char *pszSoPin = NULL;
char *pszNewSoPin = NULL;
char *pszNewUserPin = NULL;
CK_RV rv = CKR_OK;
CK_SESSION_HANDLE hSession = 0;
// Set up i18n
initIntlSys( );
// Parse the command
if ( parseCmd( a_iArgc, a_pszArgv ) == -1 )
goto out;
// Open the PKCS#11 TPM Token
rv = openToken( g_pszToken );
if ( rv != CKR_OK )
goto out;
// Check if the token is already initialized
if ( isTokenInitialized( ) ) {
// Warn and ask the user before clearing
if ( !g_bYes ) {
pszReply = getReply( TOKEN_CLEAR_PROMPT, 1 );
if ( !pszReply ||
( strlen( pszReply ) == 0 ) ||
( strcasecmp( pszReply, TOKEN_CLEAR_NO ) == 0 ) ) {
goto out;
}
}
// Prompt for the current SO password
pszSoPin = getPlainPasswd( TOKEN_SO_PIN_PROMPT, FALSE );
if ( !pszSoPin )
goto out;
}
else
pszSoPin = strdup( TOKEN_SO_INIT_PIN );
// Clear the TPM token
rv = initToken( pszSoPin );
if ( rv != CKR_OK )
goto out;
// Open a session
rv = openTokenSession( CKF_RW_SESSION, &hSession );
if ( rv != CKR_OK )
goto out;
// Login to the token
rv = loginToken( hSession, CKU_SO, TOKEN_SO_INIT_PIN );
if ( rv != CKR_OK )
goto out;
sprintf( szSoNewPinPrompt, TOKEN_SO_NEW_PIN_PROMPT, getMinPinLen( ), getMaxPinLen( ) );
while ( TRUE ) {
// Prompt for a new SO password
pszNewSoPin = getPlainPasswd( szSoNewPinPrompt, TRUE );
if ( !pszNewSoPin )
goto out;
// Set the new password
rv = setPin( hSession, TOKEN_SO_INIT_PIN, pszNewSoPin );
if ( rv == CKR_OK )
break;
if ( ( rv == CKR_PIN_INVALID ) || ( rv == CKR_PIN_LEN_RANGE ) )
logError( TOKEN_INVALID_PIN );
else
goto out;
shredPasswd( pszNewSoPin );
}
// Open a new session
closeTokenSession( hSession );
hSession = 0;
rv = openTokenSession( CKF_RW_SESSION, &hSession );
if ( rv != CKR_OK )
goto out;
// Login to the token
rv = loginToken( hSession, CKU_USER, TOKEN_USER_INIT_PIN );
if ( rv != CKR_OK )
goto out;
sprintf( szUserNewPinPrompt, TOKEN_USER_NEW_PIN_PROMPT, getMinPinLen( ), getMaxPinLen( ) );
while ( TRUE ) {
// Prompt for a new User password
pszNewUserPin = getPlainPasswd( szUserNewPinPrompt, TRUE );
if ( !pszNewUserPin )
goto out;
// Set the new password
rv = setPin( hSession, TOKEN_USER_INIT_PIN, pszNewUserPin );
if ( rv == CKR_OK )
break;
if ( ( rv == CKR_PIN_INVALID ) || ( rv == CKR_PIN_LEN_RANGE ) )
logError( TOKEN_INVALID_PIN );
else
goto out;
shredPasswd( pszNewUserPin );
}
rc = 0;
out:
free( pszReply );
shredPasswd( pszSoPin );
shredPasswd( pszNewSoPin );
shredPasswd( pszNewUserPin );
if ( hSession )
closeTokenSession( hSession );
closeToken( );
if ( rc == 0 )
logInfo( TOKEN_CMD_SUCCESS, a_pszArgv[ 0 ] );
else
logInfo( TOKEN_CMD_FAILED, a_pszArgv[ 0 ] );
return rc;
}
