Implemented C_SetPIN
This commit is contained in:
@@ -290,6 +290,7 @@ token_vendor_t get_token_vendor(vendor_id_t vid) {
|
||||
v.token_import_cert = COMMON_token_import_cert;
|
||||
v.token_import_private_key = COMMON_token_import_private_key;
|
||||
v.token_delete_cert = COMMON_token_delete_cert;
|
||||
v.token_change_pin = YUBICO_token_change_pin;
|
||||
break;
|
||||
|
||||
case UNKNOWN:
|
||||
|
||||
@@ -18,6 +18,7 @@ typedef CK_RV (*get_t_mechanism_info_f)(CK_MECHANISM_TYPE, CK_MECHANISM_INFO_PTR
|
||||
typedef CK_RV (*get_t_objects_num_f)(ykpiv_state *, CK_ULONG_PTR, CK_ULONG_PTR);
|
||||
typedef CK_RV (*get_t_object_list_f)(ykpiv_state *, piv_obj_id_t *, CK_ULONG);
|
||||
typedef CK_RV (*get_t_raw_certificate_f)(ykpiv_state *, piv_obj_id_t, CK_BYTE_PTR, CK_ULONG_PTR);
|
||||
typedef CK_RV (*t_change_pin_f)(ykpiv_state *, CK_USER_TYPE, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR, CK_ULONG);
|
||||
|
||||
// Common token functions below
|
||||
typedef CK_RV (*t_login_f)(ykpiv_state *, CK_USER_TYPE, CK_UTF8CHAR_PTR, CK_ULONG);
|
||||
@@ -53,6 +54,7 @@ typedef struct {
|
||||
t_import_cert_f token_import_cert;
|
||||
t_import_private_key_f token_import_private_key;
|
||||
t_delete_cert_f token_delete_cert;
|
||||
t_change_pin_f token_change_pin;
|
||||
} token_vendor_t;
|
||||
|
||||
token_vendor_t get_token_vendor(vendor_id_t vid);
|
||||
|
||||
+31
-1
@@ -421,7 +421,36 @@ CK_DEFINE_FUNCTION(CK_RV, C_SetPIN)(
|
||||
)
|
||||
{
|
||||
DIN;
|
||||
DBG("TODO!!!");
|
||||
CK_RV rv;
|
||||
token_vendor_t token;
|
||||
|
||||
if (piv_state == NULL) {
|
||||
DBG("libykpiv is not initialized or already finalized");
|
||||
return CKR_CRYPTOKI_NOT_INITIALIZED;
|
||||
}
|
||||
|
||||
if (session.handle == CK_INVALID_HANDLE) {
|
||||
DBG("User called SetPIN on closed session");
|
||||
return CKR_SESSION_CLOSED;
|
||||
}
|
||||
|
||||
if (hSession != YKCS11_SESSION_ID) {
|
||||
DBG("Unknown session %lu", hSession);
|
||||
return CKR_SESSION_HANDLE_INVALID;
|
||||
}
|
||||
|
||||
CK_USER_TYPE user_type = CKU_USER;
|
||||
if (session.info.state == CKS_RW_SO_FUNCTIONS) {
|
||||
user_type = CKU_SO;
|
||||
}
|
||||
|
||||
token = get_token_vendor(session.slot->token->vid);
|
||||
rv = token.token_change_pin(piv_state, user_type, pOldPin, ulOldLen, pNewPin, ulNewLen);
|
||||
if (rv != CKR_OK) {
|
||||
DBG("Pin change failed %lx", rv);
|
||||
return rv;
|
||||
}
|
||||
|
||||
DOUT;
|
||||
return CKR_OK;
|
||||
}
|
||||
@@ -979,6 +1008,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
|
||||
DBG("Unable to store certificate data");
|
||||
return CKR_FUNCTION_FAILED;
|
||||
}
|
||||
*phObject = cert_id;
|
||||
|
||||
break;
|
||||
|
||||
|
||||
@@ -334,3 +334,25 @@ CK_RV YUBICO_get_token_raw_certificate(ykpiv_state *state, piv_obj_id_t obj, CK_
|
||||
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
CK_RV YUBICO_token_change_pin(ykpiv_state *state, CK_USER_TYPE user_type, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen) {
|
||||
int tries;
|
||||
ykpiv_rc res;
|
||||
if (user_type != CKU_USER) {
|
||||
DBG("TODO implement other users pin change");
|
||||
return CKR_FUNCTION_FAILED;
|
||||
}
|
||||
res = ykpiv_change_pin(state, pOldPin, ulOldLen, pNewPin, ulNewLen, &tries);
|
||||
switch (res) {
|
||||
case YKPIV_OK:
|
||||
return CKR_OK;
|
||||
case YKPIV_SIZE_ERROR:
|
||||
return CKR_PIN_LEN_RANGE;
|
||||
case YKPIV_WRONG_PIN:
|
||||
return CKR_PIN_INCORRECT;
|
||||
case YKPIV_PIN_LOCKED:
|
||||
return CKR_PIN_LOCKED;
|
||||
default:
|
||||
return CKR_FUNCTION_FAILED;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,5 +17,7 @@ CK_RV YUBICO_get_token_mechanism_info(CK_MECHANISM_TYPE mec, CK_MECHANISM_INFO_P
|
||||
CK_RV YUBICO_get_token_objects_num(ykpiv_state *state, CK_ULONG_PTR num, CK_ULONG_PTR num_certs);
|
||||
CK_RV YUBICO_get_token_object_list(ykpiv_state *state, piv_obj_id_t *obj, CK_ULONG num);
|
||||
CK_RV YUBICO_get_token_raw_certificate(ykpiv_state *state, piv_obj_id_t obj, CK_BYTE_PTR data, CK_ULONG_PTR len);
|
||||
CK_RV YUBICO_token_change_pin(ykpiv_state *state, CK_USER_TYPE user_type, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen,
|
||||
CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen);
|
||||
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user