Added basic version of login.

This commit is contained in:
Alessio Di Mauro
2015-07-14 16:51:08 +02:00
parent 0e4569af2c
commit de7e1ed000
3 changed files with 33 additions and 7 deletions
+1 -1
View File
@@ -74,7 +74,7 @@ extern "C"
ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len, ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len,
unsigned char *hex_out, size_t *out_len); unsigned char *hex_out, size_t *out_len);
ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in, ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in,
size_t in_len,unsigned char *sign_out, size_t *out_len, size_t in_len, unsigned char *sign_out, size_t *out_len,
unsigned char algorithm, unsigned char key); unsigned char algorithm, unsigned char key);
ykpiv_rc ykpiv_decipher_data(ykpiv_state *state, const unsigned char *enc_in, ykpiv_rc ykpiv_decipher_data(ykpiv_state *state, const unsigned char *enc_in,
size_t in_len, unsigned char *enc_out, size_t *out_len, size_t in_len, unsigned char *enc_out, size_t *out_len,
+4 -2
View File
@@ -245,9 +245,11 @@ typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
* v2.0 */ * v2.0 */
typedef CK_ULONG CK_USER_TYPE; typedef CK_ULONG CK_USER_TYPE;
/* Security Officer */ /* Security Officer */
#define CKU_SO 0 #define CKU_SO 0
/* Normal user */ /* Normal user */
#define CKU_USER 1 #define CKU_USER 1
/* Context specific */
#define CKU_CONTEXT_SPECIFIC 2
/* CK_STATE enumerates the session states */ /* CK_STATE enumerates the session states */
+28 -4
View File
@@ -42,7 +42,7 @@ static ykcs11_slot_t slots[YKCS11_MAX_SLOTS];
static CK_ULONG n_slots = 0; static CK_ULONG n_slots = 0;
static CK_ULONG n_tokenless_slots = 0; static CK_ULONG n_tokenless_slots = 0;
extern CK_FUNCTION_LIST function_list; extern CK_FUNCTION_LIST function_list; // TODO: check all return values
/* General Purpose */ /* General Purpose */
@@ -92,7 +92,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Finalize)(
} }
memset(slots, 0, sizeof(slots)); memset(slots, 0, sizeof(slots));
ykpiv_done(piv_state); // TODO: this calls disconnect... ykpiv_done(piv_state); // TODO: this calls disconnect...
piv_state == NULL; piv_state == NULL;
@@ -235,7 +235,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(
DBG(("Slot %lu has no token inserted", slotID)); DBG(("Slot %lu has no token inserted", slotID));
return CKR_TOKEN_NOT_PRESENT; return CKR_TOKEN_NOT_PRESENT;
} }
vendor = get_vendor(vid); // TODO: make a token field in slot_t ? vendor = get_vendor(vid); // TODO: make a token field in slot_t ?
memset(pInfo->label, ' ', sizeof(pInfo->label)); memset(pInfo->label, ' ', sizeof(pInfo->label));
@@ -464,7 +464,31 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login)(
) )
{ {
DIN; DIN;
DBG(("TODO!!!")); CK_ULONG tries;
if (piv_state == NULL)
return CKR_CRYPTOKI_NOT_INITIALIZED;
if (userType != CKU_USER &&
userType != CKU_SO &&
userType != CKU_CONTEXT_SPECIFIC)
return CKR_ARGUMENTS_BAD;
if (ulPinLen < PIV_MIN_PIN_LEN ||
ulPinLen > PIV_MAX_PIN_LEN)
return CKR_ARGUMENTS_BAD;
//TODO: check session (read only?)
DBG(("user %lu, pin %s, pinlen %lu", userType, pPin, ulPinLen));
tries = 0;
if (ykpiv_verify(piv_state, pPin, (int *)&tries) != YKPIV_OK) {
DBG(("You loose! %lu", tries));
return CKR_PIN_INCORRECT;
}
DBG(("You win! %lu", tries))
DOUT; DOUT;
return CKR_OK; return CKR_OK;
} }