Added basic version of login.
This commit is contained in:
+1
-1
@@ -74,7 +74,7 @@ extern "C"
|
||||
ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len,
|
||||
unsigned char *hex_out, size_t *out_len);
|
||||
ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in,
|
||||
size_t in_len,unsigned char *sign_out, size_t *out_len,
|
||||
size_t in_len, unsigned char *sign_out, size_t *out_len,
|
||||
unsigned char algorithm, unsigned char key);
|
||||
ykpiv_rc ykpiv_decipher_data(ykpiv_state *state, const unsigned char *enc_in,
|
||||
size_t in_len, unsigned char *enc_out, size_t *out_len,
|
||||
|
||||
+4
-2
@@ -245,9 +245,11 @@ typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
|
||||
* v2.0 */
|
||||
typedef CK_ULONG CK_USER_TYPE;
|
||||
/* Security Officer */
|
||||
#define CKU_SO 0
|
||||
#define CKU_SO 0
|
||||
/* Normal user */
|
||||
#define CKU_USER 1
|
||||
#define CKU_USER 1
|
||||
/* Context specific */
|
||||
#define CKU_CONTEXT_SPECIFIC 2
|
||||
|
||||
|
||||
/* CK_STATE enumerates the session states */
|
||||
|
||||
+28
-4
@@ -42,7 +42,7 @@ static ykcs11_slot_t slots[YKCS11_MAX_SLOTS];
|
||||
static CK_ULONG n_slots = 0;
|
||||
static CK_ULONG n_tokenless_slots = 0;
|
||||
|
||||
extern CK_FUNCTION_LIST function_list;
|
||||
extern CK_FUNCTION_LIST function_list; // TODO: check all return values
|
||||
|
||||
/* General Purpose */
|
||||
|
||||
@@ -92,7 +92,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Finalize)(
|
||||
}
|
||||
|
||||
memset(slots, 0, sizeof(slots));
|
||||
|
||||
|
||||
ykpiv_done(piv_state); // TODO: this calls disconnect...
|
||||
piv_state == NULL;
|
||||
|
||||
@@ -235,7 +235,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(
|
||||
DBG(("Slot %lu has no token inserted", slotID));
|
||||
return CKR_TOKEN_NOT_PRESENT;
|
||||
}
|
||||
|
||||
|
||||
vendor = get_vendor(vid); // TODO: make a token field in slot_t ?
|
||||
|
||||
memset(pInfo->label, ' ', sizeof(pInfo->label));
|
||||
@@ -464,7 +464,31 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login)(
|
||||
)
|
||||
{
|
||||
DIN;
|
||||
DBG(("TODO!!!"));
|
||||
CK_ULONG tries;
|
||||
|
||||
if (piv_state == NULL)
|
||||
return CKR_CRYPTOKI_NOT_INITIALIZED;
|
||||
|
||||
if (userType != CKU_USER &&
|
||||
userType != CKU_SO &&
|
||||
userType != CKU_CONTEXT_SPECIFIC)
|
||||
return CKR_ARGUMENTS_BAD;
|
||||
|
||||
if (ulPinLen < PIV_MIN_PIN_LEN ||
|
||||
ulPinLen > PIV_MAX_PIN_LEN)
|
||||
return CKR_ARGUMENTS_BAD;
|
||||
|
||||
//TODO: check session (read only?)
|
||||
DBG(("user %lu, pin %s, pinlen %lu", userType, pPin, ulPinLen));
|
||||
|
||||
tries = 0;
|
||||
if (ykpiv_verify(piv_state, pPin, (int *)&tries) != YKPIV_OK) {
|
||||
DBG(("You loose! %lu", tries));
|
||||
return CKR_PIN_INCORRECT;
|
||||
}
|
||||
|
||||
DBG(("You win! %lu", tries))
|
||||
|
||||
DOUT;
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user