From 35bd07ed5e31965f0c7064bd0620c6c4508ed666 Mon Sep 17 00:00:00 2001 From: vtarasov Date: Thu, 2 Jun 2011 18:05:02 +0000 Subject: [PATCH] pkcs11: with 'init-pin-in-SO-session' PIN unblock style, try to set PIN when PUK value is not available git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5539 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/pkcs11/framework-pkcs15.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c index 3486fb4a..057e87f9 100644 --- a/src/pkcs11/framework-pkcs15.c +++ b/src/pkcs11/framework-pkcs15.c @@ -1320,24 +1320,23 @@ static CK_RV pkcs15_init_pin(struct sc_pkcs11_card *p11card, struct sc_pkcs15_pin_info *pin_info; int rc; - sc_debug(context, SC_LOG_DEBUG_NORMAL, "pkcs15 init PIN: pin %p:%d\n", pPin, ulPinLen); + sc_debug(context, SC_LOG_DEBUG_NORMAL, "pkcs15 init PIN: pin %p:%d; unblock style %i", + pPin, ulPinLen, sc_pkcs11_conf.pin_unblock_style); pin_info = slot_data_pin_info(slot->fw_data); if (pin_info && sc_pkcs11_conf.pin_unblock_style == SC_PKCS11_PIN_UNBLOCK_SO_LOGGED_INITPIN) { + /* C_InitPIN is used to unblock User PIN or set it in the SO session .*/ auth_obj = slot_data_auth(slot->fw_data); if (fw_data->user_puk_len) { rc = sc_pkcs15_unblock_pin(fw_data->p15_card, auth_obj, fw_data->user_puk, fw_data->user_puk_len, pPin, ulPinLen); } else { -#if 0 - /* TODO: Actually sc_pkcs15_unblock_pin() do not accepts zero length value as a PUK argument. - * It's usefull for the cards that do not supports modes 00 and 01 - * of ISO 'RESET RETRY COUNTER' command. */ - rc = sc_pkcs15_unblock_pin(fw_data->p15_card, auth_obj, NULL, 0, pPin, ulPinLen); -#else - return sc_to_cryptoki_error(SC_ERROR_NOT_SUPPORTED, "C_InitPIN"); -#endif + /* FIXME (VT): Actually sc_pkcs15_unblock_pin() do not accepts zero length PUK. + * Something like sc_pkcs15_set_pin() should be introduced. + * For a while, use the 'libopensc' API to set PIN. */ + rc = sc_reset_retry_counter(fw_data->p15_card->card, SC_AC_CHV, pin_info->reference, + NULL, 0, pPin, ulPinLen); } return sc_to_cryptoki_error(rc, "C_InitPIN");