giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pkcs15-init,pkcs15-tool: reword --no-prompt to --use-pinpad (close #944) (#957) 

* pkcs15-init,pkcs15-tool: reword --no-prompt to --use-pinpad (close #944)

Wording was confusing for a novice user. Old option is mantained as an alias,
but will print to stderr a deprecation warning.

Deprecation related code is all marked with deprecated word to easy future removal.

Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>

* pkcs15-init,pkcs15-tool: document --use-pinpad

Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
This commit is contained in:
Nuno Goncalves 2017-02-03 17:01:52 +01:00 committed by Frank Morgner
parent 92765f612e
commit 68f8f0bfa7
4 changed files with 47 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/tools/pkcs15-init.1.xml
View File

@ -483,6 +483,13 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>
<option>--use-pinpad</option>
</term>
<listitem><para>Do not prompt the user; if no PINs supplied, pinpad will be used.</para></listitem>
</varlistentry>
</variablelist> </variablelist>
</para> </para>
</refsect1> </refsect1>

7
doc/tools/pkcs15-tool.1.xml
View File

@ -267,6 +267,13 @@
(without 'auth-id' the first non-SO, non-Unblock PIN will be verified)</para></listitem> (without 'auth-id' the first non-SO, non-Unblock PIN will be verified)</para></listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>
<option>--use-pinpad</option>
</term>
<listitem><para>Do not prompt the user; if no PINs supplied, pinpad will be used.</para></listitem>
</varlistentry>
</variablelist> </variablelist>
</para> </para>
</refsect1> </refsect1>

39
src/tools/pkcs15-init.c
View File

@ -144,13 +144,14 @@ enum {
OPT_MD_CONTAINER_GUID, OPT_MD_CONTAINER_GUID,
OPT_VERSION, OPT_VERSION,
OPT_PIN1 = 0x10000, /* don't touch these values */ OPT_PIN1 = 0x10000, /* don't touch these values */
OPT_PUK1 = 0x10001, OPT_PUK1 = 0x10001,
OPT_PIN2 = 0x10002, OPT_PIN2 = 0x10002,
OPT_PUK2 = 0x10003, OPT_PUK2 = 0x10003,
OPT_SERIAL = 0x10004, OPT_SERIAL = 0x10004,
OPT_NO_SOPIN = 0x10005, OPT_NO_SOPIN = 0x10005,
OPT_NO_PROMPT= 0x10006 OPT_USE_PINPAD= 0x10006,
OPT_USE_PINPAD_DEPRECATED
}; };
const struct option options[] = { const struct option options[] = {
@ -201,7 +202,8 @@ const struct option options[] = {
{ "insecure", no_argument, NULL, OPT_INSECURE }, { "insecure", no_argument, NULL, OPT_INSECURE },
{ "use-default-transport-keys", { "use-default-transport-keys",
no_argument, NULL, 'T' }, no_argument, NULL, 'T' },
{ "no-prompt", no_argument, NULL, OPT_NO_PROMPT }, { "use-pinpad", no_argument, NULL, OPT_USE_PINPAD },
{ "no-prompt", no_argument, NULL, OPT_USE_PINPAD_DEPRECATED },
{ "profile", required_argument, NULL, 'p' }, { "profile", required_argument, NULL, 'p' },
{ "card-profile", required_argument, NULL, 'c' }, { "card-profile", required_argument, NULL, 'c' },
@ -264,6 +266,7 @@ static const char * option_help[] = {
"Insecure mode: do not require a PIN for private key", "Insecure mode: do not require a PIN for private key",
"Do not ask for transport keys if the driver thinks it knows the key", "Do not ask for transport keys if the driver thinks it knows the key",
"Do not prompt the user; if no PINs supplied, pinpad will be used", "Do not prompt the user; if no PINs supplied, pinpad will be used",
NULL,
"Specify the general profile to use", "Specify the general profile to use",
"Specify the card profile to use", "Specify the card profile to use",
@ -344,7 +347,7 @@ static unsigned int opt_actions;
static int opt_extractable = 0, static int opt_extractable = 0,
opt_insecure = 0, opt_insecure = 0,
opt_authority = 0, opt_authority = 0,
opt_no_prompt = 0, opt_use_pinpad = 0,
opt_no_sopin = 0, opt_no_sopin = 0,
opt_use_defkeys = 0, opt_use_defkeys = 0,
opt_wait = 0, opt_wait = 0,
@ -804,14 +807,14 @@ do_init_app(struct sc_profile *profile)
so_puk_disabled = 1; so_puk_disabled = 1;
if (!opt_pins[2] && !opt_no_prompt && !opt_no_sopin) { if (!opt_pins[2] && !opt_use_pinpad && !opt_no_sopin) {
r = get_new_pin(&hints, role, "pin", &pins[2]); r = get_new_pin(&hints, role, "pin", &pins[2]);
if (r < 0) if (r < 0)
goto failed; goto failed;
opt_pins[2] = pins[2]; opt_pins[2] = pins[2];
} }
if (!so_puk_disabled && opt_pins[2] && !opt_pins[3] && !opt_no_prompt) { if (!so_puk_disabled && opt_pins[2] && !opt_pins[3] && !opt_use_pinpad) {
sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &info); sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &info);
if (!(info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) if (!(info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN))
@ -1892,7 +1895,7 @@ get_pin_callback(struct sc_profile *profile,
char prompt[128]; char prompt[128];
int r; int r;
if (opt_no_prompt) if (opt_use_pinpad)
return SC_ERROR_OBJECT_NOT_FOUND; return SC_ERROR_OBJECT_NOT_FOUND;
snprintf(prompt, sizeof(prompt), "%s required", name); snprintf(prompt, sizeof(prompt), "%s required", name);
@ -1958,9 +1961,9 @@ get_key_callback(struct sc_profile *profile,
} }
printf("Transport key (%s #%d) required.\n", kind, reference); printf("Transport key (%s #%d) required.\n", kind, reference);
if (opt_no_prompt) { if (opt_use_pinpad) {
printf("\n" printf("\n"
"Refusing to prompt for transport key because --no-prompt\n" "Refusing to prompt for transport key because --use-pinpad\n"
"was specified on the command line. Please invoke without\n" "was specified on the command line. Please invoke without\n"
"--no-prompt, or specify the --use-default-transport-keys\n" "--no-prompt, or specify the --use-default-transport-keys\n"
"option to use the default transport keys without being\n" "option to use the default transport keys without being\n"
@ -2627,8 +2630,10 @@ handle_option(const struct option *opt)
case OPT_NO_SOPIN: case OPT_NO_SOPIN:
opt_no_sopin = 1; opt_no_sopin = 1;
break; break;
case OPT_NO_PROMPT: case OPT_USE_PINPAD_DEPRECATED:
opt_no_prompt = 1; fprintf(stderr, "'--no-prompt' is deprecated , use '--use-pinpad' instead.\n");
case OPT_USE_PINPAD:
opt_use_pinpad = 1;
break; break;
case OPT_ASSERT_PRISTINE: case OPT_ASSERT_PRISTINE:
this_action = ACTION_ASSERT_PRISTINE; this_action = ACTION_ASSERT_PRISTINE;
@ -2969,7 +2974,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
else { else {
sc_ui_hints_t hints; sc_ui_hints_t hints;
if (opt_no_prompt) if (opt_use_pinpad)
return SC_ERROR_OBJECT_NOT_FOUND; return SC_ERROR_OBJECT_NOT_FOUND;
if (pin_obj->label[0]) if (pin_obj->label[0])

17
src/tools/pkcs15-tool.c
View File

@ -76,7 +76,7 @@ static const char * opt_pin = NULL;
static const char * opt_puk = NULL; static const char * opt_puk = NULL;
static int compact = 0; static int compact = 0;
static int verbose = 0; static int verbose = 0;
static int opt_no_prompt = 0; static int opt_use_pinpad = 0;
#if defined(ENABLE_OPENSSL) && (defined(_WIN32) || defined(HAVE_INTTYPES_H)) #if defined(ENABLE_OPENSSL) && (defined(_WIN32) || defined(HAVE_INTTYPES_H))
static int opt_rfc4716 = 0; static int opt_rfc4716 = 0;
#endif #endif
@ -101,7 +101,8 @@ enum {
OPT_BIND_TO_AID, OPT_BIND_TO_AID,
OPT_LIST_APPLICATIONS, OPT_LIST_APPLICATIONS,
OPT_LIST_SKEYS, OPT_LIST_SKEYS,
OPT_NO_PROMPT, OPT_USE_PINPAD,
OPT_USE_PINPAD_DEPRECATED,
OPT_RAW, OPT_RAW,
OPT_PRINT_VERSION, OPT_PRINT_VERSION,
OPT_LIST_INFO, OPT_LIST_INFO,
@ -147,7 +148,8 @@ static const struct option options[] = {
{ "aid", required_argument, NULL, OPT_BIND_TO_AID }, { "aid", required_argument, NULL, OPT_BIND_TO_AID },
{ "wait", no_argument, NULL, 'w' }, { "wait", no_argument, NULL, 'w' },
{ "verbose", no_argument, NULL, 'v' }, { "verbose", no_argument, NULL, 'v' },
{ "no-prompt", no_argument, NULL, OPT_NO_PROMPT }, { "use-pinpad", no_argument, NULL, OPT_USE_PINPAD },
{ "no-prompt", no_argument, NULL, OPT_USE_PINPAD_DEPRECATED },
{ NULL, 0, NULL, 0 } { NULL, 0, NULL, 0 }
}; };
@ -188,6 +190,7 @@ static const char *option_help[] = {
"Wait for card insertion", "Wait for card insertion",
"Verbose operation. Use several times to enable debug output.", "Verbose operation. Use several times to enable debug output.",
"Do not prompt the user; if no PINs supplied, pinpad will be used.", "Do not prompt the user; if no PINs supplied, pinpad will be used.",
NULL,
NULL NULL
}; };
@ -1174,7 +1177,7 @@ static u8 * get_pin(const char *prompt, sc_pkcs15_object_t *pin_obj)
size_t len = 0; size_t len = 0;
int r; int r;
if (opt_no_prompt) { if (opt_use_pinpad) {
// defer entry of the PIN to the readers pinpad. // defer entry of the PIN to the readers pinpad.
if (verbose) if (verbose)
printf("%s [%.*s]: entry deferred to the reader keypad\n", prompt, (int) sizeof pin_obj->label, pin_obj->label); printf("%s [%.*s]: entry deferred to the reader keypad\n", prompt, (int) sizeof pin_obj->label, pin_obj->label);
@ -2092,8 +2095,10 @@ int main(int argc, char * const argv[])
case 'w': case 'w':
opt_wait = 1; opt_wait = 1;
break; break;
case OPT_NO_PROMPT: case OPT_USE_PINPAD_DEPRECATED:
opt_no_prompt = 1; fprintf(stderr, "'--no-prompt' is deprecated , use '--use-pinpad' instead.\n");
case OPT_USE_PINPAD:
opt_use_pinpad = 1;
break; break;
} }
} }