- implemented C_ChangePIN

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@348 c6295689-39f2-0310-b995-f0e70906c6a9
2002-03-20 15:04:14 +00:00 · 2002-03-20 15:04:14 +00:00 · 7952f81721
parent 853d414fc3
commit 7952f81721
3 changed files with 39 additions and 28 deletions
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@ -434,6 +434,26 @@ static CK_RV pkcs15_logout(struct sc_pkcs11_card *p11card, void *fw_token)
 	return sc_to_cryptoki_error(rc, p11card->reader);
 }

+static CK_RV pkcs15_change_pin(struct sc_pkcs11_card *p11card,
+			  void *fw_token,
+			  CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen,
+			  CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
+{
+	int rc;
+	struct sc_pkcs15_card *card = (struct sc_pkcs15_card*) p11card->fw_data;
+        struct sc_pkcs15_object *auth_object = (struct sc_pkcs15_object*) fw_token;
+	struct sc_pkcs15_pin_info *pin = (struct sc_pkcs15_pin_info*) auth_object->data;
+
+	if (ulNewLen < pin->min_length ||
+	    ulNewLen > pin->stored_length)
+		return CKR_PIN_LEN_RANGE;
+
+	rc = sc_pkcs15_change_pin(card, pin, pOldPin, ulOldLen,
+				pNewPin, ulNewLen);
+        debug(context, "PIN verification returned %d\n", rc);
+	return sc_to_cryptoki_error(rc, p11card->reader);
+}
+
 struct sc_pkcs11_framework_ops framework_pkcs15 = {
 	pkcs15_bind,
 	pkcs15_unbind,
@ -442,7 +462,8 @@ struct sc_pkcs11_framework_ops framework_pkcs15 = {
 	pkcs15_get_mechanism_list,
 	pkcs15_get_mechanism_info,
 	pkcs15_login,
-        pkcs15_logout
+        pkcs15_logout,
+	pkcs15_change_pin
 };


--- a/src/pkcs11/pkcs11-session.c
+++ b/src/pkcs11/pkcs11-session.c
@ -201,6 +201,9 @@ CK_RV C_Logout(CK_SESSION_HANDLE hSession) /* the session's handle */

 	slot = session->slot;

+	if (slot->login_user < 0)
+		return CKR_OK;
+
 	slot->login_user = -1;
        return slot->card->framework->logout(slot->card, slot->fw_data);
 }
@ -218,38 +221,22 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession,
 	       CK_CHAR_PTR pNewPin,
 	       CK_ULONG ulNewLen)
 {
-#if 0
-	struct pkcs11_session *ses;
-        struct sc_pkcs15_card *card;
-	int rc;
+        int rv;
+	struct sc_pkcs11_session *session;
+        struct sc_pkcs11_slot *slot;

-	LOG("C_SetPIN(%d, '%s', %d, '%s', %d)\n", hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-	if (hSession < 1 || hSession > PKCS11_MAX_SESSIONS || session[hSession] == NULL)
-		return CKR_SESSION_HANDLE_INVALID;
+        rv = pool_find(&session_pool, hSession, (void**) &session);
+	if (rv != CKR_OK)
+		return rv;

+	debug(context, "Changing PIN (session %d)\n", hSession);
 #if 0
 	if (!(ses->flags & CKF_RW_SESSION))
 		return CKR_SESSION_READ_ONLY;
 #endif
-	ses = session[hSession];
-	card = slot[ses->slot].p15card;

-	LOG("Master PIN code update starts.\n");
-        rc = sc_pkcs15_change_pin(card, &card->pin_info[0], pOldPin, ulOldLen, pNewPin, ulNewLen);
-	switch (rc) {
-	case 0:
-		LOG("Master PIN code CHANGED succesfully.\n");
-                break;
-	case SC_ERROR_PIN_CODE_INCORRECT:
-                LOG("Master PIN code INVALID!\n");
-		return CKR_PIN_INCORRECT;
-	default:
-                LOG("Device error!? rc=%d\n", rc);
-                return CKR_DEVICE_ERROR;
-	}
-
-	return CKR_OK;
-#endif
-        return CKR_FUNCTION_NOT_SUPPORTED;
+	slot = session->slot;
+        return slot->card->framework->change_pin(slot->card, slot->fw_data,
+			pOldPin, ulOldLen,
+			pNewPin, ulNewLen);
 }
-
--- a/src/pkcs11/sc-pkcs11.h
+++ b/src/pkcs11/sc-pkcs11.h
@ -101,6 +101,9 @@ struct sc_pkcs11_framework_ops {
 	/* Login and logout */
 	CK_RV (*login)(struct sc_pkcs11_card *, void *, CK_CHAR_PTR, CK_ULONG);
        CK_RV (*logout)(struct sc_pkcs11_card *, void *);
+	CK_RV (*change_pin)(struct sc_pkcs11_card *, void *,
+				CK_CHAR_PTR, CK_ULONG,
+				CK_CHAR_PTR, CK_ULONG);

 	/*
 	 * In future: functions to create new objects