pkcs11: PIN-NOT-INITIALIZED error concerns only User PIN
C_Login returns CKR_USER_PIN_NOT_INITIALIZED error when token info flags do not contains CKF_USER_PIN_INITIALIZED and CKU_USER login type is asked. This flag is not consulted when CKU_SO or CKU_CONTEXT_SPECIFIC login type is needed
This commit is contained in:
parent
efdab893a7
commit
9fdd9ecaeb
|
@ -260,7 +260,7 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||||
|
|
||||||
slot = session->slot;
|
slot = session->slot;
|
||||||
|
|
||||||
if (!(slot->token_info.flags & CKF_USER_PIN_INITIALIZED)) {
|
if (!(slot->token_info.flags & CKF_USER_PIN_INITIALIZED) && userType == CKU_USER) {
|
||||||
rv = CKR_USER_PIN_NOT_INITIALIZED;
|
rv = CKR_USER_PIN_NOT_INITIALIZED;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -270,9 +270,13 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||||
if (slot->login_user == -1) {
|
if (slot->login_user == -1) {
|
||||||
rv = CKR_OPERATION_NOT_INITIALIZED;
|
rv = CKR_OPERATION_NOT_INITIALIZED;
|
||||||
goto out;
|
goto out;
|
||||||
} else
|
}
|
||||||
rv = slot->card->framework->login(slot, userType, pPin, ulPinLen);
|
else {
|
||||||
} else {
|
rv = slot->card->framework->login(slot, userType, pPin, ulPinLen);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
sc_log(context, "C_Login() slot->login_user %li", slot->login_user);
|
||||||
if (slot->login_user >= 0) {
|
if (slot->login_user >= 0) {
|
||||||
if ((CK_USER_TYPE) slot->login_user == userType)
|
if ((CK_USER_TYPE) slot->login_user == userType)
|
||||||
rv = CKR_USER_ALREADY_LOGGED_IN;
|
rv = CKR_USER_ALREADY_LOGGED_IN;
|
||||||
|
@ -281,12 +285,15 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sc_log(context, "C_Login() userType %li", userType);
|
||||||
rv = slot->card->framework->login(slot, userType, pPin, ulPinLen);
|
rv = slot->card->framework->login(slot, userType, pPin, ulPinLen);
|
||||||
|
sc_log(context, "fLogin() rv %li", rv);
|
||||||
if (rv == CKR_OK)
|
if (rv == CKR_OK)
|
||||||
slot->login_user = userType;
|
slot->login_user = userType;
|
||||||
}
|
}
|
||||||
|
|
||||||
out:sc_pkcs11_unlock();
|
out:
|
||||||
|
sc_pkcs11_unlock();
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -326,6 +333,7 @@ CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
|
||||||
struct sc_pkcs11_session *session;
|
struct sc_pkcs11_session *session;
|
||||||
struct sc_pkcs11_slot *slot;
|
struct sc_pkcs11_slot *slot;
|
||||||
|
|
||||||
|
sc_log(context, "C_InitPIN() called, pin '%s'", pPin ? pPin : "<null>");
|
||||||
if (pPin == NULL_PTR && ulPinLen > 0)
|
if (pPin == NULL_PTR && ulPinLen > 0)
|
||||||
return CKR_ARGUMENTS_BAD;
|
return CKR_ARGUMENTS_BAD;
|
||||||
|
|
||||||
|
@ -351,9 +359,11 @@ CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
|
||||||
rv = CKR_FUNCTION_NOT_SUPPORTED;
|
rv = CKR_FUNCTION_NOT_SUPPORTED;
|
||||||
} else {
|
} else {
|
||||||
rv = slot->card->framework->init_pin(slot, pPin, ulPinLen);
|
rv = slot->card->framework->init_pin(slot, pPin, ulPinLen);
|
||||||
|
sc_log(context, "C_InitPIN() init-pin result %li", rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
out:sc_pkcs11_unlock();
|
out:
|
||||||
|
sc_pkcs11_unlock();
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue