pkcs11/framework-pkcs15.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1538 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
6ff1ecbc73
commit
af0bd61682
|
@ -691,8 +691,13 @@ static CK_RV pkcs15_login(struct sc_pkcs11_card *p11card,
|
|||
* NULL ourselves. This way, you can supply an empty (if
|
||||
* possible) or fake PIN if an application asks a PIN).
|
||||
*/
|
||||
pPin = NULL;
|
||||
ulPinLen = 0;
|
||||
/* But we want to be able to specify a PIN on the command
|
||||
* line (e.g. for the test scripts). So we don't do anything
|
||||
* here - this gives the user the choice of entering
|
||||
* an empty pin (which makes us use the pin pad) or
|
||||
* a valid pin (which is processed normally). --okir */
|
||||
if (ulPinLen == 0)
|
||||
pPin = NULL;
|
||||
} else
|
||||
if (ulPinLen < pin->min_length ||
|
||||
ulPinLen > pin->max_length)
|
||||
|
@ -1202,7 +1207,7 @@ CK_RV pkcs15_gen_keypair(struct sc_pkcs11_card *p11card, struct sc_pkcs11_slot *
|
|||
CK_ULONG keybits;
|
||||
char pub_label[SC_PKCS15_MAX_LABEL_SIZE];
|
||||
char priv_label[SC_PKCS15_MAX_LABEL_SIZE];
|
||||
int rc, rv = CKR_OK;
|
||||
int rc, rv = CKR_OK;
|
||||
|
||||
sc_debug(context, "Keypair generation, mech = 0x%0x\n", pMechanism->mechanism);
|
||||
|
||||
|
|
|
@ -594,40 +594,53 @@ int do_verify(int argc, char **argv)
|
|||
{ "PRO", SC_AC_PRO },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
int i, type = -1, ref, r, tries_left = -1;
|
||||
int i, r, tries_left = -1;
|
||||
u8 buf[30];
|
||||
const char *s;
|
||||
size_t buflen = sizeof(buf);
|
||||
|
||||
struct sc_pin_cmd_data data;
|
||||
|
||||
if (argc < 1 || argc > 2)
|
||||
goto usage;
|
||||
|
||||
memset(&data, 0, sizeof(data));
|
||||
data.cmd = SC_PIN_CMD_VERIFY;
|
||||
|
||||
data.pin_type = -1;
|
||||
for (i = 0; typeNames[i].name; i++) {
|
||||
if (strncasecmp(argv[0], typeNames[i].name, 3) == 0) {
|
||||
type = typeNames[i].type;
|
||||
data.pin_type = typeNames[i].type;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (type == -1) {
|
||||
if (data.pin_type == -1) {
|
||||
printf("Invalid type.\n");
|
||||
goto usage;
|
||||
}
|
||||
if (sscanf(argv[0] + 3, "%d", &ref) != 1) {
|
||||
if (sscanf(argv[0] + 3, "%d", &data.pin_reference) != 1) {
|
||||
printf("Invalid key reference.\n");
|
||||
goto usage;
|
||||
}
|
||||
|
||||
if (argc < 2) {
|
||||
/* just return the retry counter */
|
||||
buflen = 0;
|
||||
}
|
||||
if (argv[1][0] == '"') {
|
||||
if (!(card->reader->slot[0].capabilities & SC_SLOT_CAP_PIN_PAD)) {
|
||||
printf("Card reader or driver doesn't support PIN PAD\n");
|
||||
return -1;
|
||||
}
|
||||
printf("Please enter PIN on the reader's pin pad.\n");
|
||||
data.pin1.prompt = "Please enter PIN";
|
||||
data.flags |= SC_PIN_CMD_USE_PINPAD;
|
||||
} else if (argv[1][0] == '"') {
|
||||
for (s=argv[1]+1, i=0; i < sizeof(buf) && *s && *s != '"';i++)
|
||||
buf[i] = *s++;
|
||||
buflen = i;
|
||||
data.pin1.data = buf;
|
||||
data.pin1.len = i;
|
||||
} else if (sc_hex_to_bin(argv[1], buf, &buflen) != 0) {
|
||||
printf("Invalid key value.\n");
|
||||
goto usage;
|
||||
}
|
||||
r = sc_verify(card, type, ref, buf, buflen, &tries_left);
|
||||
r = sc_pin_cmd(card, &data, &tries_left);
|
||||
|
||||
if (r) {
|
||||
if (r == SC_ERROR_PIN_CODE_INCORRECT) {
|
||||
if (tries_left >= 0)
|
||||
|
@ -646,6 +659,7 @@ usage:
|
|||
for (i = 0; typeNames[i].name; i++)
|
||||
printf("\t%s\n", typeNames[i].name);
|
||||
printf("Example: verify CHV2 31:32:33:34:00:00:00:00\n");
|
||||
printf("If key is omitted, card reader's keypad will be used to collect PIN.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue