[pkg-opensc-commit] [opensc] 36/295: pkcs11-tool: use CKF_{SO, USER}_PIN_* flags to provide alerts to the user

Sat Jun 24 21:11:13 UTC 2017

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit 1198197586cbfdd800d46301ff74799460944dde
Author: Nuno Goncalves <nunojpg at gmail.com>
Date:   Fri Jun 10 10:46:25 2016 +0100

    pkcs11-tool: use CKF_{SO,USER}_PIN_* flags to provide alerts to the user
    
    rebased by @viktorTarasov
    initial version in PR-795
---
 src/tools/pkcs11-tool.c | 43 ++++++++++++++++++++++++++++++++++---------
 1 file changed, 34 insertions(+), 9 deletions(-)

diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index cb2244e..ca49a16 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -1188,13 +1188,35 @@ static int login(CK_SESSION_HANDLE session, int login_type)
 		pin = opt_pin ? (char *) opt_pin : (char *) opt_puk;
 
 	if (!pin && !(info.flags & CKF_PROTECTED_AUTHENTICATION_PATH)) {
-			printf("Logging in to \"%s\".\n", p11_utf8_to_local(info.label, sizeof(info.label)));
-		if (login_type == CKU_SO)
+		printf("Logging in to \"%s\".\n", p11_utf8_to_local(info.label, sizeof(info.label)));
+		if (login_type == CKU_SO)   {
+			if (info.flags & CKF_SO_PIN_COUNT_LOW)
+				printf("WARNING: SO PIN count low\n");
+			if (info.flags & CKF_SO_PIN_FINAL_TRY)
+				printf("WARNING: SO PIN final try\n");
+			if (info.flags & CKF_SO_PIN_LOCKED)
+				printf("WARNING: SO PIN reported locked\n");
+			if (info.flags & CKF_SO_PIN_TO_BE_CHANGED)
+				printf("WARNING: SO PIN has to be changed\n");
+
 			printf("Please enter SO PIN: ");
-		else if (login_type == CKU_USER)
+		}
+		else if (login_type == CKU_USER)   {
+			if (info.flags & CKF_USER_PIN_COUNT_LOW)
+				printf("WARNING: User PIN count low\n");
+			if (info.flags & CKF_USER_PIN_FINAL_TRY)
+				printf("WARNING: User PIN final try\n");
+			if (info.flags & CKF_USER_PIN_LOCKED)
+				printf("WARNING: User PIN reported locked\n");
+			if (info.flags & CKF_USER_PIN_TO_BE_CHANGED)
+				printf("WARNING: User PIN has to be changed\n");
+
 			printf("Please enter User PIN: ");
-		else if (login_type == CKU_CONTEXT_SPECIFIC)
+		}
+		else if (login_type == CKU_CONTEXT_SPECIFIC)   {
 			printf("Please enter context specific PIN: ");
+		}
+
 		r = util_getpass(&pin, &len, stdin);
 		if (r < 0)
 			util_fatal("No PIN entered");
@@ -3194,7 +3216,7 @@ static void show_dobj(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj)
 	if (getPRIVATE(sess, obj))
 		printf(" private");
 	if (!getMODIFIABLE(sess, obj) && !getPRIVATE(sess, obj))
-		printf("<empty>\n");
+		printf("<empty>");
 
 	printf ("\n");
 	suppress_warn = 0;
@@ -5076,17 +5098,20 @@ static const char *p11_slot_info_flags(CK_FLAGS value)
 static const char *p11_token_info_flags(CK_FLAGS value)
 {
 	static struct flag_info	slot_flags[] = {
-		{ CKF_RNG, "rng" },
-		{ CKF_WRITE_PROTECTED, "readonly" },
 		{ CKF_LOGIN_REQUIRED, "login required" },
-		{ CKF_USER_PIN_INITIALIZED, "PIN initialized" },
 		{ CKF_PROTECTED_AUTHENTICATION_PATH, "PIN pad present" },
+		{ CKF_RNG, "rng" },
+		{ CKF_SO_PIN_TO_BE_CHANGED, "SO PIN to be changed"},
+		{ CKF_SO_PIN_COUNT_LOW, "SO PIN count low" },
+		{ CKF_SO_PIN_FINAL_TRY, "final SO PIN try" },
+		{ CKF_SO_PIN_LOCKED, "SO PIN locked" },
 		{ CKF_TOKEN_INITIALIZED, "token initialized" },
 		{ CKF_USER_PIN_COUNT_LOW, "user PIN count low" },
 		{ CKF_USER_PIN_FINAL_TRY, "final user PIN try" },
+		{ CKF_USER_PIN_INITIALIZED, "PIN initialized" },
 		{ CKF_USER_PIN_LOCKED, "user PIN locked" },
 		{ CKF_USER_PIN_TO_BE_CHANGED, "user PIN to be changed"},
-		{ CKF_SO_PIN_TO_BE_CHANGED, "SO PIN to be changed"},
+		{ CKF_WRITE_PROTECTED, "readonly" },
 		{ 0, NULL }
 	};
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git

