[rs-commit] r89 - /redwax-tool/trunk/redwax_p11kit.c
rs-commit at redwax.eu
rs-commit at redwax.eu
Fri Nov 26 15:43:17 CET 2021
Author: minfrin at redwax.eu
Date: Fri Nov 26 15:43:16 2021
New Revision: 89
Log:
Output the pin-value in pkcs11 URLs, so that the
URLs can be used at their destination.
Modified:
redwax-tool/trunk/redwax_p11kit.c
Modified: redwax-tool/trunk/redwax_p11kit.c
==============================================================================
--- redwax-tool/trunk/redwax_p11kit.c (original)
+++ redwax-tool/trunk/redwax_p11kit.c Fri Nov 26 15:43:16 2021
@@ -736,7 +736,8 @@
static apr_status_t redwax_p11kit_handle_token_login(redwax_tool_t *r,
apr_pool_t *pool, P11KitUri *parsed, CK_FUNCTION_LIST *module,
CK_TOKEN_INFO *tokenInfo, CK_SLOT_ID_PTR slot_id,
- CK_SESSION_HANDLE session, const char *direction, apr_hash_t *secrets)
+ CK_SESSION_HANDLE session, const char *direction, apr_hash_t *secrets,
+ const char **pin)
{
redwax_pkcs11_session_t *s;
@@ -749,6 +750,11 @@
apr_ssize_t userPIN_len = 0;
// urlPIN = "";
+
+ /* until further notice */
+ if (pin) {
+ *pin = NULL;
+ }
/* support a pinpad reader */
if (tokenInfo->flags & CKF_PROTECTED_AUTHENTICATION_PATH) {
@@ -818,6 +824,9 @@
return APR_EGENERAL;
+ }
+ else if (pin) {
+ *pin = apr_pstrndup(pool, (const char *)userPIN, userPIN_len);
}
}
@@ -861,6 +870,9 @@
return APR_EGENERAL;
}
+ else if (pin) {
+ *pin = apr_pstrndup(pool, (const char *)userPIN, userPIN_len);
+ }
}
}
@@ -933,6 +945,11 @@
ret = module->C_Login(session, CKU_USER, userPIN, userPIN_len);
if (ret == CKR_OK) {
+
+ if (pin) {
+ *pin = apr_pstrndup(pool, (const char *)userPIN, userPIN_len);
+ }
+
break;
}
else if (ret == CKR_PIN_INCORRECT) {
@@ -1023,7 +1040,7 @@
apr_pool_cleanup_null);
status = redwax_p11kit_handle_token_login(r, pool, parsed,
- module, tokenInfo, slot_id, session, "pkcs11-out", secrets);
+ module, tokenInfo, slot_id, session, "pkcs11-out", secrets, NULL);
if (status != APR_SUCCESS) {
return status;
}
@@ -1142,7 +1159,8 @@
CK_FUNCTION_LIST *module, CK_TOKEN_INFO *tokenInfo,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object,
const unsigned char **id_der, apr_size_t *id_len,
- const char **label, apr_size_t *label_len)
+ const char **label, apr_size_t *label_len,
+ const char *pin)
{
P11KitUri *origin_uri;
CK_TOKEN_INFO_PTR ck_token_info;
@@ -1191,6 +1209,11 @@
/* set type */
p11_kit_uri_set_attribute(origin_uri, &template[2]);
+
+ /* set pin-value */
+ if (pin) {
+ p11_kit_uri_set_pin_value(origin_uri, pin);
+ }
if (P11_KIT_URI_OK
== p11_kit_uri_format(origin_uri, P11_KIT_URI_FOR_ANY, &origin)) {
@@ -1214,6 +1237,7 @@
CK_ULONG n_attrs;
CK_OBJECT_HANDLE object;
CK_ULONG object_count;
+ const char *pin;
redwax_pkcs11_session_t *s;
@@ -1250,7 +1274,8 @@
apr_status_t status;
status = redwax_p11kit_handle_token_login(r, pool, parsed,
- module, tokenInfo, slot_id, session, "pkcs11-in", secrets);
+ module, tokenInfo, slot_id, session, "pkcs11-in", secrets,
+ &pin);
if (status != APR_SUCCESS) {
apr_pool_destroy(pool);
@@ -1359,7 +1384,7 @@
tokenInfo, session, object,
cert->x509 ? &cert->x509->id_der : NULL,
cert->x509 ? &cert->x509->id_len : NULL, &cert->label,
- &cert->label_len);
+ &cert->label_len, NULL);
cert->token = redwax_pstrntrim(cert->pool,
(const char*) tokenInfo->label,
@@ -1588,7 +1613,8 @@
key->origin = redwax_p11kit_origin(r, key->pool, module,
tokenInfo, session, object, &key->common.id_der,
- &key->common.id_len, &key->label, &key->label_len);
+ &key->common.id_len, &key->label, &key->label_len,
+ pin);
key->token = redwax_pstrntrim(key->pool,
(const char*) tokenInfo->label,
More information about the rs-commit
mailing list