2
* Copyright (C) 2011 Free Software Foundation, Inc.
3
* Author: Nikos Mavrogiannopoulos
5
* This file is part of GnuTLS.
7
* GnuTLS is free software: you can redistribute it and/or modify
8
* it under the terms of the GNU General Public License as published by
9
* the Free Software Foundation, either version 3 of the License, or
10
* (at your option) any later version.
12
* GnuTLS is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
17
* You should have received a copy of the GNU General Public License
18
* along with this program. If not, see <http://www.gnu.org/licenses/>.
28
#include <gnutls/pkcs11.h>
29
#include <p11common.h>
31
#define MIN(x,y) ((x)<(y))?(x):(y)
33
#define MAX_CACHE_TRIES 5
35
pin_callback (void *user, int attempt, const char *token_url,
36
const char *token_label, unsigned int flags, char *pin,
41
int len, cache = MAX_CACHE_TRIES;
42
/* allow caching of PIN */
43
static char *cached_url = NULL;
44
static char cached_pin[32] = "";
46
if (flags & GNUTLS_PKCS11_PIN_SO)
47
desc = "security officer";
51
if (flags & GNUTLS_PKCS11_PIN_FINAL_TRY)
54
printf ("*** This is the final try before locking!\n");
56
if (flags & GNUTLS_PKCS11_PIN_COUNT_LOW)
59
printf ("*** Only few tries left before locking!\n");
62
if (flags & GNUTLS_PKCS11_PIN_WRONG)
65
printf ("*** Wrong PIN has been provided!\n");
68
if (cache > 0 && cached_url != NULL)
70
if (strcmp (cached_url, token_url) == 0)
72
if (strlen(pin) >= sizeof(cached_pin))
74
fprintf (stderr, "Too long PIN given\n");
78
fprintf(stderr, "Re-using cached PIN for token '%s'\n", token_label);
79
strcpy (pin, cached_pin);
85
printf ("Token '%s' with URL '%s' ", token_label, token_url);
86
printf ("requires %s PIN\n", desc);
88
password = getpass ("Enter PIN: ");
89
if (password == NULL || password[0] == 0)
91
fprintf (stderr, "No password given\n");
95
len = MIN (pin_max, strlen (password));
96
memcpy (pin, password, len);
100
strcpy (cached_pin, pin);
102
cached_url = strdup (token_url);
103
cache = MAX_CACHE_TRIES;
109
token_callback (void *user, const char *label, const unsigned retry)
116
fprintf (stderr, "Could not find token %s\n", label);
119
printf ("Please insert token '%s' in slot and press enter\n", label);
120
p = fgets (buf, sizeof (buf), stdin);
121
if (p==NULL) return -1;
130
gnutls_pkcs11_set_pin_function (pin_callback, NULL);
131
gnutls_pkcs11_set_token_function (token_callback, NULL);