2 * Copyright (C) 2011 Free Software Foundation, Inc.
3 * Author: Nikos Mavrogiannopoulos
5 * This file is part of GnuTLS.
7 * GnuTLS is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuTLS is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include <gnutls/pkcs11.h>
29 #include <p11common.h>
31 #define MIN(x,y) ((x)<(y))?(x):(y)
33 #define MAX_CACHE_TRIES 5
35 pin_callback (void *user
, int attempt
, const char *token_url
,
36 const char *token_label
, unsigned int flags
, char *pin
,
41 int len
, cache
= MAX_CACHE_TRIES
;
42 /* allow caching of PIN */
43 static char *cached_url
= NULL
;
44 static char cached_pin
[32] = "";
46 if (flags
& GNUTLS_PKCS11_PIN_SO
)
47 desc
= "security officer";
51 if (flags
& GNUTLS_PKCS11_PIN_FINAL_TRY
)
54 printf ("*** This is the final try before locking!\n");
56 if (flags
& GNUTLS_PKCS11_PIN_COUNT_LOW
)
59 printf ("*** Only few tries left before locking!\n");
62 if (flags
& GNUTLS_PKCS11_PIN_WRONG
)
65 printf ("*** Wrong PIN has been provided!\n");
68 if (cache
> 0 && cached_url
!= NULL
)
70 if (strcmp (cached_url
, token_url
) == 0)
72 if (strlen(pin
) >= sizeof(cached_pin
))
74 fprintf (stderr
, "Too long PIN given\n");
78 fprintf(stderr
, "Re-using cached PIN for token '%s'\n", token_label
);
79 strcpy (pin
, cached_pin
);
85 printf ("Token '%s' with URL '%s' ", token_label
, token_url
);
86 printf ("requires %s PIN\n", desc
);
88 password
= getpass ("Enter PIN: ");
89 if (password
== NULL
|| password
[0] == 0)
91 fprintf (stderr
, "No password given\n");
95 len
= MIN (pin_max
, strlen (password
));
96 memcpy (pin
, password
, len
);
100 strcpy (cached_pin
, pin
);
102 cached_url
= strdup (token_url
);
103 cache
= MAX_CACHE_TRIES
;
109 token_callback (void *user
, const char *label
, const unsigned retry
)
116 fprintf (stderr
, "Could not find token %s\n", label
);
119 printf ("Please insert token '%s' in slot and press enter\n", label
);
120 p
= fgets (buf
, sizeof (buf
), stdin
);
121 if (p
==NULL
) return -1;
130 gnutls_pkcs11_set_pin_function (pin_callback
, NULL
);
131 gnutls_pkcs11_set_token_function (token_callback
, NULL
);