printf ("PIN required for token '%s' with URL '%s'\n", token_label,
token_url);
- if (flags & GNUTLS_PKCS11_PIN_FINAL_TRY)
+ if (flags & GNUTLS_PIN_FINAL_TRY)
printf ("*** This is the final try before locking!\n");
- if (flags & GNUTLS_PKCS11_PIN_COUNT_LOW)
+ if (flags & GNUTLS_PIN_COUNT_LOW)
printf ("*** Only few tries left before locking!\n");
- if (flags & GNUTLS_PKCS11_PIN_WRONG)
+ if (flags & GNUTLS_PIN_WRONG)
printf ("*** Wrong PIN\n");
password = getpass ("Enter pin: ");
/* PIN callback */
/**
* gnutls_pin_flag_t:
- * @GNUTLS_PKCS11_PIN_USER: The PIN for the user.
- * @GNUTLS_PKCS11_PIN_SO: The PIN for the security officer.
- * @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key like signing.
- * @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking.
- * @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks.
- * @GNUTLS_PKCS11_PIN_WRONG: Last given PIN was not correct.
+ * @GNUTLS_PIN_USER: The PIN for the user.
+ * @GNUTLS_PIN_SO: The PIN for the security officer (admin).
+ * @GNUTLS_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key like signing.
+ * @GNUTLS_PIN_FINAL_TRY: This is the final try before blocking.
+ * @GNUTLS_PIN_COUNT_LOW: Few tries remain before token blocks.
+ * @GNUTLS_PIN_WRONG: Last given PIN was not correct.
*
* Enumeration of different PIN flags.
*/
typedef enum
{
- GNUTLS_PKCS11_PIN_USER = (1 << 0),
- GNUTLS_PKCS11_PIN_SO = (1 << 1),
- GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2),
- GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3),
- GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
- GNUTLS_PKCS11_PIN_WRONG = (1 << 5),
+ GNUTLS_PIN_USER = (1 << 0),
+ GNUTLS_PIN_SO = (1 << 1),
+ GNUTLS_PIN_FINAL_TRY = (1 << 2),
+ GNUTLS_PIN_COUNT_LOW = (1 << 3),
+ GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4),
+ GNUTLS_PIN_WRONG = (1 << 5),
} gnutls_pin_flag_t;
+#define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER
+#define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO
+#define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY
+#define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW
+#define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC
+#define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG
+
/**
* gnutls_pin_callback_t:
* @userdata: user-controlled data from gnutls_pkcs11_set_pin_function().
if (user_type == CKU_USER)
{
- flags |= GNUTLS_PKCS11_PIN_USER;
+ flags |= GNUTLS_PIN_USER;
if (token_info->flags & CKF_USER_PIN_COUNT_LOW)
- flags |= GNUTLS_PKCS11_PIN_COUNT_LOW;
+ flags |= GNUTLS_PIN_COUNT_LOW;
if (token_info->flags & CKF_USER_PIN_FINAL_TRY)
- flags |= GNUTLS_PKCS11_PIN_FINAL_TRY;
+ flags |= GNUTLS_PIN_FINAL_TRY;
}
else if (user_type == CKU_SO)
{
- flags |= GNUTLS_PKCS11_PIN_SO;
+ flags |= GNUTLS_PIN_SO;
if (token_info->flags & CKF_SO_PIN_COUNT_LOW)
- flags |= GNUTLS_PKCS11_PIN_COUNT_LOW;
+ flags |= GNUTLS_PIN_COUNT_LOW;
if (token_info->flags & CKF_SO_PIN_FINAL_TRY)
- flags |= GNUTLS_PKCS11_PIN_FINAL_TRY;
+ flags |= GNUTLS_PIN_FINAL_TRY;
}
if (attempts > 0)
- flags |= GNUTLS_PKCS11_PIN_WRONG;
+ flags |= GNUTLS_PIN_WRONG;
if (pin_info && pin_info->cb)
ret = pin_info->cb (pin_info->data, attempts, (char*)token_str, label,
return ret;
}
- if (((flags & GNUTLS_PKCS11_PIN_USER) && oldpin == NULL) ||
- (flags & GNUTLS_PKCS11_PIN_SO))
+ if (((flags & GNUTLS_PIN_USER) && oldpin == NULL) ||
+ (flags & GNUTLS_PIN_SO))
ses_flags = SESSION_WRITE | SESSION_LOGIN | SESSION_SO;
else
ses_flags = SESSION_WRITE | SESSION_LOGIN;
int ret;
if (attempts > 0)
- flags |= GNUTLS_PKCS11_PIN_WRONG;
+ flags |= GNUTLS_PIN_WRONG;
if (uuid)
{
static char *cached_url = NULL;
static char cached_pin[32] = "";
- if (flags & GNUTLS_PKCS11_PIN_SO)
+ if (flags & GNUTLS_PIN_SO)
desc = "security officer";
else
desc = "user";
- if (flags & GNUTLS_PKCS11_PIN_FINAL_TRY)
+ if (flags & GNUTLS_PIN_FINAL_TRY)
{
cache = 0;
printf ("*** This is the final try before locking!\n");
}
- if (flags & GNUTLS_PKCS11_PIN_COUNT_LOW)
+ if (flags & GNUTLS_PIN_COUNT_LOW)
{
cache = 0;
printf ("*** Only few tries left before locking!\n");
}
- if (flags & GNUTLS_PKCS11_PIN_WRONG)
+ if (flags & GNUTLS_PIN_WRONG)
{
cache = 0;
printf ("*** Wrong PIN has been provided!\n");
exit (1);
}
- ret = gnutls_pkcs11_token_set_pin (url, NULL, pin, GNUTLS_PKCS11_PIN_USER);
+ ret = gnutls_pkcs11_token_set_pin (url, NULL, pin, GNUTLS_PIN_USER);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,