From: Nikos Mavrogiannopoulos Date: Tue, 1 Jul 2014 13:37:56 +0000 (+0200) Subject: p11tool: added options --set-pin and --set-so-pin X-Git-Tag: gnutls_3_3_6~89 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=08c8d7369779282c5cf0e8a36d729c1333e4a79d;p=thirdparty%2Fgnutls.git p11tool: added options --set-pin and --set-so-pin These allow for an non-interactive --initialize process. --- diff --git a/src/certtool-common.h b/src/certtool-common.h index c347d27400..83377a33eb 100644 --- a/src/certtool-common.h +++ b/src/certtool-common.h @@ -53,6 +53,9 @@ typedef struct common_info { unsigned int crq_extensions; unsigned int v1_cert; + const char *pin; + const char *so_pin; + int cprint; unsigned int verbose; diff --git a/src/p11tool-args.def b/src/p11tool-args.def index eed03b659a..3a91e99ef4 100644 --- a/src/p11tool-args.def +++ b/src/p11tool-args.def @@ -86,12 +86,6 @@ flag = { doc = ""; }; -flag = { - name = initialize; - descrip = "Initializes a PKCS #11 token"; - doc = ""; -}; - flag = { name = write; descrip = "Writes the loaded objects to a PKCS #11 token"; @@ -268,6 +262,26 @@ flag = { aliases = outder; }; +flag = { + name = initialize; + descrip = "Initializes a PKCS #11 token"; + doc = ""; +}; + +flag = { + name = set-pin; + arg-type = string; + descrip = "Specify the PIN to use on token initialization"; + doc = ""; +}; + +flag = { + name = set-so-pin; + arg-type = string; + descrip = "Specify the Security Officer's PIN to use on token initialization"; + doc = ""; +}; + flag = { name = provider; arg-type = file; diff --git a/src/p11tool.c b/src/p11tool.c index 4f71d42a8e..898092dd05 100644 --- a/src/p11tool.c +++ b/src/p11tool.c @@ -151,6 +151,12 @@ static void cmd_parser(int argc, char **argv) else cinfo.outcert_format = GNUTLS_X509_FMT_PEM; + if (HAVE_OPT(SET_PIN)) + cinfo.pin = OPT_ARG(SET_PIN); + + if (HAVE_OPT(SET_SO_PIN)) + cinfo.so_pin = OPT_ARG(SET_SO_PIN); + if (HAVE_OPT(LOAD_CERTIFICATE)) cinfo.cert = OPT_ARG(LOAD_CERTIFICATE); diff --git a/src/pkcs11.c b/src/pkcs11.c index b83346f3d0..c7fa1d106a 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -538,7 +538,7 @@ pkcs11_init(FILE * outfile, const char *url, const char *label, common_info_st * info) { int ret; - char *pin; + const char *pin; char so_pin[32]; pkcs11_common(); @@ -548,17 +548,28 @@ pkcs11_init(FILE * outfile, const char *url, const char *label, exit(1); } - pin = getpass("Enter Security Officer's PIN: "); - if (pin == NULL) - exit(1); + if (info->so_pin != NULL) + pin = info->so_pin; + else { + pin = getpass("Enter Security Officer's PIN: "); + if (pin == NULL) + exit(1); + } - if (strlen(pin) >= sizeof(so_pin)) + if (strlen(pin) >= sizeof(so_pin) || pin[0] == '\n') exit(1); strcpy(so_pin, pin); - pin = getpass("Enter new User's PIN: "); - if (pin == NULL) + if (info->so_pin != NULL) + pin = info->pin; + else { + pin = getpass("Enter new User's PIN: "); + if (pin == NULL) + exit(1); + } + + if (pin[0] == '\n') exit(1); ret = gnutls_pkcs11_token_init(url, so_pin, label);