diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-15 15:59:48 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-24 11:04:25 +0200 |
| commit | f68a86202bd1aaeb3988566def4374359b211875 (patch) | |
| tree | aeeaabaf6a12c9f35315e3a0f4f5f99afb5d3af7 /lib/pkcs11_int.h | |
| parent | 1d5e93dbd69358fe7d66a3a6dd461d7fbb0738ee (diff) | |
| download | gnutls-tmp-initialize-so-pin-fix.tar.gz | |
p11tool: fix initialization of security officer's PINtmp-initialize-so-pin-fix
Previously we would call gnutls_pkcs11_token_set_pin() without an
old PIN provided, which will result to the use of C_InitPIN() on the
underlying module. The C_InitPIN() in contrast with C_SetPIN() will
only work for the user and not for the administrator. As such, we
always provide the oldpin for when we change the admin's PIN.
Resolves #561
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/pkcs11_int.h')
| -rw-r--r-- | lib/pkcs11_int.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h index f52db0780c..76c09b460a 100644 --- a/lib/pkcs11_int.h +++ b/lib/pkcs11_int.h @@ -31,6 +31,8 @@ #define PKCS11_ID_SIZE 128 #define PKCS11_LABEL_SIZE 128 +#include <p11-kit/p11-kit.h> +#include <p11-kit/pin.h> #include <p11-kit/uri.h> typedef unsigned char ck_bool_t; @@ -269,6 +271,11 @@ static inline int pk_to_genmech(gnutls_pk_algorithm_t pk, ck_key_type_t *type) } } +int +pkcs11_retrieve_pin(struct pin_info_st *pin_info, struct p11_kit_uri *info, + struct ck_token_info *token_info, int attempts, + ck_user_type_t user_type, struct p11_kit_pin **pin); + ck_object_class_t pkcs11_type_to_class(gnutls_pkcs11_obj_type_t type); ck_rv_t |