001 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
002 *
003 * Redistribution and use in source and binary forms, with or without
004 * modification, are permitted provided that the following conditions are met:
005 *
006 * 1. Redistributions of source code must retain the above copyright notice,
007 * this list of conditions and the following disclaimer.
008 *
009 * 2. Redistributions in binary form must reproduce the above copyright notice,
010 * this list of conditions and the following disclaimer in the documentation
011 * and/or other materials provided with the distribution.
012 *
013 * 3. The end-user documentation included with the redistribution, if any, must
014 * include the following acknowledgment:
015 *
016 * "This product includes software developed by IAIK of Graz University of
017 * Technology."
018 *
019 * Alternately, this acknowledgment may appear in the software itself, if
020 * and wherever such third-party acknowledgments normally appear.
021 *
022 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
023 * Technology" must not be used to endorse or promote products derived from
024 * this software without prior written permission.
025 *
026 * 5. Products derived from this software may not be called
027 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
028 * written permission of Graz University of Technology.
029 *
030 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
031 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
032 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
033 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
034 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
035 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
036 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
037 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
038 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
039 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
040 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
041 * POSSIBILITY OF SUCH DAMAGE.
042 */
043
044 package demo.pkcs.pkcs11;
045
046 import java.io.BufferedReader;
047 import java.io.InputStreamReader;
048 import java.io.PrintWriter;
049
050 import iaik.pkcs.pkcs11.Module;
051 import iaik.pkcs.pkcs11.Session;
052 import iaik.pkcs.pkcs11.Slot;
053 import iaik.pkcs.pkcs11.Token;
054 import iaik.pkcs.pkcs11.TokenInfo;
055
056
057
058 /**
059 * This program sets the normal user's PIN.
060 *
061 * @author <a href="mailto:Karl.Scheibelhofer@iaik.at"> Karl Scheibelhofer </a>
062 * @version 0.1
063 * @invariants
064 */
065 public class SetPIN {
066
067 static PrintWriter output_;
068
069 static BufferedReader input_;
070
071 static {
072 try {
073 //output_ = new PrintWriter(new FileWriter("GetInfo_output.txt"), true);
074 output_ = new PrintWriter(System.out, true);
075 input_ = new BufferedReader(new InputStreamReader(System.in));
076 } catch (Throwable thr) {
077 thr.printStackTrace();
078 output_ = new PrintWriter(System.out, true);
079 input_ = new BufferedReader(new InputStreamReader(System.in));
080 }
081 }
082
083 public static void main(String[] args) {
084 if (args.length != 2) {
085 printUsage();
086 System.exit(1);
087 }
088
089 try {
090
091 Module pkcs11Module = Module.getInstance(args[0]);
092 pkcs11Module.initialize(null);
093
094 Slot[] slots = pkcs11Module.getSlotList(Module.SlotRequirement.TOKEN_PRESENT);
095
096 if (slots.length == 0) {
097 output_.println("No slot with present token found!");
098 System.exit(0);
099 }
100
101 Token token = null;
102 if (slots.length == 1) {
103 Slot selectedSlot = slots[0];
104 token = selectedSlot.getToken();
105 } else {
106 output_.println("Found several tokens: ");
107 for (int i = 0; i < slots.length; i++) {
108 token = slots[i].getToken();
109 output_.println("________________________________________________________________________________");
110 output_.print("Info of Token number ");
111 output_.println(i);
112 output_.println(token.getTokenInfo());
113 output_.println("________________________________________________________________________________");
114 }
115 output_.println();
116 output_.print("For which token do you want to set the PIN? Please enter its number [0..");
117 output_.print(slots.length);
118 output_.print("]: ");
119 output_.flush();
120 String selectedTokenNumberString = input_.readLine();
121 int selectedTokenNumber = Integer.parseInt(selectedTokenNumberString);
122 token = slots[selectedTokenNumber].getToken();
123 }
124
125 TokenInfo tokenInfo = token.getTokenInfo();
126
127 output_.println("################################################################################");
128 output_.println("Information of selsected Token:");
129 output_.println(tokenInfo);
130 output_.println("################################################################################");
131
132 boolean userType = Session.UserType.USER;
133 if (args[1].equalsIgnoreCase("USER")) {
134 userType = Session.UserType.USER;
135 } else if (args[1].equalsIgnoreCase("SO")) {
136 userType = Session.UserType.SO;
137 } else {
138 output_.println("Unknown user type: " + args[1]);
139 printUsage();
140 pkcs11Module.finalize(null);
141 System.exit(1);
142 }
143 String userTypeName = (userType == Session.UserType.USER) ? "user" : "security officer";
144
145 output_.println("################################################################################");
146 output_.println("setting " + userTypeName + " PIN");
147
148 Session session =
149 token.openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RW_SESSION, null, null);
150 if (tokenInfo.isLoginRequired()) {
151 if (tokenInfo.isProtectedAuthenticationPath()) {
152 session.login(userType, null); // the token prompts the PIN by other means; e.g. PIN-pad
153 session.setPIN(null, null);
154 } else {
155 output_.print("Enter current " + userTypeName + " PIN: ");
156 output_.flush();
157 String pinString = input_.readLine();
158 char[] pin = pinString.toCharArray();
159 // login user
160 session.login(userType, pin);
161
162 char[] newPIN = null;
163 boolean repeat = false;
164 do {
165 output_.print("Enter new " + userTypeName + " PIN: ");
166 output_.flush();
167 String newPINString = input_.readLine();
168 output_.print("Enter new " + userTypeName + " PIN again for confirmation: ");
169 output_.flush();
170 String confirmedNewPINString = input_.readLine();
171 if (!newPINString.equals(confirmedNewPINString)) {
172 output_.println("The two entries do not match. Try again.");
173 repeat = true;
174 } else {
175 newPIN = newPINString.toCharArray();
176 repeat = false;
177 }
178 } while (repeat);
179 session.setPIN(pin, newPIN);
180 }
181 } else {
182 output_.println("This token does not require a login. It does not use a PIN.");
183 }
184
185 output_.println("FINISHED");
186 output_.println("################################################################################");
187
188 pkcs11Module.finalize(null);
189
190 } catch (Throwable thr) {
191 thr.printStackTrace();
192 }
193 }
194
195 public static void printUsage() {
196 output_.println("Usage: SetPIN <PKCS#11 module> (USER|SO)");
197 output_.println(" e.g.: SetPIN pk2priv.dll USER");
198 output_.println("The given DLL must be in the search path of the system.");
199 }
200
201 }