add UNLEASHED_OBJ to unleashed.mk
[unleashed/tickless.git] / usr / src / cmd / cmd-crypto / pktool / inittoken.c
blobbc8b4ab825c1671ad003968d023da86378c796ea
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
19 * CDDL HEADER END
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright 2012 Milan Jurik. All rights reserved.
28 * This file implements the inittoken operation for this tool.
29 * The basic flow of the process is to load the PKCS#11 module,
30 * find the token to be initialize , login using the SO pin,
31 * and call C_InitToken.
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <errno.h>
37 #include <string.h>
38 #include <cryptoutil.h>
39 #include <security/cryptoki.h>
40 #include "common.h"
42 int
43 pk_inittoken(int argc, char *argv[])
44 /* ARGSUSED */
46 int opt;
47 int rv;
48 extern int optind_av;
49 extern char *optarg_av;
50 char *newlabel = NULL;
51 char *currlabel = NULL;
52 CK_UTF8CHAR_PTR sopin;
53 CK_ULONG sopinlen;
54 KMF_HANDLE_T handle;
56 /* Parse command line options. Do NOT i18n/l10n. */
57 while ((opt = getopt_av(argc, argv,
58 "n:(newlabel)"
59 "l:(currlabel)")) != EOF) {
60 switch (opt) {
61 case 'l': /* token specifier */
62 if (currlabel)
63 return (PK_ERR_USAGE);
64 currlabel = optarg_av;
65 break;
66 case 'n': /* token specifier */
67 if (newlabel)
68 return (PK_ERR_USAGE);
69 newlabel = optarg_av;
70 break;
71 default:
72 return (PK_ERR_USAGE);
76 /* No additional args allowed. */
77 argc -= optind_av;
78 argv += optind_av;
79 if (argc != 0)
80 return (PK_ERR_USAGE);
82 if ((rv = kmf_initialize(&handle, NULL, NULL)) != KMF_OK)
83 return (rv);
85 if ((rv = get_pin(gettext("Enter SO PIN:"), NULL, &sopin, &sopinlen))
86 != CKR_OK) {
87 cryptoerror(LOG_STDERR,
88 gettext("Unable to get SO PIN for token"));
89 return (PK_ERR_SYSTEM);
91 if ((currlabel == NULL || !strlen(currlabel))) {
92 cryptoerror(LOG_STDERR,
93 gettext("The current token is not identified by label."));
94 return (PK_ERR_SYSTEM);
97 rv = kmf_pk11_init_token(handle, currlabel, newlabel,
98 sopin, sopinlen);
100 (void) kmf_finalize(handle);
102 free(sopin);
104 if (rv == KMF_ERR_AUTH_FAILED) {
105 cryptoerror(LOG_STDERR,
106 gettext("Incorrect passphrase."));
107 return (PK_ERR_SYSTEM);
108 } else if (rv != CKR_OK) {
109 cryptoerror(LOG_STDERR,
110 gettext("Unable to initialize token."));
111 return (PK_ERR_SYSTEM);
112 } else {
113 (void) fprintf(stdout, gettext("Token %s initialized.\n"),
114 (newlabel ? newlabel : currlabel));
116 return (0);