/[openpgpmdrv]/trunk/OpenPGPminidriver/CardPinOperation.c
ViewVC logotype

Annotation of /trunk/OpenPGPminidriver/CardPinOperation.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 11 - (hide annotations)
Thu Mar 18 16:03:39 2010 UTC (15 years, 1 month ago) by vletoux
File MIME type: text/plain
File size: 19614 byte(s) 
first working & stable version
1 vletoux 1 /* OpenPGP Smart Card Mini Driver
2     Copyright (C) 2009 Vincent Le Toux
3    
4     This library is Free software; you can redistribute it and/or
5     modify it under the terms of the GNU Lesser General Public
6     License version 2.1 as published by the Free Software Foundation.
7    
8     This library is distributed in the hope that it will be useful,
9     but WITHOUT ANY WARRANTY; without even the implied warranty of
10     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11     Lesser General Public License for more details.
12    
13     You should have received a copy of the GNU Lesser General Public
14     License along with this library; if not, write to the Free Software
15     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16     */
17    
18     #include <windows.h>
19     #include <cardmod.h>
20     #include "Tracing.h"
21     #include "Context.h"
22     #include "SmartCard.h"
23     #include "PinOperations.h"
24    
25    
26     // 4.2 Card PIN Operations
27    
28     /** The CardAuthenticatePin function submits a PIN value as a string
29     to the card to establish the user’s identity and to satisfy access
30     conditions for an operation to be undertaken on the user’s behalf.
31     Submission of a PIN to the card may involve some processing by the card
32     minidriver to render the PIN information to a card-specific form. */
33    
34     DWORD WINAPI CardAuthenticatePin(
35     __in PCARD_DATA pCardData,
36     __in LPWSTR pwszUserId,
37     __in_bcount(cbPin) PBYTE pbPin,
38     __in DWORD cbPin,
39     __out_opt PDWORD pcAttemptsRemaining
40     )
41     {
42     DWORD dwReturn = 0;
43     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter authenticate %s", pwszUserId);
44     __try
45     {
46     if ( pCardData == NULL )
47     {
48     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
49     dwReturn = SCARD_E_INVALID_PARAMETER;
50     __leave;
51     }
52     if ( pwszUserId == NULL )
53     {
54     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId == NULL");
55     dwReturn = SCARD_E_INVALID_PARAMETER;
56     __leave;
57     }
58     if ( pbPin == NULL )
59     {
60     Trace(WINEVENT_LEVEL_ERROR, L"pbPin == NULL");
61     dwReturn = SCARD_E_INVALID_PARAMETER;
62     __leave;
63     }
64     dwReturn = CheckContext(pCardData);
65     if ( dwReturn )
66     {
67     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
68     dwReturn = SCARD_E_INVALID_PARAMETER;
69     __leave;
70     }
71     if ( wcscmp(pwszUserId, wszCARD_USER_USER) == 0 )
72     {
73     dwReturn = CheckPinLength(pCardData, ROLE_USER, cbPin);
74     if (dwReturn)
75     {
76     __leave;
77     }
78     dwReturn = VerifyPIN(pCardData, ROLE_USER, pbPin, cbPin);
79 vletoux 8 if (dwReturn && pcAttemptsRemaining)
80 vletoux 1 {
81     GetRemainingPin(pCardData, ROLE_USER, pcAttemptsRemaining);
82     }
83     }
84     else if ( wcscmp(pwszUserId, wszCARD_USER_ADMIN) == 0)
85     {
86     dwReturn = CheckPinLength(pCardData, ROLE_ADMIN, cbPin);
87     if (dwReturn)
88     {
89     __leave;
90     }
91     dwReturn = VerifyPIN(pCardData, ROLE_ADMIN, pbPin, cbPin);
92 vletoux 8 if (dwReturn && pcAttemptsRemaining)
93 vletoux 1 {
94     GetRemainingPin(pCardData, ROLE_ADMIN, pcAttemptsRemaining);
95     }
96     }
97     else
98     {
99     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId unknown : %s", pwszUserId);
100     dwReturn = SCARD_E_INVALID_PARAMETER;
101     __leave;
102     }
103    
104     }
105     __finally
106     {
107     }
108     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
109     return dwReturn;
110     }
111    
112     /** A card principal can be authenticated by using either a PIN
113     or a challenge/response protocol in which the card generates a block
114     of challenge data by using its administrative key. The authenticating
115     caller must compute the response to the challenge by using shared
116     knowledge of that key and submit the response back to the card.
117     If the response is correct, the principal is authenticated to the card. */
118    
119     DWORD WINAPI CardGetChallenge(
120     __in PCARD_DATA pCardData,
121     __deref_out_bcount(*pcbChallengeData) PBYTE *ppbChallengeData,
122     __out PDWORD pcbChallengeData
123     )
124     {
125     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
126     return SCARD_E_UNSUPPORTED_FEATURE;
127     }
128    
129     /** The CardAuthenticateChallenge function performs authentication of
130     a card principal by using a challenge/response protocol. The caller of
131     this function must have previously called CardGetChallenge to retrieve
132     the challenge data from the card and computed the correct response data
133     to submit with this call. */
134    
135     DWORD WINAPI CardAuthenticateChallenge(
136     __in PCARD_DATA pCardData,
137     __in_bcount(cbResponseData) PBYTE pbResponseData,
138     __in DWORD cbResponseData,
139     __out_opt PDWORD pcAttemptsRemaining
140     )
141     {
142     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
143     return SCARD_E_UNSUPPORTED_FEATURE;
144     }
145    
146     /** The CardDeauthenticate function is an optional export that should be
147     provided if it is possible within the card minidriver to efficiently reverse
148     the effect of authenticating a user or administrator without resetting
149     the card. If this function is not implemented, the card minidriver should
150     put NULL in the CARD_DATA structure pointer for this function.
151     The Base CSP/KSP tests this pointer for NULL value before calling it. If it
152     is found NULL, the Base CSP/KSP deauthenticates a user by resetting the
153     card. Because a card reset is a time-consuming operation, the card minidriver
154     should implement this function if it can be done.
155     */
156    
157     DWORD WINAPI CardDeauthenticate(
158     __in PCARD_DATA pCardData,
159     __in LPWSTR pwszUserId,
160     __in DWORD dwFlags
161     )
162     {
163     DWORD dwReturn = 0;
164 vletoux 9 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter %s", pwszUserId);
165 vletoux 1 __try
166     {
167     if ( pCardData == NULL )
168     {
169     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
170     dwReturn = SCARD_E_INVALID_PARAMETER;
171     __leave;
172     }
173     if ( pwszUserId == NULL )
174     {
175     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId == NULL");
176     dwReturn = SCARD_E_INVALID_PARAMETER;
177     __leave;
178     }
179     if ( dwFlags != 0 )
180     {
181     Trace(WINEVENT_LEVEL_ERROR, L"dwFlags != 0 : %d", dwFlags);
182     dwReturn = SCARD_E_INVALID_PARAMETER;
183     __leave;
184     }
185     dwReturn = CheckContext(pCardData);
186     if ( dwReturn )
187     {
188     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
189     dwReturn = SCARD_E_INVALID_PARAMETER;
190     __leave;
191     }
192     dwReturn = Deauthenticate(pCardData);
193     }
194     __finally
195     {
196     }
197 vletoux 9 Trace(WINEVENT_LEVEL_VERBOSE, L"%s dwReturn = 0x%08X", pwszUserId,dwReturn);
198 vletoux 1 return dwReturn;
199     }
200    
201     /** The CardAuthenticateEx function handles PIN authentication operations to the card.
202     This function replaces the CardAuthenticate function of earlier versions of these
203     specifications and adds support for the following PIN types:
204     • External PINs, which are PINs that are accessed from a device that is connected to the computer.
205     • Challenge/response PINs.
206     • Secure PIN channels.
207     • Session PINs.
208     */
209     DWORD WINAPI CardAuthenticateEx(
210     __in PCARD_DATA pCardData,
211     __in PIN_ID PinId,
212     __in DWORD dwFlags,
213     __in_bcount(cbPinData) PBYTE pbPinData,
214     __in DWORD cbPinData,
215     __deref_opt_out_bcount(*pcbSessionPin) PBYTE *ppbSessionPin,
216     __out_opt PDWORD pcbSessionPin,
217     __out_opt PDWORD pcAttemptsRemaining
218     )
219     {
220     DWORD dwReturn = 0;
221     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter authenticate %d", PinId);
222     __try
223     {
224     if ( pCardData == NULL )
225     {
226     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
227     dwReturn = SCARD_E_INVALID_PARAMETER;
228     __leave;
229     }
230     if ((dwFlags & CARD_AUTHENTICATE_GENERATE_SESSION_PIN)
231     || (dwFlags & CARD_AUTHENTICATE_SESSION_PIN))
232     {
233     if ( ( ppbSessionPin == NULL ) ||
234     ( pcbSessionPin == NULL ) )
235     {
236     Trace(WINEVENT_LEVEL_ERROR, L"ppbSessionPin == NULL");
237     dwReturn = SCARD_E_INVALID_PARAMETER;
238     __leave;
239     }
240     else
241     {
242     Trace(WINEVENT_LEVEL_ERROR, L"SESSION_PIN SCARD_E_UNSUPPORTED_FEATURE");
243     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
244     __leave;
245     }
246     }
247 vletoux 9 if ( pbPinData == NULL )
248     {
249     Trace(WINEVENT_LEVEL_ERROR, L"pbPinData == NULL");
250     dwReturn = SCARD_E_INVALID_PARAMETER;
251     __leave;
252     }
253 vletoux 1 dwReturn = CheckContext(pCardData);
254     if ( dwReturn )
255     {
256     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
257     dwReturn = SCARD_E_INVALID_PARAMETER;
258     __leave;
259     }
260     dwReturn = CheckPinLength(pCardData, PinId, cbPinData);
261     if (dwReturn)
262     {
263     __leave;
264     }
265     dwReturn = VerifyPIN(pCardData, PinId, pbPinData, cbPinData);
266 vletoux 8 if (dwReturn && pcAttemptsRemaining)
267 vletoux 1 {
268     GetRemainingPin(pCardData, PinId, pcAttemptsRemaining);
269     }
270     }
271     __finally
272     {
273     }
274     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
275     return dwReturn;
276     }
277    
278     /** Besides authentication by using a PIN, a card principal can be authenticated
279     by using a challenge/response protocol in which the card generates a block of challenge data.
280     The authenticating caller must compute the response to the challenge by using
281     shared knowledge of a key and submit the response back to the card by calling
282     CardGetChallengeEx. If the response is correct, the principal is authenticated to the card.
283     */
284    
285     DWORD WINAPI CardGetChallengeEx(
286     __in PCARD_DATA pCardData,
287     __in PIN_ID PinId,
288     __deref_out_bcount(*pcbChallengeData) PBYTE *ppbChallengeData,
289     __out PDWORD pcbChallengeData,
290     __in DWORD dwFlags
291     )
292     {
293     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
294     return SCARD_E_UNSUPPORTED_FEATURE;
295     }
296    
297     /** The CardDeauthenticateEx function must always be provided. If it is not
298     possible within the card minidriver to efficiently reverse the effect of an
299     authentication operation without resetting the card, the call must return
300     SCARD_E_UNSUPPORTED_FEATURE. In this situation, the Base CSP/KSP performs
301     deauthentication by resetting the card. Because a card reset is a time-consuming
302     operation, the card minidriver must implement this function if it can be done.*/
303    
304     DWORD WINAPI CardDeauthenticateEx(
305     __in PCARD_DATA pCardData,
306     __in PIN_SET PinId,
307     __in DWORD dwFlags
308     )
309     {
310     DWORD dwReturn = 0;
311 vletoux 9 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter PinId = %d", PinId);
312 vletoux 1 __try
313     {
314     if ( pCardData == NULL )
315     {
316     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
317     dwReturn = SCARD_E_INVALID_PARAMETER;
318     __leave;
319     }
320     if ( dwFlags != 0 )
321     {
322     Trace(WINEVENT_LEVEL_ERROR, L"dwFlags != 0 : %d", dwFlags);
323     dwReturn = SCARD_E_INVALID_PARAMETER;
324     __leave;
325     }
326     dwReturn = CheckContext(pCardData);
327     if ( dwReturn )
328     {
329     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
330     dwReturn = SCARD_E_INVALID_PARAMETER;
331     __leave;
332     }
333     dwReturn = Deauthenticate(pCardData);
334     }
335     __finally
336     {
337     }
338 vletoux 9 Trace(WINEVENT_LEVEL_VERBOSE, L"PinId = %d dwReturn = 0x%08X",PinId, dwReturn);
339 vletoux 1 return dwReturn;
340     }
341    
342     /** The CardUnblockPin function is used to unblock a card that has become
343     blocked by too many incorrect PIN entry attempts. The unblock function is
344     atomic in that authentication and unblocking the card must occur as a single
345     operation. Therefore, authentication information and the new user PIN must
346     be presented when the call is made.*/
347    
348     DWORD WINAPI CardUnblockPin(
349     __in PCARD_DATA pCardData,
350     __in LPWSTR pwszUserId,
351     __in_bcount(cbAuthenticationData) PBYTE pbAuthenticationData,
352     __in DWORD cbAuthenticationData,
353     __in_bcount(cbNewPinData) PBYTE pbNewPinData,
354     __in DWORD cbNewPinData,
355     __in DWORD cRetryCount,
356     __in DWORD dwFlags
357     )
358     {
359     DWORD dwReturn = 0;
360    
361     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
362     __try
363     {
364     if ( pCardData == NULL )
365     {
366     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
367     dwReturn = SCARD_E_INVALID_PARAMETER;
368     __leave;
369     }
370     if ( pwszUserId == NULL )
371     {
372     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId == NULL");
373     dwReturn = SCARD_E_INVALID_PARAMETER;
374     __leave;
375     }
376     if ( pbAuthenticationData == NULL )
377     {
378     Trace(WINEVENT_LEVEL_ERROR, L"pbAuthenticationData == NULL");
379     dwReturn = SCARD_E_INVALID_PARAMETER;
380     __leave;
381     }
382     if ( pbNewPinData == NULL )
383     {
384     Trace(WINEVENT_LEVEL_ERROR, L"pbNewPinData == NULL");
385     dwReturn = SCARD_E_INVALID_PARAMETER;
386     __leave;
387     }
388 vletoux 8 if (dwFlags == CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE)
389 vletoux 1 {
390     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
391 vletoux 8 Trace(WINEVENT_LEVEL_ERROR, L"CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE SCARD_E_UNSUPPORTED_FEATURE");
392 vletoux 1 __leave;
393     }
394 vletoux 8 if (dwFlags != CARD_AUTHENTICATE_PIN_PIN)
395     {
396     dwReturn = SCARD_E_INVALID_PARAMETER;
397     Trace(WINEVENT_LEVEL_ERROR, L"SCARD_E_INVALID_PARAMETER dwFlags = 0x%08X", dwFlags);
398     __leave;
399     }
400 vletoux 1 dwReturn = CheckContext(pCardData);
401     if ( !dwReturn )
402     {
403     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
404     dwReturn = SCARD_E_INVALID_PARAMETER;
405     __leave;
406     }
407     if ( wcscmp(pwszUserId, wszCARD_USER_USER) == 0 )
408     {
409     dwReturn = ResetUserPIN(pCardData, ROLE_PUK,
410     pbAuthenticationData, cbAuthenticationData,
411     pbNewPinData, cbNewPinData);
412     }
413     else if ( wcscmp(pwszUserId, wszCARD_USER_ADMIN) == 0)
414     {
415     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
416     Trace(WINEVENT_LEVEL_ERROR, L"wszCARD_USER_ADMIN");
417     __leave;
418     }
419     else
420     {
421     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId unknown : %s", pwszUserId);
422     dwReturn = SCARD_E_INVALID_PARAMETER;
423     __leave;
424     }
425     }
426     __finally
427     {
428     }
429     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
430     return dwReturn;
431     }
432    
433     /** This function changes the authenticator for the affected card principal.
434     It can be used to change a user’s PIN or to change the challenge/response key.
435     The two usages are distinguished by use of a flag value.*/
436    
437     DWORD WINAPI CardChangeAuthenticator(
438     __in PCARD_DATA pCardData,
439     __in LPWSTR pwszUserId,
440     __in_bcount(cbCurrentAuthenticator)
441     PBYTE pbCurrentAuthenticator,
442     __in DWORD cbCurrentAuthenticator,
443     __in_bcount(cbNewAuthenticator) PBYTE pbNewAuthenticator,
444     __in DWORD cbNewAuthenticator,
445     __in DWORD cRetryCount,
446     __in DWORD dwFlags,
447     __out_opt PDWORD pcAttemptsRemaining
448     )
449     {
450     DWORD dwReturn = 0;
451    
452     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
453     __try
454     {
455     if ( pCardData == NULL )
456     {
457     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
458     dwReturn = SCARD_E_INVALID_PARAMETER;
459     __leave;
460     }
461     if ( pwszUserId == NULL )
462     {
463     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId == NULL");
464     dwReturn = SCARD_E_INVALID_PARAMETER;
465     __leave;
466     }
467     if ( pbCurrentAuthenticator == NULL )
468     {
469     Trace(WINEVENT_LEVEL_ERROR, L"pbCurrentAuthenticator == NULL");
470     dwReturn = SCARD_E_INVALID_PARAMETER;
471     __leave;
472     }
473     if ( pbNewAuthenticator == NULL )
474     {
475     Trace(WINEVENT_LEVEL_ERROR, L"pbNewAuthenticator == NULL");
476     dwReturn = SCARD_E_INVALID_PARAMETER;
477     __leave;
478     }
479 vletoux 8 if (dwFlags == CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE)
480 vletoux 1 {
481     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
482     Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
483     __leave;
484     }
485 vletoux 8 if (dwFlags != CARD_AUTHENTICATE_PIN_PIN)
486     {
487     dwReturn = SCARD_E_INVALID_PARAMETER;
488     Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
489     __leave;
490     }
491 vletoux 11 if (cRetryCount)
492     {
493     dwReturn = SCARD_E_INVALID_PARAMETER;
494     Trace(WINEVENT_LEVEL_ERROR, L"cRetryCount = %d", cRetryCount);
495     __leave;
496     }
497 vletoux 1 dwReturn = CheckContext(pCardData);
498 vletoux 8 if (dwReturn )
499 vletoux 1 {
500     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
501     dwReturn = SCARD_E_INVALID_PARAMETER;
502     __leave;
503     }
504     if ( wcscmp(pwszUserId, wszCARD_USER_USER) == 0 )
505     {
506     dwReturn = ChangePIN(pCardData, ROLE_USER,
507     pbCurrentAuthenticator, cbCurrentAuthenticator,
508     pbNewAuthenticator, cbNewAuthenticator);
509 vletoux 8 if (dwReturn && pcAttemptsRemaining)
510 vletoux 1 {
511     GetRemainingPin(pCardData, ROLE_USER, pcAttemptsRemaining);
512     }
513     }
514     else if ( wcscmp(pwszUserId, wszCARD_USER_ADMIN) == 0)
515     {
516     dwReturn = ChangePIN(pCardData, ROLE_ADMIN,
517     pbCurrentAuthenticator, cbCurrentAuthenticator,
518     pbNewAuthenticator, cbNewAuthenticator);
519 vletoux 8 if (dwReturn && pcAttemptsRemaining)
520 vletoux 1 {
521     GetRemainingPin(pCardData,ROLE_ADMIN, pcAttemptsRemaining);
522     }
523     }
524     else
525     {
526     Trace(WINEVENT_LEVEL_ERROR, L"pwszUserId unknown : %s", pwszUserId);
527     dwReturn = SCARD_E_INVALID_PARAMETER;
528     __leave;
529     }
530     }
531     __finally
532     {
533     }
534     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
535     return dwReturn;
536     }
537    
538    
539     /** This function changes the authenticator for the affected card principal.
540     It can be used to change a PIN or unblock a PIN. The usages are distinguished
541     by use of a flag value.*/
542    
543     DWORD WINAPI CardChangeAuthenticatorEx(
544     __in PCARD_DATA pCardData,
545     __in DWORD dwFlags,
546     __in PIN_ID dwAuthenticatingPinId,
547     __in_bcount(cbAuthenticatingPinData)
548     PBYTE pbAuthenticatingPinData,
549     __in DWORD cbAuthenticatingPinData,
550     __in PIN_ID dwTargetPinId,
551     __in_bcount(cbTargetData) PBYTE pbTargetData,
552     __in DWORD cbTargetData,
553     __in DWORD cRetryCount,
554     __out_opt PDWORD pcAttemptsRemaining
555     )
556     {
557     DWORD dwReturn = 0;
558    
559     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
560     __try
561     {
562     if ( pCardData == NULL )
563     {
564     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
565     dwReturn = SCARD_E_INVALID_PARAMETER;
566     __leave;
567     }
568     if ( pbAuthenticatingPinData == NULL )
569     {
570     Trace(WINEVENT_LEVEL_ERROR, L"pbAuthenticatingPinData == NULL");
571     dwReturn = SCARD_E_INVALID_PARAMETER;
572     __leave;
573     }
574     if ( pbTargetData == NULL )
575     {
576     Trace(WINEVENT_LEVEL_ERROR, L"pbTargetData == NULL");
577     dwReturn = SCARD_E_INVALID_PARAMETER;
578     __leave;
579     }
580 vletoux 8 if (dwFlags != PIN_CHANGE_FLAG_UNBLOCK && dwFlags != PIN_CHANGE_FLAG_CHANGEPIN)
581 vletoux 1 {
582 vletoux 8 dwReturn = SCARD_E_INVALID_PARAMETER;
583 vletoux 1 Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
584     __leave;
585     }
586 vletoux 11 if (cRetryCount)
587     {
588     dwReturn = SCARD_E_INVALID_PARAMETER;
589     Trace(WINEVENT_LEVEL_ERROR, L"cRetryCount = %d", cRetryCount);
590     __leave;
591     }
592 vletoux 1 dwReturn = CheckContext(pCardData);
593 vletoux 8 if ( dwReturn )
594 vletoux 1 {
595     Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
596     dwReturn = SCARD_E_INVALID_PARAMETER;
597     __leave;
598     }
599 vletoux 8 if ( dwAuthenticatingPinId == dwTargetPinId && dwFlags == PIN_CHANGE_FLAG_CHANGEPIN)
600 vletoux 1 {
601     dwReturn = ChangePIN(pCardData, dwAuthenticatingPinId,
602     pbAuthenticatingPinData, cbAuthenticatingPinData,
603     pbTargetData, cbTargetData);
604 vletoux 8 if (dwReturn && pcAttemptsRemaining)
605 vletoux 1 {
606     GetRemainingPin(pCardData, dwAuthenticatingPinId, pcAttemptsRemaining);
607     }
608     }
609 vletoux 8 else if ( (dwAuthenticatingPinId == ROLE_ADMIN || dwAuthenticatingPinId == ROLE_PUK )
610 vletoux 11 && (dwTargetPinId == ROLE_USER || dwTargetPinId == ROLE_AUTHENTICATION)
611     && dwFlags == PIN_CHANGE_FLAG_UNBLOCK)
612 vletoux 1 {
613 vletoux 8 dwReturn = ResetUserPIN(pCardData, dwAuthenticatingPinId,
614 vletoux 1 pbAuthenticatingPinData, cbAuthenticatingPinData,
615     pbTargetData, cbTargetData);
616 vletoux 8 if (dwReturn && pcAttemptsRemaining)
617 vletoux 1 {
618 vletoux 8 GetRemainingPin(pCardData,dwAuthenticatingPinId, pcAttemptsRemaining);
619 vletoux 1 }
620     }
621 vletoux 8 else if ( dwAuthenticatingPinId == ROLE_ADMIN
622     && dwTargetPinId == ROLE_PUK && dwFlags == PIN_CHANGE_FLAG_CHANGEPIN)
623     {
624     dwReturn = SetPUK(pCardData,
625     pbAuthenticatingPinData, cbAuthenticatingPinData,
626     pbTargetData, cbTargetData);
627     if (dwReturn && pcAttemptsRemaining)
628     {
629     GetRemainingPin(pCardData,dwAuthenticatingPinId, pcAttemptsRemaining);
630     }
631     }
632 vletoux 1 else
633     {
634     Trace(WINEVENT_LEVEL_ERROR, L"unknown role match: %d %d", dwAuthenticatingPinId, dwTargetPinId);
635     dwReturn = SCARD_E_INVALID_PARAMETER;
636     __leave;
637     }
638     }
639     __finally
640     {
641     }
642     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
643     return dwReturn;
644     }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26