pin.c revision 1.1
1 /* 2 * Copyright (c) 2018 Yubico AB. All rights reserved. 3 * Use of this source code is governed by a BSD-style 4 * license that can be found in the LICENSE file. 5 */ 6 7 #include <fido.h> 8 #include <stdbool.h> 9 #include <stdio.h> 10 #include <stdlib.h> 11 #include <string.h> 12 #ifdef HAVE_UNISTD_H 13 #include <unistd.h> 14 #endif 15 16 #include "../openbsd-compat/openbsd-compat.h" 17 #include "extern.h" 18 19 int 20 pin_set(char *path) 21 { 22 fido_dev_t *dev = NULL; 23 char prompt[1024]; 24 char pin1[1024]; 25 char pin2[1024]; 26 int r; 27 int status = 1; 28 29 if (path == NULL) 30 usage(); 31 32 dev = open_dev(path); 33 34 r = snprintf(prompt, sizeof(prompt), "Enter new PIN for %s: ", path); 35 if (r < 0 || (size_t)r >= sizeof(prompt)) { 36 warnx("snprintf"); 37 goto out; 38 } 39 40 if (!readpassphrase(prompt, pin1, sizeof(pin1), RPP_ECHO_OFF)) { 41 warnx("readpassphrase"); 42 goto out; 43 } 44 45 r = snprintf(prompt, sizeof(prompt), "Enter the same PIN again: "); 46 if (r < 0 || (size_t)r >= sizeof(prompt)) { 47 warnx("snprintf"); 48 goto out; 49 } 50 51 if (!readpassphrase(prompt, pin2, sizeof(pin2), RPP_ECHO_OFF)) { 52 warnx("readpassphrase"); 53 goto out; 54 } 55 56 if (strcmp(pin1, pin2) != 0) { 57 fprintf(stderr, "PINs do not match. Try again.\n"); 58 goto out; 59 } 60 61 if ((r = fido_dev_set_pin(dev, pin1, NULL)) != FIDO_OK) { 62 warnx("fido_dev_set_pin: %s", fido_strerr(r)); 63 goto out; 64 } 65 66 fido_dev_close(dev); 67 fido_dev_free(&dev); 68 69 status = 0; 70 out: 71 explicit_bzero(pin1, sizeof(pin1)); 72 explicit_bzero(pin2, sizeof(pin2)); 73 74 exit(status); 75 } 76 77 int 78 pin_change(char *path) 79 { 80 fido_dev_t *dev = NULL; 81 char prompt[1024]; 82 char pin0[1024]; 83 char pin1[1024]; 84 char pin2[1024]; 85 int r; 86 int status = 1; 87 88 if (path == NULL) 89 usage(); 90 91 dev = open_dev(path); 92 93 r = snprintf(prompt, sizeof(prompt), "Enter current PIN for %s: ", path); 94 if (r < 0 || (size_t)r >= sizeof(prompt)) { 95 warnx("snprintf"); 96 goto out; 97 } 98 99 if (!readpassphrase(prompt, pin0, sizeof(pin0), RPP_ECHO_OFF)) { 100 warnx("readpassphrase"); 101 goto out; 102 } 103 104 r = snprintf(prompt, sizeof(prompt), "Enter new PIN for %s: ", path); 105 if (r < 0 || (size_t)r >= sizeof(prompt)) { 106 warnx("snprintf"); 107 goto out; 108 } 109 110 if (!readpassphrase(prompt, pin1, sizeof(pin1), RPP_ECHO_OFF)) { 111 warnx("readpassphrase"); 112 goto out; 113 } 114 115 r = snprintf(prompt, sizeof(prompt), "Enter the same PIN again: "); 116 if (r < 0 || (size_t)r >= sizeof(prompt)) { 117 warnx("snprintf"); 118 goto out; 119 } 120 121 if (!readpassphrase(prompt, pin2, sizeof(pin2), RPP_ECHO_OFF)) { 122 warnx("readpassphrase"); 123 goto out; 124 } 125 126 if (strcmp(pin1, pin2) != 0) { 127 fprintf(stderr, "PINs do not match. Try again.\n"); 128 goto out; 129 } 130 131 if ((r = fido_dev_set_pin(dev, pin1, pin0)) != FIDO_OK) { 132 warnx("fido_dev_set_pin: %s", fido_strerr(r)); 133 goto out; 134 } 135 136 fido_dev_close(dev); 137 fido_dev_free(&dev); 138 139 status = 0; 140 out: 141 explicit_bzero(pin0, sizeof(pin0)); 142 explicit_bzero(pin1, sizeof(pin1)); 143 explicit_bzero(pin2, sizeof(pin2)); 144 145 exit(status); 146 } 147
Indexes created Mon Apr 06 00:22:49 UTC 2026