public async Task pinning_UserPinPolicy() { var policy = new PinPolicy(); policy.AddOrUpdateRegion("FRA1", 1); var r = await this.client.Pinning.UserPinPolicyAsync(policy); }
public CommandHandlerBuilder WithShowExtendedPinPolicy() { _prerequisites.Enqueue(_validator.CanUseExtendedPinPolicies); _commands.Enqueue(() => { try { _logger.LogInformation(_logMessageBuilder.WithTokenId(Resources.GetExtendedPinPolicies)); PinPolicy pinPolicy = PinPolicyWorker.GetPinPolicy(_slot); byte MinPinLength = Math.Max(pinPolicy.MinPinLength.GetValueOrDefault(), Convert.ToByte(_runtimeTokenParams.MinUserPinLenFromToken)); Console.WriteLine(Resources.MinPinLengthDesc, MinPinLength); Console.WriteLine(Resources.PinHistoryDepthDesc, pinPolicy.PinHistoryDepth); Console.WriteLine(Resources.AllowDefaultPinUsageDesc, pinPolicy.AllowDefaultPinUsage); Console.WriteLine(Resources.PinContainsDigitDesc, pinPolicy.PinContainsDigit); Console.WriteLine(Resources.PinContainsUpperLetterDesc, pinPolicy.PinContainsUpperLetter); Console.WriteLine(Resources.PinContainsLowerLetterDesc, pinPolicy.PinContainsLowerLetter); Console.WriteLine(Resources.PinContainsSpecCharDesc, pinPolicy.PinContainsSpecChar); Console.WriteLine(Resources.RestrictOneCharPinDesc, pinPolicy.RestrictOneCharPin); Console.WriteLine(Resources.AllowChangePinPolicyDesc, pinPolicy.AllowChangePinPolicy); Console.WriteLine(Resources.RemovePinPolicyAfterFormatDesc, pinPolicy.RemovePinPolicyAfterFormat); } catch { _logger.LogError(_logMessageBuilder.WithTokenId(Resources.GetExtendedPinPoliciesFailed)); throw; } }); return(this); }
public CommandLineOptions() { GenerateActivationPasswords = new List <string>(); FormatVolumeParams = new List <string>(); ChangeVolumeAttributes = new List <string>(); LoginWithLocalPin = new List <string>(); SetLocalPin = new List <string>(); ExcludedTokens = new List <string>(); PinPolicy = new PinPolicy(); }
public static void SetPinPolicy(IRutokenSlot slot, string adminPin, PinPolicy pinPolicy) { var operationParams = new PinPolicyChangeOperationParams { LoginType = CKU.CKU_SO, LoginPin = adminPin, PinPolicy = pinPolicy }; new PinPolicyChangeOperation().Invoke(slot, operationParams); }
public async Task pinning_HashPinPolicy_set() { var policy = new PinPolicy(); policy.AddOrUpdateRegion("NYC1", 1); policy.AddOrUpdateRegion("FRA1", 0); var hash = "QmR9HwzakHVr67HFzzgJHoRjwzTTt4wtD6KU4NFe2ArYuj"; var r = await this.client.Pinning.HashPinPolicyAsync(hash, policy); }
public async Task new_user_pin_policy() { this.server.RespondWithJsonTestFile(); var policy = new PinPolicy(); policy.AddOrUpdateRegion("FRA1", 1); var r = await this.client.Pinning.UserPinPolicyAsync(policy); var expectedBody = @"{""newPinPolicy"":{""regions"":[{""id"":""FRA1"",""desiredReplicationCount"":1}]},""migratePreviousPins"":false}"; this.server.ShouldHaveCalledPath("/pinning/userPinPolicy") .WithVerb(Put) .WithExactBody(expectedBody); await Verify(r); }
public void _HL_35_03_SetPinPolicy_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present var slot = Helpers.GetUsableSlot(pkcs11); // Open RO session using (var session = (IRutokenSession)slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_SO, Settings.SecurityOfficerPin); try { if (!session.PinPolicySupports(CKU.CKU_USER)) { Console.WriteLine("Token doesn't support PIN-policies"); return; } } catch (Exception ex) { Console.WriteLine(ex.Message); return; } PinPolicy pinPolicy = new PinPolicy(); pinPolicy.MinPinLength = 0; pinPolicy.PinHistoryDepth = 0; //pinPolicy.AllowDefaultPinUsage = true; pinPolicy.PinContainsDigit = false; pinPolicy.PinContainsUpperLetter = false; pinPolicy.PinContainsLowerLetter = false; pinPolicy.PinContainsSpecChar = false; pinPolicy.RestrictOneCharPin = false; //pinPolicy.AllowChangePinPolicy = true; //pinPolicy.RemovePinPolicyAfterFormat = true; session.SetPinPolicy(pinPolicy, CKU.CKU_USER); session.Logout(); } } }
public void _HL_35_02_GetPinPolicy_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present var slot = Helpers.GetUsableSlot(pkcs11); // Open RO session using (var session = (IRutokenSession)slot.OpenSession(SessionType.ReadOnly)) { try { if (!session.PinPolicySupports(CKU.CKU_USER)) { Console.WriteLine("Token doesn't support PIN-policies"); return; } } catch (Exception ex) { Console.WriteLine(ex.Message); return; } PinPolicy pinPolicy = session.GetPinPolicy(CKU.CKU_USER); Console.WriteLine("Min PIN Length: " + pinPolicy.MinPinLength); Console.WriteLine("PIN history depth: " + pinPolicy.PinHistoryDepth); Console.WriteLine("Allow default PIN-code usage: " + pinPolicy.AllowDefaultPinUsage); Console.WriteLine("PIN requeres digits: " + pinPolicy.PinContainsDigit); Console.WriteLine("PIN requeres uppercase chars: " + pinPolicy.PinContainsUpperLetter); Console.WriteLine("PIN requeres lowercase chars: " + pinPolicy.PinContainsLowerLetter); Console.WriteLine("PIN requeres spec chars: " + pinPolicy.PinContainsSpecChar); Console.WriteLine("PIN requeres different char usage: " + pinPolicy.RestrictOneCharPin); Console.WriteLine("PIN policy is modifiable by Admin: " + pinPolicy.AllowChangePinPolicy); Console.WriteLine("PIN policy will be deleted after formating: " + pinPolicy.RemovePinPolicyAfterFormat); } } }
public async Task change_hash_pinpolicy() { this.server.RespondWith("OK"); var policy = new PinPolicy(); policy.AddOrUpdateRegion("NYC1", 1); policy.AddOrUpdateRegion("FRA1", 0); var hash = "QmR9HwzakHVr67HFzzgJHoRjwzTTt4wtD6KU4NFe2ArYuj"; var expectedBody = @"{""ipfsPinHash"":""QmR9HwzakHVr67HFzzgJHoRjwzTTt4wtD6KU4NFe2ArYuj"",""newPinPolicy"":{""regions"":[{""id"":""NYC1"",""desiredReplicationCount"":1},{""id"":""FRA1"",""desiredReplicationCount"":0}]}}"; var r = await this.client.Pinning.HashPinPolicyAsync(hash, policy); var s = await r.GetStringAsync(); s.Should().Be("OK"); this.server.ShouldHaveCalledPath("/pinning/hashPinPolicy") .WithVerb(Put) .WithExactBody(expectedBody); }
public void SetPinPolicy(PinPolicy pinPolicy, CKU userType) { if (this._disposed) { throw new ObjectDisposedException(this.GetType().FullName); } CKR rv; IObjectHandle pinPolicyObj = GetPinPolicyObject(userType); CK_ATTRIBUTE[] pinPolicyTemplate = new CK_ATTRIBUTE[10]; NativeULong len = 0; if (pinPolicy.MinPinLength != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_MIN_LENGTH, new byte[] { Convert.ToByte(pinPolicy.MinPinLength) }); } if (pinPolicy.PinHistoryDepth != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_HISTORY_DEPTH, new byte[] { Convert.ToByte(pinPolicy.PinHistoryDepth) }); } if (pinPolicy.AllowDefaultPinUsage != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_ALLOW_DEFAULT_PIN_USAGE, new byte[] { Convert.ToByte(pinPolicy.AllowDefaultPinUsage) }); } if (pinPolicy.PinContainsDigit != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_DIGIT_REQUIRED, new byte[] { Convert.ToByte(pinPolicy.PinContainsDigit) }); } if (pinPolicy.PinContainsUpperLetter != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_UPPERCASE_REQUIRED, new byte[] { Convert.ToByte(pinPolicy.PinContainsUpperLetter) }); } if (pinPolicy.PinContainsLowerLetter != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_LOWERCASE_REQUIRED, new byte[] { Convert.ToByte(pinPolicy.PinContainsLowerLetter) }); } if (pinPolicy.PinContainsSpecChar != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_SPEC_CHAR_REQUIRED, new byte[] { Convert.ToByte(pinPolicy.PinContainsSpecChar) }); } if (pinPolicy.RestrictOneCharPin != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_DIFF_CHARS_REQUIRED, new byte[] { Convert.ToByte(pinPolicy.RestrictOneCharPin) }); } if (pinPolicy.AllowChangePinPolicy != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute(CKA.CKA_MODIFIABLE, Convert.ToBoolean(pinPolicy.AllowChangePinPolicy)); } if (pinPolicy.RemovePinPolicyAfterFormat != null) { pinPolicyTemplate[len++] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICIES_DELETABLE, Convert.ToBoolean(pinPolicy.RemovePinPolicyAfterFormat)); } rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_SetAttributeValue(_sessionId, (NativeULong)(pinPolicyObj.ObjectId), pinPolicyTemplate, len); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_GetAttributeValue", rv); } }
public PinPolicy GetPinPolicy(CKU userType) { if (this._disposed) { throw new ObjectDisposedException(this.GetType().FullName); } CKR rv; PinPolicy pinPolicy = new PinPolicy(); IObjectHandle pinPolicyObj = GetPinPolicyObject(userType); CK_ATTRIBUTE[] pinPolicyTemplate = new CK_ATTRIBUTE[10]; pinPolicyTemplate[0] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_MIN_LENGTH, new byte[1]); pinPolicyTemplate[1] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_HISTORY_DEPTH, new byte[1]); pinPolicyTemplate[2] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_ALLOW_DEFAULT_PIN_USAGE, new byte[1]); pinPolicyTemplate[3] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_DIGIT_REQUIRED, new byte[1]); pinPolicyTemplate[4] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_UPPERCASE_REQUIRED, new byte[1]); pinPolicyTemplate[5] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_LOWERCASE_REQUIRED, new byte[1]); pinPolicyTemplate[6] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_SPEC_CHAR_REQUIRED, new byte[1]); pinPolicyTemplate[7] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICY_DIFF_CHARS_REQUIRED, new byte[1]); pinPolicyTemplate[8] = CkaUtils.CreateAttribute(CKA.CKA_MODIFIABLE, new bool()); pinPolicyTemplate[9] = CkaUtils.CreateAttribute((CKA)Extended_CKA.CKA_VENDOR_PIN_POLICIES_DELETABLE, new bool()); rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_GetAttributeValue(_sessionId, (NativeULong)(pinPolicyObj.ObjectId), pinPolicyTemplate, (NativeULong)(pinPolicyTemplate.Length)); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_GetAttributeValue", rv); } byte[] minPolicyLength; CkaUtils.ConvertValue(ref pinPolicyTemplate[0], out minPolicyLength); pinPolicy.MinPinLength = minPolicyLength[0]; byte[] pinHistoryDepth; CkaUtils.ConvertValue(ref pinPolicyTemplate[1], out pinHistoryDepth); pinPolicy.PinHistoryDepth = pinHistoryDepth[0]; byte[] allowDefaultPinUsage; CkaUtils.ConvertValue(ref pinPolicyTemplate[2], out allowDefaultPinUsage); pinPolicy.AllowDefaultPinUsage = allowDefaultPinUsage[0] != 0; byte[] pinContainsDigit; CkaUtils.ConvertValue(ref pinPolicyTemplate[3], out pinContainsDigit); pinPolicy.PinContainsDigit = pinContainsDigit[0] != 0; byte[] pinContainsUpperLetter; CkaUtils.ConvertValue(ref pinPolicyTemplate[4], out pinContainsUpperLetter); pinPolicy.PinContainsUpperLetter = pinContainsUpperLetter[0] != 0; byte[] pinContainsLowerLetter; CkaUtils.ConvertValue(ref pinPolicyTemplate[5], out pinContainsLowerLetter); pinPolicy.PinContainsLowerLetter = pinContainsLowerLetter[0] != 0; byte[] pinContainsSpecChar; CkaUtils.ConvertValue(ref pinPolicyTemplate[6], out pinContainsSpecChar); pinPolicy.PinContainsSpecChar = pinContainsSpecChar[0] != 0; byte[] restrictOneCharPin; CkaUtils.ConvertValue(ref pinPolicyTemplate[7], out restrictOneCharPin); pinPolicy.RestrictOneCharPin = restrictOneCharPin[0] != 0; bool allowChangePinPolicy; CkaUtils.ConvertValue(ref pinPolicyTemplate[8], out allowChangePinPolicy); pinPolicy.AllowChangePinPolicy = allowChangePinPolicy; bool removePinPolicyAfterFormat; CkaUtils.ConvertValue(ref pinPolicyTemplate[9], out removePinPolicyAfterFormat); pinPolicy.RemovePinPolicyAfterFormat = removePinPolicyAfterFormat; return(pinPolicy); }