1 files changed, 72 insertions, 34 deletions

diff --git a/p11util.c b/p11util.c
index 7b375f8..697b696 100644
--- a/p11util.c
+++ b/p11util.c
@@ -1,6 +1,37 @@
 /*
+ * p11util.c
+ * ---------
+ *
  * Command line tool for setting up PKCS #11.  Mostly this means
  * things like setting PINs.
+ *
+ * Author: Rob Austein
+ * Copyright (c) 2015, SUNET
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #define _POSIX_SOURCE
@@ -27,8 +58,8 @@
  */
 
 static int getpin_tty(const char *prompt,
-		      char *pinbuf,
-		      const size_t pinbuf_len)
+                      char *pinbuf,
+                      const size_t pinbuf_len)
 {
   struct termios oflags, nflags;
   int c = '\0', ok = 0, fixtty = 0;
@@ -77,11 +108,12 @@ static int getpin_tty(const char *prompt,
 
 
 
-#define OPTIONS									\
-  OPT_FLG('s', "set-so-pin",     "set Security Officer PIN")			\
-  OPT_FLG('u', "set-user-pin",	 "set \"user\" PIN")				\
-  OPT_ARG('i', "set-iterations", "set PBKDF2 iteration count")			\
-  OPT_FLG('p', "pin-from-stdin", "read PIN from stdin instead of /dev/tty")	\
+#define OPTIONS                                                                 \
+  OPT_FLG('h', "help",           "show help")                                   \
+  OPT_FLG('s', "set-so-pin",     "set Security Officer PIN")                    \
+  OPT_FLG('u', "set-user-pin",   "set \"user\" PIN")                            \
+  OPT_ARG('i', "set-iterations", "set PBKDF2 iteration count")                  \
+  OPT_FLG('p', "pin-from-stdin", "read PIN from stdin instead of /dev/tty")     \
   OPT_END
 
 #define OPT_END
@@ -103,11 +135,11 @@ static void usage(const int code, const char *jane)
 }
 
 static void parse_args(int argc, char *argv[],
-		       int *do_set_so_pin,
-		       int *do_set_user_pin,
-		       int *do_set_iterations,
-		       int *read_from_stdin,
-		       unsigned long *iterations)
+                       int *do_set_so_pin,
+                       int *do_set_user_pin,
+                       int *do_set_iterations,
+                       int *read_from_stdin,
+                       unsigned long *iterations)
 {
   char *endptr;
   int c;
@@ -125,8 +157,8 @@ static void parse_args(int argc, char *argv[],
 #undef OPT_FLG
 
   assert(argv != 0 &&
-	 do_set_so_pin != 0 && do_set_user_pin != 0 && do_set_iterations != NULL &&
-	 read_from_stdin != NULL && iterations != NULL);
+         do_set_so_pin != 0 && do_set_user_pin != 0 && do_set_iterations != NULL &&
+         read_from_stdin != NULL && iterations != NULL);
   opterr = 0;
 
   if (argc == 1)
@@ -142,7 +174,7 @@ static void parse_args(int argc, char *argv[],
       *do_set_iterations = 1;
       *iterations = strtoul(optarg, &endptr, 0);
       if (*optarg == '\0' || *endptr != '\0')
-	usage(1, argv[0]);
+        usage(1, argv[0]);
       continue;
 
     case 'p':
@@ -168,10 +200,10 @@ static void parse_args(int argc, char *argv[],
 
 
 
-#define lose(_msg_)			\
-  do {					\
-    fprintf(stderr, "%s\n", _msg_);	\
-    goto fail;				\
+#define lose(_msg_)                     \
+  do {                                  \
+    fprintf(stderr, "%s\n", _msg_);     \
+    goto fail;                          \
   } while (0)
 
 static int set_iterations(unsigned long iterations)
@@ -181,9 +213,9 @@ static int set_iterations(unsigned long iterations)
 
   sqlite3_stmt *q = NULL;
   int ok = 0;
-  
-  if (!sql_check_ok(sql_prepare(&q, update_query))		||
-      !sql_check_ok(sqlite3_bind_int64(q, 1, iterations))	||
+
+  if (!sql_check_ok(sql_prepare(&q, update_query))              ||
+      !sql_check_ok(sqlite3_bind_int64(q, 1, iterations))       ||
       !sql_check_done(sqlite3_step(q)))
     lose("Couldn't update database");
 
@@ -196,7 +228,7 @@ static int set_iterations(unsigned long iterations)
 
 static int set_pin(const char * const pin_type, const int read_from_stdin)
 {
-  static const char iterations_query[] = 
+  static const char iterations_query[] =
     " SELECT pbkdf2_iterations FROM global";
 
   static const char update_format[] =
@@ -230,34 +262,34 @@ static int set_pin(const char * const pin_type, const int read_from_stdin)
 
   if (len < P11_MIN_PIN_LENGTH || len > P11_MAX_PIN_LENGTH) {
     fprintf(stderr, "Unacceptable length %lu for %s PIN, allowd range [%lu, %lu]\n",
-	    (unsigned long) len, pin_type,
-	    (unsigned long) P11_MIN_PIN_LENGTH, (unsigned long) P11_MAX_PIN_LENGTH);
+            (unsigned long) len, pin_type,
+            (unsigned long) P11_MIN_PIN_LENGTH, (unsigned long) P11_MAX_PIN_LENGTH);
     return 0;
   }
 
-  if (!sql_check_ok(sql_prepare(&q, iterations_query))	||
-      !sql_check_row(sqlite3_step(q))			||
+  if (!sql_check_ok(sql_prepare(&q, iterations_query))  ||
+      !sql_check_row(sqlite3_step(q))                   ||
       sqlite3_column_type(q, 0) == SQLITE_NULL)
     lose("Couldn't retrieve PBKDF2 iteration count from SQL");
-    
+
   if ((err = hal_get_random(salt, sizeof(salt))) != HAL_OK) {
     fprintf(stderr, "Couldn't generate salt: %s\n", hal_error_string(err));
     goto fail;
   }
 
   if ((err = hal_pbkdf2(hal_hash_sha256, (uint8_t *) pin, len, salt, sizeof(salt),
-			pinbuf, sizeof(pinbuf), sqlite3_column_int(q, 0))) != HAL_OK) {
+                        pinbuf, sizeof(pinbuf), sqlite3_column_int(q, 0))) != HAL_OK) {
     fprintf(stderr, "Couldn't process new PIN: %s\n", hal_error_string(err));
     goto fail;
   }
 
-  if (!sql_check_ok(sql_finalize_and_clear(&q))					||
-      !sql_check_ok(sql_prepare(&q, update_format, pin_type, pin_type))		||
-      !sql_check_ok(sqlite3_bind_blob(q, 1, pinbuf, sizeof(pinbuf), NULL))	||
-      !sql_check_ok(sqlite3_bind_blob(q, 2, salt, sizeof(salt), NULL))		||
+  if (!sql_check_ok(sql_finalize_and_clear(&q))                                 ||
+      !sql_check_ok(sql_prepare(&q, update_format, pin_type, pin_type))         ||
+      !sql_check_ok(sqlite3_bind_blob(q, 1, pinbuf, sizeof(pinbuf), NULL))      ||
+      !sql_check_ok(sqlite3_bind_blob(q, 2, salt, sizeof(salt), NULL))          ||
       !sql_check_done(sqlite3_step(q)))
     lose("Couldn't update database");
-      
+
   ok = 1;
 
  fail:
@@ -297,3 +329,9 @@ int main(int argc, char *argv[])
   sql_fini();
   return !ok;
 }
+
+/*
+ * Local variables:
+ * indent-tabs-mode: nil
+ * End:
+ */