(MFC) PKCS11 Set PIN for Currently Logged On User

See more PKCS11 Examples

Demonstrates how to change the PIN for the currently logged on user. (The currently logged on user can be the Security Officer, the Normal User, or Context Specific.)

Note: Requires Chilkat v9.5.0.89 or greater.

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkPkcs11.h>
#include <CkJsonObject.h>

void ChilkatSample(void)
    {
    CkString strOut;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.

    CkPkcs11 pkcs11;

    // See PKCS11 Find Driver Library Path for information about how to find the 
    // PKCS11 driver file (if not explicitly known) for the plugged-in token or smart card in reader.
    pkcs11.put_SharedLibPath("IDPrimePKCS1164.dll");

    bool success = pkcs11.Initialize();
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Call Discover to get the slot ID.
    bool onlyTokensPresent = true;
    CkJsonObject json;
    success = pkcs11.Discover(onlyTokensPresent,json);
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Make sure we have at least one slot.
    if (json.SizeOfArray("slot") <= 0) {
        strOut.append("No occuplied slots.");
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Get the ID of the 1st slot
    int slotID = json.IntOf("slot[0].id");

    // Open a session.
    bool readWrite = true;
    success = pkcs11.OpenSession(slotID,readWrite);
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Make it an authenticated session by calling Login.
    // The smart card PIN is passed to the Login method.
    // The user type can be one of three choices:
    // 0 - Security Officer
    // 1 - Normal User
    // 2 - Context Specific.
    int userType = 1;
    const char *pin = "0000";
    success = pkcs11.Login(userType,pin);
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        success = pkcs11.CloseSession();
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Change the PIN from 0000 to 1234
    // This changes the PIN for the user type that is logged in.
    success = pkcs11.SetPin(pin,"1234");
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        success = pkcs11.CloseSession();
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Revert to an unauthenticated session by calling Logout.
    success = pkcs11.Logout();
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        success = pkcs11.CloseSession();
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // When finished, close the session.
    // It is important to close the session (memory leaks will occur if the session is not properly closed).
    success = pkcs11.CloseSession();
    if (success == false) {
        strOut.append(pkcs11.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    strOut.append("Successfully changed PIN from 0000 to 1234");
    strOut.append("\r\n");


    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }