40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
puts "Cert: $certinfo(pkcs11_label) / $certinfo(subject)"
set cipher [pki::encrypt -binary -pub -- $orig $certinfo_list]
if {[catch {
set plain [pki::decrypt -binary -priv -- $cipher $certinfo_list]
} err]} {
if {$err == "PKCS11_ERROR USER_NOT_LOGGED_IN"} {
# Login and try it again...
puts -nonewline " *** ENTER PIN: "
flush stdout
gets stdin password
pki::pkcs11::login $handle $token_slotid $password
set plain [pki::decrypt -binary -priv -- $cipher $certinfo_list]
} else {
puts stderr "$::errorInfo"
exit 1
}
}
if {$plain != $orig} {
puts "Decryption error! Expected \"$orig\", got \"$plain\""
exit 1
|
|
|
|
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
puts "Cert: $certinfo(pkcs11_label) / $certinfo(subject)"
set cipher [pki::encrypt -binary -pub -- $orig $certinfo_list]
if {[catch {
set plain [pki::decrypt -binary -priv -- $cipher $certinfo_list]
} err]} {
if {$err == "PKCS11_ERROR USER_NOT_LOGGED_IN" || $err == "PKCS11_ERROR MAYBE_LOGIN"} {
# Login and try it again...
puts -nonewline " *** ENTER PIN: "
flush stdout
gets stdin password
pki::pkcs11::login $handle $token_slotid $password
set plain [pki::decrypt -binary -priv -- $cipher $certinfo_list]
} else {
puts stderr "$::errorInfo"
break
}
}
if {$plain != $orig} {
puts "Decryption error! Expected \"$orig\", got \"$plain\""
exit 1
|