Fix pin length error handling

LinuxJedi · LinuxJedi · commit 9f069de835a2 · 2026-04-16T13:19:59.000+01:00
F-2035
diff --git a/src/slot.c b/src/slot.c
@@ -154,7 +154,7 @@ static CK_RV checkPinLen(CK_ULONG pinLen)
 #else
     if (pinLen > WP11_MAX_PIN_LEN)
 #endif
-        return CKR_PIN_INCORRECT;
+        return CKR_PIN_LEN_RANGE;
     return CKR_OK;
 }
 
@@ -1277,8 +1277,8 @@ CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin,
         return rv;
     }
 
-    if (checkPinLen(ulPinLen) != CKR_OK) {
-        rv = CKR_PIN_INCORRECT;
+    rv = checkPinLen(ulPinLen);
+    if (rv != CKR_OK) {
         WOLFPKCS11_LEAVE("C_InitToken", rv);
         return rv;
     }
@@ -1361,8 +1361,8 @@ CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin,
         return rv;
     }
 
-    if (checkPinLen(ulPinLen) != CKR_OK) {
-        rv = CKR_PIN_INCORRECT;
+    rv = checkPinLen(ulPinLen);
+    if (rv != CKR_OK) {
         WOLFPKCS11_LEAVE("C_InitPIN", rv);
         return rv;
     }
@@ -1436,8 +1436,8 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
         WOLFPKCS11_LEAVE("C_SetPIN", rv);
         return rv;
     }
-    if (checkPinLen(ulNewLen) != CKR_OK) {
-        rv = CKR_PIN_INCORRECT;
+    rv = checkPinLen(ulNewLen);
+    if (rv != CKR_OK) {
         WOLFPKCS11_LEAVE("C_SetPIN", rv);
         return rv;
     }
diff --git a/tests/pkcs11test.c b/tests/pkcs11test.c
@@ -699,11 +699,11 @@ static CK_RV test_token(void* args)
     }
     if (ret == CKR_OK) {
         ret = funcList->C_InitToken(slot, soPin, 3, label);
-        CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT, "Init Token too short PIN");
+        CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE, "Init Token too short PIN");
     }
     if (ret == CKR_OK) {
         ret = funcList->C_InitToken(slot, soPin, 33, label);
-        CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT, "Init Token too long PIN");
+        CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE, "Init Token too long PIN");
     }
 
     if (ret == CKR_OK) {
@@ -833,13 +833,13 @@ static CK_RV test_pin(void* args)
 #if WP11_MIN_PIN_LEN > 3
                 if (ret == CKR_OK) {
                     ret = funcList->C_InitPIN(session, userPin, 3);
-                    CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT,
+                    CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE,
                                                       "Init PIN too short PIN");
                 }
 #endif
                 if (ret == CKR_OK) {
                     ret = funcList->C_InitPIN(session, userPin, 33);
-                    CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT,
+                    CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE,
                                                        "Init PIN too long PIN");
                 }
                 funcList->C_Logout(session);
@@ -882,14 +882,14 @@ static CK_RV test_pin(void* args)
             if (ret == CKR_OK) {
                 ret = funcList->C_SetPIN(session, userPin, userPinLen,userPin,
                                                                              3);
-                CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT,
+                CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE,
                                                    "Set PIN too short new pin");
             }
 #endif
             if (ret == CKR_OK) {
                 ret = funcList->C_SetPIN(session, userPin, userPinLen, userPin,
                                                                             33);
-                CHECK_CKR_FAIL(ret, CKR_PIN_INCORRECT,
+                CHECK_CKR_FAIL(ret, CKR_PIN_LEN_RANGE,
                                                     "Set PIN too long new pin");
             }
             if (ret == CKR_OK) {

Original file line number	Diff line number	Diff line change
`@@ -154,7 +154,7 @@ static CK_RV checkPinLen(CK_ULONG pinLen)`
`154`	`154`	`#else`
`155`	`155`	`if (pinLen > WP11_MAX_PIN_LEN)`
`156`	`156`	`#endif`
`157`		`- return CKR_PIN_INCORRECT;`
	`157`	`+ return CKR_PIN_LEN_RANGE;`
`158`	`158`	`return CKR_OK;`
`159`	`159`	`}`
`160`	`160`
`@@ -1277,8 +1277,8 @@ CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin,`
`1277`	`1277`	`return rv;`
`1278`	`1278`	`}`
`1279`	`1279`
`1280`		`- if (checkPinLen(ulPinLen) != CKR_OK) {`
`1281`		`- rv = CKR_PIN_INCORRECT;`
	`1280`	`+ rv = checkPinLen(ulPinLen);`
	`1281`	`+ if (rv != CKR_OK) {`
`1282`	`1282`	`WOLFPKCS11_LEAVE("C_InitToken", rv);`
`1283`	`1283`	`return rv;`
`1284`	`1284`	`}`
`@@ -1361,8 +1361,8 @@ CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin,`
`1361`	`1361`	`return rv;`
`1362`	`1362`	`}`
`1363`	`1363`
`1364`		`- if (checkPinLen(ulPinLen) != CKR_OK) {`
`1365`		`- rv = CKR_PIN_INCORRECT;`
	`1364`	`+ rv = checkPinLen(ulPinLen);`
	`1365`	`+ if (rv != CKR_OK) {`
`1366`	`1366`	`WOLFPKCS11_LEAVE("C_InitPIN", rv);`
`1367`	`1367`	`return rv;`
`1368`	`1368`	`}`
`@@ -1436,8 +1436,8 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,`
`1436`	`1436`	`WOLFPKCS11_LEAVE("C_SetPIN", rv);`
`1437`	`1437`	`return rv;`
`1438`	`1438`	`}`
`1439`		`- if (checkPinLen(ulNewLen) != CKR_OK) {`
`1440`		`- rv = CKR_PIN_INCORRECT;`
	`1439`	`+ rv = checkPinLen(ulNewLen);`
	`1440`	`+ if (rv != CKR_OK) {`
`1441`	`1441`	`WOLFPKCS11_LEAVE("C_SetPIN", rv);`
`1442`	`1442`	`return rv;`
`1443`	`1443`	`}`