From 7fc2d925824b23451c99986364e67a703a9eb0aa Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 21 Oct 2017 15:01:53 +0200
Subject: p11tool: print PKCS#11 token flags in --list-tokens

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
---
 src/pkcs11.c | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 88 insertions(+)

diff --git a/src/pkcs11.c b/src/pkcs11.c
index cb90b876a7..9a84982494 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -676,6 +676,94 @@ void print_type(FILE *outfile, unsigned flags)
 	if (print == 0)
 		fputs("Generic token", outfile);
 	fputc('\n', outfile);
+
+	print = 0;
+	fputs("\tFlags: ", outfile);
+	if (flags & GNUTLS_PKCS11_TOKEN_RNG) {
+		fputs("RNG", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("Requires login", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("External PIN", outfile);
+		print++;
+	}
+
+	if (!(flags & GNUTLS_PKCS11_TOKEN_INITIALIZED)) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("Uninitialized", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("uPIN low count", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("Final uPIN attempt", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("uPIN locked", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("SO-PIN low count", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("Final SO-PIN attempt", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("SO-PIN locked", outfile);
+		print++;
+	}
+
+	if (!(flags & GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED)) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("uPIN uninitialized", outfile);
+		print++;
+	}
+
+	if (flags & GNUTLS_PKCS11_TOKEN_ERROR_STATE) {
+		if (print != 0)
+			fputs(", ", outfile);
+		fputs("Error state", outfile);
+		print++;
+	}
+
+	if (print == 0)
+		fputs("Generic token", outfile);
+	fputc('\n', outfile);
 }
 
 void
-- 
cgit v1.2.1