diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-03-22 03:28:11 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-03-22 03:28:11 +0000 |
commit | 0b675b16595b6b84631ab9ebcccb3ecaa311d14e (patch) | |
tree | a2230691f0e760133f6a2ddbd6d6ea881f82be0e | |
parent | 5589f4b55f6f739acb8a2ff616d54e919e01dba9 (diff) |
- markus@cvs.openbsd.org 2002/03/21 16:38:06
[scard.c]
make compile w/ openssl 0.9.7
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | scard.c | 56 |
2 files changed, 29 insertions, 32 deletions
@@ -115,6 +115,9 @@ | |||
115 | [clientloop.c ssh.1] | 115 | [clientloop.c ssh.1] |
116 | add built-in command line for adding new port forwardings on the fly. | 116 | add built-in command line for adding new port forwardings on the fly. |
117 | based on a patch from brian wellington. ok markus@. | 117 | based on a patch from brian wellington. ok markus@. |
118 | - markus@cvs.openbsd.org 2002/03/21 16:38:06 | ||
119 | [scard.c] | ||
120 | make compile w/ openssl 0.9.7 | ||
118 | 121 | ||
119 | 20020317 | 122 | 20020317 |
120 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, | 123 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, |
@@ -7961,4 +7964,4 @@ | |||
7961 | - Wrote replacements for strlcpy and mkdtemp | 7964 | - Wrote replacements for strlcpy and mkdtemp |
7962 | - Released 1.0pre1 | 7965 | - Released 1.0pre1 |
7963 | 7966 | ||
7964 | $Id: ChangeLog,v 1.1957 2002/03/22 03:24:32 mouring Exp $ | 7967 | $Id: ChangeLog,v 1.1958 2002/03/22 03:28:11 mouring Exp $ |
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | #ifdef SMARTCARD | 26 | #ifdef SMARTCARD |
27 | RCSID("$OpenBSD: scard.c,v 1.17 2001/12/27 18:22:16 markus Exp $"); | 27 | RCSID("$OpenBSD: scard.c,v 1.18 2002/03/21 16:38:06 markus Exp $"); |
28 | 28 | ||
29 | #include <openssl/engine.h> | 29 | #include <openssl/engine.h> |
30 | #include <sectok.h> | 30 | #include <sectok.h> |
@@ -34,6 +34,15 @@ RCSID("$OpenBSD: scard.c,v 1.17 2001/12/27 18:22:16 markus Exp $"); | |||
34 | #include "xmalloc.h" | 34 | #include "xmalloc.h" |
35 | #include "scard.h" | 35 | #include "scard.h" |
36 | 36 | ||
37 | #ifdef OPENSSL_VERSION_NUMBER | ||
38 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L | ||
39 | #define RSA_get_default_openssl_method RSA_get_default_method | ||
40 | #define DSA_get_default_openssl_method DSA_get_default_method | ||
41 | #define DH_get_default_openssl_method DH_get_default_method | ||
42 | #define ENGINE_set_BN_mod_exp(x,y) | ||
43 | #endif | ||
44 | #endif | ||
45 | |||
37 | #define CLA_SSH 0x05 | 46 | #define CLA_SSH 0x05 |
38 | #define INS_DECRYPT 0x10 | 47 | #define INS_DECRYPT 0x10 |
39 | #define INS_GET_KEYLENGTH 0x20 | 48 | #define INS_GET_KEYLENGTH 0x20 |
@@ -178,7 +187,8 @@ err: | |||
178 | /* private key operations */ | 187 | /* private key operations */ |
179 | 188 | ||
180 | static int | 189 | static int |
181 | sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | 190 | sc_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa, |
191 | int padding) | ||
182 | { | 192 | { |
183 | u_char *padded = NULL; | 193 | u_char *padded = NULL; |
184 | int sw, len, olen, status = -1; | 194 | int sw, len, olen, status = -1; |
@@ -197,7 +207,8 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
197 | len = BN_num_bytes(rsa->n); | 207 | len = BN_num_bytes(rsa->n); |
198 | padded = xmalloc(len); | 208 | padded = xmalloc(len); |
199 | 209 | ||
200 | sectok_apdu(sc_fd, CLA_SSH, INS_DECRYPT, 0, 0, len, from, 0, NULL, &sw); | 210 | sectok_apdu(sc_fd, CLA_SSH, INS_DECRYPT, 0, 0, len, (u_char *)from, |
211 | 0, NULL, &sw); | ||
201 | if (!sectok_swOK(sw)) { | 212 | if (!sectok_swOK(sw)) { |
202 | error("sc_private_decrypt: INS_DECRYPT failed: %s", | 213 | error("sc_private_decrypt: INS_DECRYPT failed: %s", |
203 | sectok_get_sw(sw)); | 214 | sectok_get_sw(sw)); |
@@ -220,7 +231,8 @@ err: | |||
220 | } | 231 | } |
221 | 232 | ||
222 | static int | 233 | static int |
223 | sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | 234 | sc_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, |
235 | int padding) | ||
224 | { | 236 | { |
225 | u_char *padded = NULL; | 237 | u_char *padded = NULL; |
226 | int sw, len, status = -1; | 238 | int sw, len, status = -1; |
@@ -238,7 +250,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
238 | len = BN_num_bytes(rsa->n); | 250 | len = BN_num_bytes(rsa->n); |
239 | padded = xmalloc(len); | 251 | padded = xmalloc(len); |
240 | 252 | ||
241 | if (RSA_padding_add_PKCS1_type_1(padded, len, from, flen) <= 0) { | 253 | if (RSA_padding_add_PKCS1_type_1(padded, len, (u_char *)from, flen) <= 0) { |
242 | error("RSA_padding_add_PKCS1_type_1 failed"); | 254 | error("RSA_padding_add_PKCS1_type_1 failed"); |
243 | goto err; | 255 | goto err; |
244 | } | 256 | } |
@@ -279,28 +291,20 @@ sc_finish(RSA *rsa) | |||
279 | /* engine for overloading private key operations */ | 291 | /* engine for overloading private key operations */ |
280 | 292 | ||
281 | static ENGINE *smart_engine = NULL; | 293 | static ENGINE *smart_engine = NULL; |
282 | static RSA_METHOD smart_rsa = | 294 | static RSA_METHOD smart_rsa; |
283 | { | ||
284 | "sectok", | ||
285 | NULL, | ||
286 | NULL, | ||
287 | NULL, | ||
288 | NULL, | ||
289 | NULL, | ||
290 | NULL, | ||
291 | NULL, | ||
292 | NULL, | ||
293 | 0, | ||
294 | NULL, | ||
295 | }; | ||
296 | 295 | ||
297 | ENGINE * | 296 | ENGINE * |
298 | sc_get_engine(void) | 297 | sc_get_engine(void) |
299 | { | 298 | { |
300 | RSA_METHOD *def; | 299 | const RSA_METHOD *def; |
301 | 300 | ||
302 | def = RSA_get_default_openssl_method(); | 301 | def = RSA_get_default_openssl_method(); |
303 | 302 | ||
303 | /* use the OpenSSL version */ | ||
304 | memcpy(&smart_rsa, def, sizeof(smart_rsa)); | ||
305 | |||
306 | smart_rsa.name = "sectok"; | ||
307 | |||
304 | /* overload */ | 308 | /* overload */ |
305 | smart_rsa.rsa_priv_enc = sc_private_encrypt; | 309 | smart_rsa.rsa_priv_enc = sc_private_encrypt; |
306 | smart_rsa.rsa_priv_dec = sc_private_decrypt; | 310 | smart_rsa.rsa_priv_dec = sc_private_decrypt; |
@@ -309,22 +313,12 @@ sc_get_engine(void) | |||
309 | orig_finish = def->finish; | 313 | orig_finish = def->finish; |
310 | smart_rsa.finish = sc_finish; | 314 | smart_rsa.finish = sc_finish; |
311 | 315 | ||
312 | /* just use the OpenSSL version */ | ||
313 | smart_rsa.rsa_pub_enc = def->rsa_pub_enc; | ||
314 | smart_rsa.rsa_pub_dec = def->rsa_pub_dec; | ||
315 | smart_rsa.rsa_mod_exp = def->rsa_mod_exp; | ||
316 | smart_rsa.bn_mod_exp = def->bn_mod_exp; | ||
317 | smart_rsa.init = def->init; | ||
318 | smart_rsa.flags = def->flags; | ||
319 | smart_rsa.app_data = def->app_data; | ||
320 | smart_rsa.rsa_sign = def->rsa_sign; | ||
321 | smart_rsa.rsa_verify = def->rsa_verify; | ||
322 | |||
323 | if ((smart_engine = ENGINE_new()) == NULL) | 316 | if ((smart_engine = ENGINE_new()) == NULL) |
324 | fatal("ENGINE_new failed"); | 317 | fatal("ENGINE_new failed"); |
325 | 318 | ||
326 | ENGINE_set_id(smart_engine, "sectok"); | 319 | ENGINE_set_id(smart_engine, "sectok"); |
327 | ENGINE_set_name(smart_engine, "libsectok"); | 320 | ENGINE_set_name(smart_engine, "libsectok"); |
321 | |||
328 | ENGINE_set_RSA(smart_engine, &smart_rsa); | 322 | ENGINE_set_RSA(smart_engine, &smart_rsa); |
329 | ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method()); | 323 | ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method()); |
330 | ENGINE_set_DH(smart_engine, DH_get_default_openssl_method()); | 324 | ENGINE_set_DH(smart_engine, DH_get_default_openssl_method()); |