diff options
Diffstat (limited to 'scard.c')
-rw-r--r-- | scard.c | 55 |
1 files changed, 36 insertions, 19 deletions
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #ifdef SMARTCARD | 25 | #ifdef SMARTCARD |
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | RCSID("$OpenBSD: scard.c,v 1.7 2001/07/26 20:04:27 rees Exp $"); | 27 | RCSID("$OpenBSD: scard.c,v 1.8 2001/07/30 16:06:07 jakob Exp $"); |
28 | 28 | ||
29 | #include <openssl/engine.h> | 29 | #include <openssl/engine.h> |
30 | #include <sectok.h> | 30 | #include <sectok.h> |
@@ -56,15 +56,20 @@ sc_open(void) | |||
56 | if (sc_fd >= 0) | 56 | if (sc_fd >= 0) |
57 | return sc_fd; | 57 | return sc_fd; |
58 | 58 | ||
59 | sc_fd = sectok_open(sc_reader_num, 0, &sw); | 59 | sc_fd = sectok_open(sc_reader_num, STONOWAIT, &sw); |
60 | if (sc_fd < 0) { | 60 | if (sc_fd < 0) { |
61 | error("sectok_open failed: %s", sectok_get_sw(sw)); | 61 | error("sectok_open failed: %s", sectok_get_sw(sw)); |
62 | return -1; | 62 | return SCARD_ERROR_FAIL; |
63 | } | ||
64 | if (! sectok_cardpresent(sc_fd)) { | ||
65 | error("smartcard in reader %d not present, skipping", | ||
66 | sc_reader_num); | ||
67 | return SCARD_ERROR_NOCARD; | ||
63 | } | 68 | } |
64 | if (sectok_reset(sc_fd, 0, NULL, &sw) <= 0) { | 69 | if (sectok_reset(sc_fd, 0, NULL, &sw) <= 0) { |
65 | error("sectok_reset failed: %s", sectok_get_sw(sw)); | 70 | error("sectok_reset failed: %s", sectok_get_sw(sw)); |
66 | sc_fd = -1; | 71 | sc_fd = -1; |
67 | return sc_fd; | 72 | return SCARD_ERROR_FAIL; |
68 | } | 73 | } |
69 | if ((cla = cyberflex_inq_class(sc_fd)) < 0) | 74 | if ((cla = cyberflex_inq_class(sc_fd)) < 0) |
70 | cla = 0; | 75 | cla = 0; |
@@ -92,13 +97,19 @@ sc_enable_applet(void) | |||
92 | static int | 97 | static int |
93 | sc_init(void) | 98 | sc_init(void) |
94 | { | 99 | { |
95 | if (sc_open() < 0) { | 100 | int status; |
101 | |||
102 | status = sc_open(); | ||
103 | if (status == SCARD_ERROR_NOCARD) { | ||
104 | return SCARD_ERROR_NOCARD; | ||
105 | } | ||
106 | if (status < 0 ) { | ||
96 | error("sc_open failed"); | 107 | error("sc_open failed"); |
97 | return -1; | 108 | return status; |
98 | } | 109 | } |
99 | if (sc_enable_applet() < 0) { | 110 | if (sc_enable_applet() < 0) { |
100 | error("sc_enable_applet failed"); | 111 | error("sc_enable_applet failed"); |
101 | return -1; | 112 | return SCARD_ERROR_APPLET; |
102 | } | 113 | } |
103 | return 0; | 114 | return 0; |
104 | } | 115 | } |
@@ -108,13 +119,15 @@ sc_read_pubkey(Key * k) | |||
108 | { | 119 | { |
109 | u_char buf[2], *n; | 120 | u_char buf[2], *n; |
110 | char *p; | 121 | char *p; |
111 | int len, sw; | 122 | int len, sw, status; |
112 | 123 | ||
113 | len = sw = 0; | 124 | len = sw = 0; |
114 | 125 | ||
115 | if (sc_fd < 0) | 126 | if (sc_fd < 0) { |
116 | if (sc_init() < 0) | 127 | status = sc_init(); |
117 | return -1; | 128 | if (status < 0 ) |
129 | return status; | ||
130 | } | ||
118 | 131 | ||
119 | /* get key size */ | 132 | /* get key size */ |
120 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, | 133 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, |
@@ -165,14 +178,16 @@ static int | |||
165 | sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | 178 | sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
166 | { | 179 | { |
167 | u_char *padded = NULL; | 180 | u_char *padded = NULL; |
168 | int sw, len, olen; | 181 | int sw, len, olen, status; |
169 | 182 | ||
170 | debug("sc_private_decrypt called"); | 183 | debug("sc_private_decrypt called"); |
171 | 184 | ||
172 | olen = len = sw = 0; | 185 | olen = len = sw = 0; |
173 | if (sc_fd < 0) | 186 | if (sc_fd < 0) { |
174 | if (sc_init() < 0) | 187 | status = sc_init(); |
188 | if (status < 0 ) | ||
175 | goto err; | 189 | goto err; |
190 | } | ||
176 | if (padding != RSA_PKCS1_PADDING) | 191 | if (padding != RSA_PKCS1_PADDING) |
177 | goto err; | 192 | goto err; |
178 | 193 | ||
@@ -199,19 +214,21 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
199 | err: | 214 | err: |
200 | if (padded) | 215 | if (padded) |
201 | xfree(padded); | 216 | xfree(padded); |
202 | return olen; | 217 | return (olen >= 0 ? olen : status); |
203 | } | 218 | } |
204 | 219 | ||
205 | static int | 220 | static int |
206 | sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | 221 | sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
207 | { | 222 | { |
208 | u_char *padded = NULL; | 223 | u_char *padded = NULL; |
209 | int sw, len; | 224 | int sw, len, status; |
210 | 225 | ||
211 | len = sw = 0; | 226 | len = sw = 0; |
212 | if (sc_fd < 0) | 227 | if (sc_fd < 0) { |
213 | if (sc_init() < 0) | 228 | status = sc_init(); |
229 | if (status < 0 ) | ||
214 | goto err; | 230 | goto err; |
231 | } | ||
215 | if (padding != RSA_PKCS1_PADDING) | 232 | if (padding != RSA_PKCS1_PADDING) |
216 | goto err; | 233 | goto err; |
217 | 234 | ||
@@ -241,7 +258,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
241 | err: | 258 | err: |
242 | if (padded) | 259 | if (padded) |
243 | xfree(padded); | 260 | xfree(padded); |
244 | return len; | 261 | return (len >= 0 ? len : status); |
245 | } | 262 | } |
246 | 263 | ||
247 | /* engine for overloading private key operations */ | 264 | /* engine for overloading private key operations */ |