1 files changed, 51 insertions, 25 deletions
diff --git a/scard.c b/scard.c
index 9b2d77602..779106f85 100644
--- a/scard.c
+++ b/scard.c
@@ -24,9 +24,8 @@
 #include "includes.h"
 #ifdef SMARTCARD
-RCSID("$OpenBSD: scard.c,v 1.23 2002/03/24 18:05:29 markus Exp $");
+RCSID("$OpenBSD: scard.c,v 1.24 2002/03/25 17:34:27 markus Exp $");
-#include <openssl/engine.h>
 #include <openssl/evp.h>
 #include <sectok.h>
@@ -36,13 +35,17 @@ RCSID("$OpenBSD: scard.c,v 1.23 2002/03/24 18:05:29 markus Exp $");
 #include "readpass.h"
 #include "scard.h"
-#ifdef OPENSSL_VERSION_NUMBER
+#if OPENSSL_VERSION_NUMBER < 0x00907000L
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+#define USE_ENGINE
-#define RSA_get_default_openssl_method RSA_get_default_method
+#define RSA_get_default_method RSA_get_default_openssl_method
-#define DSA_get_default_openssl_method DSA_get_default_method
+#else
-#define DH_get_default_openssl_method DH_get_default_method
-#define ENGINE_set_BN_mod_exp(x,y)
 #endif
+#ifdef USE_ENGINE
+#include <openssl/engine.h>
+#define sc_get_rsa sc_get_engine
+#else
+#define sc_get_rsa sc_get_rsa_method
 #endif
 #define CLA_SSH 0x05
@@ -143,8 +146,7 @@ sc_read_pubkey(Key * k)
        n = NULL;
        if (sc_fd < 0) {
-                status = sc_init();
+                if (sc_init() < 0)
-                if (status < 0 )
                        goto err;
        }
@@ -317,18 +319,13 @@ sc_finish(RSA *rsa)
        return 1;
 }
 /* engine for overloading private key operations */
-static ENGINE *smart_engine = NULL;
+static RSA_METHOD *
-static RSA_METHOD smart_rsa;
+sc_get_rsa_method(void)
-ENGINE *
-sc_get_engine(void)
 {
-        const RSA_METHOD *def;
+        static RSA_METHOD smart_rsa;
+        const RSA_METHOD *def = RSA_get_default_method();
-        def = RSA_get_default_openssl_method();
        /* use the OpenSSL version */
        memcpy(&smart_rsa, def, sizeof(smart_rsa));
@@ -343,13 +340,22 @@ sc_get_engine(void)
        orig_finish             = def->finish;
        smart_rsa.finish        = sc_finish;
+        return &smart_rsa;
+}
+#ifdef USE_ENGINE
+static ENGINE *
+sc_get_engine(void)
+{
+        static ENGINE *smart_engine = NULL;
        if ((smart_engine = ENGINE_new()) == NULL)
                fatal("ENGINE_new failed");
        ENGINE_set_id(smart_engine, "sectok");
        ENGINE_set_name(smart_engine, "libsectok");
-        ENGINE_set_RSA(smart_engine, &smart_rsa);
+        ENGINE_set_RSA(smart_engine, sc_get_rsa_method());
        ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method());
        ENGINE_set_DH(smart_engine, DH_get_default_openssl_method());
        ENGINE_set_RAND(smart_engine, RAND_SSLeay());
@@ -357,6 +363,7 @@ sc_get_engine(void)
        return smart_engine;
 }
+#endif
 void
 sc_close(void)
@@ -367,11 +374,11 @@ sc_close(void)
        }
 }
-Key *
+Key **
-sc_get_key(const char *id, const char *pin)
+sc_get_keys(const char *id, const char *pin)
 {
-        Key *k;
+        Key *k, *n, **keys;
-        int status;
+        int status, nkeys = 2;
        if (sc_reader_id != NULL)
                xfree(sc_reader_id);
@@ -395,7 +402,26 @@ sc_get_key(const char *id, const char *pin)
                key_free(k);
                return NULL;
        }
-        return k;
+        keys = xmalloc((nkeys+1) * sizeof(Key *));
+        n = key_new(KEY_RSA1);
+        BN_copy(n->rsa->n, k->rsa->n);
+        BN_copy(n->rsa->e, k->rsa->e);
+        RSA_set_method(n->rsa, sc_get_rsa());
+        n->flags |= KEY_FLAG_EXT;
+        keys[0] = n;
+        n = key_new(KEY_RSA);
+        BN_copy(n->rsa->n, k->rsa->n);
+        BN_copy(n->rsa->e, k->rsa->e);
+        RSA_set_method(n->rsa, sc_get_rsa());
+        n->flags |= KEY_FLAG_EXT;
+        keys[1] = n;
+        keys[2] = NULL;
+        key_free(k);
+        return keys;
 }
 #define NUM_RSA_KEY_ELEMENTS 5+1

diff --git a/scard.c b/scard.c index 9b2d77602..779106f85 100644 --- a/scard.c +++ b/scard.c
@@ -24,9 +24,8 @@
24		24
25	#include "includes.h"	25	#include "includes.h"
26	#ifdef SMARTCARD	26	#ifdef SMARTCARD
27	RCSID("$OpenBSD: scard.c,v 1.23 2002/03/24 18:05:29 markus Exp $");	27	RCSID("$OpenBSD: scard.c,v 1.24 2002/03/25 17:34:27 markus Exp $");
28		28
29	#include <openssl/engine.h>
30	#include <openssl/evp.h>	29	#include <openssl/evp.h>
31	#include <sectok.h>	30	#include <sectok.h>
32		31
@@ -36,13 +35,17 @@ RCSID("$OpenBSD: scard.c,v 1.23 2002/03/24 18:05:29 markus Exp $");
36	#include "readpass.h"	35	#include "readpass.h"
37	#include "scard.h"	36	#include "scard.h"
38		37
39	#ifdef OPENSSL_VERSION_NUMBER	38	#if OPENSSL_VERSION_NUMBER < 0x00907000L
40	#if OPENSSL_VERSION_NUMBER >= 0x00907000L	39	#define USE_ENGINE
41	#define RSA_get_default_openssl_method RSA_get_default_method	40	#define RSA_get_default_method RSA_get_default_openssl_method
42	#define DSA_get_default_openssl_method DSA_get_default_method	41	#else
43	#define DH_get_default_openssl_method DH_get_default_method
44	#define ENGINE_set_BN_mod_exp(x,y)
45	#endif	42	#endif
		43
		44	#ifdef USE_ENGINE
		45	#include <openssl/engine.h>
		46	#define sc_get_rsa sc_get_engine
		47	#else
		48	#define sc_get_rsa sc_get_rsa_method
46	#endif	49	#endif
47		50
48	#define CLA_SSH 0x05	51	#define CLA_SSH 0x05
@@ -143,8 +146,7 @@ sc_read_pubkey(Key * k)
143	n = NULL;	146	n = NULL;
144		147
145	if (sc_fd < 0) {	148	if (sc_fd < 0) {
146	status = sc_init();	149	if (sc_init() < 0)
147	if (status < 0 )
148	goto err;	150	goto err;
149	}	151	}
150		152
@@ -317,18 +319,13 @@ sc_finish(RSA *rsa)
317	return 1;	319	return 1;
318	}	320	}
319		321
320
321	/* engine for overloading private key operations */	322	/* engine for overloading private key operations */
322		323
323	static ENGINE *smart_engine = NULL;	324	static RSA_METHOD *
324	static RSA_METHOD smart_rsa;	325	sc_get_rsa_method(void)
325
326	ENGINE *
327	sc_get_engine(void)
328	{	326	{
329	const RSA_METHOD *def;	327	static RSA_METHOD smart_rsa;
330		328	const RSA_METHOD *def = RSA_get_default_method();
331	def = RSA_get_default_openssl_method();
332		329
333	/* use the OpenSSL version */	330	/* use the OpenSSL version */
334	memcpy(&smart_rsa, def, sizeof(smart_rsa));	331	memcpy(&smart_rsa, def, sizeof(smart_rsa));
@@ -343,13 +340,22 @@ sc_get_engine(void)
343	orig_finish = def->finish;	340	orig_finish = def->finish;
344	smart_rsa.finish = sc_finish;	341	smart_rsa.finish = sc_finish;
345		342
		343	return &smart_rsa;
		344	}
		345
		346	#ifdef USE_ENGINE
		347	static ENGINE *
		348	sc_get_engine(void)
		349	{
		350	static ENGINE *smart_engine = NULL;
		351
346	if ((smart_engine = ENGINE_new()) == NULL)	352	if ((smart_engine = ENGINE_new()) == NULL)
347	fatal("ENGINE_new failed");	353	fatal("ENGINE_new failed");
348		354
349	ENGINE_set_id(smart_engine, "sectok");	355	ENGINE_set_id(smart_engine, "sectok");
350	ENGINE_set_name(smart_engine, "libsectok");	356	ENGINE_set_name(smart_engine, "libsectok");
351		357
352	ENGINE_set_RSA(smart_engine, &smart_rsa);	358	ENGINE_set_RSA(smart_engine, sc_get_rsa_method());
353	ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method());	359	ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method());
354	ENGINE_set_DH(smart_engine, DH_get_default_openssl_method());	360	ENGINE_set_DH(smart_engine, DH_get_default_openssl_method());
355	ENGINE_set_RAND(smart_engine, RAND_SSLeay());	361	ENGINE_set_RAND(smart_engine, RAND_SSLeay());
@@ -357,6 +363,7 @@ sc_get_engine(void)
357		363
358	return smart_engine;	364	return smart_engine;
359	}	365	}
		366	#endif
360		367
361	void	368	void
362	sc_close(void)	369	sc_close(void)
@@ -367,11 +374,11 @@ sc_close(void)
367	}	374	}
368	}	375	}
369		376
370	Key *	377	Key **
371	sc_get_key(const char id, const char pin)	378	sc_get_keys(const char id, const char pin)
372	{	379	{
373	Key *k;	380	Key k, n, **keys;
374	int status;	381	int status, nkeys = 2;
375		382
376	if (sc_reader_id != NULL)	383	if (sc_reader_id != NULL)
377	xfree(sc_reader_id);	384	xfree(sc_reader_id);
@@ -395,7 +402,26 @@ sc_get_key(const char id, const char pin)
395	key_free(k);	402	key_free(k);
396	return NULL;	403	return NULL;
397	}	404	}
398	return k;	405	keys = xmalloc((nkeys+1) * sizeof(Key *));
		406
		407	n = key_new(KEY_RSA1);
		408	BN_copy(n->rsa->n, k->rsa->n);
		409	BN_copy(n->rsa->e, k->rsa->e);
		410	RSA_set_method(n->rsa, sc_get_rsa());
		411	n->flags \|= KEY_FLAG_EXT;
		412	keys[0] = n;
		413
		414	n = key_new(KEY_RSA);
		415	BN_copy(n->rsa->n, k->rsa->n);
		416	BN_copy(n->rsa->e, k->rsa->e);
		417	RSA_set_method(n->rsa, sc_get_rsa());
		418	n->flags \|= KEY_FLAG_EXT;
		419	keys[1] = n;
		420
		421	keys[2] = NULL;
		422
		423	key_free(k);
		424	return keys;
399	}	425	}
400		426
401	#define NUM_RSA_KEY_ELEMENTS 5+1	427	#define NUM_RSA_KEY_ELEMENTS 5+1