diff options
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/scard.c | 55 | ||||
-rw-r--r-- | usr.bin/ssh/scard.h | 6 |
2 files changed, 41 insertions, 20 deletions
diff --git a/usr.bin/ssh/scard.c b/usr.bin/ssh/scard.c index b8640b890d8..951d868c81d 100644 --- a/usr.bin/ssh/scard.c +++ b/usr.bin/ssh/scard.c @@ -24,7 +24,7 @@ #ifdef SMARTCARD #include "includes.h" -RCSID("$OpenBSD: scard.c,v 1.7 2001/07/26 20:04:27 rees Exp $"); +RCSID("$OpenBSD: scard.c,v 1.8 2001/07/30 16:06:07 jakob Exp $"); #include <openssl/engine.h> #include <sectok.h> @@ -56,15 +56,20 @@ sc_open(void) if (sc_fd >= 0) return sc_fd; - sc_fd = sectok_open(sc_reader_num, 0, &sw); + sc_fd = sectok_open(sc_reader_num, STONOWAIT, &sw); if (sc_fd < 0) { error("sectok_open failed: %s", sectok_get_sw(sw)); - return -1; + return SCARD_ERROR_FAIL; + } + if (! sectok_cardpresent(sc_fd)) { + error("smartcard in reader %d not present, skipping", + sc_reader_num); + return SCARD_ERROR_NOCARD; } if (sectok_reset(sc_fd, 0, NULL, &sw) <= 0) { error("sectok_reset failed: %s", sectok_get_sw(sw)); sc_fd = -1; - return sc_fd; + return SCARD_ERROR_FAIL; } if ((cla = cyberflex_inq_class(sc_fd)) < 0) cla = 0; @@ -92,13 +97,19 @@ sc_enable_applet(void) static int sc_init(void) { - if (sc_open() < 0) { + int status; + + status = sc_open(); + if (status == SCARD_ERROR_NOCARD) { + return SCARD_ERROR_NOCARD; + } + if (status < 0 ) { error("sc_open failed"); - return -1; + return status; } if (sc_enable_applet() < 0) { error("sc_enable_applet failed"); - return -1; + return SCARD_ERROR_APPLET; } return 0; } @@ -108,13 +119,15 @@ sc_read_pubkey(Key * k) { u_char buf[2], *n; char *p; - int len, sw; + int len, sw, status; len = sw = 0; - if (sc_fd < 0) - if (sc_init() < 0) - return -1; + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) + return status; + } /* get key size */ sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, @@ -165,14 +178,16 @@ static int sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) { u_char *padded = NULL; - int sw, len, olen; + int sw, len, olen, status; debug("sc_private_decrypt called"); olen = len = sw = 0; - if (sc_fd < 0) - if (sc_init() < 0) + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) goto err; + } if (padding != RSA_PKCS1_PADDING) goto err; @@ -199,19 +214,21 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) err: if (padded) xfree(padded); - return olen; + return (olen >= 0 ? olen : status); } static int sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) { u_char *padded = NULL; - int sw, len; + int sw, len, status; len = sw = 0; - if (sc_fd < 0) - if (sc_init() < 0) + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) goto err; + } if (padding != RSA_PKCS1_PADDING) goto err; @@ -241,7 +258,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) err: if (padded) xfree(padded); - return len; + return (len >= 0 ? len : status); } /* engine for overloading private key operations */ diff --git a/usr.bin/ssh/scard.h b/usr.bin/ssh/scard.h index a4303c379f3..4a653158025 100644 --- a/usr.bin/ssh/scard.h +++ b/usr.bin/ssh/scard.h @@ -22,13 +22,17 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $OpenBSD: scard.h,v 1.4 2001/07/04 23:13:10 markus Exp $ */ +/* $OpenBSD: scard.h,v 1.5 2001/07/30 16:06:07 jakob Exp $ */ #include <openssl/engine.h> #ifndef SCARD_H #define SCARD_H +#define SCARD_ERROR_FAIL -1 +#define SCARD_ERROR_NOCARD -2 +#define SCARD_ERROR_APPLET -3 + Key *sc_get_key(int); ENGINE *sc_get_engine(void); void sc_close(void); |