version 1.13, 2001/08/02 16:14:05 |
version 1.14, 2001/09/17 20:22:14 |
|
|
{ |
{ |
u_char buf[2], *n; |
u_char buf[2], *n; |
char *p; |
char *p; |
int len, sw, status; |
int len, sw, status = -1; |
|
|
len = sw = 0; |
len = sw = 0; |
|
|
if (sc_fd < 0) { |
if (sc_fd < 0) { |
status = sc_init(); |
status = sc_init(); |
if (status < 0 ) |
if (status < 0 ) |
return status; |
goto err; |
} |
} |
|
|
/* get key size */ |
/* get key size */ |
|
|
sizeof(buf), buf, &sw); |
sizeof(buf), buf, &sw); |
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("could not obtain key length: %s", sectok_get_sw(sw)); |
error("could not obtain key length: %s", sectok_get_sw(sw)); |
sc_close(); |
goto err; |
return -1; |
|
} |
} |
len = (buf[0] << 8) | buf[1]; |
len = (buf[0] << 8) | buf[1]; |
len /= 8; |
len /= 8; |
|
|
sectok_apdu(sc_fd, CLA_SSH, INS_GET_PUBKEY, 0, 0, 0, NULL, len, n, &sw); |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_PUBKEY, 0, 0, 0, NULL, len, n, &sw); |
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("could not obtain public key: %s", sectok_get_sw(sw)); |
error("could not obtain public key: %s", sectok_get_sw(sw)); |
xfree(n); |
goto err; |
return -1; |
|
} |
} |
|
|
debug("INS_GET_KEYLENGTH: sw %s", sectok_get_sw(sw)); |
debug("INS_GET_KEYLENGTH: sw %s", sectok_get_sw(sw)); |
|
|
if (BN_bin2bn(n, len, k->rsa->n) == NULL) { |
if (BN_bin2bn(n, len, k->rsa->n) == NULL) { |
error("c_read_pubkey: BN_bin2bn failed"); |
error("c_read_pubkey: BN_bin2bn failed"); |
xfree(n); |
goto err; |
sc_close(); |
|
return -1; |
|
} |
} |
xfree(n); |
|
|
|
/* currently the java applet just stores 'n' */ |
/* currently the java applet just stores 'n' */ |
if (!BN_set_word(k->rsa->e, 35)) { |
if (!BN_set_word(k->rsa->e, 35)) { |
error("c_read_pubkey: BN_set_word(e, 35) failed"); |
error("c_read_pubkey: BN_set_word(e, 35) failed"); |
return -1; |
goto err; |
} |
} |
|
|
|
status = 0; |
p = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); |
p = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); |
debug("fingerprint %d %s", key_size(k), p); |
debug("fingerprint %d %s", key_size(k), p); |
xfree(p); |
xfree(p); |
|
|
return 0; |
err: |
|
if (n != NULL) |
|
xfree(n); |
|
sc_close(); |
|
return status; |
} |
} |
|
|
/* private key operations */ |
/* private key operations */ |
|
|
sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
{ |
{ |
u_char *padded = NULL; |
u_char *padded = NULL; |
int sw, len, olen, status; |
int sw, len, olen, status = -1; |
|
|
debug("sc_private_decrypt called"); |
debug("sc_private_decrypt called"); |
|
|
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
sc_close(); |
|
goto err; |
goto err; |
} |
} |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
sc_close(); |
|
goto err; |
goto err; |
} |
} |
olen = RSA_padding_check_PKCS1_type_2(to, len, padded + 1, len - 1, |
olen = RSA_padding_check_PKCS1_type_2(to, len, padded + 1, len - 1, |
|
|
err: |
err: |
if (padded) |
if (padded) |
xfree(padded); |
xfree(padded); |
|
sc_close(); |
return (olen >= 0 ? olen : status); |
return (olen >= 0 ? olen : status); |
} |
} |
|
|
|
|
sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) |
{ |
{ |
u_char *padded = NULL; |
u_char *padded = NULL; |
int sw, len, status; |
int sw, len, status = -1; |
|
|
len = sw = 0; |
len = sw = 0; |
if (sc_fd < 0) { |
if (sc_fd < 0) { |
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
sc_close(); |
|
goto err; |
goto err; |
} |
} |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
sc_close(); |
|
goto err; |
goto err; |
} |
} |
err: |
err: |
if (padded) |
if (padded) |
xfree(padded); |
xfree(padded); |
|
sc_close(); |
return (len >= 0 ? len : status); |
return (len >= 0 ? len : status); |
} |
} |
|
|
|
|
return NULL; |
return NULL; |
} |
} |
return k; |
return k; |
sc_close(); |
|
} |
} |
#endif /* SMARTCARD */ |
#endif /* SMARTCARD */ |