version 1.23, 2002/03/24 18:05:29 |
version 1.24, 2002/03/25 17:34:27 |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$OpenBSD$"); |
RCSID("$OpenBSD$"); |
|
|
#include <openssl/engine.h> |
|
#include <openssl/evp.h> |
#include <openssl/evp.h> |
#include <sectok.h> |
#include <sectok.h> |
|
|
|
|
#include "readpass.h" |
#include "readpass.h" |
#include "scard.h" |
#include "scard.h" |
|
|
#ifdef OPENSSL_VERSION_NUMBER |
#if OPENSSL_VERSION_NUMBER < 0x00907000L |
#if OPENSSL_VERSION_NUMBER >= 0x00907000L |
#define USE_ENGINE |
#define RSA_get_default_openssl_method RSA_get_default_method |
#define RSA_get_default_method RSA_get_default_openssl_method |
#define DSA_get_default_openssl_method DSA_get_default_method |
#else |
#define DH_get_default_openssl_method DH_get_default_method |
|
#define ENGINE_set_BN_mod_exp(x,y) |
|
#endif |
#endif |
|
|
|
#ifdef USE_ENGINE |
|
#include <openssl/engine.h> |
|
#define sc_get_rsa sc_get_engine |
|
#else |
|
#define sc_get_rsa sc_get_rsa_method |
#endif |
#endif |
|
|
#define CLA_SSH 0x05 |
#define CLA_SSH 0x05 |
|
|
n = NULL; |
n = NULL; |
|
|
if (sc_fd < 0) { |
if (sc_fd < 0) { |
status = sc_init(); |
if (sc_init() < 0) |
if (status < 0 ) |
|
goto err; |
goto err; |
} |
} |
|
|
|
|
return 1; |
return 1; |
} |
} |
|
|
|
|
/* engine for overloading private key operations */ |
/* engine for overloading private key operations */ |
|
|
static ENGINE *smart_engine = NULL; |
static RSA_METHOD * |
static RSA_METHOD smart_rsa; |
sc_get_rsa_method(void) |
|
|
ENGINE * |
|
sc_get_engine(void) |
|
{ |
{ |
const RSA_METHOD *def; |
static RSA_METHOD smart_rsa; |
|
const RSA_METHOD *def = RSA_get_default_method(); |
|
|
def = RSA_get_default_openssl_method(); |
|
|
|
/* use the OpenSSL version */ |
/* use the OpenSSL version */ |
memcpy(&smart_rsa, def, sizeof(smart_rsa)); |
memcpy(&smart_rsa, def, sizeof(smart_rsa)); |
|
|
|
|
orig_finish = def->finish; |
orig_finish = def->finish; |
smart_rsa.finish = sc_finish; |
smart_rsa.finish = sc_finish; |
|
|
|
return &smart_rsa; |
|
} |
|
|
|
#ifdef USE_ENGINE |
|
static ENGINE * |
|
sc_get_engine(void) |
|
{ |
|
static ENGINE *smart_engine = NULL; |
|
|
if ((smart_engine = ENGINE_new()) == NULL) |
if ((smart_engine = ENGINE_new()) == NULL) |
fatal("ENGINE_new failed"); |
fatal("ENGINE_new failed"); |
|
|
ENGINE_set_id(smart_engine, "sectok"); |
ENGINE_set_id(smart_engine, "sectok"); |
ENGINE_set_name(smart_engine, "libsectok"); |
ENGINE_set_name(smart_engine, "libsectok"); |
|
|
ENGINE_set_RSA(smart_engine, &smart_rsa); |
ENGINE_set_RSA(smart_engine, sc_get_rsa_method()); |
ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method()); |
ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method()); |
ENGINE_set_DH(smart_engine, DH_get_default_openssl_method()); |
ENGINE_set_DH(smart_engine, DH_get_default_openssl_method()); |
ENGINE_set_RAND(smart_engine, RAND_SSLeay()); |
ENGINE_set_RAND(smart_engine, RAND_SSLeay()); |
|
|
|
|
return smart_engine; |
return smart_engine; |
} |
} |
|
#endif |
|
|
void |
void |
sc_close(void) |
sc_close(void) |
|
|
} |
} |
} |
} |
|
|
Key * |
Key ** |
sc_get_key(const char *id, const char *pin) |
sc_get_keys(const char *id, const char *pin) |
{ |
{ |
Key *k; |
Key *k, *n, **keys; |
int status; |
int status, nkeys = 2; |
|
|
if (sc_reader_id != NULL) |
if (sc_reader_id != NULL) |
xfree(sc_reader_id); |
xfree(sc_reader_id); |
|
|
key_free(k); |
key_free(k); |
return NULL; |
return NULL; |
} |
} |
return k; |
keys = xmalloc((nkeys+1) * sizeof(Key *)); |
|
|
|
n = key_new(KEY_RSA1); |
|
BN_copy(n->rsa->n, k->rsa->n); |
|
BN_copy(n->rsa->e, k->rsa->e); |
|
RSA_set_method(n->rsa, sc_get_rsa()); |
|
n->flags |= KEY_FLAG_EXT; |
|
keys[0] = n; |
|
|
|
n = key_new(KEY_RSA); |
|
BN_copy(n->rsa->n, k->rsa->n); |
|
BN_copy(n->rsa->e, k->rsa->e); |
|
RSA_set_method(n->rsa, sc_get_rsa()); |
|
n->flags |= KEY_FLAG_EXT; |
|
keys[1] = n; |
|
|
|
keys[2] = NULL; |
|
|
|
key_free(k); |
|
return keys; |
} |
} |
|
|
#define NUM_RSA_KEY_ELEMENTS 5+1 |
#define NUM_RSA_KEY_ELEMENTS 5+1 |