version 1.4, 2001/07/02 22:40:17 |
version 1.5, 2001/07/04 23:13:09 |
|
|
#define MAX_BUF_SIZE 256 |
#define MAX_BUF_SIZE 256 |
|
|
static int sc_fd = -1; |
static int sc_fd = -1; |
static int sc_reader_num = 0; |
static int sc_reader_num = -1; |
static int cla = 0x00; /* class */ |
static int cla = 0x00; /* class */ |
|
|
/* interface to libsectok */ |
/* interface to libsectok */ |
|
|
static int |
static int |
sc_open(int num) |
sc_open(void) |
{ |
{ |
u_char atr[256]; |
u_char atr[256]; |
int sw; |
int sw; |
|
|
if (sc_fd >= 0) |
if (sc_fd >= 0) |
return sc_fd; |
return sc_fd; |
sc_reader_num = num; |
|
|
|
sc_fd = sectok_open(sc_reader_num, 0, NULL); |
sc_fd = sectok_open(sc_reader_num, 0, &sw); |
if (sc_fd < 0) { |
if (sc_fd < 0) { |
error("sectok_open failed %d", sc_fd); |
error("sectok_open failed: %s", sectok_get_sw(sw)); |
return sc_fd; |
return -1; |
} |
} |
if (sectok_reset(sc_fd, 0, atr, &sw) <= 0) { |
if (sectok_reset(sc_fd, 0, atr, &sw) <= 0) { |
error("sectok_reset failed: %s", sectok_get_sw(sw)); |
error("sectok_reset failed: %s", sectok_get_sw(sw)); |
sc_fd = -1; |
sc_fd = -1; |
return sc_fd; |
return sc_fd; |
} |
} |
|
|
debug("sc_open ok %d", sc_fd); |
debug("sc_open ok %d", sc_fd); |
return sc_fd; |
return sc_fd; |
} |
} |
|
|
if (sectok_selectfile(sc_fd, cla, root_fid, &sw) < 0) { |
if (sectok_selectfile(sc_fd, cla, root_fid, &sw) < 0) { |
error("sectok_selectfile root_fid failed: %s", |
error("sectok_selectfile root_fid failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
|
sc_close(); |
return -1; |
return -1; |
} |
} |
if (sectok_selectfile(sc_fd, cla, contID, &sw) < 0) { |
if (sectok_selectfile(sc_fd, cla, contID, &sw) < 0) { |
error("sectok_selectfile failed: %s", sectok_get_sw(sw)); |
error("sectok_selectfile failed: %s", sectok_get_sw(sw)); |
|
sc_close(); |
return -1; |
return -1; |
} |
} |
/* send appled id */ |
/* send appled id */ |
|
|
sectok_apdu(sc_fd, cla, 0xa4, 0x04, 0, aid_len, aid, 0, NULL, &sw); |
sectok_apdu(sc_fd, cla, 0xa4, 0x04, 0, aid_len, aid, 0, NULL, &sw); |
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sectok_apdu failed: %s", sectok_get_sw(sw)); |
error("sectok_apdu failed: %s", sectok_get_sw(sw)); |
|
sc_close(); |
return -1; |
return -1; |
} |
} |
return 0; |
return 0; |
} |
} |
|
|
static int |
static int |
|
sc_init(void) |
|
{ |
|
if (sc_open() < 0) { |
|
error("sc_open failed"); |
|
return -1; |
|
} |
|
if (sc_enable_applet() < 0) { |
|
error("sc_enable_applet failed"); |
|
return -1; |
|
} |
|
return 0; |
|
} |
|
|
|
static int |
sc_read_pubkey(Key * k) |
sc_read_pubkey(Key * k) |
{ |
{ |
u_char buf[2], *n; |
u_char buf[2], *n; |
|
|
|
|
len = sw = 0; |
len = sw = 0; |
|
|
|
if (sc_fd < 0) |
|
if (sc_init() < 0) |
|
return -1; |
|
|
/* get key size */ |
/* get key size */ |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, |
sizeof(buf), buf, &sw); |
sizeof(buf), buf, &sw); |
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("could not obtain key length: %s", sectok_get_sw(sw)); |
error("could not obtain key length: %s", sectok_get_sw(sw)); |
|
sc_close(); |
return -1; |
return -1; |
} |
} |
len = (buf[0] << 8) | buf[1]; |
len = (buf[0] << 8) | buf[1]; |
|
|
if (BN_bin2bn(n, len, k->rsa->n) == NULL) { |
if (BN_bin2bn(n, len, k->rsa->n) == NULL) { |
error("c_read_pubkey: BN_bin2bn failed"); |
error("c_read_pubkey: BN_bin2bn failed"); |
xfree(n); |
xfree(n); |
|
sc_close(); |
return -1; |
return -1; |
} |
} |
xfree(n); |
xfree(n); |
|
|
debug("sc_private_decrypt called"); |
debug("sc_private_decrypt called"); |
|
|
olen = len = sw = 0; |
olen = len = sw = 0; |
|
if (sc_fd < 0) |
|
if (sc_init() < 0) |
|
goto err; |
if (padding != RSA_PKCS1_PADDING) |
if (padding != RSA_PKCS1_PADDING) |
goto err; |
goto err; |
|
|
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
|
sc_close(); |
goto err; |
goto err; |
} |
} |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
|
sc_close(); |
goto err; |
goto err; |
} |
} |
olen = RSA_padding_check_PKCS1_type_2(to, len, padded + 1, len - 1, |
olen = RSA_padding_check_PKCS1_type_2(to, len, padded + 1, len - 1, |
|
|
int sw, len; |
int sw, len; |
|
|
len = sw = 0; |
len = sw = 0; |
|
if (sc_fd < 0) |
|
if (sc_init() < 0) |
|
goto err; |
if (padding != RSA_PKCS1_PADDING) |
if (padding != RSA_PKCS1_PADDING) |
goto err; |
goto err; |
|
|
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
error("sc_private_decrypt: INS_DECRYPT failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
|
sc_close(); |
goto err; |
goto err; |
} |
} |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
|
|
if (!sectok_swOK(sw)) { |
if (!sectok_swOK(sw)) { |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
sectok_get_sw(sw)); |
sectok_get_sw(sw)); |
|
sc_close(); |
goto err; |
goto err; |
} |
} |
err: |
err: |
|
|
return smart_engine; |
return smart_engine; |
} |
} |
|
|
|
void |
|
sc_close(void) |
|
{ |
|
if (sc_fd >= 0) { |
|
sectok_close(sc_fd); |
|
sc_fd = -1; |
|
} |
|
} |
|
|
Key * |
Key * |
sc_get_key(int sc_reader_num) |
sc_get_key(int num) |
{ |
{ |
Key *k; |
Key *k; |
|
|
if (sc_open(sc_reader_num) < 0) { |
sc_reader_num = num; |
error("sc_open failed"); |
|
return NULL; |
|
} |
|
if (sc_enable_applet() < 0) { |
|
error("sc_enable_applet failed"); |
|
return NULL; |
|
} |
|
k = key_new(KEY_RSA); |
k = key_new(KEY_RSA); |
if (k == NULL) { |
if (k == NULL) { |
return NULL; |
return NULL; |
|
|
return NULL; |
return NULL; |
} |
} |
return k; |
return k; |
|
sc_close(); |
} |
} |
#endif |
#endif |