|
Lines 38-43
Link Here
|
| 38 |
#include "readpass.h" |
38 |
#include "readpass.h" |
| 39 |
#include "scard.h" |
39 |
#include "scard.h" |
| 40 |
|
40 |
|
|
|
41 |
int ask_for_pin=0; |
| 42 |
|
| 41 |
#if OPENSSL_VERSION_NUMBER < 0x00907000L && defined(CRYPTO_LOCK_ENGINE) |
43 |
#if OPENSSL_VERSION_NUMBER < 0x00907000L && defined(CRYPTO_LOCK_ENGINE) |
| 42 |
#define USE_ENGINE |
44 |
#define USE_ENGINE |
| 43 |
#define RSA_get_default_method RSA_get_default_openssl_method |
45 |
#define RSA_get_default_method RSA_get_default_openssl_method |
|
Lines 119-124
Link Here
|
| 119 |
struct sc_pkcs15_prkey_info *key; |
121 |
struct sc_pkcs15_prkey_info *key; |
| 120 |
struct sc_pkcs15_object *pin_obj; |
122 |
struct sc_pkcs15_object *pin_obj; |
| 121 |
struct sc_pkcs15_pin_info *pin; |
123 |
struct sc_pkcs15_pin_info *pin; |
|
|
124 |
char *passphrase = NULL; |
| 122 |
|
125 |
|
| 123 |
priv = (struct sc_priv_data *) RSA_get_app_data(rsa); |
126 |
priv = (struct sc_priv_data *) RSA_get_app_data(rsa); |
| 124 |
if (priv == NULL) |
127 |
if (priv == NULL) |
|
Lines 156-179
Link Here
|
| 156 |
goto err; |
159 |
goto err; |
| 157 |
} |
160 |
} |
| 158 |
pin = pin_obj->data; |
161 |
pin = pin_obj->data; |
|
|
162 |
|
| 163 |
if (sc_pin) |
| 164 |
passphrase = sc_pin; |
| 165 |
else if (ask_for_pin) { |
| 166 |
/* we need a pin but don't have one => ask for the pin */ |
| 167 |
char prompt[64]; |
| 168 |
|
| 169 |
snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ", |
| 170 |
key_obj->label ? key_obj->label : "smartcard key"); |
| 171 |
passphrase = read_passphrase(prompt, 0); |
| 172 |
if (!passphrase || !strcmp(passphrase, "")) |
| 173 |
goto err; |
| 174 |
} else |
| 175 |
/* no pin => error */ |
| 176 |
goto err; |
| 177 |
|
| 159 |
r = sc_lock(card); |
178 |
r = sc_lock(card); |
| 160 |
if (r) { |
179 |
if (r) { |
| 161 |
error("Unable to lock smartcard: %s", sc_strerror(r)); |
180 |
error("Unable to lock smartcard: %s", sc_strerror(r)); |
| 162 |
goto err; |
181 |
goto err; |
| 163 |
} |
182 |
} |
| 164 |
if (sc_pin != NULL) { |
183 |
r = sc_pkcs15_verify_pin(p15card, pin, passphrase, |
| 165 |
r = sc_pkcs15_verify_pin(p15card, pin, sc_pin, |
184 |
strlen(passphrase)); |
| 166 |
strlen(sc_pin)); |
185 |
if (r) { |
| 167 |
if (r) { |
186 |
sc_unlock(card); |
| 168 |
sc_unlock(card); |
187 |
error("PIN code verification failed: %s", |
| 169 |
error("PIN code verification failed: %s", |
188 |
sc_strerror(r)); |
| 170 |
sc_strerror(r)); |
189 |
goto err; |
| 171 |
goto err; |
|
|
| 172 |
} |
| 173 |
} |
190 |
} |
|
|
191 |
|
| 174 |
*key_obj_out = key_obj; |
192 |
*key_obj_out = key_obj; |
|
|
193 |
if (!sc_pin) { |
| 194 |
memset(passphrase, 0, strlen(passphrase)); |
| 195 |
xfree(passphrase); |
| 196 |
} |
| 175 |
return 0; |
197 |
return 0; |
| 176 |
err: |
198 |
err: |
|
|
199 |
if (!sc_pin && passphrase) { |
| 200 |
memset(passphrase, 0, strlen(passphrase)); |
| 201 |
xfree(passphrase); |
| 202 |
} |
| 177 |
sc_close(); |
203 |
sc_close(); |
| 178 |
return -1; |
204 |
return -1; |
| 179 |
} |
205 |
} |