Diff

Differences From Artifact [ab26d90d17]:

To Artifact [4487b6bfe2]:


  1785   1785    *
  1786   1786    * RETURN VALUE
  1787   1787    *     ...
  1788   1788    *
  1789   1789    * NOTES
  1790   1790    *     ...
  1791   1791    *
         1792  + */
         1793  +static ssize_t cackey_signdecrypt(struct cackey_slot *slot, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen) {
         1794  +	cackey_ret send_ret;
         1795  +
         1796  +	CACKEY_DEBUG_PRINTF("Called.");
         1797  +
         1798  +	if (buflen > 255) {
         1799  +		CACKEY_DEBUG_PRINTF("Error.  buflen is greater than 255 (buflen = %lu)", (unsigned long) buflen);
         1800  +
         1801  +		return(-1);
         1802  +	}
         1803  +
         1804  +	if (outbuflen > 255) {
         1805  +		CACKEY_DEBUG_PRINTF("Error.  outbuflen is grater than 255 (outbuflen = %lu)", (unsigned long) outbuflen);
         1806  +
         1807  +		return(-1);
         1808  +	}
         1809  +
         1810  +	if (slot == NULL) {
         1811  +		CACKEY_DEBUG_PRINTF("Error.  slot is NULL");
         1812  +
         1813  +		return(-1);
         1814  +	}
         1815  +
         1816  +	if (buf == NULL) {
         1817  +		CACKEY_DEBUG_PRINTF("Error.  buf is NULL");
         1818  +
         1819  +		return(-1);
         1820  +	}
         1821  +
         1822  +	if (outbuf == NULL) {
         1823  +		CACKEY_DEBUG_PRINTF("Error.  outbuf is NULL");
         1824  +
         1825  +		return(-1);
         1826  +	}
         1827  +
         1828  +	send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, 0x00, 0x00, buflen, buf, outbuflen, NULL, outbuf, &outbuflen);
         1829  +	if (send_ret != CACKEY_PCSC_S_OK) {
         1830  +		CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
         1831  +
         1832  +		return(-1);
         1833  +	}
         1834  +
         1835  +	CACKEY_DEBUG_PRINTF("Returning in success.");
         1836  +
         1837  +	return(outbuflen);
         1838  +}
         1839  +
         1840  +/*
         1841  + * SYNPOSIS
         1842  + *     ...
         1843  + *
         1844  + * ARGUMENTS
         1845  + *     ...
         1846  + *
         1847  + * RETURN VALUE
         1848  + *     ...
         1849  + *
         1850  + * NOTES
         1851  + *     ...
         1852  + *
  1792   1853    */
  1793   1854   static cackey_ret cackey_login(struct cackey_slot *slot, unsigned char *pin, unsigned long pin_len, int *tries_remaining_p) {
  1794   1855   	unsigned char cac_pin[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
  1795   1856   	uint16_t response_code;
  1796   1857   	int tries_remaining;
  1797   1858   	int send_ret;
  1798   1859   
................................................................................
  4198   4259   		CACKEY_DEBUG_PRINTF("Error.  Decrypt not active.");
  4199   4260   		
  4200   4261   		return(CKR_OPERATION_NOT_INITIALIZED);
  4201   4262   	}
  4202   4263   
  4203   4264   	switch (cackey_sessions[hSession].decrypt_mechanism) {
  4204   4265   		case CKM_RSA_PKCS:
  4205         -			buflen = -1;
  4206         -
  4207         -			/* XXX: Ask card to decrypt */
         4266  +			/* Ask card to decrypt */
         4267  +			buflen = cackey_signdecrypt(&cackey_slots[cackey_sessions[hSession].slotID], pEncryptedPart, ulEncryptedPartLen, buf, sizeof(buf));
  4208   4268   
  4209   4269   			if (buflen < 0) {
  4210   4270   				/* Decryption failed. */
  4211   4271   				retval = CKR_GENERAL_ERROR;
  4212   4272   			} else if (((unsigned long) buflen) > *pulPartLen && pPart) {
  4213   4273   				/* Decrypted data too large */
  4214   4274   				retval = CKR_BUFFER_TOO_SMALL;
................................................................................
  4631   4691   		CACKEY_DEBUG_PRINTF("Error.  Sign not active.");
  4632   4692   		
  4633   4693   		return(CKR_OPERATION_NOT_INITIALIZED);
  4634   4694   	}
  4635   4695   
  4636   4696   	switch (cackey_sessions[hSession].sign_mechanism) {
  4637   4697   		case CKM_RSA_PKCS:
  4638         -			sigbuflen = -1;
  4639         -
  4640         -			/* XXX: Ask card to sign */
         4698  +			/* Ask card to sign */
         4699  +			sigbuflen = cackey_signdecrypt(&cackey_slots[cackey_sessions[hSession].slotID], cackey_sessions[hSession].sign_buf, cackey_sessions[hSession].sign_buflen, sigbuf, sizeof(sigbuf));
  4641   4700   
  4642   4701   			if (sigbuflen < 0) {
  4643   4702   				/* Signing failed. */
  4644   4703   				retval = CKR_GENERAL_ERROR;
  4645   4704   			} else if (((unsigned long) sigbuflen) > *pulSignatureLen && pSignature) {
  4646   4705   				/* Signed data too large */
  4647   4706   				retval = CKR_BUFFER_TOO_SMALL;