Overview
| Comment: | Updated to use unified return codes |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 123c71d9463b9c002d18669f999b4e8a7f9108b6 |
| User & Date: | rkeene on 2010-05-13 18:22:56 |
| Other Links: | manifest | tags |
Context
|
2010-05-13
| ||
| 18:24 | Fixed issues with PIN handling check-in: 780bd59a25 user: rkeene tags: trunk | |
| 18:22 | Updated to use unified return codes check-in: 123c71d946 user: rkeene tags: trunk | |
| 16:19 | Updated to determine subject from certificate check-in: 5534d640e4 user: rkeene tags: trunk | |
Changes
Modified cackey.c from [cf1bec3529] to [65f29eb7d2].
505 505 CACKEY_TLV_OBJID_CAC_BENEFITS = 0x0202, 506 506 CACKEY_TLV_OBJID_CAC_OTHERBENEFITS = 0x0203, 507 507 CACKEY_TLV_OBJID_CAC_PERSONNEL = 0x0201, 508 508 CACKEY_TLV_OBJID_CAC_PKICERT = 0x02FE 509 509 } cackey_tlv_objectid; 510 510 511 511 typedef enum { 512 - CACKEY_LOGIN_OK = 0, 513 - CACKEY_LOGIN_BADPIN = -1, 514 - CACKEY_LOGIN_LOCKED = -2 515 -} cackey_login_ret; 512 + CACKEY_PCSC_S_TOKENPRESENT = 2, 513 + CACKEY_PCSC_S_TOKENABSENT = 1, 514 + CACKEY_PCSC_S_OK = 0, 515 + CACKEY_PCSC_E_GENERIC = -1, 516 + CACKEY_PCSC_E_BADPIN = -2, 517 + CACKEY_PCSC_E_LOCKED = -3, 518 +} cackey_ret; 516 519 517 520 struct cackey_tlv_cardurl { 518 521 unsigned char rid[5]; 519 522 cackey_tlv_apptype apptype; 520 523 cackey_tlv_objectid objectid; 521 524 cackey_tlv_objectid appid; 522 525 unsigned char pinid; ................................................................................ 599 602 } 600 603 601 604 CACKEY_DEBUG_PRINTF("Returning"); 602 605 603 606 return; 604 607 } 605 608 606 -static int cackey_pcsc_connect(void) { 609 +static cackey_ret cackey_pcsc_connect(void) { 607 610 LONG scard_est_context_ret; 608 611 #ifdef HAVE_SCARDISVALIDCONTEXT 609 612 LONG scard_isvalid_ret; 610 613 #endif 611 614 612 615 CACKEY_DEBUG_PRINTF("Called."); 613 616 ................................................................................ 614 617 if (cackey_pcsc_handle == NULL) { 615 618 cackey_pcsc_handle = malloc(sizeof(*cackey_pcsc_handle)); 616 619 if (cackey_pcsc_handle == NULL) { 617 620 CACKEY_DEBUG_PRINTF("Call to malloc() failed, returning in failure"); 618 621 619 622 cackey_slots_disconnect_all(); 620 623 621 - return(-1); 624 + return(CACKEY_PCSC_E_GENERIC); 622 625 } 623 626 624 627 CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); 625 628 scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); 626 629 if (scard_est_context_ret != SCARD_S_SUCCESS) { 627 630 CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); 628 631 629 632 free(cackey_pcsc_handle); 630 633 631 634 cackey_slots_disconnect_all(); 632 635 633 - return(-1); 636 + return(CACKEY_PCSC_E_GENERIC); 634 637 } 635 638 } 636 639 637 640 #ifdef HAVE_SCARDISVALIDCONTEXT 638 641 CACKEY_DEBUG_PRINTF("SCardIsValidContext() called"); 639 642 scard_isvalid_ret = SCardIsValidContext(*cackey_pcsc_handle); 640 643 if (scard_isvalid_ret != SCARD_S_SUCCESS) { ................................................................................ 645 648 if (scard_est_context_ret != SCARD_S_SUCCESS) { 646 649 CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); 647 650 648 651 free(cackey_pcsc_handle); 649 652 650 653 cackey_slots_disconnect_all(); 651 654 652 - return(-1); 655 + return(CACKEY_PCSC_E_GENERIC); 653 656 } 654 657 655 658 CACKEY_DEBUG_PRINTF("Handle has been re-established"); 656 659 } 657 660 #endif 658 661 659 662 CACKEY_DEBUG_PRINTF("Sucessfully connected to PC/SC, returning in success"); 660 663 661 - return(0); 664 + return(CACKEY_PCSC_S_OK); 662 665 } 663 666 664 667 /* APDU Related Functions */ 665 668 /** Le = 0x00 to indicate not to send Le **/ 666 -static int cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) { 669 +static cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) { 667 670 uint8_t major_rc, minor_rc; 668 671 size_t bytes_to_copy, tmp_respdata_len; 669 672 DWORD protocol; 670 673 DWORD xmit_len, recv_len; 671 674 LONG scard_conn_ret, scard_xmit_ret, scard_reconn_ret; 672 675 BYTE xmit_buf[1024], recv_buf[1024]; 673 676 int pcsc_connect_ret, pcsc_getresp_ret; ................................................................................ 674 677 int idx; 675 678 676 679 CACKEY_DEBUG_PRINTF("Called."); 677 680 678 681 if (!slot) { 679 682 CACKEY_DEBUG_PRINTF("Invalid slot specified."); 680 683 681 - return(-1); 684 + return(CACKEY_PCSC_E_GENERIC); 682 685 } 683 686 684 687 pcsc_connect_ret = cackey_pcsc_connect(); 685 - if (pcsc_connect_ret < 0) { 688 + if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { 686 689 CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, returning in failure"); 687 690 688 - return(-1); 691 + return(CACKEY_PCSC_E_GENERIC); 689 692 } 690 693 691 694 /* Connect to reader, if needed */ 692 695 if (!slot->pcsc_card_connected) { 693 696 CACKEY_DEBUG_PRINTF("SCardConnect(%s) called", slot->pcsc_reader); 694 697 scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &slot->pcsc_card, &protocol); 695 698 696 699 if (scard_conn_ret != SCARD_S_SUCCESS) { 697 700 CACKEY_DEBUG_PRINTF("Connection to card failed, returning in failure (SCardConnect() = %s/%li)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_conn_ret), (long) scard_conn_ret); 698 701 699 - return(-1); 702 + return(CACKEY_PCSC_E_GENERIC); 700 703 } 701 704 702 705 slot->pcsc_card_connected = 1; 703 706 } 704 707 705 708 /* Transmit */ 706 709 xmit_len = 0; ................................................................................ 736 739 737 740 if (scard_xmit_ret != SCARD_S_SUCCESS) { 738 741 CACKEY_DEBUG_PRINTF("Retransmit failed, returning in failure after disconnecting the card (SCardTransmit = %s/%li)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (long) scard_xmit_ret); 739 742 740 743 SCardDisconnect(slot->pcsc_card, SCARD_RESET_CARD); 741 744 slot->pcsc_card_connected = 0; 742 745 743 - return(-1); 746 + return(CACKEY_PCSC_E_GENERIC); 744 747 } 745 748 } else { 746 749 CACKEY_DEBUG_PRINTF("Disconnecting card"); 747 750 748 751 SCardDisconnect(slot->pcsc_card, SCARD_RESET_CARD); 749 752 slot->pcsc_card_connected = 0; 750 753 751 754 CACKEY_DEBUG_PRINTF("Returning in failure"); 752 - return(-1); 755 + return(CACKEY_PCSC_E_GENERIC); 753 756 } 754 757 } else { 755 758 CACKEY_DEBUG_PRINTF("Disconnecting card"); 756 759 757 760 SCardDisconnect(slot->pcsc_card, SCARD_RESET_CARD); 758 761 slot->pcsc_card_connected = 0; 759 762 760 763 CACKEY_DEBUG_PRINTF("Returning in failure"); 761 - return(-1); 764 + return(CACKEY_PCSC_E_GENERIC); 762 765 } 763 766 } 764 767 765 768 CACKEY_DEBUG_PRINTBUF("Returned Value:", recv_buf, recv_len); 766 769 767 770 if (recv_len < 2) { 768 771 /* Minimal response length is 2 bytes, returning in failure */ 769 772 CACKEY_DEBUG_PRINTF("Response too small, returning in failure (recv_len = %lu)", (unsigned long) recv_len); 770 773 771 - return(-1); 774 + return(CACKEY_PCSC_E_GENERIC); 772 775 } 773 776 774 777 /* Determine result code */ 775 778 major_rc = recv_buf[recv_len - 2]; 776 779 minor_rc = recv_buf[recv_len - 1]; 777 780 if (respcode) { 778 781 *respcode = (major_rc << 8) | minor_rc; ................................................................................ 806 809 } 807 810 808 811 if (major_rc == 0x61) { 809 812 /* We need to READ */ 810 813 CACKEY_DEBUG_PRINTF("Buffer read required"); 811 814 812 815 pcsc_getresp_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_GET_RESPONSE, 0x00, 0x00, 0, NULL, minor_rc, respcode, respdata, &tmp_respdata_len); 813 - if (pcsc_getresp_ret < 0) { 816 + if (pcsc_getresp_ret != CACKEY_PCSC_S_OK) { 814 817 CACKEY_DEBUG_PRINTF("Buffer read failed! Returning in failure"); 815 818 816 - return(-1); 819 + return(CACKEY_PCSC_E_GENERIC); 817 820 } 818 821 819 822 if (respdata_len) { 820 823 *respdata_len += tmp_respdata_len; 821 824 } 822 825 823 826 CACKEY_DEBUG_PRINTF("Returning in success (buffer read complete)"); 824 - return(0); 827 + return(CACKEY_PCSC_S_OK); 825 828 } 826 829 827 830 if (major_rc == 0x90) { 828 831 /* Success */ 829 832 CACKEY_DEBUG_PRINTF("Returning in success (major_rc = 0x90)"); 830 833 831 - return(0); 834 + return(CACKEY_PCSC_S_OK); 832 835 } 833 836 834 837 835 838 CACKEY_DEBUG_PRINTF("APDU Returned an error, returning in failure"); 836 839 837 - return(-1); 840 + return(CACKEY_PCSC_E_GENERIC); 838 841 } 839 842 840 843 static ssize_t cackey_read_buffer(struct cackey_slot *slot, unsigned char *buffer, size_t count, unsigned char t_or_v, size_t initial_offset) { 841 844 size_t offset = 0, max_offset, max_count; 842 845 unsigned char cmd[2]; 843 846 uint16_t respcode; 844 847 int send_ret; ................................................................................ 861 864 if (count > max_count) { 862 865 count = max_count; 863 866 } 864 867 865 868 cmd[1] = count; 866 869 867 870 send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_READ_BUFFER, ((initial_offset + offset) >> 8) & 0xff, (initial_offset + offset) & 0xff, sizeof(cmd), cmd, 0x00, &respcode, buffer + offset, &count); 868 - if (send_ret < 0) { 871 + if (send_ret != CACKEY_PCSC_S_OK) { 869 872 if (respcode == 0x6A86) { 870 873 if (max_count == 1) { 871 874 break; 872 875 } 873 876 874 877 max_count = max_count / 2; 875 878 ................................................................................ 891 894 } 892 895 893 896 CACKEY_DEBUG_PRINTF("Returning in success, read %lu bytes", (unsigned long) offset); 894 897 895 898 return(offset); 896 899 } 897 900 898 -static int cackey_select_applet(struct cackey_slot *slot, unsigned char *aid, size_t aid_len) { 901 +static cackey_ret cackey_select_applet(struct cackey_slot *slot, unsigned char *aid, size_t aid_len) { 899 902 int send_ret; 900 903 901 904 CACKEY_DEBUG_PRINTF("Called."); 902 905 903 906 CACKEY_DEBUG_PRINTBUF("Selecting applet:", aid, aid_len); 904 907 905 908 send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_SELECT, GSCIS_PARAM_SELECT_APPLET, 0x0C, aid_len, aid, 0x00, NULL, NULL, NULL); 906 - if (send_ret < 0) { 909 + if (send_ret != CACKEY_PCSC_S_OK) { 907 910 CACKEY_DEBUG_PRINTF("Failed to open applet, returning in failure"); 908 911 909 - return(-1); 912 + return(CACKEY_PCSC_E_GENERIC); 910 913 } 911 914 912 915 CACKEY_DEBUG_PRINTF("Successfully selected file"); 913 916 914 - return(0); 917 + return(CACKEY_PCSC_S_OK); 915 918 } 916 919 917 -static int cackey_select_file(struct cackey_slot *slot, uint16_t ef) { 920 +static cackey_ret cackey_select_file(struct cackey_slot *slot, uint16_t ef) { 918 921 unsigned char fid_buf[2]; 919 922 int send_ret; 920 923 921 924 CACKEY_DEBUG_PRINTF("Called."); 922 925 923 926 /* Open the elementary file */ 924 927 fid_buf[0] = (ef >> 8) & 0xff; 925 928 fid_buf[1] = ef & 0xff; 926 929 927 930 CACKEY_DEBUG_PRINTF("Selecting file: %04lx", (unsigned long) ef); 928 931 929 932 send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_SELECT, 0x02, 0x0C, sizeof(fid_buf), fid_buf, 0x00, NULL, NULL, NULL); 930 - if (send_ret < 0) { 933 + if (send_ret != CACKEY_PCSC_S_OK) { 931 934 CACKEY_DEBUG_PRINTF("Failed to open file, returning in failure"); 932 935 933 - return(-1); 936 + return(CACKEY_PCSC_E_GENERIC); 934 937 } 935 938 936 939 CACKEY_DEBUG_PRINTF("Successfully selected file"); 937 940 938 - return(0); 941 + return(CACKEY_PCSC_S_OK); 939 942 } 940 943 941 944 static void cackey_free_tlv(struct cackey_tlv_entity *root) { 942 945 struct cackey_tlv_entity *curr, *next; 943 946 944 947 if (root == NULL) { 945 948 return; ................................................................................ 1167 1170 certs_resizable = 1; 1168 1171 } else { 1169 1172 certs_resizable = 0; 1170 1173 } 1171 1174 1172 1175 /* Select the CCC Applet */ 1173 1176 send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); 1174 - if (send_ret < 0) { 1177 + if (send_ret != CACKEY_PCSC_S_OK) { 1175 1178 CACKEY_DEBUG_PRINTF("Unable to select CCC Applet, returning in failure"); 1176 1179 1177 1180 return(NULL); 1178 1181 } 1179 1182 1180 1183 /* Read all the applets from the CCC's TLV */ 1181 1184 ccc_tlv = cackey_read_tlv(slot); ................................................................................ 1202 1205 1203 1206 memcpy(curr_aid, ccc_curr->value_cardurl->rid, sizeof(ccc_curr->value_cardurl->rid)); 1204 1207 curr_aid[sizeof(curr_aid) - 2] = (ccc_curr->value_cardurl->appid >> 8) & 0xff; 1205 1208 curr_aid[sizeof(curr_aid) - 1] = ccc_curr->value_cardurl->appid & 0xff; 1206 1209 1207 1210 /* Select found applet ... */ 1208 1211 select_ret = cackey_select_applet(slot, curr_aid, sizeof(curr_aid)); 1209 - if (select_ret < 0) { 1212 + if (select_ret != CACKEY_PCSC_S_OK) { 1210 1213 CACKEY_DEBUG_PRINTF("Failed to select applet, skipping processing of this object"); 1211 1214 1212 1215 continue; 1213 1216 } 1214 1217 1215 1218 /* ... and object (file) */ 1216 1219 select_ret = cackey_select_file(slot, ccc_curr->value_cardurl->objectid); 1217 - if (select_ret < 0) { 1220 + if (select_ret != CACKEY_PCSC_S_OK) { 1218 1221 CACKEY_DEBUG_PRINTF("Failed to select file, skipping processing of this object"); 1219 1222 1220 1223 continue; 1221 1224 } 1222 1225 1223 1226 /* Process this file's TLV looking for certificates */ 1224 1227 app_tlv = cackey_read_tlv(slot); ................................................................................ 1267 1270 if (certs_resizable) { 1268 1271 certs = realloc(certs, sizeof(*certs) * (*count)); 1269 1272 } 1270 1273 1271 1274 return(certs); 1272 1275 } 1273 1276 1274 -static int cackey_login(struct cackey_slot *slot, unsigned char *pin, unsigned long pin_len, int *tries_remaining_p) { 1277 +static cackey_ret cackey_login(struct cackey_slot *slot, unsigned char *pin, unsigned long pin_len, int *tries_remaining_p) { 1275 1278 uint16_t response_code; 1276 1279 int tries_remaining; 1277 1280 int send_ret; 1278 1281 1279 1282 /* Indicate that we do not know about how many tries are remaining */ 1280 1283 if (tries_remaining_p) { 1281 1284 *tries_remaining_p = -1; 1282 1285 } 1283 1286 1284 1287 /* Issue PIN Verify */ 1285 1288 send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_VERIFY, 0x00, 0x00, pin_len, pin, 0x00, &response_code, NULL, NULL); 1286 - if (send_ret < 0) { 1289 + if (send_ret != CACKEY_PCSC_S_OK) { 1287 1290 if ((response_code & 0x63C0) == 0x63C0) { 1288 1291 tries_remaining = (response_code & 0xF); 1289 1292 1290 1293 CACKEY_DEBUG_PRINTF("PIN Verification failed, %i tries remaining", tries_remaining); 1291 1294 1292 1295 if (tries_remaining_p) { 1293 1296 *tries_remaining_p = tries_remaining; 1294 1297 } 1298 + 1299 + return(CACKEY_PCSC_E_BADPIN); 1295 1300 } 1296 1301 1297 1302 if (response_code == 0x6983) { 1298 - return(CACKEY_LOGIN_LOCKED); 1299 - } else { 1300 - return(CACKEY_LOGIN_BADPIN); 1303 + CACKEY_DEBUG_PRINTF("PIN Verification failed, device is locked"); 1304 + 1305 + return(CACKEY_PCSC_E_LOCKED); 1301 1306 } 1307 + 1308 + return(CACKEY_PCSC_E_GENERIC); 1302 1309 } 1303 1310 1304 - return(CACKEY_LOGIN_OK); 1311 + CACKEY_DEBUG_PRINTF("PIN Verification succeeded"); 1312 + 1313 + return(CACKEY_PCSC_S_OK); 1305 1314 } 1306 1315 1307 1316 /* Returns 1 if a token is in the specified slot, 0 otherwise */ 1308 -static int cackey_token_present(struct cackey_slot *slot) { 1317 +static cackey_ret cackey_token_present(struct cackey_slot *slot) { 1309 1318 unsigned char ccc_aid[] = {GSCIS_AID_CCC}; 1310 1319 int send_ret; 1311 1320 1312 1321 /* Select the CCC Applet */ 1313 1322 send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); 1314 - if (send_ret < 0) { 1315 - return(0); 1323 + if (send_ret != CACKEY_PCSC_S_OK) { 1324 + return(CACKEY_PCSC_S_TOKENABSENT); 1316 1325 } 1317 1326 1318 - return(1); 1327 + return(CACKEY_PCSC_S_TOKENPRESENT); 1319 1328 } 1320 1329 1321 1330 /* Returns 0 on success */ 1322 1331 static int cackey_mutex_create(void **mutex) { 1323 1332 pthread_mutex_t *pthread_mutex; 1324 1333 int pthread_retval; 1325 1334 CK_RV custom_retval; ................................................................................ 1961 1970 1962 1971 cackey_slots[currslot].active = 0; 1963 1972 } 1964 1973 } 1965 1974 1966 1975 /* Determine list of readers */ 1967 1976 pcsc_connect_ret = cackey_pcsc_connect(); 1968 - if (pcsc_connect_ret < 0) { 1977 + if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { 1969 1978 CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, assuming no slots"); 1970 1979 1971 1980 slot_count = 0; 1972 1981 } else { 1973 1982 pcsc_readers_len = 0; 1974 1983 1975 1984 scard_listreaders_ret = SCardListReaders(*cackey_pcsc_handle, NULL, NULL, &pcsc_readers_len); ................................................................................ 2099 2108 if (sizeof(pInfo->manufacturerID) < bytes_to_copy) { 2100 2109 bytes_to_copy = sizeof(pInfo->manufacturerID); 2101 2110 } 2102 2111 memcpy(pInfo->manufacturerID, cackey_slots[slotID].pcsc_reader, bytes_to_copy); 2103 2112 2104 2113 pInfo->flags = 0; 2105 2114 2106 - if (cackey_token_present(&cackey_slots[slotID])) { 2115 + if (cackey_token_present(&cackey_slots[slotID]) == CACKEY_PCSC_S_TOKENPRESENT) { 2107 2116 pInfo->flags |= CKF_TOKEN_PRESENT; 2108 2117 } 2109 2118 2110 2119 pInfo->hardwareVersion.major = (cackey_getversion() >> 16) & 0xff; 2111 2120 pInfo->hardwareVersion.minor = (cackey_getversion() >> 8) & 0xff; 2112 2121 2113 2122 pInfo->firmwareVersion.major = 0x00; ................................................................................ 2145 2154 2146 2155 if (!cackey_initialized) { 2147 2156 CACKEY_DEBUG_PRINTF("Error. Not initialized."); 2148 2157 2149 2158 return(CKR_CRYPTOKI_NOT_INITIALIZED); 2150 2159 } 2151 2160 2152 - if (!cackey_token_present(&cackey_slots[slotID])) { 2161 + if (cackey_token_present(&cackey_slots[slotID]) != CACKEY_PCSC_S_TOKENPRESENT) { 2153 2162 CACKEY_DEBUG_PRINTF("No token is present in slotID = %lu", slotID); 2154 2163 2155 2164 return(CKR_TOKEN_NOT_PRESENT); 2156 2165 } 2157 2166 2158 2167 memset(pInfo->label, ' ', sizeof(pInfo->label)); 2159 2168 if (1) { ................................................................................ 2375 2384 if (!cackey_initialized) { 2376 2385 CACKEY_DEBUG_PRINTF("Error. Not initialized."); 2377 2386 2378 2387 return(CKR_CRYPTOKI_NOT_INITIALIZED); 2379 2388 } 2380 2389 2381 2390 /* Verify that the card is actually in the slot. */ 2382 - if (!cackey_token_present(&cackey_slots[slotID])) { 2391 + if (cackey_token_present(&cackey_slots[slotID]) != CACKEY_PCSC_S_TOKENPRESENT) { 2383 2392 CACKEY_DEBUG_PRINTF("Error. Card not present. Returning CKR_DEVICE_REMOVED"); 2384 2393 2385 2394 return(CKR_DEVICE_REMOVED); 2386 2395 } 2387 2396 2388 2397 mutex_retval = cackey_mutex_lock(cackey_biglock); 2389 2398 if (mutex_retval != 0) { ................................................................................ 2676 2685 2677 2686 CACKEY_DEBUG_PRINTF("Error. Session not active."); 2678 2687 2679 2688 return(CKR_SESSION_HANDLE_INVALID); 2680 2689 } 2681 2690 2682 2691 login_ret = cackey_login(&cackey_slots[cackey_sessions[hSession].slotID], pPin, ulPinLen, NULL); 2683 - if (login_ret != CACKEY_LOGIN_OK) { 2692 + if (login_ret != CACKEY_PCSC_S_OK) { 2684 2693 cackey_mutex_unlock(cackey_biglock); 2685 2694 2686 - if (login_ret == CACKEY_LOGIN_LOCKED) { 2695 + if (login_ret == CACKEY_PCSC_E_LOCKED) { 2687 2696 CACKEY_DEBUG_PRINTF("Error. Token is locked."); 2688 2697 2689 2698 return(CKR_PIN_LOCKED); 2690 - } else { 2699 + } else if (login_ret == CACKEY_PCSC_E_BADPIN) { 2691 2700 CACKEY_DEBUG_PRINTF("Error. Invalid PIN."); 2692 2701 2693 2702 return(CKR_PIN_INCORRECT); 2694 2703 } 2704 + 2705 + CACKEY_DEBUG_PRINTF("Error. Unknown error returned from cackey_login() (%i)", login_ret); 2706 + 2707 + return(CKR_GENERAL_ERROR); 2695 2708 } 2696 2709 2697 2710 cackey_sessions[hSession].state = CKS_RO_USER_FUNCTIONS; 2698 2711 2699 2712 mutex_retval = cackey_mutex_unlock(cackey_biglock); 2700 2713 if (mutex_retval != 0) { 2701 2714 CACKEY_DEBUG_PRINTF("Error. Unlocking failed.");