X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/d2168412e175946480b2bc64d553247e40d23948..HEAD:/scard-opensc.c diff --git a/scard-opensc.c b/scard-opensc.c index 4ab87ea8..36dae05f 100644 --- a/scard-opensc.c +++ b/scard-opensc.c @@ -1,7 +1,7 @@ /* * Copyright (c) 2002 Juha Yrjölä. All rights reserved. * Copyright (c) 2001 Markus Friedl. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -26,16 +26,21 @@ #include "includes.h" #if defined(SMARTCARD) && defined(USE_OPENSC) +#include + #include #include +#include +#include + #include #include #include "key.h" #include "log.h" #include "xmalloc.h" -#include "readpass.h" +#include "misc.h" #include "scard.h" #if OPENSSL_VERSION_NUMBER < 0x00907000L && defined(CRYPTO_LOCK_ENGINE) @@ -81,7 +86,7 @@ sc_close(void) } } -static int +static int sc_init(void) { int r; @@ -91,7 +96,7 @@ sc_init(void) goto err; if (sc_reader_id >= ctx->reader_count) { r = SC_ERROR_NO_READERS_FOUND; - error("Illegal reader number %d (max %d)", sc_reader_id, + error("Illegal reader number %d (max %d)", sc_reader_id, ctx->reader_count -1); goto err; } @@ -110,7 +115,8 @@ err: /* private key operations */ static int -sc_prkey_op_init(RSA *rsa, struct sc_pkcs15_object **key_obj_out) +sc_prkey_op_init(RSA *rsa, struct sc_pkcs15_object **key_obj_out, + unsigned int usage) { int r; struct sc_priv_data *priv; @@ -130,7 +136,8 @@ sc_prkey_op_init(RSA *rsa, struct sc_pkcs15_object **key_obj_out) goto err; } } - r = sc_pkcs15_find_prkey_by_id(p15card, &priv->cert_id, &key_obj); + r = sc_pkcs15_find_prkey_by_id_usage(p15card, &priv->cert_id, + usage, &key_obj); if (r) { error("Unable to find private key from SmartCard: %s", sc_strerror(r)); @@ -176,6 +183,9 @@ err: return -1; } +#define SC_USAGE_DECRYPT SC_PKCS15_PRKEY_USAGE_DECRYPT | \ + SC_PKCS15_PRKEY_USAGE_UNWRAP + static int sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) @@ -184,11 +194,11 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int r; if (padding != RSA_PKCS1_PADDING) - return -1; - r = sc_prkey_op_init(rsa, &key_obj); + return -1; + r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_DECRYPT); if (r) return -1; - r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, + r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, from, flen, to, flen); sc_unlock(card); if (r < 0) { @@ -201,6 +211,9 @@ err: return -1; } +#define SC_USAGE_SIGN SC_PKCS15_PRKEY_USAGE_SIGN | \ + SC_PKCS15_PRKEY_USAGE_SIGNRECOVER + static int sc_sign(int type, u_char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa) @@ -209,7 +222,15 @@ sc_sign(int type, u_char *m, unsigned int m_len, int r; unsigned long flags = 0; - r = sc_prkey_op_init(rsa, &key_obj); + /* XXX: sc_prkey_op_init will search for a pkcs15 private + * key object with the sign or signrecover usage flag set. + * If the signing key has only the non-repudiation flag set + * the key will be rejected as using a non-repudiation key + * for authentication is not recommended. Note: This does not + * prevent the use of a non-repudiation key for authentication + * if the sign or signrecover flag is set as well. + */ + r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_SIGN); if (r) return -1; /* FIXME: length of sigret correct? */ @@ -309,7 +330,7 @@ static void convert_rsa_to_rsa1(Key * in, Key * out) { struct sc_priv_data *priv; - + out->rsa->flags = in->rsa->flags; out->flags = in->flags; RSA_set_method(out->rsa, RSA_get_method(in->rsa)); @@ -321,7 +342,7 @@ convert_rsa_to_rsa1(Key * in, Key * out) return; } -static int +static int sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) { int r; @@ -333,7 +354,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) EVP_PKEY *pubkey = NULL; u8 *p; char *tmp; - + debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]); r = sc_pkcs15_read_certificate(p15card, cinfo, &cert); if (r) { @@ -342,7 +363,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) } x509 = X509_new(); if (x509 == NULL) { - r = -1; + r = -1; goto err; } p = cert->data; @@ -375,7 +396,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) tmp = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); debug("fingerprint %d %s", key_size(k), tmp); xfree(tmp); - + return 0; err: if (cert) @@ -439,7 +460,9 @@ sc_get_keys(const char *id, const char *pin) } key_count = r; } - keys = xmalloc(sizeof(Key *) * (key_count*2+1)); + if (key_count > 1024) + fatal("Too many keys (%u), expected <= 1024", key_count); + keys = xcalloc(key_count * 2 + 1, sizeof(Key *)); for (i = 0; i < key_count; i++) { sc_pkcs15_object_t *tmp_obj = NULL; cert_id = ((sc_pkcs15_cert_info_t *)(certs[i]->data))->id;