summaryrefslogtreecommitdiff
path: root/src/pluto/smartcard.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pluto/smartcard.c')
-rw-r--r--src/pluto/smartcard.c26
1 files changed, 14 insertions, 12 deletions
diff --git a/src/pluto/smartcard.c b/src/pluto/smartcard.c
index f1a3932a6..85e246ac4 100644
--- a/src/pluto/smartcard.c
+++ b/src/pluto/smartcard.c
@@ -502,9 +502,9 @@ static cert_t* scx_find_cert_object(CK_SESSION_HANDLE session,
*cert = cert_empty;
cert->smartcard = TRUE;
cert->cert = lib->creds->create(lib->creds,
- CRED_CERTIFICATE, CERT_X509,
- BUILD_BLOB_ASN1_DER, blob,
- BUILD_END);
+ CRED_CERTIFICATE, CERT_X509,
+ BUILD_BLOB_ASN1_DER, blob,
+ BUILD_END);
if (cert->cert)
{
return cert;
@@ -539,6 +539,7 @@ static void scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
CK_ULONG obj_count = 0;
time_t valid_until;
smartcard_t *sc;
+ cert_t *cert;
certificate_t *certificate;
x509_t *x509;
@@ -559,8 +560,8 @@ static void scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
*sc = empty_sc;
sc->any_slot = FALSE;
sc->slot = slot;
- sc->last_cert = scx_find_cert_object(session, object, sc);
- if (sc->last_cert == NULL)
+ cert = scx_find_cert_object(session, object, sc);
+ if (!cert)
{
scx_free(sc);
continue;
@@ -571,9 +572,10 @@ static void scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
)
/* check validity of certificate */
- certificate = sc->last_cert->cert;
+ certificate = cert->cert;
if (!certificate->get_validity(certificate, NULL, NULL, &valid_until))
{
+ cert_free(cert);
scx_free(sc);
continue;
}
@@ -582,17 +584,17 @@ static void scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
)
sc = scx_add(sc);
- x509 = (x509_t*)certificate;
/* put end entity and ca certificates into different chains */
+ x509 = (x509_t*)certificate;
if (x509->get_flags(x509) & X509_CA)
{
- sc->last_cert = add_authcert(sc->last_cert, X509_CA);
+ sc->last_cert = add_authcert(cert, X509_CA);
}
else
{
- add_public_key_from_cert(sc->last_cert, valid_until, DAL_LOCAL);
- sc->last_cert = cert_add(sc->last_cert);
+ add_public_key_from_cert(cert, valid_until, DAL_LOCAL);
+ sc->last_cert = cert_add(cert);
}
cert_share(sc->last_cert);
@@ -1078,7 +1080,7 @@ cert_t* scx_load_cert(const char *filename, smartcard_t **scp, bool *cached)
*scp = sc = scx_add(scx_parse_number_slot_id(number_slot_id));
/* is there a cached smartcard certificate? */
- *cached = sc->last_cert &&
+ *cached = sc->last_cert &&
(time(NULL) - sc->last_load) < SCX_CERT_CACHE_INTERVAL;
if (*cached)
@@ -1451,7 +1453,7 @@ bool scx_encrypt(smartcard_t *sc, const u_char *in, size_t inlen, u_char *out,
{
return FALSE;
}
- key->encrypt(key, plain_text, &cipher_text);
+ key->encrypt(key, ENCRYPT_RSA_PKCS1, plain_text, &cipher_text);
key->destroy(key);
if (cipher_text.ptr == NULL)