added locking to sc_pkcs15_decipher and sc_pkcs15_compute_signature

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@902 c6295689-39f2-0310-b995-f0e70906c6a9
2003-02-06 14:46:57 +00:00 · 2003-02-06 14:46:57 +00:00 · a2b9838bb1
parent 8160bf64a1
commit a2b9838bb1
1 changed files with 24 additions and 4 deletions
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@ -152,12 +152,22 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
 	senv.flags = SC_SEC_ENV_KEY_REF_PRESENT;
 	senv.flags |= SC_SEC_ENV_ALG_PRESENT;

+	r = sc_lock(p15card->card);
+	SC_TEST_RET(ctx, r, "sc_lock() failed");
+
 	r = select_key_file(p15card, prkey, &senv);
-	SC_TEST_RET(ctx, r, "Unable to select private key file");
+	if (r < 0) {
+		sc_unlock(p15card->card);
+		SC_TEST_RET(ctx, r, "Unable to select private key file");
+	}

 	r = sc_set_security_env(p15card->card, &senv, 0);
-	SC_TEST_RET(ctx, r, "sc_set_security_env() failed");
+	if (r < 0) {
+		sc_unlock(p15card->card);
+		SC_TEST_RET(ctx, r, "sc_set_security_env() failed");
+	}
 	r = sc_decipher(p15card->card, in, inlen, out, outlen);
+	sc_unlock(p15card->card);
 	SC_TEST_RET(ctx, r, "sc_decipher() failed");

 	/* Strip any padding */
@ -349,11 +359,20 @@ int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
 	senv.flags = SC_SEC_ENV_KEY_REF_PRESENT;
 	senv.flags |= SC_SEC_ENV_ALG_PRESENT;

+	r = sc_lock(p15card->card);
+	SC_TEST_RET(ctx, r, "sc_lock() failed");
+
 	r = select_key_file(p15card, prkey, &senv);
-	SC_TEST_RET(ctx, r, "Unable to select private key file");
+	if (r < 0) {
+		sc_unlock(p15card->card);
+		SC_TEST_RET(ctx, r, "Unable to select private key file");
+	}

 	r = sc_set_security_env(p15card->card, &senv, 0);
-	SC_TEST_RET(ctx, r, "sc_set_security_env() failed");
+	if (r < 0) {
+		sc_unlock(p15card->card);
+		SC_TEST_RET(ctx, r, "sc_set_security_env() failed");
+	}

 	/* XXX: Should we adjust outlen to match the size of
 	 * the signature we expect? CardOS for instance will
@ -366,6 +385,7 @@ int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
 	r = sc_compute_signature(p15card->card, in, inlen, out, outlen);
 	if (pad_flags)
                memset(buf, 0, inlen);
+	sc_unlock(p15card->card);
 	SC_TEST_RET(ctx, r, "sc_compute_signature() failed");

 	return r;