diff options
| author | Timothy Pearson <[email protected]> | 2016-09-07 12:31:18 -0500 |
|---|---|---|
| committer | Timothy Pearson <[email protected]> | 2016-09-07 12:31:18 -0500 |
| commit | 37de95179023931a8938b4652b81ae3a634e5763 (patch) | |
| tree | de1b16f3a5292ab30fb85bad2cec8c493daa3cbe | |
| parent | 4114606c72147a3c2918bdca1a9cf5ef164bc06d (diff) | |
| download | smartcardauth-37de95179023931a8938b4652b81ae3a634e5763.tar.gz smartcardauth-37de95179023931a8938b4652b81ae3a634e5763.zip | |
Fix decryption with multiple LUKS keyfiles available
| -rw-r--r-- | src/cardpincheck.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/cardpincheck.c b/src/cardpincheck.c index f1e730f..ae1da9a 100644 --- a/src/cardpincheck.c +++ b/src/cardpincheck.c @@ -353,8 +353,13 @@ int main(int argc, char* argv[]) { rv = pkcs11h_certificate_decryptAny(certificate, CKM_RSA_PKCS, ciphertext, ciphertextfilesize, NULL, &size); if (rv != CKR_OK) { fprintf(stderr, "Cannot determine decrypted message length: %s (%d)\n", pkcs11h_getMessage(rv), rv); - if (rv == CKR_CANCEL) { - ret = -1; + if (rv == CKR_FUNCTION_FAILED) { + /* Decryption failed */ + ret = -20; + abort_decryption = 1; + } + else if (rv == CKR_CANCEL) { + ret = -2; abort_decryption = 1; } else if ((rv == CKR_PIN_INCORRECT) || (rv == CKR_USER_NOT_LOGGED_IN)) { |