diff --git a/src/cardpincheck.c b/src/cardpincheck.c
index f1e730f..ae1da9a 100644
--- a/src/cardpincheck.c
+++ b/src/cardpincheck.c
@@ -353,8 +353,13 @@
rv = pkcs11h_certificate_decryptAny(certificate, CKM_RSA_PKCS, ciphertext, ciphertextfilesize, NULL, &size);
if (rv != CKR_OK) {
fprintf(stderr, "Cannot determine decrypted message length: %s (%d)\n", pkcs11h_getMessage(rv), rv);
- if (rv == CKR_CANCEL) {
- ret = -1;
+ if (rv == CKR_FUNCTION_FAILED) {
+ /* Decryption failed */
+ ret = -20;
+ abort_decryption = 1;
+ }
+ else if (rv == CKR_CANCEL) {
+ ret = -2;
abort_decryption = 1;
}
else if ((rv == CKR_PIN_INCORRECT) || (rv == CKR_USER_NOT_LOGGED_IN)) {
|