version 1.160, 2021/04/03 06:18:41 |
version 1.161, 2021/10/28 02:54:18 |
|
|
static int |
static int |
load_resident_keys(int agent_fd, const char *skprovider, int qflag) |
load_resident_keys(int agent_fd, const char *skprovider, int qflag) |
{ |
{ |
struct sshkey **keys; |
struct sshsk_resident_key **srks; |
size_t nkeys, i; |
size_t nsrks, i; |
|
struct sshkey *key; |
int r, ok = 0; |
int r, ok = 0; |
char *fp; |
char *fp; |
|
|
pass = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); |
pass = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); |
if ((r = sshsk_load_resident(skprovider, NULL, pass, |
if ((r = sshsk_load_resident(skprovider, NULL, pass, 0, |
&keys, &nkeys)) != 0) { |
&srks, &nsrks)) != 0) { |
error_r(r, "Unable to load resident keys"); |
error_r(r, "Unable to load resident keys"); |
return r; |
return r; |
} |
} |
for (i = 0; i < nkeys; i++) { |
for (i = 0; i < nsrks; i++) { |
if ((fp = sshkey_fingerprint(keys[i], |
key = srks[i]->key; |
|
if ((fp = sshkey_fingerprint(key, |
fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
fatal_f("sshkey_fingerprint failed"); |
fatal_f("sshkey_fingerprint failed"); |
if ((r = ssh_add_identity_constrained(agent_fd, keys[i], "", |
if ((r = ssh_add_identity_constrained(agent_fd, key, "", |
lifetime, confirm, maxsign, skprovider)) != 0) { |
lifetime, confirm, maxsign, skprovider)) != 0) { |
error("Unable to add key %s %s", |
error("Unable to add key %s %s", sshkey_type(key), fp); |
sshkey_type(keys[i]), fp); |
|
free(fp); |
free(fp); |
ok = r; |
ok = r; |
continue; |
continue; |
|
|
ok = 1; |
ok = 1; |
if (!qflag) { |
if (!qflag) { |
fprintf(stderr, "Resident identity added: %s %s\n", |
fprintf(stderr, "Resident identity added: %s %s\n", |
sshkey_type(keys[i]), fp); |
sshkey_type(key), fp); |
if (lifetime != 0) { |
if (lifetime != 0) { |
fprintf(stderr, |
fprintf(stderr, |
"Lifetime set to %d seconds\n", lifetime); |
"Lifetime set to %d seconds\n", lifetime); |
|
|
} |
} |
} |
} |
free(fp); |
free(fp); |
sshkey_free(keys[i]); |
|
} |
} |
free(keys); |
sshsk_free_resident_keys(srks, nsrks); |
if (nkeys == 0) |
if (nsrks == 0) |
return SSH_ERR_KEY_NOT_FOUND; |
return SSH_ERR_KEY_NOT_FOUND; |
return ok == 1 ? 0 : ok; |
return ok == 1 ? 0 : ok; |
} |
} |