| version 1.417, 2020/08/27 01:07:51 |
version 1.418, 2020/08/27 01:08:45 |
|
|
| if (skprovider == NULL) |
if (skprovider == NULL) |
| fatal("Cannot download keys without provider"); |
fatal("Cannot download keys without provider"); |
| |
|
| for (i = 0; i < 2; i++) { |
pin = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); |
| if (i == 1) { |
if (!quiet) { |
| pin = read_passphrase("Enter PIN for authenticator: ", |
printf("You may need to touch your authenticator " |
| RP_ALLOW_STDIN); |
"to authorize key download.\n"); |
| } |
|
| if ((r = sshsk_load_resident(skprovider, device, pin, |
|
| &keys, &nkeys)) != 0) { |
|
| if (i == 0 && r == SSH_ERR_KEY_WRONG_PASSPHRASE) |
|
| continue; |
|
| if (pin != NULL) |
|
| freezero(pin, strlen(pin)); |
|
| error("Unable to load resident keys: %s", ssh_err(r)); |
|
| return -1; |
|
| } |
|
| } |
} |
| |
if ((r = sshsk_load_resident(skprovider, device, pin, |
| |
&keys, &nkeys)) != 0) { |
| |
if (pin != NULL) |
| |
freezero(pin, strlen(pin)); |
| |
error("Unable to load resident keys: %s", ssh_err(r)); |
| |
return -1; |
| |
} |
| if (nkeys == 0) |
if (nkeys == 0) |
| logit("No keys to download"); |
logit("No keys to download"); |
| if (pin != NULL) |
if (pin != NULL) |
|
|
| printf("You may need to touch your authenticator " |
printf("You may need to touch your authenticator " |
| "to authorize key generation.\n"); |
"to authorize key generation.\n"); |
| } |
} |
| passphrase = NULL; |
|
| if ((attest = sshbuf_new()) == NULL) |
if ((attest = sshbuf_new()) == NULL) |
| fatal("sshbuf_new failed"); |
fatal("sshbuf_new failed"); |
| |
if ((sk_flags & |
| |
(SSH_SK_USER_VERIFICATION_REQD|SSH_SK_RESIDENT_KEY))) { |
| |
passphrase = read_passphrase("Enter PIN for " |
| |
"authenticator: ", RP_ALLOW_STDIN); |
| |
} else { |
| |
passphrase = NULL; |
| |
} |
| for (i = 0 ; ; i++) { |
for (i = 0 ; ; i++) { |
| fflush(stdout); |
fflush(stdout); |
| r = sshsk_enroll(type, sk_provider, sk_device, |
r = sshsk_enroll(type, sk_provider, sk_device, |
|
|
| break; |
break; |
| if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) |
if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) |
| fatal("Key enrollment failed: %s", ssh_err(r)); |
fatal("Key enrollment failed: %s", ssh_err(r)); |
| else if (i > 0) |
else if (passphrase != NULL) { |
| error("PIN incorrect"); |
error("PIN incorrect"); |
| if (passphrase != NULL) { |
|
| freezero(passphrase, strlen(passphrase)); |
freezero(passphrase, strlen(passphrase)); |
| passphrase = NULL; |
passphrase = NULL; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh