=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.407 retrieving revision 1.418 diff -u -r1.407 -r1.418 --- src/usr.bin/ssh/ssh-keygen.c 2020/04/20 04:43:57 1.407 +++ src/usr.bin/ssh/ssh-keygen.c 2020/08/27 01:08:45 1.418 @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.407 2020/04/20 04:43:57 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.418 2020/08/27 01:08:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -127,13 +127,13 @@ static char *certflags_src_addr = NULL; /* Arbitrary extensions specified by user */ -struct cert_userext { +struct cert_ext { char *key; char *val; int crit; }; -static struct cert_userext *cert_userext; -static size_t ncert_userext; +static struct cert_ext *cert_ext; +static size_t ncert_ext; /* Conversion to/from various formats */ enum { @@ -573,7 +573,7 @@ /* try the key */ if (sshkey_sign(key, &sig, &slen, data, sizeof(data), - NULL, NULL, 0) != 0 || + NULL, NULL, NULL, 0) != 0 || sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0, NULL) != 0) { sshkey_free(key); @@ -653,9 +653,10 @@ encoded[len-3] = '\0'; if ((r = sshbuf_b64tod(buf, encoded)) != 0) fatal("%s: base64 decoding failed: %s", __func__, ssh_err(r)); - if (*private) - *k = do_convert_private_ssh2(buf); - else if ((r = sshkey_fromb(buf, k)) != 0) + if (*private) { + if ((*k = do_convert_private_ssh2(buf)) == NULL) + fatal("%s: private key conversion failed", __func__); + } else if ((r = sshkey_fromb(buf, k)) != 0) fatal("decode blob failed: %s", ssh_err(r)); sshbuf_free(buf); fclose(fp); @@ -1034,7 +1035,6 @@ struct sshkey *private, *public; char comment[1024], *prv_tmp, *pub_tmp, *prv_file, *pub_file; int i, type, fd, r; - FILE *f; for (i = 0; key_types[i].key_type; i++) { public = private = NULL; @@ -1072,11 +1072,11 @@ fflush(stdout); type = sshkey_type_from_name(key_types[i].key_type); if ((fd = mkstemp(prv_tmp)) == -1) { - error("Could not save your public key in %s: %s", + error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); goto failnext; } - close(fd); /* just using mkstemp() to generate/reserve a name */ + (void)close(fd); /* just using mkstemp() to reserve a name */ bits = 0; type_bits_valid(type, NULL, &bits); if ((r = sshkey_generate(type, bits, &private)) != 0) { @@ -1100,27 +1100,12 @@ goto failnext; } (void)fchmod(fd, 0644); - f = fdopen(fd, "w"); - if (f == NULL) { - error("fdopen %s failed: %s", pub_tmp, strerror(errno)); - close(fd); + (void)close(fd); + if ((r = sshkey_save_public(public, pub_tmp, comment)) != 0) { + fatal("Unable to save public key to %s: %s", + identity_file, ssh_err(r)); goto failnext; } - if ((r = sshkey_write(public, f)) != 0) { - error("write key failed: %s", ssh_err(r)); - fclose(f); - goto failnext; - } - fprintf(f, " %s\n", comment); - if (ferror(f) != 0) { - error("write key failed: %s", strerror(errno)); - fclose(f); - goto failnext; - } - if (fclose(f) != 0) { - error("key close failed: %s", strerror(errno)); - goto failnext; - } /* Rename temporary files to their permanent locations. */ if (rename(pub_tmp, pub_file) != 0) { @@ -1285,6 +1270,7 @@ int r, fd, oerrno, inplace = 0; struct known_hosts_ctx ctx; u_int foreach_options; + struct stat sb; if (!have_identity) { cp = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid); @@ -1294,6 +1280,8 @@ free(cp); have_identity = 1; } + if (stat(identity_file, &sb) != 0) + fatal("Cannot stat %s: %s", identity_file, strerror(errno)); memset(&ctx, 0, sizeof(ctx)); ctx.out = stdout; @@ -1320,6 +1308,7 @@ unlink(tmp); fatal("fdopen: %s", strerror(oerrno)); } + fchmod(fd, sb.st_mode & 0644); inplace = 1; } /* XXX support identity_file == "-" for stdin */ @@ -1495,8 +1484,7 @@ struct sshkey *private; struct sshkey *public; struct stat st; - FILE *f; - int r, fd; + int r; if (!have_identity) ask_filename(pw, "Enter file in which the key is"); @@ -1575,18 +1563,11 @@ sshkey_free(private); strlcat(identity_file, ".pub", sizeof(identity_file)); - fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); - if (fd == -1) - fatal("Could not save your public key in %s", identity_file); - f = fdopen(fd, "w"); - if (f == NULL) - fatal("fdopen %s failed: %s", identity_file, strerror(errno)); - if ((r = sshkey_write(public, f)) != 0) - fatal("write key failed: %s", ssh_err(r)); + if ((r = sshkey_save_public(public, identity_file, new_comment)) != 0) { + fatal("Unable to save public key to %s: %s", + identity_file, ssh_err(r)); + } sshkey_free(public); - fprintf(f, " %s\n", new_comment); - fclose(f); - free(comment); if (strlen(new_comment) > 0) @@ -1598,31 +1579,32 @@ } static void -add_flag_option(struct sshbuf *c, const char *name) +cert_ext_add(const char *key, const char *value, int iscrit) { - int r; - - debug3("%s: %s", __func__, name); - if ((r = sshbuf_put_cstring(c, name)) != 0 || - (r = sshbuf_put_string(c, NULL, 0)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + cert_ext = xreallocarray(cert_ext, ncert_ext + 1, sizeof(*cert_ext)); + cert_ext[ncert_ext].key = xstrdup(key); + cert_ext[ncert_ext].val = value == NULL ? NULL : xstrdup(value); + cert_ext[ncert_ext].crit = iscrit; + ncert_ext++; } -static void -add_string_option(struct sshbuf *c, const char *name, const char *value) +/* qsort(3) comparison function for certificate extensions */ +static int +cert_ext_cmp(const void *_a, const void *_b) { - struct sshbuf *b; + const struct cert_ext *a = (const struct cert_ext *)_a; + const struct cert_ext *b = (const struct cert_ext *)_b; int r; - debug3("%s: %s=%s", __func__, name, value); - if ((b = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((r = sshbuf_put_cstring(b, value)) != 0 || - (r = sshbuf_put_cstring(c, name)) != 0 || - (r = sshbuf_put_stringb(c, b)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - sshbuf_free(b); + if (a->crit != b->crit) + return (a->crit < b->crit) ? -1 : 1; + if ((r = strcmp(a->key, b->key)) != 0) + return r; + if ((a->val == NULL) != (b->val == NULL)) + return (a->val == NULL) ? -1 : 1; + if (a->val != NULL && (r = strcmp(a->val, b->val)) != 0) + return r; + return 0; } #define OPTIONS_CRITICAL 1 @@ -1630,46 +1612,64 @@ static void prepare_options_buf(struct sshbuf *c, int which) { + struct sshbuf *b; size_t i; + int r; + const struct cert_ext *ext; + if ((b = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); sshbuf_reset(c); - if ((which & OPTIONS_CRITICAL) != 0 && - certflags_command != NULL) - add_string_option(c, "force-command", certflags_command); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_X_FWD) != 0) - add_flag_option(c, "permit-X11-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_AGENT_FWD) != 0) - add_flag_option(c, "permit-agent-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_PORT_FWD) != 0) - add_flag_option(c, "permit-port-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_PTY) != 0) - add_flag_option(c, "permit-pty"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_USER_RC) != 0) - add_flag_option(c, "permit-user-rc"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_NO_REQUIRE_USER_PRESENCE) != 0) - add_flag_option(c, "no-touch-required"); - if ((which & OPTIONS_CRITICAL) != 0 && - certflags_src_addr != NULL) - add_string_option(c, "source-address", certflags_src_addr); - for (i = 0; i < ncert_userext; i++) { - if ((cert_userext[i].crit && (which & OPTIONS_EXTENSIONS)) || - (!cert_userext[i].crit && (which & OPTIONS_CRITICAL))) + for (i = 0; i < ncert_ext; i++) { + ext = &cert_ext[i]; + if ((ext->crit && (which & OPTIONS_EXTENSIONS)) || + (!ext->crit && (which & OPTIONS_CRITICAL))) continue; - if (cert_userext[i].val == NULL) - add_flag_option(c, cert_userext[i].key); - else { - add_string_option(c, cert_userext[i].key, - cert_userext[i].val); + if (ext->val == NULL) { + /* flag option */ + debug3("%s: %s", __func__, ext->key); + if ((r = sshbuf_put_cstring(c, ext->key)) != 0 || + (r = sshbuf_put_string(c, NULL, 0)) != 0) + fatal("%s: buffer: %s", __func__, ssh_err(r)); + } else { + /* key/value option */ + debug3("%s: %s=%s", __func__, ext->key, ext->val); + sshbuf_reset(b); + if ((r = sshbuf_put_cstring(c, ext->key)) != 0 || + (r = sshbuf_put_cstring(b, ext->val)) != 0 || + (r = sshbuf_put_stringb(c, b)) != 0) + fatal("%s: buffer: %s", __func__, ssh_err(r)); } } + sshbuf_free(b); } +static void +finalise_cert_exts(void) +{ + /* critical options */ + if (certflags_command != NULL) + cert_ext_add("force-command", certflags_command, 1); + if (certflags_src_addr != NULL) + cert_ext_add("source-address", certflags_src_addr, 1); + /* extensions */ + if ((certflags_flags & CERTOPT_X_FWD) != 0) + cert_ext_add("permit-X11-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_AGENT_FWD) != 0) + cert_ext_add("permit-agent-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_PORT_FWD) != 0) + cert_ext_add("permit-port-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_PTY) != 0) + cert_ext_add("permit-pty", NULL, 0); + if ((certflags_flags & CERTOPT_USER_RC) != 0) + cert_ext_add("permit-user-rc", NULL, 0); + if ((certflags_flags & CERTOPT_NO_REQUIRE_USER_PRESENCE) != 0) + cert_ext_add("no-touch-required", NULL, 0); + /* order lexically by key */ + if (ncert_ext > 0) + qsort(cert_ext, ncert_ext, sizeof(*cert_ext), cert_ext_cmp); +} + static struct sshkey * load_pkcs11_key(char *path) { @@ -1705,7 +1705,8 @@ static int agent_signer(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, - const char *alg, const char *provider, u_int compat, void *ctx) + const char *alg, const char *provider, const char *pin, + u_int compat, void *ctx) { int *agent_fdp = (int *)ctx; @@ -1718,12 +1719,11 @@ unsigned long long cert_serial, int cert_serial_autoinc, int argc, char **argv) { - int r, i, fd, found, agent_fd = -1; + int r, i, found, agent_fd = -1; u_int n; struct sshkey *ca, *public; char valid[64], *otmp, *tmp, *cp, *out, *comment; - char *ca_fp = NULL, **plist = NULL; - FILE *f; + char *ca_fp = NULL, **plist = NULL, *pin = NULL; struct ssh_identitylist *agent_ids; size_t j; struct notifier_ctx *notifier = NULL; @@ -1764,6 +1764,12 @@ } else { /* CA key is assumed to be a private key on the filesystem */ ca = load_identity(tmp, NULL); + if (sshkey_is_sk(ca) && + (ca->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) { + if ((pin = read_passphrase("Enter PIN for CA key: ", + RP_ALLOW_STDIN)) == NULL) + fatal("%s: couldn't read PIN", __func__); + } } free(tmp); @@ -1778,6 +1784,7 @@ } ca_fp = sshkey_fingerprint(ca, fingerprint_hash, SSH_FP_DEFAULT); + finalise_cert_exts(); for (i = 0; i < argc; i++) { /* Split list of principals */ n = 0; @@ -1822,7 +1829,7 @@ if (agent_fd != -1 && (ca->flags & SSHKEY_FLAG_EXT) != 0) { if ((r = sshkey_certify_custom(public, ca, - key_type_name, sk_provider, agent_signer, + key_type_name, sk_provider, NULL, agent_signer, &agent_fd)) != 0) fatal("Couldn't certify key %s via agent: %s", tmp, ssh_err(r)); @@ -1834,7 +1841,7 @@ sshkey_type(ca), ca_fp); } r = sshkey_certify(public, ca, key_type_name, - sk_provider); + sk_provider, pin); notify_complete(notifier); if (r != 0) fatal("Couldn't certify key %s: %s", @@ -1846,16 +1853,10 @@ xasprintf(&out, "%s-cert.pub", tmp); free(tmp); - if ((fd = open(out, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) - fatal("Could not open \"%s\" for writing: %s", out, - strerror(errno)); - if ((f = fdopen(fd, "w")) == NULL) - fatal("%s: fdopen: %s", __func__, strerror(errno)); - if ((r = sshkey_write(public, f)) != 0) - fatal("Could not write certified key to %s: %s", - out, ssh_err(r)); - fprintf(f, " %s\n", comment); - fclose(f); + if ((r = sshkey_save_public(public, out, comment)) != 0) { + fatal("Unable to save public key to %s: %s", + identity_file, ssh_err(r)); + } if (!quiet) { sshkey_format_cert_validity(public->cert, @@ -1874,6 +1875,8 @@ if (cert_serial_autoinc) cert_serial++; } + if (pin != NULL) + freezero(pin, strlen(pin)); free(ca_fp); #ifdef ENABLE_PKCS11 pkcs11_terminate(); @@ -1998,13 +2001,8 @@ val = xstrdup(strchr(opt, ':') + 1); if ((cp = strchr(val, '=')) != NULL) *cp++ = '\0'; - cert_userext = xreallocarray(cert_userext, ncert_userext + 1, - sizeof(*cert_userext)); - cert_userext[ncert_userext].key = val; - cert_userext[ncert_userext].val = cp == NULL ? - NULL : xstrdup(cp); - cert_userext[ncert_userext].crit = iscrit; - ncert_userext++; + cert_ext_add(val, cp, iscrit); + free(val); } else fatal("Unsupported certificate option \"%s\"", opt); } @@ -2012,7 +2010,7 @@ static void show_options(struct sshbuf *optbuf, int in_critical) { - char *name, *arg; + char *name, *arg, *hex; struct sshbuf *options, *option = NULL; int r; @@ -2041,11 +2039,14 @@ __func__, ssh_err(r)); printf(" %s\n", arg); free(arg); - } else { - printf(" UNKNOWN OPTION (len %zu)\n", - sshbuf_len(option)); + } else if (sshbuf_len(option) > 0) { + hex = sshbuf_dtob16(option); + printf(" UNKNOWN OPTION: %s (len %zu)\n", + hex, sshbuf_len(option)); sshbuf_reset(option); - } + free(hex); + } else + printf(" UNKNOWN FLAG OPTION\n"); free(name); if (sshbuf_len(option) != 0) fatal("Option corrupt: extra data at end"); @@ -2512,6 +2513,7 @@ struct sshbuf *sigbuf = NULL, *abuf = NULL; int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno; char *wfile = NULL, *asig = NULL, *fp = NULL; + char *pin = NULL, *prompt = NULL; if (!quiet) { if (fd == STDIN_FILENO) @@ -2519,17 +2521,25 @@ else fprintf(stderr, "Signing file %s\n", filename); } - if (signer == NULL && sshkey_is_sk(signkey) && - (signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { - if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, - SSH_FP_DEFAULT)) == NULL) - fatal("%s: sshkey_fingerprint failed", __func__); - fprintf(stderr, "Confirm user presence for key %s %s\n", - sshkey_type(signkey), fp); - free(fp); + if (signer == NULL && sshkey_is_sk(signkey)) { + if ((signkey->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) { + xasprintf(&prompt, "Enter PIN for %s key: ", + sshkey_type(signkey)); + if ((pin = read_passphrase(prompt, + RP_ALLOW_STDIN)) == NULL) + fatal("%s: couldn't read PIN", __func__); + } + if ((signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { + if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + fatal("%s: fingerprint failed", __func__); + fprintf(stderr, "Confirm user presence for key %s %s\n", + sshkey_type(signkey), fp); + free(fp); + } } - if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, - &sigbuf, signer, signer_ctx)) != 0) { + if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, pin, + fd, sig_namespace, &sigbuf, signer, signer_ctx)) != 0) { error("Signing %s failed: %s", filename, ssh_err(r)); goto out; } @@ -2577,7 +2587,10 @@ r = 0; out: free(wfile); + free(prompt); free(asig); + if (pin != NULL) + freezero(pin, strlen(pin)); sshbuf_free(abuf); sshbuf_free(sigbuf); if (wfd != -1) @@ -2942,30 +2955,29 @@ { struct sshkey **keys; size_t nkeys, i; - int r, ok = -1; + int r, ret = -1; char *fp, *pin = NULL, *pass = NULL, *path, *pubpath; const char *ext; if (skprovider == NULL) fatal("Cannot download keys without provider"); - for (i = 0; i < 2; i++) { - if (i == 1) { - pin = read_passphrase("Enter PIN for authenticator: ", - RP_ALLOW_STDIN); - } - if ((r = sshsk_load_resident(skprovider, device, pin, - &keys, &nkeys)) != 0) { - if (i == 0 && r == SSH_ERR_KEY_WRONG_PASSPHRASE) - continue; + pin = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); + if (!quiet) { + printf("You may need to touch your authenticator " + "to authorize key download.\n"); + } + if ((r = sshsk_load_resident(skprovider, device, pin, + &keys, &nkeys)) != 0) { + if (pin != NULL) freezero(pin, strlen(pin)); - error("Unable to load resident keys: %s", ssh_err(r)); - return -1; - } + error("Unable to load resident keys: %s", ssh_err(r)); + return -1; } if (nkeys == 0) logit("No keys to download"); - freezero(pin, strlen(pin)); + if (pin != NULL) + freezero(pin, strlen(pin)); for (i = 0; i < nkeys; i++) { if (keys[i]->type != KEY_ECDSA_SK && @@ -3024,28 +3036,29 @@ } if (i >= nkeys) - ok = 0; /* success */ + ret = 0; /* success */ if (pass != NULL) freezero(pass, strlen(pass)); for (i = 0; i < nkeys; i++) sshkey_free(keys[i]); free(keys); - return ok ? 0 : -1; + return ret; } static void usage(void) { fprintf(stderr, - "usage: ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format]\n" + "usage: ssh-keygen [-q] [-a rounds] [-b bits] [-C comment] [-f output_keyfile]\n" + " [-m format] [-N new_passphrase] [-O option]\n" " [-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]\n" - " [-N new_passphrase] [-O option] [-w provider]\n" - " ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase]\n" + " [-w provider]\n" + " ssh-keygen -p [-a rounds] [-f keyfile] [-m format] [-N new_passphrase]\n" " [-P old_passphrase]\n" " ssh-keygen -i [-f input_keyfile] [-m key_format]\n" " ssh-keygen -e [-f input_keyfile] [-m key_format]\n" " ssh-keygen -y [-f input_keyfile]\n" - " ssh-keygen -c [-C comment] [-f keyfile] [-P passphrase]\n" + " ssh-keygen -c [-a rounds] [-C comment] [-f keyfile] [-P passphrase]\n" " ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]\n" " ssh-keygen -B [-f input_keyfile]\n"); #ifdef ENABLE_PKCS11 @@ -3055,7 +3068,7 @@ fprintf(stderr, " ssh-keygen -F hostname [-lv] [-f known_hosts_file]\n" " ssh-keygen -H [-f known_hosts_file]\n" - " ssh-keygen -K [-w provider]\n" + " ssh-keygen -K [-a rounds] [-w provider]\n" " ssh-keygen -R hostname [-f known_hosts_file]\n" " ssh-keygen -r hostname [-g] [-f input_keyfile]\n" #ifdef WITH_OPENSSL @@ -3066,7 +3079,7 @@ " [-n principals] [-O option] [-V validity_interval]\n" " [-z serial_number] file ...\n" " ssh-keygen -L [-f input_keyfile]\n" - " ssh-keygen -A [-f prefix_path]\n" + " ssh-keygen -A [-a rounds] [-f prefix_path]\n" " ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n" " file ...\n" " ssh-keygen -Q [-l] -f krl_file [file ...]\n" @@ -3084,11 +3097,10 @@ int main(int argc, char **argv) { - char dotsshdir[PATH_MAX], comment[1024], *passphrase; + char comment[1024], *passphrase; char *rr_hostname = NULL, *ep, *fp, *ra; struct sshkey *private, *public; struct passwd *pw; - struct stat st; int r, opt, type; int change_passphrase = 0, change_comment = 0, show_cert = 0; int find_host = 0, delete_host = 0, hash_hosts = 0; @@ -3535,6 +3547,8 @@ for (i = 0; i < nopts; i++) { if (strcasecmp(opts[i], "no-touch-required") == 0) { sk_flags &= ~SSH_SK_USER_PRESENCE_REQD; + } else if (strcasecmp(opts[i], "verify-required") == 0) { + sk_flags |= SSH_SK_USER_VERIFICATION_REQD; } else if (strcasecmp(opts[i], "resident") == 0) { sk_flags |= SSH_SK_RESIDENT_KEY; } else if (strncasecmp(opts[i], "device=", 7) == 0) { @@ -3567,9 +3581,15 @@ printf("You may need to touch your authenticator " "to authorize key generation.\n"); } - passphrase = NULL; if ((attest = sshbuf_new()) == NULL) fatal("sshbuf_new failed"); + if ((sk_flags & + (SSH_SK_USER_VERIFICATION_REQD|SSH_SK_RESIDENT_KEY))) { + passphrase = read_passphrase("Enter PIN for " + "authenticator: ", RP_ALLOW_STDIN); + } else { + passphrase = NULL; + } for (i = 0 ; ; i++) { fflush(stdout); r = sshsk_enroll(type, sk_provider, sk_device, @@ -3580,9 +3600,8 @@ break; if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) fatal("Key enrollment failed: %s", ssh_err(r)); - else if (i > 0) + else if (passphrase != NULL) { error("PIN incorrect"); - if (passphrase != NULL) { freezero(passphrase, strlen(passphrase)); passphrase = NULL; } @@ -3590,6 +3609,11 @@ fatal("Too many incorrect PINs"); passphrase = read_passphrase("Enter PIN for " "authenticator: ", RP_ALLOW_STDIN); + if (!quiet) { + printf("You may need to touch your " + "authenticator (again) to authorize " + "key generation.\n"); + } } if (passphrase != NULL) { freezero(passphrase, strlen(passphrase)); @@ -3608,20 +3632,8 @@ ask_filename(pw, "Enter file in which to save the key"); /* Create ~/.ssh directory if it doesn't already exist. */ - snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", - pw->pw_dir, _PATH_SSH_USER_DIR); - if (strstr(identity_file, dotsshdir) != NULL) { - if (stat(dotsshdir, &st) == -1) { - if (errno != ENOENT) { - error("Could not stat %s: %s", dotsshdir, - strerror(errno)); - } else if (mkdir(dotsshdir, 0700) == -1) { - error("Could not create directory '%s': %s", - dotsshdir, strerror(errno)); - } else if (!quiet) - printf("Created directory '%s'.\n", dotsshdir); - } - } + hostfile_create_user_ssh_dir(identity_file, !quiet); + /* If the file already exists, ask the user to confirm. */ if (!confirm_overwrite(identity_file)) exit(1); @@ -3654,7 +3666,7 @@ strlcat(identity_file, ".pub", sizeof(identity_file)); if ((r = sshkey_save_public(public, identity_file, comment)) != 0) { fatal("Unable to save public key to %s: %s", - identity_file, strerror(errno)); + identity_file, ssh_err(r)); } if (!quiet) {