version 1.21, 2019/09/06 05:23:55 |
version 1.22, 2020/01/25 00:03:36 |
|
|
|
|
struct pkcs11_keyinfo { |
struct pkcs11_keyinfo { |
struct sshkey *key; |
struct sshkey *key; |
char *providername; |
char *providername, *label; |
TAILQ_ENTRY(pkcs11_keyinfo) next; |
TAILQ_ENTRY(pkcs11_keyinfo) next; |
}; |
}; |
|
|
|
|
struct sshbuf *oqueue; |
struct sshbuf *oqueue; |
|
|
static void |
static void |
add_key(struct sshkey *k, char *name) |
add_key(struct sshkey *k, char *name, char *label) |
{ |
{ |
struct pkcs11_keyinfo *ki; |
struct pkcs11_keyinfo *ki; |
|
|
ki = xcalloc(1, sizeof(*ki)); |
ki = xcalloc(1, sizeof(*ki)); |
ki->providername = xstrdup(name); |
ki->providername = xstrdup(name); |
ki->key = k; |
ki->key = k; |
|
ki->label = xstrdup(label); |
TAILQ_INSERT_TAIL(&pkcs11_keylist, ki, next); |
TAILQ_INSERT_TAIL(&pkcs11_keylist, ki, next); |
} |
} |
|
|
|
|
if (!strcmp(ki->providername, name)) { |
if (!strcmp(ki->providername, name)) { |
TAILQ_REMOVE(&pkcs11_keylist, ki, next); |
TAILQ_REMOVE(&pkcs11_keylist, ki, next); |
free(ki->providername); |
free(ki->providername); |
|
free(ki->label); |
sshkey_free(ki->key); |
sshkey_free(ki->key); |
free(ki); |
free(ki); |
} |
} |
|
|
struct pkcs11_keyinfo *ki; |
struct pkcs11_keyinfo *ki; |
|
|
TAILQ_FOREACH(ki, &pkcs11_keylist, next) { |
TAILQ_FOREACH(ki, &pkcs11_keylist, next) { |
debug("check %p %s", ki, ki->providername); |
debug("check %p %s %s", ki, ki->providername, ki->label); |
if (sshkey_equal(k, ki->key)) |
if (sshkey_equal(k, ki->key)) |
return (ki->key); |
return (ki->key); |
} |
} |
|
|
u_char *blob; |
u_char *blob; |
size_t blen; |
size_t blen; |
struct sshbuf *msg; |
struct sshbuf *msg; |
|
char **labels = NULL; |
|
|
if ((msg = sshbuf_new()) == NULL) |
if ((msg = sshbuf_new()) == NULL) |
fatal("%s: sshbuf_new failed", __func__); |
fatal("%s: sshbuf_new failed", __func__); |
if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || |
if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || |
(r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) |
(r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
if ((nkeys = pkcs11_add_provider(name, pin, &keys)) > 0) { |
if ((nkeys = pkcs11_add_provider(name, pin, &keys, &labels)) > 0) { |
if ((r = sshbuf_put_u8(msg, |
if ((r = sshbuf_put_u8(msg, |
SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || |
SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || |
(r = sshbuf_put_u32(msg, nkeys)) != 0) |
(r = sshbuf_put_u32(msg, nkeys)) != 0) |
|
|
continue; |
continue; |
} |
} |
if ((r = sshbuf_put_string(msg, blob, blen)) != 0 || |
if ((r = sshbuf_put_string(msg, blob, blen)) != 0 || |
(r = sshbuf_put_cstring(msg, name)) != 0) |
(r = sshbuf_put_cstring(msg, labels[i])) != 0) |
fatal("%s: buffer error: %s", |
fatal("%s: buffer error: %s", |
__func__, ssh_err(r)); |
__func__, ssh_err(r)); |
free(blob); |
free(blob); |
add_key(keys[i], name); |
add_key(keys[i], name, labels[i]); |
|
free(labels[i]); |
} |
} |
} else { |
} else { |
if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) |
if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) |
|
|
if ((r = sshbuf_put_u32(msg, -nkeys)) != 0) |
if ((r = sshbuf_put_u32(msg, -nkeys)) != 0) |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
} |
} |
free(keys); |
free(labels); |
|
free(keys); /* keys themselves are transferred to pkcs11_keylist */ |
free(pin); |
free(pin); |
free(name); |
free(name); |
send_msg(msg); |
send_msg(msg); |