src/usr.bin/ssh/ssh-sk-client.c - diff

Return to ssh-sk-client.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-sk-client.c between version 1.2 and 1.3

version 1.2, 2019/12/30 09:21:59

version 1.3, 2019/12/30 09:23:28

Line 19

#include <sys/socket.h>

#include <sys/wait.h>

#include <limits.h>

#include <errno.h>

#include <signal.h>

#include <stdarg.h>

Line 126

Line 127

}

static int

client_converse(struct sshbuf *req, struct sshbuf **respp)

client_converse(struct sshbuf *req, struct sshbuf **respp, u_int msg)

{

int oerrno, fd, r2, r = SSH_ERR_INTERNAL_ERROR;

u_int rmsg, rerr;

pid_t pid;

u_char version;

void (*osigchld)(int);

struct sshbuf *resp = NULL;

*respp = NULL;

if ((r = start_helper(&fd, &pid, &osigchld)) != 0)

Line 162

Line 163

r = SSH_ERR_INVALID_FORMAT;

goto out;

}

if ((r = sshbuf_get_u32(resp, &rmsg)) != 0) {

error("%s: parse message type: %s", __func__, ssh_err(r));

goto out;

}

if (rmsg == SSH_SK_HELPER_ERROR) {

if ((r = sshbuf_get_u32(resp, &rerr)) != 0) {

error("%s: parse error: %s", __func__, ssh_err(r));

goto out;

}

debug("%s: helper returned error -%u", __func__, rerr);

/* OpenSSH error values are negative; encoded as -err on wire */

if (rerr == 0 || rerr >= INT_MAX)

r = SSH_ERR_INTERNAL_ERROR;

else

r = -(int)rerr;

goto out;

} else if (rmsg != msg) {

error("%s: helper returned incorrect message type %u, "

"expecting %u", __func__, rmsg, msg);

r = SSH_ERR_INTERNAL_ERROR;

goto out;

}

/* success */

r = 0;

out:

Line 187

Line 210

int

sshsk_sign(const char *provider, struct sshkey *key,

u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,

u_int compat)

u_int compat, const char *pin)

{

int oerrno, r = SSH_ERR_INTERNAL_ERROR;

char *fp = NULL;

Line 211

Line 234

(r = sshbuf_put_cstring(req, provider)) != 0 ||

(r = sshbuf_put_string(req, data, datalen)) != 0 ||

(r = sshbuf_put_cstring(req, NULL)) != 0 || /* alg */

(r = sshbuf_put_u32(req, compat)) != 0) {

(r = sshbuf_put_u32(req, compat)) != 0 ||

(r = sshbuf_put_cstring(req, pin)) != 0) {

error("%s: compose: %s", __func__, ssh_err(r));

goto out;

}

Line 222

Line 246

r = SSH_ERR_ALLOC_FAIL;

goto out;

}

if ((r = client_converse(req, &resp)) != 0)

if ((r = client_converse(req, &resp, SSH_SK_HELPER_SIGN)) != 0)

goto out;

if ((r = sshbuf_get_string(resp, sigp, lenp)) != 0) {

Line 253

Line 277

int

sshsk_enroll(int type, const char *provider_path, const char *application,

uint8_t flags, struct sshbuf *challenge_buf, struct sshkey **keyp,

uint8_t flags, const char *pin, struct sshbuf *challenge_buf,

struct sshbuf *attest)

struct sshkey **keyp, struct sshbuf *attest)

{

int oerrno, r = SSH_ERR_INTERNAL_ERROR;

struct sshbuf *kbuf = NULL, *abuf = NULL, *req = NULL, *resp = NULL;

Line 279

Line 303

(r = sshbuf_put_cstring(req, provider_path)) != 0 ||

(r = sshbuf_put_cstring(req, application)) != 0 ||

(r = sshbuf_put_u8(req, flags)) != 0 ||

(r = sshbuf_put_cstring(req, pin)) != 0 ||

(r = sshbuf_put_stringb(req, challenge_buf)) != 0) {

error("%s: compose: %s", __func__, ssh_err(r));

goto out;

}

if ((r = client_converse(req, &resp)) != 0)

if ((r = client_converse(req, &resp, SSH_SK_HELPER_ENROLL)) != 0)

goto out;

if ((r = sshbuf_get_stringb(resp, kbuf)) != 0 ||

Line 348

Line 373

goto out;

}

if ((r = client_converse(req, &resp)) != 0)

if ((r = client_converse(req, &resp, SSH_SK_HELPER_LOAD_RESIDENT)) != 0)

goto out;

while (sshbuf_len(resp) != 0) {

Line 368

Line 393

error("%s: recallocarray keys failed", __func__);

goto out;

}

debug("%s: keys[%zu]: %s %s", __func__,

nkeys, sshkey_type(key), key->sk_application);

keys = tmp;

keys[nkeys++] = key;

key = NULL;