version 1.11, 2020/10/18 11:32:02 |
version 1.12, 2021/10/28 02:54:18 |
|
|
int r; |
int r; |
char *provider, *pin, *device; |
char *provider, *pin, *device; |
struct sshbuf *kbuf, *resp; |
struct sshbuf *kbuf, *resp; |
struct sshkey **keys = NULL; |
struct sshsk_resident_key **srks = NULL; |
size_t nkeys = 0, i; |
size_t nsrks = 0, i; |
|
u_int flags; |
|
|
if ((kbuf = sshbuf_new()) == NULL) |
if ((kbuf = sshbuf_new()) == NULL) |
fatal("%s: sshbuf_new failed", __progname); |
fatal("%s: sshbuf_new failed", __progname); |
|
|
if ((r = sshbuf_get_cstring(req, &provider, NULL)) != 0 || |
if ((r = sshbuf_get_cstring(req, &provider, NULL)) != 0 || |
(r = sshbuf_get_cstring(req, &device, NULL)) != 0 || |
(r = sshbuf_get_cstring(req, &device, NULL)) != 0 || |
(r = sshbuf_get_cstring(req, &pin, NULL)) != 0) |
(r = sshbuf_get_cstring(req, &pin, NULL)) != 0 || |
|
(r = sshbuf_get_u32(req, &flags)) != 0) |
fatal_r(r, "%s: parse", __progname); |
fatal_r(r, "%s: parse", __progname); |
if (sshbuf_len(req) != 0) |
if (sshbuf_len(req) != 0) |
fatal("%s: trailing data in request", __progname); |
fatal("%s: trailing data in request", __progname); |
|
|
null_empty(&device); |
null_empty(&device); |
null_empty(&pin); |
null_empty(&pin); |
|
|
if ((r = sshsk_load_resident(provider, device, pin, |
if ((r = sshsk_load_resident(provider, device, pin, flags, |
&keys, &nkeys)) != 0) { |
&srks, &nsrks)) != 0) { |
resp = reply_error(r, " sshsk_load_resident failed: %s", |
resp = reply_error(r, "sshsk_load_resident failed: %s", |
ssh_err(r)); |
ssh_err(r)); |
goto out; |
goto out; |
} |
} |
|
|
if ((r = sshbuf_put_u32(resp, SSH_SK_HELPER_LOAD_RESIDENT)) != 0) |
if ((r = sshbuf_put_u32(resp, SSH_SK_HELPER_LOAD_RESIDENT)) != 0) |
fatal_r(r, "%s: compose", __progname); |
fatal_r(r, "%s: compose", __progname); |
|
|
for (i = 0; i < nkeys; i++) { |
for (i = 0; i < nsrks; i++) { |
debug_f("key %zu %s %s", i, sshkey_type(keys[i]), |
debug_f("key %zu %s %s uidlen %zu", i, |
keys[i]->sk_application); |
sshkey_type(srks[i]->key), srks[i]->key->sk_application, |
|
srks[i]->user_id_len); |
sshbuf_reset(kbuf); |
sshbuf_reset(kbuf); |
if ((r = sshkey_private_serialize(keys[i], kbuf)) != 0) |
if ((r = sshkey_private_serialize(srks[i]->key, kbuf)) != 0) |
fatal_r(r, "%s: encode key", __progname); |
fatal_r(r, "%s: encode key", __progname); |
if ((r = sshbuf_put_stringb(resp, kbuf)) != 0 || |
if ((r = sshbuf_put_stringb(resp, kbuf)) != 0 || |
(r = sshbuf_put_cstring(resp, "")) != 0) /* comment */ |
(r = sshbuf_put_cstring(resp, "")) != 0 || /* comment */ |
|
(r = sshbuf_put_string(resp, srks[i]->user_id, |
|
srks[i]->user_id_len)) != 0) |
fatal_r(r, "%s: compose key", __progname); |
fatal_r(r, "%s: compose key", __progname); |
} |
} |
|
|
out: |
out: |
for (i = 0; i < nkeys; i++) |
sshsk_free_resident_keys(srks, nsrks); |
sshkey_free(keys[i]); |
|
free(keys); |
|
sshbuf_free(kbuf); |
sshbuf_free(kbuf); |
free(provider); |
free(provider); |
if (pin != NULL) |
if (pin != NULL) |