version 1.21, 2019/12/30 09:23:28 |
version 1.22, 2019/12/30 09:24:03 |
|
|
return ret; |
return ret; |
} |
} |
if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) { |
if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) { |
error("Security key provider %s dlopen failed: %s", |
error("Security key provider \"%s\" dlopen failed: %s", |
path, dlerror()); |
path, dlerror()); |
goto fail; |
goto fail; |
} |
} |
if ((ret->sk_api_version = dlsym(ret->dlhandle, |
if ((ret->sk_api_version = dlsym(ret->dlhandle, |
"sk_api_version")) == NULL) { |
"sk_api_version")) == NULL) { |
error("Security key provider %s dlsym(sk_api_version) " |
error("Security key provider \"%s\" dlsym(sk_api_version) " |
"failed: %s", path, dlerror()); |
"failed: %s", path, dlerror()); |
goto fail; |
goto fail; |
} |
} |
|
|
debug("%s: provider %s implements version 0x%08lx", __func__, |
debug("%s: provider %s implements version 0x%08lx", __func__, |
ret->path, (u_long)version); |
ret->path, (u_long)version); |
if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) { |
if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) { |
error("Security key provider %s implements unsupported version " |
error("Security key provider \"%s\" implements unsupported " |
"0x%08lx (supported: 0x%08lx)", path, (u_long)version, |
"version 0x%08lx (supported: 0x%08lx)", |
(u_long)SSH_SK_VERSION_MAJOR); |
path, (u_long)version, (u_long)SSH_SK_VERSION_MAJOR); |
goto fail; |
goto fail; |
} |
} |
if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) { |
if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) { |
|
|
goto fail; |
goto fail; |
} |
} |
if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) { |
if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) { |
error("Security key provider %s dlsym(sk_sign) failed: %s", |
error("Security key provider \"%s\" dlsym(sk_sign) failed: %s", |
path, dlerror()); |
path, dlerror()); |
goto fail; |
goto fail; |
} |
} |
if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle, |
if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle, |
"sk_load_resident_keys")) == NULL) { |
"sk_load_resident_keys")) == NULL) { |
error("Security key provider %s dlsym(sk_load_resident_keys) " |
error("Security key provider \"%s\" " |
"failed: %s", path, dlerror()); |
"dlsym(sk_load_resident_keys) failed: %s", path, dlerror()); |
goto fail; |
goto fail; |
} |
} |
/* success */ |
/* success */ |
|
|
/* enroll key */ |
/* enroll key */ |
if ((r = skp->sk_enroll(alg, challenge, challenge_len, application, |
if ((r = skp->sk_enroll(alg, challenge, challenge_len, application, |
flags, pin, &resp)) != 0) { |
flags, pin, &resp)) != 0) { |
error("Security key provider %s returned failure %d", |
error("Security key provider \"%s\" returned failure %d", |
provider_path, r); |
provider_path, r); |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
goto out; |
goto out; |
|
|
goto out; |
goto out; |
} |
} |
if ((r = skp->sk_load_resident_keys(pin, &rks, &nrks)) != 0) { |
if ((r = skp->sk_load_resident_keys(pin, &rks, &nrks)) != 0) { |
error("Security key provider %s returned failure %d", |
error("Security key provider \"%s\" returned failure %d", |
provider_path, r); |
provider_path, r); |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
goto out; |
goto out; |