version 1.22, 2019/12/30 09:24:03 |
version 1.23, 2019/12/30 09:24:45 |
|
|
return r; |
return r; |
} |
} |
|
|
|
static int |
|
skerr_to_ssherr(int skerr) |
|
{ |
|
switch (skerr) { |
|
case SSH_SK_ERR_UNSUPPORTED: |
|
return SSH_ERR_FEATURE_UNSUPPORTED; |
|
case SSH_SK_ERR_PIN_REQUIRED: |
|
return SSH_ERR_KEY_WRONG_PASSPHRASE; |
|
case SSH_SK_ERR_GENERAL: |
|
default: |
|
return SSH_ERR_INVALID_FORMAT; |
|
} |
|
} |
|
|
int |
int |
sshsk_enroll(int type, const char *provider_path, const char *application, |
sshsk_enroll(int type, const char *provider_path, const char *application, |
uint8_t flags, const char *pin, struct sshbuf *challenge_buf, |
uint8_t flags, const char *pin, struct sshbuf *challenge_buf, |
|
|
flags, pin, &resp)) != 0) { |
flags, pin, &resp)) != 0) { |
error("Security key provider \"%s\" returned failure %d", |
error("Security key provider \"%s\" returned failure %d", |
provider_path, r); |
provider_path, r); |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
r = skerr_to_ssherr(r); |
goto out; |
goto out; |
} |
} |
|
|
|
|
sshbuf_ptr(key->sk_key_handle), sshbuf_len(key->sk_key_handle), |
sshbuf_ptr(key->sk_key_handle), sshbuf_len(key->sk_key_handle), |
key->sk_flags, pin, &resp)) != 0) { |
key->sk_flags, pin, &resp)) != 0) { |
debug("%s: sk_sign failed with code %d", __func__, r); |
debug("%s: sk_sign failed with code %d", __func__, r); |
|
r = skerr_to_ssherr(r); |
goto out; |
goto out; |
} |
} |
/* Assemble signature */ |
/* Assemble signature */ |
|
|
if ((r = skp->sk_load_resident_keys(pin, &rks, &nrks)) != 0) { |
if ((r = skp->sk_load_resident_keys(pin, &rks, &nrks)) != 0) { |
error("Security key provider \"%s\" returned failure %d", |
error("Security key provider \"%s\" returned failure %d", |
provider_path, r); |
provider_path, r); |
r = SSH_ERR_INVALID_FORMAT; /* XXX error codes in API? */ |
r = skerr_to_ssherr(r); |
goto out; |
goto out; |
} |
} |
for (i = 0; i < nrks; i++) { |
for (i = 0; i < nrks; i++) { |