tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-26 23:34:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: implement recent SK API change to support resident keys

Browse Source 
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@

OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
This commit is contained in:
djm@openbsd.org 2020-01-03 02:46:19 +00:00 committed by Damien Miller
parent 86834fe6b5
commit 680eb7749a
1 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
regress/misc/sk-dummy/sk-dummy.c
View File

@ -44,7 +44,7 @@
} while (0) } while (0)
#endif #endif
#define SK_VERSION_MAJOR 0x00020000 /* current API version */ #define SK_VERSION_MAJOR 0x00030000 /* current API version */
/* Flags */ /* Flags */
#define SK_USER_PRESENCE_REQD 0x01 #define SK_USER_PRESENCE_REQD 0x01
@ -53,6 +53,11 @@
#define SK_ECDSA 0x00 #define SK_ECDSA 0x00
#define SK_ED25519 0x01 #define SK_ED25519 0x01
/* Error codes */
#define SSH_SK_ERR_GENERAL -1
#define SSH_SK_ERR_UNSUPPORTED -2
#define SSH_SK_ERR_PIN_REQUIRED -3
struct sk_enroll_response { struct sk_enroll_response {
uint8_t *public_key; uint8_t *public_key;
size_t public_key_len; size_t public_key_len;
@ -73,18 +78,29 @@ struct sk_sign_response {
size_t sig_s_len; size_t sig_s_len;
}; };
struct sk_resident_key {
uint8_t alg;
size_t slot;
char *application;
struct sk_enroll_response key;
};
/* Return the version of the middleware API */ /* Return the version of the middleware API */
uint32_t sk_api_version(void); uint32_t sk_api_version(void);
/* Enroll a U2F key (private key generation) */ /* Enroll a U2F key (private key generation) */
int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len,
const char *application, uint8_t flags, const char *application, uint8_t flags, const char *pin,
struct sk_enroll_response **enroll_response); struct sk_enroll_response **enroll_response);
/* Sign a challenge */ /* Sign a challenge */
int sk_sign(int alg, const uint8_t *message, size_t message_len, int sk_sign(int alg, const uint8_t *message, size_t message_len,
const char *application, const uint8_t *key_handle, size_t key_handle_len, const char *application, const uint8_t *key_handle, size_t key_handle_len,
uint8_t flags, struct sk_sign_response **sign_response); uint8_t flags, const char *pin, struct sk_sign_response **sign_response);
/* Enumerate all resident keys */
int sk_load_resident_keys(const char *pin,
struct sk_resident_key ***rks, size_t *nrks);
static void skdebug(const char *func, const char *fmt, ...) static void skdebug(const char *func, const char *fmt, ...)
__attribute__((__format__ (printf, 2, 3))); __attribute__((__format__ (printf, 2, 3)));
@ -239,7 +255,7 @@ pack_key_ed25519(struct sk_enroll_response *response)
int int
sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len,
const char *application, uint8_t flags, const char *application, uint8_t flags, const char *pin,
struct sk_enroll_response **enroll_response) struct sk_enroll_response **enroll_response)
{ {
struct sk_enroll_response *response = NULL; struct sk_enroll_response *response = NULL;
@ -486,7 +502,7 @@ int
sk_sign(int alg, const uint8_t *message, size_t message_len, sk_sign(int alg, const uint8_t *message, size_t message_len,
const char *application, const char *application,
const uint8_t *key_handle, size_t key_handle_len, const uint8_t *key_handle, size_t key_handle_len,
uint8_t flags, struct sk_sign_response **sign_response) uint8_t flags, const char *pin, struct sk_sign_response **sign_response)
{ {
struct sk_sign_response *response = NULL; struct sk_sign_response *response = NULL;
int ret = -1; int ret = -1;
@ -530,3 +546,10 @@ sk_sign(int alg, const uint8_t *message, size_t message_len,
} }
return ret; return ret;
} }
int
sk_load_resident_keys(const char *pin,
struct sk_resident_key ***rks, size_t *nrks)
{
return SSH_SK_ERR_UNSUPPORTED;
}