tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-29 08:44:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: adapt dummy FIDO middleware to API change; ok markus@

Browse Source 
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
This commit is contained in:
djm@openbsd.org 2020-04-28 04:59:29 +00:00 committed by Damien Miller
parent 261571ddf0
commit a01817a9f6
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
regress/misc/sk-dummy/sk-dummy.c
View File

@ -47,7 +47,7 @@
} while (0) } while (0)
#endif #endif
#if SSH_SK_VERSION_MAJOR != 0x00040000 #if SSH_SK_VERSION_MAJOR != 0x00050000
# error SK API has changed, sk-dummy.c needs an update # error SK API has changed, sk-dummy.c needs an update
#endif #endif
@ -468,13 +468,15 @@ sig_ed25519(const uint8_t *message, size_t message_len,
} }
int int
sk_sign(uint32_t alg, const uint8_t *message, size_t message_len, sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
const char *application, const uint8_t *key_handle, size_t key_handle_len, const char *application, const uint8_t *key_handle, size_t key_handle_len,
uint8_t flags, const char *pin, struct sk_option **options, uint8_t flags, const char *pin, struct sk_option **options,
struct sk_sign_response **sign_response) struct sk_sign_response **sign_response)
{ {
struct sk_sign_response *response = NULL; struct sk_sign_response *response = NULL;
int ret = SSH_SK_ERR_GENERAL; int ret = SSH_SK_ERR_GENERAL;
SHA256_CTX ctx;
uint8_t message[32];
if (sign_response == NULL) { if (sign_response == NULL) {
skdebug(__func__, "sign_response == NULL"); skdebug(__func__, "sign_response == NULL");
@ -487,17 +489,20 @@ sk_sign(uint32_t alg, const uint8_t *message, size_t message_len,
skdebug(__func__, "calloc response failed"); skdebug(__func__, "calloc response failed");
goto out; goto out;
} }
SHA256_Init(&ctx);
SHA256_Update(&ctx, data, datalen);
SHA256_Final(message, &ctx);
response->flags = flags; response->flags = flags;
response->counter = 0x12345678; response->counter = 0x12345678;
switch(alg) { switch(alg) {
case SSH_SK_ECDSA: case SSH_SK_ECDSA:
if (sig_ecdsa(message, message_len, application, if (sig_ecdsa(message, sizeof(message), application,
response->counter, flags, key_handle, key_handle_len, response->counter, flags, key_handle, key_handle_len,
response) != 0) response) != 0)
goto out; goto out;
break; break;
case SSH_SK_ED25519: case SSH_SK_ED25519:
if (sig_ed25519(message, message_len, application, if (sig_ed25519(message, sizeof(message), application,
response->counter, flags, key_handle, key_handle_len, response->counter, flags, key_handle, key_handle_len,
response) != 0) response) != 0)
goto out; goto out;
@ -510,6 +515,7 @@ sk_sign(uint32_t alg, const uint8_t *message, size_t message_len,
response = NULL; response = NULL;
ret = 0; ret = 0;
out: out:
explicit_bzero(message, sizeof(message));
if (response != NULL) { if (response != NULL) {
free(response->sig_r); free(response->sig_r);
free(response->sig_s); free(response->sig_s);