diff options
author | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-03-08 11:51:22 +0000 |
commit | 46961f5704f8e86cea3e99253faad55aef4d8f35 (patch) | |
tree | 0dd97fa4fb649a62b4639fe2674380872b1f3e98 /authfd.c | |
parent | c753fe267efb1b027424fa8706cf0385fc3d14c1 (diff) | |
parent | 85e40e87a75fb80a0bf893ac05a417d6c353537d (diff) |
New upstream release (7.2).
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 20 |
1 files changed, 17 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.98 2015/07/03 03:43:18 djm Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -426,11 +426,24 @@ ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge, | |||
426 | } | 426 | } |
427 | #endif | 427 | #endif |
428 | 428 | ||
429 | /* encode signature algoritm in flag bits, so we can keep the msg format */ | ||
430 | static u_int | ||
431 | agent_encode_alg(struct sshkey *key, const char *alg) | ||
432 | { | ||
433 | if (alg != NULL && key->type == KEY_RSA) { | ||
434 | if (strcmp(alg, "rsa-sha2-256") == 0) | ||
435 | return SSH_AGENT_RSA_SHA2_256; | ||
436 | else if (strcmp(alg, "rsa-sha2-512") == 0) | ||
437 | return SSH_AGENT_RSA_SHA2_512; | ||
438 | } | ||
439 | return 0; | ||
440 | } | ||
441 | |||
429 | /* ask agent to sign data, returns err.h code on error, 0 on success */ | 442 | /* ask agent to sign data, returns err.h code on error, 0 on success */ |
430 | int | 443 | int |
431 | ssh_agent_sign(int sock, struct sshkey *key, | 444 | ssh_agent_sign(int sock, struct sshkey *key, |
432 | u_char **sigp, size_t *lenp, | 445 | u_char **sigp, size_t *lenp, |
433 | const u_char *data, size_t datalen, u_int compat) | 446 | const u_char *data, size_t datalen, const char *alg, u_int compat) |
434 | { | 447 | { |
435 | struct sshbuf *msg; | 448 | struct sshbuf *msg; |
436 | u_char *blob = NULL, type; | 449 | u_char *blob = NULL, type; |
@@ -449,12 +462,13 @@ ssh_agent_sign(int sock, struct sshkey *key, | |||
449 | return SSH_ERR_ALLOC_FAIL; | 462 | return SSH_ERR_ALLOC_FAIL; |
450 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) | 463 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) |
451 | goto out; | 464 | goto out; |
465 | flags |= agent_encode_alg(key, alg); | ||
452 | if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || | 466 | if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || |
453 | (r = sshbuf_put_string(msg, blob, blen)) != 0 || | 467 | (r = sshbuf_put_string(msg, blob, blen)) != 0 || |
454 | (r = sshbuf_put_string(msg, data, datalen)) != 0 || | 468 | (r = sshbuf_put_string(msg, data, datalen)) != 0 || |
455 | (r = sshbuf_put_u32(msg, flags)) != 0) | 469 | (r = sshbuf_put_u32(msg, flags)) != 0) |
456 | goto out; | 470 | goto out; |
457 | if ((r = ssh_request_reply(sock, msg, msg) != 0)) | 471 | if ((r = ssh_request_reply(sock, msg, msg)) != 0) |
458 | goto out; | 472 | goto out; |
459 | if ((r = sshbuf_get_u8(msg, &type)) != 0) | 473 | if ((r = sshbuf_get_u8(msg, &type)) != 0) |
460 | goto out; | 474 | goto out; |