summaryrefslogtreecommitdiff
path: root/authfd.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2016-02-29 12:15:15 +0000
committerColin Watson <cjwatson@debian.org>2016-03-08 11:51:22 +0000
commit46961f5704f8e86cea3e99253faad55aef4d8f35 (patch)
tree0dd97fa4fb649a62b4639fe2674380872b1f3e98 /authfd.c
parentc753fe267efb1b027424fa8706cf0385fc3d14c1 (diff)
parent85e40e87a75fb80a0bf893ac05a417d6c353537d (diff)
New upstream release (7.2).
Diffstat (limited to 'authfd.c')
-rw-r--r--authfd.c20
1 files changed, 17 insertions, 3 deletions
diff --git a/authfd.c b/authfd.c
index eaa142648..a634bcb81 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.98 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -426,11 +426,24 @@ ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge,
426} 426}
427#endif 427#endif
428 428
429/* encode signature algoritm in flag bits, so we can keep the msg format */
430static u_int
431agent_encode_alg(struct sshkey *key, const char *alg)
432{
433 if (alg != NULL && key->type == KEY_RSA) {
434 if (strcmp(alg, "rsa-sha2-256") == 0)
435 return SSH_AGENT_RSA_SHA2_256;
436 else if (strcmp(alg, "rsa-sha2-512") == 0)
437 return SSH_AGENT_RSA_SHA2_512;
438 }
439 return 0;
440}
441
429/* ask agent to sign data, returns err.h code on error, 0 on success */ 442/* ask agent to sign data, returns err.h code on error, 0 on success */
430int 443int
431ssh_agent_sign(int sock, struct sshkey *key, 444ssh_agent_sign(int sock, struct sshkey *key,
432 u_char **sigp, size_t *lenp, 445 u_char **sigp, size_t *lenp,
433 const u_char *data, size_t datalen, u_int compat) 446 const u_char *data, size_t datalen, const char *alg, u_int compat)
434{ 447{
435 struct sshbuf *msg; 448 struct sshbuf *msg;
436 u_char *blob = NULL, type; 449 u_char *blob = NULL, type;
@@ -449,12 +462,13 @@ ssh_agent_sign(int sock, struct sshkey *key,
449 return SSH_ERR_ALLOC_FAIL; 462 return SSH_ERR_ALLOC_FAIL;
450 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) 463 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
451 goto out; 464 goto out;
465 flags |= agent_encode_alg(key, alg);
452 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || 466 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
453 (r = sshbuf_put_string(msg, blob, blen)) != 0 || 467 (r = sshbuf_put_string(msg, blob, blen)) != 0 ||
454 (r = sshbuf_put_string(msg, data, datalen)) != 0 || 468 (r = sshbuf_put_string(msg, data, datalen)) != 0 ||
455 (r = sshbuf_put_u32(msg, flags)) != 0) 469 (r = sshbuf_put_u32(msg, flags)) != 0)
456 goto out; 470 goto out;
457 if ((r = ssh_request_reply(sock, msg, msg) != 0)) 471 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
458 goto out; 472 goto out;
459 if ((r = sshbuf_get_u8(msg, &type)) != 0) 473 if ((r = sshbuf_get_u8(msg, &type)) != 0)
460 goto out; 474 goto out;