diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-11-15 05:37:27 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-15 16:39:31 +1100 |
| commit | c63fba5e3472307167850bbd84187186af7fa9f0 (patch) | |
| tree | baa9ea6a040071c3b3db6d43f9d8256fa1e5772e /ssh-agent.c | |
| parent | d165bb5396e3f718480e6039ca2cf77f5a2c2885 (diff) | |
upstream: unshield security key privkey before attempting signature
in agent. spotted by dtucker@
OpenBSD-Commit-ID: fb67d451665385b8a0a55371231c50aac67b91d2
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index 702dec17d..b1ebe0783 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-agent.c,v 1.245 2019/11/15 04:12:32 djm Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.246 2019/11/15 05:37:27 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -426,7 +426,7 @@ process_sign_request2(SocketEntry *e) | |||
| 426 | u_char *signature = NULL; | 426 | u_char *signature = NULL; |
| 427 | size_t dlen, slen = 0; | 427 | size_t dlen, slen = 0; |
| 428 | u_int compat = 0, flags; | 428 | u_int compat = 0, flags; |
| 429 | int r, ok = -1; | 429 | int was_shielded, r, r2, ok = -1; |
| 430 | struct sshbuf *msg; | 430 | struct sshbuf *msg; |
| 431 | struct sshkey *key = NULL; | 431 | struct sshkey *key = NULL; |
| 432 | struct identity *id; | 432 | struct identity *id; |
| @@ -449,9 +449,21 @@ process_sign_request2(SocketEntry *e) | |||
| 449 | goto send; | 449 | goto send; |
| 450 | } | 450 | } |
| 451 | if (id->sk_provider != NULL) { | 451 | if (id->sk_provider != NULL) { |
| 452 | if ((r = provider_sign(id->sk_provider, id->key, &signature, | 452 | was_shielded = sshkey_is_shielded(id->key); |
| 453 | if ((r = sshkey_unshield_private(id->key)) != 0) { | ||
| 454 | error("%s: unshield: %s", __func__, ssh_err(r)); | ||
| 455 | goto send; | ||
| 456 | } | ||
| 457 | r = provider_sign(id->sk_provider, id->key, &signature, | ||
| 453 | &slen, data, dlen, agent_decode_alg(key, flags), | 458 | &slen, data, dlen, agent_decode_alg(key, flags), |
| 454 | compat)) != 0) { | 459 | compat); |
| 460 | if (was_shielded && | ||
| 461 | (r2 = sshkey_shield_private(id->key)) != 0) { | ||
| 462 | error("%s: shield: %s", __func__, ssh_err(r)); | ||
| 463 | r = r2; | ||
| 464 | goto send; | ||
| 465 | } | ||
| 466 | if (r != 0) { | ||
| 455 | error("%s: sign: %s", __func__, ssh_err(r)); | 467 | error("%s: sign: %s", __func__, ssh_err(r)); |
| 456 | goto send; | 468 | goto send; |
| 457 | } | 469 | } |