diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-11-12 22:36:44 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-13 10:15:47 +1100 |
commit | e44bb61824e36d0d181a08489c16c378c486a974 (patch) | |
tree | 5993043d43eb51fe1f33d95466e01dc7bee751e2 /ssh-keygen.c | |
parent | 4671211068441519011ac0e38c588317f4157ba1 (diff) |
upstream: security keys typically need to be tapped/touched in
order to perform a signature operation. Notify the user when this is expected
via the TTY (if available) or $SSH_ASKPASS if we can.
ok markus@
OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 7b8dce7d8..46d642e17 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.362 2019/11/12 19:33:08 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.363 2019/11/12 22:36:44 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -2506,8 +2506,7 @@ sign_one(struct sshkey *signkey, const char *filename, int fd, | |||
2506 | { | 2506 | { |
2507 | struct sshbuf *sigbuf = NULL, *abuf = NULL; | 2507 | struct sshbuf *sigbuf = NULL, *abuf = NULL; |
2508 | int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno; | 2508 | int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno; |
2509 | char *wfile = NULL; | 2509 | char *wfile = NULL, *asig = NULL, *fp = NULL; |
2510 | char *asig = NULL; | ||
2511 | 2510 | ||
2512 | if (!quiet) { | 2511 | if (!quiet) { |
2513 | if (fd == STDIN_FILENO) | 2512 | if (fd == STDIN_FILENO) |
@@ -2515,6 +2514,15 @@ sign_one(struct sshkey *signkey, const char *filename, int fd, | |||
2515 | else | 2514 | else |
2516 | fprintf(stderr, "Signing file %s\n", filename); | 2515 | fprintf(stderr, "Signing file %s\n", filename); |
2517 | } | 2516 | } |
2517 | if (signer == NULL && sshkey_is_sk(signkey) && | ||
2518 | (signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { | ||
2519 | if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, | ||
2520 | SSH_FP_DEFAULT)) == NULL) | ||
2521 | fatal("%s: sshkey_fingerprint failed", __func__); | ||
2522 | fprintf(stderr, "Confirm user presence for key %s %s\n", | ||
2523 | sshkey_type(signkey), fp); | ||
2524 | free(fp); | ||
2525 | } | ||
2518 | if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, | 2526 | if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, |
2519 | &sigbuf, signer, signer_ctx)) != 0) { | 2527 | &sigbuf, signer, signer_ctx)) != 0) { |
2520 | error("Signing %s failed: %s", filename, ssh_err(r)); | 2528 | error("Signing %s failed: %s", filename, ssh_err(r)); |