diff options
| author | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
| commit | 8668706d0f52654fe64c0ca41a96113aeab8d2b8 (patch) | |
| tree | 73e78e1ea3d39206e39870bbe0af17d6c430fb51 /ssh-pkcs11-helper.c | |
| parent | 2cd7929250cf9e9f658d70dcd452f529ba08c942 (diff) | |
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
Diffstat (limited to 'ssh-pkcs11-helper.c')
| -rw-r--r-- | ssh-pkcs11-helper.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index b7c52beb8..0b1d8e4cc 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.7 2013/12/02 02:56:17 djm Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.8 2014/06/24 01:13:21 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -169,7 +169,7 @@ process_sign(void) | |||
| 169 | { | 169 | { |
| 170 | u_char *blob, *data, *signature = NULL; | 170 | u_char *blob, *data, *signature = NULL; |
| 171 | u_int blen, dlen, slen = 0; | 171 | u_int blen, dlen, slen = 0; |
| 172 | int ok = -1, ret; | 172 | int ok = -1; |
| 173 | Key *key, *found; | 173 | Key *key, *found; |
| 174 | Buffer msg; | 174 | Buffer msg; |
| 175 | 175 | ||
| @@ -179,6 +179,9 @@ process_sign(void) | |||
| 179 | 179 | ||
| 180 | if ((key = key_from_blob(blob, blen)) != NULL) { | 180 | if ((key = key_from_blob(blob, blen)) != NULL) { |
| 181 | if ((found = lookup_key(key)) != NULL) { | 181 | if ((found = lookup_key(key)) != NULL) { |
| 182 | #ifdef WITH_OPENSSL | ||
| 183 | int ret; | ||
| 184 | |||
| 182 | slen = RSA_size(key->rsa); | 185 | slen = RSA_size(key->rsa); |
| 183 | signature = xmalloc(slen); | 186 | signature = xmalloc(slen); |
| 184 | if ((ret = RSA_private_encrypt(dlen, data, signature, | 187 | if ((ret = RSA_private_encrypt(dlen, data, signature, |
| @@ -186,6 +189,7 @@ process_sign(void) | |||
| 186 | slen = ret; | 189 | slen = ret; |
| 187 | ok = 0; | 190 | ok = 0; |
| 188 | } | 191 | } |
| 192 | #endif /* WITH_OPENSSL */ | ||
| 189 | } | 193 | } |
| 190 | key_free(key); | 194 | key_free(key); |
| 191 | } | 195 | } |