diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-01-15 09:40:00 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-01-15 21:39:14 +1100 |
| commit | 1129dcfc5a3e508635004bcc05a3574cb7687167 (patch) | |
| tree | 7cd4eaa0c3a62f5b20f1f347a5081a4d160260b2 /ssh-pkcs11.c | |
| parent | e4ebf5586452bf512da662ac277aaf6ecf0efe7c (diff) | |
upstream commit
sync ssh-keysign, ssh-keygen and some dependencies to the
new buffer/key API; mostly mechanical, ok markus@
Diffstat (limited to 'ssh-pkcs11.c')
| -rw-r--r-- | ssh-pkcs11.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c96be3bd2..e91df8bb1 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.14 2014/06/24 01:13:21 djm Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.15 2015/01/15 09:40:00 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -38,7 +38,7 @@ | |||
| 38 | 38 | ||
| 39 | #include "log.h" | 39 | #include "log.h" |
| 40 | #include "misc.h" | 40 | #include "misc.h" |
| 41 | #include "key.h" | 41 | #include "sshkey.h" |
| 42 | #include "ssh-pkcs11.h" | 42 | #include "ssh-pkcs11.h" |
| 43 | #include "xmalloc.h" | 43 | #include "xmalloc.h" |
| 44 | 44 | ||
| @@ -385,12 +385,12 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) | |||
| 385 | * keysp points to an (possibly empty) array with *nkeys keys. | 385 | * keysp points to an (possibly empty) array with *nkeys keys. |
| 386 | */ | 386 | */ |
| 387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, | 387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, |
| 388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) | 388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], struct sshkey ***, int *) |
| 389 | __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); | 389 | __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); |
| 390 | 390 | ||
| 391 | static int | 391 | static int |
| 392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | 392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, |
| 393 | Key ***keysp, int *nkeys) | 393 | struct sshkey ***keysp, int *nkeys) |
| 394 | { | 394 | { |
| 395 | CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; | 395 | CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; |
| 396 | CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; | 396 | CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; |
| @@ -422,12 +422,12 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | |||
| 422 | } | 422 | } |
| 423 | 423 | ||
| 424 | static int | 424 | static int |
| 425 | pkcs11_key_included(Key ***keysp, int *nkeys, Key *key) | 425 | pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key) |
| 426 | { | 426 | { |
| 427 | int i; | 427 | int i; |
| 428 | 428 | ||
| 429 | for (i = 0; i < *nkeys; i++) | 429 | for (i = 0; i < *nkeys; i++) |
| 430 | if (key_equal(key, (*keysp)[i])) | 430 | if (sshkey_equal(key, (*keysp)[i])) |
| 431 | return (1); | 431 | return (1); |
| 432 | return (0); | 432 | return (0); |
| 433 | } | 433 | } |
| @@ -435,9 +435,9 @@ pkcs11_key_included(Key ***keysp, int *nkeys, Key *key) | |||
| 435 | static int | 435 | static int |
| 436 | pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, | 436 | pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, |
| 437 | CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3], | 437 | CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3], |
| 438 | Key ***keysp, int *nkeys) | 438 | struct sshkey ***keysp, int *nkeys) |
| 439 | { | 439 | { |
| 440 | Key *key; | 440 | struct sshkey *key; |
| 441 | RSA *rsa; | 441 | RSA *rsa; |
| 442 | X509 *x509; | 442 | X509 *x509; |
| 443 | EVP_PKEY *evp; | 443 | EVP_PKEY *evp; |
| @@ -517,16 +517,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, | |||
| 517 | } | 517 | } |
| 518 | if (rsa && rsa->n && rsa->e && | 518 | if (rsa && rsa->n && rsa->e && |
| 519 | pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { | 519 | pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { |
| 520 | key = key_new(KEY_UNSPEC); | 520 | key = sshkey_new(KEY_UNSPEC); |
| 521 | key->rsa = rsa; | 521 | key->rsa = rsa; |
| 522 | key->type = KEY_RSA; | 522 | key->type = KEY_RSA; |
| 523 | key->flags |= SSHKEY_FLAG_EXT; | 523 | key->flags |= SSHKEY_FLAG_EXT; |
| 524 | if (pkcs11_key_included(keysp, nkeys, key)) { | 524 | if (pkcs11_key_included(keysp, nkeys, key)) { |
| 525 | key_free(key); | 525 | sshkey_free(key); |
| 526 | } else { | 526 | } else { |
| 527 | /* expand key array and add key */ | 527 | /* expand key array and add key */ |
| 528 | *keysp = xrealloc(*keysp, *nkeys + 1, | 528 | *keysp = xrealloc(*keysp, *nkeys + 1, |
| 529 | sizeof(Key *)); | 529 | sizeof(struct sshkey *)); |
| 530 | (*keysp)[*nkeys] = key; | 530 | (*keysp)[*nkeys] = key; |
| 531 | *nkeys = *nkeys + 1; | 531 | *nkeys = *nkeys + 1; |
| 532 | debug("have %d keys", *nkeys); | 532 | debug("have %d keys", *nkeys); |
| @@ -544,7 +544,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, | |||
| 544 | 544 | ||
| 545 | /* register a new provider, fails if provider already exists */ | 545 | /* register a new provider, fails if provider already exists */ |
| 546 | int | 546 | int |
| 547 | pkcs11_add_provider(char *provider_id, char *pin, Key ***keyp) | 547 | pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) |
| 548 | { | 548 | { |
| 549 | int nkeys, need_finalize = 0; | 549 | int nkeys, need_finalize = 0; |
| 550 | struct pkcs11_provider *p = NULL; | 550 | struct pkcs11_provider *p = NULL; |