diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-11-18 16:08:57 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-20 09:26:59 +1100 |
| commit | 723a5369864b338c48d22854bc2bb4ee5c083deb (patch) | |
| tree | f55fb04a9c29f05bed7eeb9ea881b7ab3b65d1cf /ssh-sk.c | |
| parent | 478f4f98e4e93ae4ed1a8911dec4e5b75ea10f30 (diff) | |
upstream: add the missing WITH_OPENSSL ifdefs after the ED25519-SK
addition; ok djm@
OpenBSD-Commit-ID: a9545e1c273e506cf70e328cbb9d0129b6d62474
Diffstat (limited to 'ssh-sk.c')
| -rw-r--r-- | ssh-sk.c | 16 |
1 files changed, 15 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-sk.c,v 1.14 2019/11/16 23:17:20 djm Exp $ */ | 1 | /* $OpenBSD: ssh-sk.c,v 1.15 2019/11/18 16:08:57 naddy Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019 Google LLC | 3 | * Copyright (c) 2019 Google LLC |
| 4 | * | 4 | * |
| @@ -27,8 +27,10 @@ | |||
| 27 | #include <string.h> | 27 | #include <string.h> |
| 28 | #include <stdio.h> | 28 | #include <stdio.h> |
| 29 | 29 | ||
| 30 | #ifdef WITH_OPENSSL | ||
| 30 | #include <openssl/objects.h> | 31 | #include <openssl/objects.h> |
| 31 | #include <openssl/ec.h> | 32 | #include <openssl/ec.h> |
| 33 | #endif /* WITH_OPENSSL */ | ||
| 32 | 34 | ||
| 33 | #include "log.h" | 35 | #include "log.h" |
| 34 | #include "misc.h" | 36 | #include "misc.h" |
| @@ -163,6 +165,7 @@ sshsk_free_sign_response(struct sk_sign_response *r) | |||
| 163 | freezero(r, sizeof(*r)); | 165 | freezero(r, sizeof(*r)); |
| 164 | }; | 166 | }; |
| 165 | 167 | ||
| 168 | #ifdef WITH_OPENSSL | ||
| 166 | /* Assemble key from response */ | 169 | /* Assemble key from response */ |
| 167 | static int | 170 | static int |
| 168 | sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) | 171 | sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) |
| @@ -217,6 +220,7 @@ sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) | |||
| 217 | sshbuf_free(b); | 220 | sshbuf_free(b); |
| 218 | return r; | 221 | return r; |
| 219 | } | 222 | } |
| 223 | #endif /* WITH_OPENSSL */ | ||
| 220 | 224 | ||
| 221 | static int | 225 | static int |
| 222 | sshsk_ed25519_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) | 226 | sshsk_ed25519_assemble(struct sk_enroll_response *resp, struct sshkey **keyp) |
| @@ -272,9 +276,11 @@ sshsk_enroll(int type, const char *provider_path, const char *application, | |||
| 272 | if (attest) | 276 | if (attest) |
| 273 | sshbuf_reset(attest); | 277 | sshbuf_reset(attest); |
| 274 | switch (type) { | 278 | switch (type) { |
| 279 | #ifdef WITH_OPENSSL | ||
| 275 | case KEY_ECDSA_SK: | 280 | case KEY_ECDSA_SK: |
| 276 | alg = SSH_SK_ECDSA; | 281 | alg = SSH_SK_ECDSA; |
| 277 | break; | 282 | break; |
| 283 | #endif /* WITH_OPENSSL */ | ||
| 278 | case KEY_ED25519_SK: | 284 | case KEY_ED25519_SK: |
| 279 | alg = SSH_SK_ED25519; | 285 | alg = SSH_SK_ED25519; |
| 280 | break; | 286 | break; |
| @@ -330,10 +336,12 @@ sshsk_enroll(int type, const char *provider_path, const char *application, | |||
| 330 | goto out; | 336 | goto out; |
| 331 | } | 337 | } |
| 332 | switch (type) { | 338 | switch (type) { |
| 339 | #ifdef WITH_OPENSSL | ||
| 333 | case KEY_ECDSA_SK: | 340 | case KEY_ECDSA_SK: |
| 334 | if ((r = sshsk_ecdsa_assemble(resp, &key)) != 0) | 341 | if ((r = sshsk_ecdsa_assemble(resp, &key)) != 0) |
| 335 | goto out; | 342 | goto out; |
| 336 | break; | 343 | break; |
| 344 | #endif /* WITH_OPENSSL */ | ||
| 337 | case KEY_ED25519_SK: | 345 | case KEY_ED25519_SK: |
| 338 | if ((r = sshsk_ed25519_assemble(resp, &key)) != 0) | 346 | if ((r = sshsk_ed25519_assemble(resp, &key)) != 0) |
| 339 | goto out; | 347 | goto out; |
| @@ -382,6 +390,7 @@ sshsk_enroll(int type, const char *provider_path, const char *application, | |||
| 382 | return r; | 390 | return r; |
| 383 | } | 391 | } |
| 384 | 392 | ||
| 393 | #ifdef WITH_OPENSSL | ||
| 385 | static int | 394 | static int |
| 386 | sshsk_ecdsa_sig(struct sk_sign_response *resp, struct sshbuf *sig) | 395 | sshsk_ecdsa_sig(struct sk_sign_response *resp, struct sshbuf *sig) |
| 387 | { | 396 | { |
| @@ -425,6 +434,7 @@ sshsk_ecdsa_sig(struct sk_sign_response *resp, struct sshbuf *sig) | |||
| 425 | sshbuf_free(inner_sig); | 434 | sshbuf_free(inner_sig); |
| 426 | return r; | 435 | return r; |
| 427 | } | 436 | } |
| 437 | #endif /* WITH_OPENSSL */ | ||
| 428 | 438 | ||
| 429 | static int | 439 | static int |
| 430 | sshsk_ed25519_sig(struct sk_sign_response *resp, struct sshbuf *sig) | 440 | sshsk_ed25519_sig(struct sk_sign_response *resp, struct sshbuf *sig) |
| @@ -474,9 +484,11 @@ sshsk_sign(const char *provider_path, const struct sshkey *key, | |||
| 474 | *lenp = 0; | 484 | *lenp = 0; |
| 475 | type = sshkey_type_plain(key->type); | 485 | type = sshkey_type_plain(key->type); |
| 476 | switch (type) { | 486 | switch (type) { |
| 487 | #ifdef WITH_OPENSSL | ||
| 477 | case KEY_ECDSA_SK: | 488 | case KEY_ECDSA_SK: |
| 478 | alg = SSH_SK_ECDSA; | 489 | alg = SSH_SK_ECDSA; |
| 479 | break; | 490 | break; |
| 491 | #endif /* WITH_OPENSSL */ | ||
| 480 | case KEY_ED25519_SK: | 492 | case KEY_ED25519_SK: |
| 481 | alg = SSH_SK_ED25519; | 493 | alg = SSH_SK_ED25519; |
| 482 | break; | 494 | break; |
| @@ -518,10 +530,12 @@ sshsk_sign(const char *provider_path, const struct sshkey *key, | |||
| 518 | goto out; | 530 | goto out; |
| 519 | } | 531 | } |
| 520 | switch (type) { | 532 | switch (type) { |
| 533 | #ifdef WITH_OPENSSL | ||
| 521 | case KEY_ECDSA_SK: | 534 | case KEY_ECDSA_SK: |
| 522 | if ((r = sshsk_ecdsa_sig(resp, sig)) != 0) | 535 | if ((r = sshsk_ecdsa_sig(resp, sig)) != 0) |
| 523 | goto out; | 536 | goto out; |
| 524 | break; | 537 | break; |
| 538 | #endif /* WITH_OPENSSL */ | ||
| 525 | case KEY_ED25519_SK: | 539 | case KEY_ED25519_SK: |
| 526 | if ((r = sshsk_ed25519_sig(resp, sig)) != 0) | 540 | if ((r = sshsk_ed25519_sig(resp, sig)) != 0) |
| 527 | goto out; | 541 | goto out; |