upstream: Replace "security key" with "authenticator" in program

messages.

This replaces "security key" in error/usage/verbose messages and
distinguishes between "authenticator" and "authenticator-hosted key".

ok djm@

OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e

1 files changed, 12 insertions, 14 deletions

diff --git a/ssh-sk.c b/ssh-sk.c
index 3e88aafff..5ff938193 100644
--- a/ssh-sk.c
+++ b/ssh-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk.c,v 1.26 2020/01/28 08:01:34 djm Exp $ */
+/* $OpenBSD: ssh-sk.c,v 1.27 2020/02/06 22:30:54 naddy Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -120,39 +120,38 @@ sshsk_open(const char *path)
                 return ret;
         }
         if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) {
-                error("Security key provider \"%s\" dlopen failed: %s",
-                    path, dlerror());
+                error("Provider \"%s\" dlopen failed: %s", path, dlerror());
                 goto fail;
         }
         if ((ret->sk_api_version = dlsym(ret->dlhandle,
             "sk_api_version")) == NULL) {
-                error("Security key provider \"%s\" dlsym(sk_api_version) "
-                    "failed: %s", path, dlerror());
+                error("Provider \"%s\" dlsym(sk_api_version) failed: %s",
+                    path, dlerror());
                 goto fail;
         }
         version = ret->sk_api_version();
         debug("%s: provider %s implements version 0x%08lx", __func__,
             ret->path, (u_long)version);
         if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) {
-                error("Security key provider \"%s\" implements unsupported "
+                error("Provider \"%s\" implements unsupported "
                     "version 0x%08lx (supported: 0x%08lx)",
                     path, (u_long)version, (u_long)SSH_SK_VERSION_MAJOR);
                 goto fail;
         }
         if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) {
-                error("Security key  provider %s dlsym(sk_enroll) "
-                    "failed: %s", path, dlerror());
+                error("Provider %s dlsym(sk_enroll) failed: %s",
+                    path, dlerror());
                 goto fail;
         }
         if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) {
-                error("Security key provider \"%s\" dlsym(sk_sign) failed: %s",
+                error("Provider \"%s\" dlsym(sk_sign) failed: %s",
                     path, dlerror());
                 goto fail;
         }
         if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle,
             "sk_load_resident_keys")) == NULL) {
-                error("Security key provider \"%s\" "
-                    "dlsym(sk_load_resident_keys) failed: %s", path, dlerror());
+                error("Provider \"%s\" dlsym(sk_load_resident_keys) "
+                    "failed: %s", path, dlerror());
                 goto fail;
         }
         /* success */
@@ -219,7 +218,7 @@ sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp)
                 goto out;
         }
         if (sshkey_ec_validate_public(EC_KEY_get0_group(key->ecdsa), q) != 0) {
-                error("Security key returned invalid ECDSA key");
+                error("Authenticator returned invalid ECDSA key");
                 r = SSH_ERR_KEY_INVALID_EC_VALUE;
                 goto out;
         }
@@ -758,8 +757,7 @@ sshsk_load_resident(const char *provider_path, const char *device,
                 goto out;
         }
         if ((r = skp->sk_load_resident_keys(pin, opts, &rks, &nrks)) != 0) {
-                error("Security key provider \"%s\" returned failure %d",
-                    provider_path, r);
+                error("Provider \"%s\" returned failure %d", provider_path, r);
                 r = skerr_to_ssherr(r);
                 goto out;
         }