diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-12-13 19:09:10 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-14 07:17:44 +1100 |
commit | b52ec0ba3983859514aa7b57d6100fa9759fe696 (patch) | |
tree | 262c9a2ebc4e6972594f45ea75fc15e8ae3bfefb /sshkey.c | |
parent | c33d46868c3d88e04a92610cdb429094aeeb5847 (diff) |
upstream: use ssh-sk-helper for all security key signing operations
This extracts and refactors the client interface for ssh-sk-helper
from ssh-agent and generalises it for use by the other programs.
This means that most OpenSSH tools no longer need to link against
libfido2 or directly interact with /dev/uhid*
requested by, feedback and ok markus@
OpenBSD-Commit-ID: 1abcd3aea9a7460eccfbf8ca154cdfa62f1dc93f
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 15 |
1 files changed, 5 insertions, 10 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.96 2019/11/25 00:51:37 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.97 2019/12/13 19:09:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -2750,13 +2750,6 @@ sshkey_sign(struct sshkey *key, | |||
2750 | case KEY_ECDSA: | 2750 | case KEY_ECDSA: |
2751 | r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); | 2751 | r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); |
2752 | break; | 2752 | break; |
2753 | # ifdef ENABLE_SK | ||
2754 | case KEY_ECDSA_SK_CERT: | ||
2755 | case KEY_ECDSA_SK: | ||
2756 | r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen, | ||
2757 | compat); | ||
2758 | break; | ||
2759 | # endif /* ENABLE_SK */ | ||
2760 | # endif /* OPENSSL_HAS_ECC */ | 2753 | # endif /* OPENSSL_HAS_ECC */ |
2761 | case KEY_RSA_CERT: | 2754 | case KEY_RSA_CERT: |
2762 | case KEY_RSA: | 2755 | case KEY_RSA: |
@@ -2770,8 +2763,10 @@ sshkey_sign(struct sshkey *key, | |||
2770 | #ifdef ENABLE_SK | 2763 | #ifdef ENABLE_SK |
2771 | case KEY_ED25519_SK: | 2764 | case KEY_ED25519_SK: |
2772 | case KEY_ED25519_SK_CERT: | 2765 | case KEY_ED25519_SK_CERT: |
2773 | r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen, | 2766 | case KEY_ECDSA_SK_CERT: |
2774 | compat); | 2767 | case KEY_ECDSA_SK: |
2768 | r = sshsk_sign(sk_provider, key, sigp, lenp, data, | ||
2769 | datalen, compat); | ||
2775 | break; | 2770 | break; |
2776 | #endif /* ENABLE_SK */ | 2771 | #endif /* ENABLE_SK */ |
2777 | #ifdef WITH_XMSS | 2772 | #ifdef WITH_XMSS |