2 files changed, 29 insertions, 2 deletions
diff --git a/authfd.c b/authfd.c
index 315c6813f..a5162790f 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.116 2019/09/03 08:28:30 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.117 2019/09/03 08:29:15 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -318,6 +318,32 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
 }
 /*
+ * Check if the ssh agent has a given key.
+ * Returns 0 if found, or a negative SSH_ERR_* error code on failure.
+ */
+int
+ssh_agent_has_key(int sock, struct sshkey *key)
+{
+        int r, ret = SSH_ERR_KEY_NOT_FOUND;
+        size_t i;
+        struct ssh_identitylist *idlist = NULL;
+        if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) {
+                return r;
+        }
+        for (i = 0; i < idlist->nkeys; i++) {
+                if (sshkey_equal_public(idlist->keys[i], key)) {
+                        ret = 0;
+                        break;
+                }
+        }
+        ssh_free_identitylist(idlist);
+        return ret;
+}
+/*
 * Sends a challenge (typically from a server via ssh(1)) to the agent,
 * and waits for a response from the agent.
 * Returns true (non-zero) if the agent gave the correct answer, zero
diff --git a/authfd.h b/authfd.h
index 060bed63f..579076504 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.h,v 1.45 2019/06/21 04:21:04 djm Exp $ */
+/* $OpenBSD: authfd.h,v 1.46 2019/09/03 08:29:15 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -31,6 +31,7 @@ int	ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
 void    ssh_free_identitylist(struct ssh_identitylist *idl);
 int     ssh_add_identity_constrained(int sock, struct sshkey *key,
            const char *comment, u_int life, u_int confirm, u_int maxsign);
+int     ssh_agent_has_key(int sock, struct sshkey *key);
 int     ssh_remove_identity(int sock, struct sshkey *key);
 int     ssh_update_card(int sock, int add, const char *reader_id,
            const char *pin, u_int life, u_int confirm);

diff --git a/authfd.c b/authfd.c index 315c6813f..a5162790f 100644 --- a/authfd.c +++ b/authfd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: authfd.c,v 1.116 2019/09/03 08:28:30 djm Exp $ */	1	/* $OpenBSD: authfd.c,v 1.117 2019/09/03 08:29:15 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -318,6 +318,32 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
318	}	318	}
319		319
320	/*	320	/*
		321	* Check if the ssh agent has a given key.
		322	* Returns 0 if found, or a negative SSH_ERR_* error code on failure.
		323	*/
		324	int
		325	ssh_agent_has_key(int sock, struct sshkey *key)
		326	{
		327	int r, ret = SSH_ERR_KEY_NOT_FOUND;
		328	size_t i;
		329	struct ssh_identitylist *idlist = NULL;
		330
		331	if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) {
		332	return r;
		333	}
		334
		335	for (i = 0; i < idlist->nkeys; i++) {
		336	if (sshkey_equal_public(idlist->keys[i], key)) {
		337	ret = 0;
		338	break;
		339	}
		340	}
		341
		342	ssh_free_identitylist(idlist);
		343	return ret;
		344	}
		345
		346	/*
321	* Sends a challenge (typically from a server via ssh(1)) to the agent,	347	* Sends a challenge (typically from a server via ssh(1)) to the agent,
322	* and waits for a response from the agent.	348	* and waits for a response from the agent.
323	* Returns true (non-zero) if the agent gave the correct answer, zero	349	* Returns true (non-zero) if the agent gave the correct answer, zero


diff --git a/authfd.h b/authfd.h index 060bed63f..579076504 100644 --- a/authfd.h +++ b/authfd.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: authfd.h,v 1.45 2019/06/21 04:21:04 djm Exp $ */	1	/* $OpenBSD: authfd.h,v 1.46 2019/09/03 08:29:15 djm Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -31,6 +31,7 @@ int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
31	void ssh_free_identitylist(struct ssh_identitylist *idl);	31	void ssh_free_identitylist(struct ssh_identitylist *idl);
32	int ssh_add_identity_constrained(int sock, struct sshkey *key,	32	int ssh_add_identity_constrained(int sock, struct sshkey *key,
33	const char *comment, u_int life, u_int confirm, u_int maxsign);	33	const char *comment, u_int life, u_int confirm, u_int maxsign);
		34	int ssh_agent_has_key(int sock, struct sshkey *key);
34	int ssh_remove_identity(int sock, struct sshkey *key);	35	int ssh_remove_identity(int sock, struct sshkey *key);
35	int ssh_update_card(int sock, int add, const char *reader_id,	36	int ssh_update_card(int sock, int add, const char *reader_id,
36	const char *pin, u_int life, u_int confirm);	37	const char *pin, u_int life, u_int confirm);