diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2020-01-03 02:46:20 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2020-01-03 02:46:20 +0000 |
| commit | c1abcd727cc1b0ba2a48bccab54a0c1cd3195d51 (patch) | |
| tree | e451c62ae3dcf06089737f585821b4be8fad7b00 /regress/usr.bin | |
| parent | 332ff3e110e0a5d0b19505246b237d7d2004bc10 (diff) | |
implement recent SK API change to support resident keys and PIN prompting
in the dummy middleware that we use for the tests. Should fix breakage
spotted by dtucker@
Diffstat (limited to 'regress/usr.bin')
| -rw-r--r-- | regress/usr.bin/ssh/misc/sk-dummy/sk-dummy.c | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/regress/usr.bin/ssh/misc/sk-dummy/sk-dummy.c b/regress/usr.bin/ssh/misc/sk-dummy/sk-dummy.c index b223b1a0f21..3eefd3c9c04 100644 --- a/regress/usr.bin/ssh/misc/sk-dummy/sk-dummy.c +++ b/regress/usr.bin/ssh/misc/sk-dummy/sk-dummy.c @@ -42,7 +42,7 @@ } while (0) #endif -#define SK_VERSION_MAJOR 0x00020000 /* current API version */ +#define SK_VERSION_MAJOR 0x00030000 /* current API version */ /* Flags */ #define SK_USER_PRESENCE_REQD 0x01 @@ -51,6 +51,11 @@ #define SK_ECDSA 0x00 #define SK_ED25519 0x01 +/* Error codes */ +#define SSH_SK_ERR_GENERAL -1 +#define SSH_SK_ERR_UNSUPPORTED -2 +#define SSH_SK_ERR_PIN_REQUIRED -3 + struct sk_enroll_response { uint8_t *public_key; size_t public_key_len; @@ -71,18 +76,29 @@ struct sk_sign_response { size_t sig_s_len; }; +struct sk_resident_key { + uint8_t alg; + size_t slot; + char *application; + struct sk_enroll_response key; +}; + /* Return the version of the middleware API */ uint32_t sk_api_version(void); /* Enroll a U2F key (private key generation) */ int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, - const char *application, uint8_t flags, + const char *application, uint8_t flags, const char *pin, struct sk_enroll_response **enroll_response); /* Sign a challenge */ int sk_sign(int alg, const uint8_t *message, size_t message_len, const char *application, const uint8_t *key_handle, size_t key_handle_len, - uint8_t flags, struct sk_sign_response **sign_response); + uint8_t flags, const char *pin, struct sk_sign_response **sign_response); + +/* Enumerate all resident keys */ +int sk_load_resident_keys(const char *pin, + struct sk_resident_key ***rks, size_t *nrks); static void skdebug(const char *func, const char *fmt, ...) __attribute__((__format__ (printf, 2, 3))); @@ -233,7 +249,7 @@ pack_key_ed25519(struct sk_enroll_response *response) int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, - const char *application, uint8_t flags, + const char *application, uint8_t flags, const char *pin, struct sk_enroll_response **enroll_response) { struct sk_enroll_response *response = NULL; @@ -476,7 +492,7 @@ int sk_sign(int alg, const uint8_t *message, size_t message_len, const char *application, const uint8_t *key_handle, size_t key_handle_len, - uint8_t flags, struct sk_sign_response **sign_response) + uint8_t flags, const char *pin, struct sk_sign_response **sign_response) { struct sk_sign_response *response = NULL; int ret = -1; @@ -520,3 +536,10 @@ sk_sign(int alg, const uint8_t *message, size_t message_len, } return ret; } + +int +sk_load_resident_keys(const char *pin, + struct sk_resident_key ***rks, size_t *nrks) +{ + return SSH_SK_ERR_UNSUPPORTED; +} |