| File: | src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c |
| Warning: | line 606, column 8 Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
| 1 | /* $OpenBSD: ssh-pkcs11-client.c,v 1.19 2023/12/18 14:46:56 djm Exp $ */ |
| 2 | /* |
| 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2014 Pedro Martelletto. All rights reserved. |
| 5 | * |
| 6 | * Permission to use, copy, modify, and distribute this software for any |
| 7 | * purpose with or without fee is hereby granted, provided that the above |
| 8 | * copyright notice and this permission notice appear in all copies. |
| 9 | * |
| 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
| 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
| 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ |
| 18 | |
| 19 | #include <sys/types.h> |
| 20 | #include <sys/time.h> |
| 21 | #include <sys/socket.h> |
| 22 | |
| 23 | #include <stdarg.h> |
| 24 | #include <string.h> |
| 25 | #include <unistd.h> |
| 26 | #include <errno(*__errno()).h> |
| 27 | #include <limits.h> |
| 28 | |
| 29 | #include <openssl/ecdsa.h> |
| 30 | #include <openssl/rsa.h> |
| 31 | |
| 32 | #include "pathnames.h" |
| 33 | #include "xmalloc.h" |
| 34 | #include "sshbuf.h" |
| 35 | #include "log.h" |
| 36 | #include "misc.h" |
| 37 | #include "sshkey.h" |
| 38 | #include "authfd.h" |
| 39 | #include "atomicio.h" |
| 40 | #include "ssh-pkcs11.h" |
| 41 | #include "ssherr.h" |
| 42 | |
| 43 | /* borrows code from sftp-server and ssh-agent */ |
| 44 | |
| 45 | /* |
| 46 | * Maintain a list of ssh-pkcs11-helper subprocesses. These may be looked up |
| 47 | * by provider path or their unique EC/RSA METHOD pointers. |
| 48 | */ |
| 49 | struct helper { |
| 50 | char *path; |
| 51 | pid_t pid; |
| 52 | int fd; |
| 53 | RSA_METHOD *rsa_meth; |
| 54 | EC_KEY_METHOD *ec_meth; |
| 55 | int (*rsa_finish)(RSA *rsa); |
| 56 | void (*ec_finish)(EC_KEY *key); |
| 57 | size_t nrsa, nec; /* number of active keys of each type */ |
| 58 | }; |
| 59 | static struct helper **helpers; |
| 60 | static size_t nhelpers; |
| 61 | |
| 62 | static struct helper * |
| 63 | helper_by_provider(const char *path) |
| 64 | { |
| 65 | size_t i; |
| 66 | |
| 67 | for (i = 0; i < nhelpers; i++) { |
| 68 | if (helpers[i] == NULL((void *)0) || helpers[i]->path == NULL((void *)0) || |
| 69 | helpers[i]->fd == -1) |
| 70 | continue; |
| 71 | if (strcmp(helpers[i]->path, path) == 0) |
| 72 | return helpers[i]; |
| 73 | } |
| 74 | return NULL((void *)0); |
| 75 | } |
| 76 | |
| 77 | static struct helper * |
| 78 | helper_by_rsa(const RSA *rsa) |
| 79 | { |
| 80 | size_t i; |
| 81 | const RSA_METHOD *meth; |
| 82 | |
| 83 | if ((meth = RSA_get_method(rsa)) == NULL((void *)0)) |
| 84 | return NULL((void *)0); |
| 85 | for (i = 0; i < nhelpers; i++) { |
| 86 | if (helpers[i] != NULL((void *)0) && helpers[i]->rsa_meth == meth) |
| 87 | return helpers[i]; |
| 88 | } |
| 89 | return NULL((void *)0); |
| 90 | |
| 91 | } |
| 92 | |
| 93 | static struct helper * |
| 94 | helper_by_ec(const EC_KEY *ec) |
| 95 | { |
| 96 | size_t i; |
| 97 | const EC_KEY_METHOD *meth; |
| 98 | |
| 99 | if ((meth = EC_KEY_get_method(ec)) == NULL((void *)0)) |
| 100 | return NULL((void *)0); |
| 101 | for (i = 0; i < nhelpers; i++) { |
| 102 | if (helpers[i] != NULL((void *)0) && helpers[i]->ec_meth == meth) |
| 103 | return helpers[i]; |
| 104 | } |
| 105 | return NULL((void *)0); |
| 106 | |
| 107 | } |
| 108 | |
| 109 | static void |
| 110 | helper_free(struct helper *helper) |
| 111 | { |
| 112 | size_t i; |
| 113 | int found = 0; |
| 114 | |
| 115 | if (helper == NULL((void *)0)) |
| 116 | return; |
| 117 | if (helper->path == NULL((void *)0) || helper->ec_meth == NULL((void *)0) || |
| 118 | helper->rsa_meth == NULL((void *)0)) |
| 119 | fatal_f("inconsistent helper")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 119, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "inconsistent helper" ); |
| 120 | debug3_f("free helper for provider %s", helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 120, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "free helper for provider %s" , helper->path); |
| 121 | for (i = 0; i < nhelpers; i++) { |
| 122 | if (helpers[i] == helper) { |
| 123 | if (found) |
| 124 | fatal_f("helper recorded more than once")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 124, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "helper recorded more than once" ); |
| 125 | found = 1; |
| 126 | } |
| 127 | else if (found) |
| 128 | helpers[i - 1] = helpers[i]; |
| 129 | } |
| 130 | if (found) { |
| 131 | helpers = xrecallocarray(helpers, nhelpers, |
| 132 | nhelpers - 1, sizeof(*helpers)); |
| 133 | nhelpers--; |
| 134 | } |
| 135 | free(helper->path); |
| 136 | EC_KEY_METHOD_free(helper->ec_meth); |
| 137 | RSA_meth_free(helper->rsa_meth); |
| 138 | free(helper); |
| 139 | } |
| 140 | |
| 141 | static void |
| 142 | helper_terminate(struct helper *helper) |
| 143 | { |
| 144 | if (helper == NULL((void *)0)) { |
| 145 | return; |
| 146 | } else if (helper->fd == -1) { |
| 147 | debug3_f("already terminated")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 147, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "already terminated" ); |
| 148 | } else { |
| 149 | debug3_f("terminating helper for %s; "sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 151, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "terminating helper for %s; " "remaining %zu RSA %zu ECDSA", helper->path, helper->nrsa , helper->nec) |
| 150 | "remaining %zu RSA %zu ECDSA",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 151, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "terminating helper for %s; " "remaining %zu RSA %zu ECDSA", helper->path, helper->nrsa , helper->nec) |
| 151 | helper->path, helper->nrsa, helper->nec)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 151, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "terminating helper for %s; " "remaining %zu RSA %zu ECDSA", helper->path, helper->nrsa , helper->nec); |
| 152 | close(helper->fd); |
| 153 | /* XXX waitpid() */ |
| 154 | helper->fd = -1; |
| 155 | helper->pid = -1; |
| 156 | } |
| 157 | /* |
| 158 | * Don't delete the helper entry until there are no remaining keys |
| 159 | * that reference it. Otherwise, any signing operation would call |
| 160 | * a free'd METHOD pointer and that would be bad. |
| 161 | */ |
| 162 | if (helper->nrsa == 0 && helper->nec == 0) |
| 163 | helper_free(helper); |
| 164 | } |
| 165 | |
| 166 | static void |
| 167 | send_msg(int fd, struct sshbuf *m) |
| 168 | { |
| 169 | u_char buf[4]; |
| 170 | size_t mlen = sshbuf_len(m); |
| 171 | int r; |
| 172 | |
| 173 | if (fd == -1) |
| 174 | return; |
| 175 | POKE_U32(buf, mlen)do { const u_int32_t __v = (mlen); ((u_char *)(buf))[0] = (__v >> 24) & 0xff; ((u_char *)(buf))[1] = (__v >> 16) & 0xff; ((u_char *)(buf))[2] = (__v >> 8) & 0xff; ((u_char *)(buf))[3] = __v & 0xff; } while (0); |
| 176 | if (atomicio(vwrite(ssize_t (*)(int, void *, size_t))write, fd, buf, 4) != 4 || |
| 177 | atomicio(vwrite(ssize_t (*)(int, void *, size_t))write, fd, sshbuf_mutable_ptr(m), |
| 178 | sshbuf_len(m)) != sshbuf_len(m)) |
| 179 | error("write to helper failed")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 179, 0, SYSLOG_LEVEL_ERROR, ((void *)0), "write to helper failed" ); |
| 180 | if ((r = sshbuf_consume(m, mlen)) != 0) |
| 181 | fatal_fr(r, "consume")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 181, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "consume" ); |
| 182 | } |
| 183 | |
| 184 | static int |
| 185 | recv_msg(int fd, struct sshbuf *m) |
| 186 | { |
| 187 | u_int l, len; |
| 188 | u_char c, buf[1024]; |
| 189 | int r; |
| 190 | |
| 191 | sshbuf_reset(m); |
| 192 | if (fd == -1) |
| 193 | return 0; /* XXX */ |
| 194 | if ((len = atomicio(read, fd, buf, 4)) != 4) { |
| 195 | error("read from helper failed: %u", len)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 195, 0, SYSLOG_LEVEL_ERROR, ((void *)0), "read from helper failed: %u" , len); |
| 196 | return (0); /* XXX */ |
| 197 | } |
| 198 | len = PEEK_U32(buf)(((u_int32_t)(((const u_char *)(buf))[0]) << 24) | ((u_int32_t )(((const u_char *)(buf))[1]) << 16) | ((u_int32_t)(((const u_char *)(buf))[2]) << 8) | (u_int32_t)(((const u_char *)(buf))[3])); |
| 199 | if (len > 256 * 1024) |
| 200 | fatal("response too long: %u", len)sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 200, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "response too long: %u" , len); |
| 201 | /* read len bytes into m */ |
| 202 | while (len > 0) { |
| 203 | l = len; |
| 204 | if (l > sizeof(buf)) |
| 205 | l = sizeof(buf); |
| 206 | if (atomicio(read, fd, buf, l) != l) { |
| 207 | error("response from helper failed.")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 207, 0, SYSLOG_LEVEL_ERROR, ((void *)0), "response from helper failed." ); |
| 208 | return (0); /* XXX */ |
| 209 | } |
| 210 | if ((r = sshbuf_put(m, buf, l)) != 0) |
| 211 | fatal_fr(r, "sshbuf_put")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 211, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "sshbuf_put" ); |
| 212 | len -= l; |
| 213 | } |
| 214 | if ((r = sshbuf_get_u8(m, &c)) != 0) |
| 215 | fatal_fr(r, "parse type")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 215, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "parse type" ); |
| 216 | return c; |
| 217 | } |
| 218 | |
| 219 | int |
| 220 | pkcs11_init(int interactive) |
| 221 | { |
| 222 | return 0; |
| 223 | } |
| 224 | |
| 225 | void |
| 226 | pkcs11_terminate(void) |
| 227 | { |
| 228 | size_t i; |
| 229 | |
| 230 | debug3_f("terminating %zu helpers", nhelpers)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 230, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "terminating %zu helpers" , nhelpers); |
| 231 | for (i = 0; i < nhelpers; i++) |
| 232 | helper_terminate(helpers[i]); |
| 233 | } |
| 234 | |
| 235 | static int |
| 236 | rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) |
| 237 | { |
| 238 | struct sshkey *key = NULL((void *)0); |
| 239 | struct sshbuf *msg = NULL((void *)0); |
| 240 | u_char *blob = NULL((void *)0), *signature = NULL((void *)0); |
| 241 | size_t blen, slen = 0; |
| 242 | int r, ret = -1; |
| 243 | struct helper *helper; |
| 244 | |
| 245 | if ((helper = helper_by_rsa(rsa)) == NULL((void *)0) || helper->fd == -1) |
| 246 | fatal_f("no helper for PKCS11 key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 246, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 key" ); |
| 247 | debug3_f("signing with PKCS11 provider %s", helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 247, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "signing with PKCS11 provider %s" , helper->path); |
| 248 | if (padding != RSA_PKCS1_PADDING1) |
| 249 | goto fail; |
| 250 | key = sshkey_new(KEY_UNSPEC); |
| 251 | if (key == NULL((void *)0)) { |
| 252 | error_f("sshkey_new failed")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 252, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "sshkey_new failed" ); |
| 253 | goto fail; |
| 254 | } |
| 255 | key->type = KEY_RSA; |
| 256 | RSA_up_ref(rsa); |
| 257 | key->rsa = rsa; |
| 258 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { |
| 259 | error_fr(r, "encode key")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 259, 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "encode key" ); |
| 260 | goto fail; |
| 261 | } |
| 262 | if ((msg = sshbuf_new()) == NULL((void *)0)) |
| 263 | fatal_f("sshbuf_new failed")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 263, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshbuf_new failed" ); |
| 264 | if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST13)) != 0 || |
| 265 | (r = sshbuf_put_string(msg, blob, blen)) != 0 || |
| 266 | (r = sshbuf_put_string(msg, from, flen)) != 0 || |
| 267 | (r = sshbuf_put_u32(msg, 0)) != 0) |
| 268 | fatal_fr(r, "compose")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 268, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "compose" ); |
| 269 | send_msg(helper->fd, msg); |
| 270 | sshbuf_reset(msg); |
| 271 | |
| 272 | if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE14) { |
| 273 | if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0) |
| 274 | fatal_fr(r, "parse")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 274, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "parse"); |
| 275 | if (slen <= (size_t)RSA_size(rsa)) { |
| 276 | memcpy(to, signature, slen); |
| 277 | ret = slen; |
| 278 | } |
| 279 | free(signature); |
| 280 | } |
| 281 | fail: |
| 282 | free(blob); |
| 283 | sshkey_free(key); |
| 284 | sshbuf_free(msg); |
| 285 | return (ret); |
| 286 | } |
| 287 | |
| 288 | static int |
| 289 | rsa_finish(RSA *rsa) |
| 290 | { |
| 291 | struct helper *helper; |
| 292 | |
| 293 | if ((helper = helper_by_rsa(rsa)) == NULL((void *)0)) |
| 294 | fatal_f("no helper for PKCS11 key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 294, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 key" ); |
| 295 | debug3_f("free PKCS11 RSA key for provider %s", helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 295, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "free PKCS11 RSA key for provider %s" , helper->path); |
| 296 | if (helper->rsa_finish != NULL((void *)0)) |
| 297 | helper->rsa_finish(rsa); |
| 298 | if (helper->nrsa == 0) |
| 299 | fatal_f("RSA refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 299, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "RSA refcount error" ); |
| 300 | helper->nrsa--; |
| 301 | debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 302, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec) |
| 302 | helper->path, helper->nrsa, helper->nec)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 302, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec); |
| 303 | if (helper->nrsa == 0 && helper->nec == 0) |
| 304 | helper_terminate(helper); |
| 305 | return 1; |
| 306 | } |
| 307 | |
| 308 | static ECDSA_SIG * |
| 309 | ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, |
| 310 | const BIGNUM *rp, EC_KEY *ec) |
| 311 | { |
| 312 | struct sshkey *key = NULL((void *)0); |
| 313 | struct sshbuf *msg = NULL((void *)0); |
| 314 | ECDSA_SIG *ret = NULL((void *)0); |
| 315 | const u_char *cp; |
| 316 | u_char *blob = NULL((void *)0), *signature = NULL((void *)0); |
| 317 | size_t blen, slen = 0; |
| 318 | int r, nid; |
| 319 | struct helper *helper; |
| 320 | |
| 321 | if ((helper = helper_by_ec(ec)) == NULL((void *)0) || helper->fd == -1) |
| 322 | fatal_f("no helper for PKCS11 key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 322, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 key" ); |
| 323 | debug3_f("signing with PKCS11 provider %s", helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 323, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "signing with PKCS11 provider %s" , helper->path); |
| 324 | nid = sshkey_ecdsa_key_to_nid(ec); |
| 325 | if (nid < 0) { |
| 326 | error_f("couldn't get curve nid")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 326, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "couldn't get curve nid" ); |
| 327 | goto fail; |
| 328 | } |
| 329 | |
| 330 | key = sshkey_new(KEY_UNSPEC); |
| 331 | if (key == NULL((void *)0)) { |
| 332 | error_f("sshkey_new failed")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 332, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "sshkey_new failed" ); |
| 333 | goto fail; |
| 334 | } |
| 335 | key->ecdsa = ec; |
| 336 | key->ecdsa_nid = nid; |
| 337 | key->type = KEY_ECDSA; |
| 338 | EC_KEY_up_ref(ec); |
| 339 | |
| 340 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { |
| 341 | error_fr(r, "encode key")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 341, 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "encode key" ); |
| 342 | goto fail; |
| 343 | } |
| 344 | if ((msg = sshbuf_new()) == NULL((void *)0)) |
| 345 | fatal_f("sshbuf_new failed")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 345, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshbuf_new failed" ); |
| 346 | if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST13)) != 0 || |
| 347 | (r = sshbuf_put_string(msg, blob, blen)) != 0 || |
| 348 | (r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || |
| 349 | (r = sshbuf_put_u32(msg, 0)) != 0) |
| 350 | fatal_fr(r, "compose")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 350, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "compose" ); |
| 351 | send_msg(helper->fd, msg); |
| 352 | sshbuf_reset(msg); |
| 353 | |
| 354 | if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE14) { |
| 355 | if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0) |
| 356 | fatal_fr(r, "parse")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 356, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "parse"); |
| 357 | cp = signature; |
| 358 | ret = d2i_ECDSA_SIG(NULL((void *)0), &cp, slen); |
| 359 | free(signature); |
| 360 | } |
| 361 | |
| 362 | fail: |
| 363 | free(blob); |
| 364 | sshkey_free(key); |
| 365 | sshbuf_free(msg); |
| 366 | return (ret); |
| 367 | } |
| 368 | |
| 369 | static void |
| 370 | ecdsa_do_finish(EC_KEY *ec) |
| 371 | { |
| 372 | struct helper *helper; |
| 373 | |
| 374 | if ((helper = helper_by_ec(ec)) == NULL((void *)0)) |
| 375 | fatal_f("no helper for PKCS11 key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 375, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 key" ); |
| 376 | debug3_f("free PKCS11 ECDSA key for provider %s", helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 376, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "free PKCS11 ECDSA key for provider %s" , helper->path); |
| 377 | if (helper->ec_finish != NULL((void *)0)) |
| 378 | helper->ec_finish(ec); |
| 379 | if (helper->nec == 0) |
| 380 | fatal_f("ECDSA refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 380, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "ECDSA refcount error" ); |
| 381 | helper->nec--; |
| 382 | debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 383, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec) |
| 383 | helper->path, helper->nrsa, helper->nec)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 383, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec); |
| 384 | if (helper->nrsa == 0 && helper->nec == 0) |
| 385 | helper_terminate(helper); |
| 386 | } |
| 387 | |
| 388 | /* redirect private key crypto operations to the ssh-pkcs11-helper */ |
| 389 | static void |
| 390 | wrap_key(struct helper *helper, struct sshkey *k) |
| 391 | { |
| 392 | debug3_f("wrap %s for provider %s", sshkey_type(k), helper->path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 392, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "wrap %s for provider %s" , sshkey_type(k), helper->path); |
| 393 | if (k->type == KEY_RSA) { |
| 394 | RSA_set_method(k->rsa, helper->rsa_meth); |
| 395 | if (helper->nrsa++ >= INT_MAX0x7fffffff) |
| 396 | fatal_f("RSA refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 396, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "RSA refcount error" ); |
| 397 | } else if (k->type == KEY_ECDSA) { |
| 398 | EC_KEY_set_method(k->ecdsa, helper->ec_meth); |
| 399 | if (helper->nec++ >= INT_MAX0x7fffffff) |
| 400 | fatal_f("EC refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 400, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "EC refcount error" ); |
| 401 | } else |
| 402 | fatal_f("unknown key type")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 402, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "unknown key type" ); |
| 403 | k->flags |= SSHKEY_FLAG_EXT0x0001; |
| 404 | debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 405, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec) |
| 405 | helper->path, helper->nrsa, helper->nec)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 405, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec); |
| 406 | } |
| 407 | |
| 408 | /* |
| 409 | * Make a private PKCS#11-backed certificate by grafting a previously-loaded |
| 410 | * PKCS#11 private key and a public certificate key. |
| 411 | */ |
| 412 | int |
| 413 | pkcs11_make_cert(const struct sshkey *priv, |
| 414 | const struct sshkey *certpub, struct sshkey **certprivp) |
| 415 | { |
| 416 | struct helper *helper = NULL((void *)0); |
| 417 | struct sshkey *ret; |
| 418 | int r; |
| 419 | |
| 420 | debug3_f("private key type %s cert type %s", sshkey_type(priv),sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 421, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "private key type %s cert type %s" , sshkey_type(priv), sshkey_type(certpub)) |
| 421 | sshkey_type(certpub))sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 421, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "private key type %s cert type %s" , sshkey_type(priv), sshkey_type(certpub)); |
| 422 | *certprivp = NULL((void *)0); |
| 423 | if (!sshkey_is_cert(certpub) || sshkey_is_cert(priv) || |
| 424 | !sshkey_equal_public(priv, certpub)) { |
| 425 | error_f("private key %s doesn't match cert %s",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 426, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "private key %s doesn't match cert %s" , sshkey_type(priv), sshkey_type(certpub)) |
| 426 | sshkey_type(priv), sshkey_type(certpub))sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 426, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "private key %s doesn't match cert %s" , sshkey_type(priv), sshkey_type(certpub)); |
| 427 | return SSH_ERR_INVALID_ARGUMENT-10; |
| 428 | } |
| 429 | *certprivp = NULL((void *)0); |
| 430 | if (priv->type == KEY_RSA) { |
| 431 | if ((helper = helper_by_rsa(priv->rsa)) == NULL((void *)0) || |
| 432 | helper->fd == -1) |
| 433 | fatal_f("no helper for PKCS11 RSA key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 433, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 RSA key" ); |
| 434 | if ((r = sshkey_from_private(priv, &ret)) != 0) |
| 435 | fatal_fr(r, "copy key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 435, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "copy key" ); |
| 436 | RSA_set_method(ret->rsa, helper->rsa_meth); |
| 437 | if (helper->nrsa++ >= INT_MAX0x7fffffff) |
| 438 | fatal_f("RSA refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 438, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "RSA refcount error" ); |
| 439 | } else if (priv->type == KEY_ECDSA) { |
| 440 | if ((helper = helper_by_ec(priv->ecdsa)) == NULL((void *)0) || |
| 441 | helper->fd == -1) |
| 442 | fatal_f("no helper for PKCS11 EC key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 442, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "no helper for PKCS11 EC key" ); |
| 443 | if ((r = sshkey_from_private(priv, &ret)) != 0) |
| 444 | fatal_fr(r, "copy key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 444, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "copy key" ); |
| 445 | EC_KEY_set_method(ret->ecdsa, helper->ec_meth); |
| 446 | if (helper->nec++ >= INT_MAX0x7fffffff) |
| 447 | fatal_f("EC refcount error")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 447, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "EC refcount error" ); |
| 448 | } else |
| 449 | fatal_f("unknown key type %s", sshkey_type(priv))sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 449, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "unknown key type %s" , sshkey_type(priv)); |
| 450 | |
| 451 | ret->flags |= SSHKEY_FLAG_EXT0x0001; |
| 452 | if ((r = sshkey_to_certified(ret)) != 0 || |
| 453 | (r = sshkey_cert_copy(certpub, ret)) != 0) |
| 454 | fatal_fr(r, "graft certificate")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 454, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "graft certificate" ); |
| 455 | debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA",sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 456, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec) |
| 456 | helper->path, helper->nrsa, helper->nec)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 456, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "provider %s remaining keys: %zu RSA %zu ECDSA" , helper->path, helper->nrsa, helper->nec); |
| 457 | /* success */ |
| 458 | *certprivp = ret; |
| 459 | return 0; |
| 460 | } |
| 461 | |
| 462 | static int |
| 463 | pkcs11_start_helper_methods(struct helper *helper) |
| 464 | { |
| 465 | int (*ec_init)(EC_KEY *key); |
| 466 | int (*ec_copy)(EC_KEY *dest, const EC_KEY *src); |
| 467 | int (*ec_set_group)(EC_KEY *key, const EC_GROUP *grp); |
| 468 | int (*ec_set_private)(EC_KEY *key, const BIGNUM *priv_key); |
| 469 | int (*ec_set_public)(EC_KEY *key, const EC_POINT *pub_key); |
| 470 | int (*ec_sign)(int, const unsigned char *, int, unsigned char *, |
| 471 | unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL((void *)0); |
| 472 | RSA_METHOD *rsa_meth; |
| 473 | EC_KEY_METHOD *ec_meth; |
| 474 | |
| 475 | if ((ec_meth = EC_KEY_METHOD_new(EC_KEY_OpenSSL())) == NULL((void *)0)) |
| 476 | return -1; |
| 477 | EC_KEY_METHOD_get_sign(ec_meth, &ec_sign, NULL((void *)0), NULL((void *)0)); |
| 478 | EC_KEY_METHOD_set_sign(ec_meth, ec_sign, NULL((void *)0), ecdsa_do_sign); |
| 479 | EC_KEY_METHOD_get_init(ec_meth, &ec_init, &helper->ec_finish, |
| 480 | &ec_copy, &ec_set_group, &ec_set_private, &ec_set_public); |
| 481 | EC_KEY_METHOD_set_init(ec_meth, ec_init, ecdsa_do_finish, |
| 482 | ec_copy, ec_set_group, ec_set_private, ec_set_public); |
| 483 | |
| 484 | if ((rsa_meth = RSA_meth_dup(RSA_get_default_method())) == NULL((void *)0)) |
| 485 | fatal_f("RSA_meth_dup failed")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 485, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "RSA_meth_dup failed" ); |
| 486 | helper->rsa_finish = RSA_meth_get_finish(rsa_meth); |
| 487 | if (!RSA_meth_set1_name(rsa_meth, "ssh-pkcs11-helper") || |
| 488 | !RSA_meth_set_priv_enc(rsa_meth, rsa_encrypt) || |
| 489 | !RSA_meth_set_finish(rsa_meth, rsa_finish)) |
| 490 | fatal_f("failed to prepare method")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 490, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "failed to prepare method" ); |
| 491 | |
| 492 | helper->ec_meth = ec_meth; |
| 493 | helper->rsa_meth = rsa_meth; |
| 494 | return 0; |
| 495 | } |
| 496 | |
| 497 | static struct helper * |
| 498 | pkcs11_start_helper(const char *path) |
| 499 | { |
| 500 | int pair[2]; |
| 501 | char *prog, *verbosity = NULL((void *)0); |
| 502 | struct helper *helper; |
| 503 | pid_t pid; |
| 504 | |
| 505 | if (nhelpers >= INT_MAX0x7fffffff) |
| 506 | fatal_f("too many helpers")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 506, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "too many helpers" ); |
| 507 | debug3_f("start helper for %s", path)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 507, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "start helper for %s" , path); |
| 508 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, pair) == -1) { |
| 509 | error_f("socketpair: %s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 509, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "socketpair: %s" , strerror((*__errno()))); |
| 510 | return NULL((void *)0); |
| 511 | } |
| 512 | helper = xcalloc(1, sizeof(*helper)); |
| 513 | if (pkcs11_start_helper_methods(helper) == -1) { |
| 514 | error_f("pkcs11_start_helper_methods failed")sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 514, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "pkcs11_start_helper_methods failed" ); |
| 515 | goto fail; |
| 516 | } |
| 517 | if ((pid = fork()) == -1) { |
| 518 | error_f("fork: %s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 518, 1, SYSLOG_LEVEL_ERROR, ((void *)0), "fork: %s" , strerror((*__errno()))); |
| 519 | fail: |
| 520 | close(pair[0]); |
| 521 | close(pair[1]); |
| 522 | RSA_meth_free(helper->rsa_meth); |
| 523 | EC_KEY_METHOD_free(helper->ec_meth); |
| 524 | free(helper); |
| 525 | return NULL((void *)0); |
| 526 | } else if (pid == 0) { |
| 527 | if ((dup2(pair[1], STDIN_FILENO0) == -1) || |
| 528 | (dup2(pair[1], STDOUT_FILENO1) == -1)) { |
| 529 | fprintf(stderr(&__sF[2]), "dup2: %s\n", strerror(errno(*__errno()))); |
| 530 | _exit(1); |
| 531 | } |
| 532 | close(pair[0]); |
| 533 | close(pair[1]); |
| 534 | prog = getenv("SSH_PKCS11_HELPER"); |
| 535 | if (prog == NULL((void *)0) || strlen(prog) == 0) |
| 536 | prog = _PATH_SSH_PKCS11_HELPER"/usr/libexec/ssh-pkcs11-helper"; |
| 537 | if (log_level_get() >= SYSLOG_LEVEL_DEBUG1) |
| 538 | verbosity = "-vvv"; |
| 539 | debug_f("starting %s %s", prog,sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 540, 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "starting %s %s" , prog, verbosity == ((void *)0) ? "" : verbosity) |
| 540 | verbosity == NULL ? "" : verbosity)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 540, 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "starting %s %s" , prog, verbosity == ((void *)0) ? "" : verbosity); |
| 541 | execlp(prog, prog, verbosity, (char *)NULL((void *)0)); |
| 542 | fprintf(stderr(&__sF[2]), "exec: %s: %s\n", prog, strerror(errno(*__errno()))); |
| 543 | _exit(1); |
| 544 | } |
| 545 | close(pair[1]); |
| 546 | helper->fd = pair[0]; |
| 547 | helper->path = xstrdup(path); |
| 548 | helper->pid = pid; |
| 549 | debug3_f("helper %zu for \"%s\" on fd %d pid %ld", nhelpers,sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 550, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "helper %zu for \"%s\" on fd %d pid %ld" , nhelpers, helper->path, helper->fd, (long)helper-> pid) |
| 550 | helper->path, helper->fd, (long)helper->pid)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 550, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "helper %zu for \"%s\" on fd %d pid %ld" , nhelpers, helper->path, helper->fd, (long)helper-> pid); |
| 551 | helpers = xrecallocarray(helpers, nhelpers, |
| 552 | nhelpers + 1, sizeof(*helpers)); |
| 553 | helpers[nhelpers++] = helper; |
| 554 | return helper; |
| 555 | } |
| 556 | |
| 557 | int |
| 558 | pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, |
| 559 | char ***labelsp) |
| 560 | { |
| 561 | struct sshkey *k; |
| 562 | int r, type; |
| 563 | u_char *blob; |
| 564 | char *label; |
| 565 | size_t blen; |
| 566 | u_int nkeys, i; |
| 567 | struct sshbuf *msg; |
| 568 | struct helper *helper; |
| 569 | |
| 570 | if ((helper = helper_by_provider(name)) == NULL((void *)0) && |
| 571 | (helper = pkcs11_start_helper(name)) == NULL((void *)0)) |
| 572 | return -1; |
| 573 | |
| 574 | if ((msg = sshbuf_new()) == NULL((void *)0)) |
| 575 | fatal_f("sshbuf_new failed")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 575, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshbuf_new failed" ); |
| 576 | if ((r = sshbuf_put_u8(msg, SSH_AGENTC_ADD_SMARTCARD_KEY20)) != 0 || |
| 577 | (r = sshbuf_put_cstring(msg, name)) != 0 || |
| 578 | (r = sshbuf_put_cstring(msg, pin)) != 0) |
| 579 | fatal_fr(r, "compose")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 579, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "compose" ); |
| 580 | send_msg(helper->fd, msg); |
| 581 | sshbuf_reset(msg); |
| 582 | |
| 583 | type = recv_msg(helper->fd, msg); |
| 584 | if (type == SSH2_AGENT_IDENTITIES_ANSWER12) { |
| 585 | if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) |
| 586 | fatal_fr(r, "parse nkeys")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 586, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "parse nkeys" ); |
| 587 | *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); |
| 588 | if (labelsp) |
| 589 | *labelsp = xcalloc(nkeys, sizeof(char *)); |
| 590 | for (i = 0; i < nkeys; i++) { |
| 591 | /* XXX clean up properly instead of fatal() */ |
| 592 | if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 || |
| 593 | (r = sshbuf_get_cstring(msg, &label, NULL((void *)0))) != 0) |
| 594 | fatal_fr(r, "parse key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 594, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "parse key" ); |
| 595 | if ((r = sshkey_from_blob(blob, blen, &k)) != 0) |
| 596 | fatal_fr(r, "decode key")sshfatal("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 596, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "decode key" ); |
| 597 | wrap_key(helper, k); |
| 598 | (*keysp)[i] = k; |
| 599 | if (labelsp) |
| 600 | (*labelsp)[i] = label; |
| 601 | else |
| 602 | free(label); |
| 603 | free(blob); |
| 604 | } |
| 605 | } else if (type == SSH2_AGENT_FAILURE30) { |
| 606 | if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) |
Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' | |
| 607 | nkeys = -1; |
| 608 | } else { |
| 609 | nkeys = -1; |
| 610 | } |
| 611 | sshbuf_free(msg); |
| 612 | return (nkeys); |
| 613 | } |
| 614 | |
| 615 | int |
| 616 | pkcs11_del_provider(char *name) |
| 617 | { |
| 618 | struct helper *helper; |
| 619 | |
| 620 | /* |
| 621 | * ssh-agent deletes keys before calling this, so the helper entry |
| 622 | * should be gone before we get here. |
| 623 | */ |
| 624 | debug3_f("delete %s", name)sshlog("/usr/src/usr.bin/ssh/ssh-agent/../ssh-pkcs11-client.c" , __func__, 624, 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "delete %s" , name); |
| 625 | if ((helper = helper_by_provider(name)) != NULL((void *)0)) |
| 626 | helper_terminate(helper); |
| 627 | return 0; |
| 628 | } |