|
Lines 261-266
update_card(AuthenticationConnection *ac
Link Here
|
| 261 |
} |
261 |
} |
| 262 |
|
262 |
|
| 263 |
static int |
263 |
static int |
|
|
264 |
test_key(AuthenticationConnection *ac, const char *filename) |
| 265 |
{ |
| 266 |
Key *key = NULL; |
| 267 |
u_char *sig = NULL; |
| 268 |
u_int slen = 0; |
| 269 |
int ret = -1; |
| 270 |
char data[1024]; |
| 271 |
|
| 272 |
if ((key = key_load_public(filename, NULL)) == NULL) { |
| 273 |
error("Loading key from '%s' failed", filename); |
| 274 |
goto done; |
| 275 |
} |
| 276 |
arc4random_buf(data, sizeof(data)); |
| 277 |
if (ssh_agent_sign(ac, key, &sig, &slen, data, sizeof(data)) == -1) |
| 278 |
goto done; |
| 279 |
if (key_verify(key, sig, slen, data, sizeof(data)) == 1) |
| 280 |
ret = 0; |
| 281 |
done: |
| 282 |
if (sig) |
| 283 |
xfree(sig); |
| 284 |
if (key) |
| 285 |
key_free(key); |
| 286 |
return (ret); |
| 287 |
} |
| 288 |
|
| 289 |
static int |
| 264 |
list_identities(AuthenticationConnection *ac, int do_fp) |
290 |
list_identities(AuthenticationConnection *ac, int do_fp) |
| 265 |
{ |
291 |
{ |
| 266 |
Key *key; |
292 |
Key *key; |
|
Lines 351-356
usage(void)
Link Here
|
| 351 |
fprintf(stderr, " -c Require confirmation to sign using identities\n"); |
377 |
fprintf(stderr, " -c Require confirmation to sign using identities\n"); |
| 352 |
fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); |
378 |
fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); |
| 353 |
fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); |
379 |
fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); |
|
|
380 |
fprintf(stderr, " -T pubkey Test if ssh-agent can access matching private key.\n"); |
| 354 |
} |
381 |
} |
| 355 |
|
382 |
|
| 356 |
int |
383 |
int |
|
Lines 360-365
main(int argc, char **argv)
Link Here
|
| 360 |
extern int optind; |
387 |
extern int optind; |
| 361 |
AuthenticationConnection *ac = NULL; |
388 |
AuthenticationConnection *ac = NULL; |
| 362 |
char *pkcs11provider = NULL; |
389 |
char *pkcs11provider = NULL; |
|
|
390 |
char *testing = NULL; |
| 363 |
int i, ch, deleting = 0, ret = 0; |
391 |
int i, ch, deleting = 0, ret = 0; |
| 364 |
|
392 |
|
| 365 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
393 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
|
Lines 374-380
main(int argc, char **argv)
Link Here
|
| 374 |
"Could not open a connection to your authentication agent.\n"); |
402 |
"Could not open a connection to your authentication agent.\n"); |
| 375 |
exit(2); |
403 |
exit(2); |
| 376 |
} |
404 |
} |
| 377 |
while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) { |
405 |
while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:T:")) != -1) { |
| 378 |
switch (ch) { |
406 |
switch (ch) { |
| 379 |
case 'l': |
407 |
case 'l': |
| 380 |
case 'L': |
408 |
case 'L': |
|
Lines 410-415
main(int argc, char **argv)
Link Here
|
| 410 |
goto done; |
438 |
goto done; |
| 411 |
} |
439 |
} |
| 412 |
break; |
440 |
break; |
|
|
441 |
case 'T': |
| 442 |
testing = optarg; |
| 443 |
break; |
| 413 |
default: |
444 |
default: |
| 414 |
usage(); |
445 |
usage(); |
| 415 |
ret = 1; |
446 |
ret = 1; |
|
Lines 418-423
main(int argc, char **argv)
Link Here
|
| 418 |
} |
449 |
} |
| 419 |
argc -= optind; |
450 |
argc -= optind; |
| 420 |
argv += optind; |
451 |
argv += optind; |
|
|
452 |
if (testing != NULL) { |
| 453 |
ret = (test_key(ac, testing) == 0) ? 0 : 1; |
| 454 |
goto done; |
| 455 |
} |
| 421 |
if (pkcs11provider != NULL) { |
456 |
if (pkcs11provider != NULL) { |
| 422 |
if (update_card(ac, !deleting, pkcs11provider) == -1) |
457 |
if (update_card(ac, !deleting, pkcs11provider) == -1) |
| 423 |
ret = 1; |
458 |
ret = 1; |