[BACK]Return to sk-usbhid.c CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / crypto / external / bsd / openssh / dist

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/crypto/external/bsd/openssh/dist/sk-usbhid.c between version 1.1.1.1 and 1.1.1.2

version 1.1.1.1, 2020/02/27 00:21:36 version 1.1.1.2, 2020/05/28 17:03:00
Line 20 
Line 20 
 #include <stdio.h>  #include <stdio.h>
 #include <stddef.h>  #include <stddef.h>
 #include <stdarg.h>  #include <stdarg.h>
   #include <sha2.h>
   
 #ifdef WITH_OPENSSL  #ifdef WITH_OPENSSL
 #include <openssl/opensslv.h>  #include <openssl/opensslv.h>
Line 27 
Line 28 
 #include <openssl/bn.h>  #include <openssl/bn.h>
 #include <openssl/ec.h>  #include <openssl/ec.h>
 #include <openssl/ecdsa.h>  #include <openssl/ecdsa.h>
   #include <openssl/evp.h>
 #endif /* WITH_OPENSSL */  #endif /* WITH_OPENSSL */
   
 #include <fido.h>  #include <fido.h>
Line 706  check_sign_load_resident_options(struct 
Line 708  check_sign_load_resident_options(struct 
         return 0;          return 0;
 }  }
   
   /* Calculate SHA256(m) */
   static int
   sha256_mem(const void *m, size_t mlen, u_char *d, size_t dlen)
   {
   #ifdef WITH_OPENSSL
           u_int mdlen;
   #endif
   
           if (dlen != 32)
                   return -1;
   #ifdef WITH_OPENSSL
           mdlen = dlen;
           if (!EVP_Digest(m, mlen, d, &mdlen, EVP_sha256(), NULL))
                   return -1;
   #else
           SHA256Data(m, mlen, d);
   #endif
           return 0;
   }
   
 int  int
 sk_sign(uint32_t alg, const uint8_t *message, size_t message_len,  sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
     const char *application,      const char *application,
     const uint8_t *key_handle, size_t key_handle_len,      const uint8_t *key_handle, size_t key_handle_len,
     uint8_t flags, const char *pin, struct sk_option **options,      uint8_t flags, const char *pin, struct sk_option **options,
Line 717  sk_sign(uint32_t alg, const uint8_t *mes
Line 739  sk_sign(uint32_t alg, const uint8_t *mes
         char *device = NULL;          char *device = NULL;
         fido_dev_t *dev = NULL;          fido_dev_t *dev = NULL;
         struct sk_sign_response *response = NULL;          struct sk_sign_response *response = NULL;
           uint8_t message[32];
         int ret = SSH_SK_ERR_GENERAL;          int ret = SSH_SK_ERR_GENERAL;
         int r;          int r;
   
Line 731  sk_sign(uint32_t alg, const uint8_t *mes
Line 754  sk_sign(uint32_t alg, const uint8_t *mes
         *sign_response = NULL;          *sign_response = NULL;
         if (check_sign_load_resident_options(options, &device) != 0)          if (check_sign_load_resident_options(options, &device) != 0)
                 goto out; /* error already logged */                  goto out; /* error already logged */
         if ((dev = find_device(device, message, message_len,          /* hash data to be signed before it goes to the security key */
           if ((r = sha256_mem(data, datalen, message, sizeof(message))) != 0) {
                   skdebug(__func__, "hash message failed");
                   goto out;
           }
           if ((dev = find_device(device, message, sizeof(message),
             application, key_handle, key_handle_len)) == NULL) {              application, key_handle, key_handle_len)) == NULL) {
                 skdebug(__func__, "couldn't find device for key handle");                  skdebug(__func__, "couldn't find device for key handle");
                 goto out;                  goto out;
Line 741  sk_sign(uint32_t alg, const uint8_t *mes
Line 769  sk_sign(uint32_t alg, const uint8_t *mes
                 goto out;                  goto out;
         }          }
         if ((r = fido_assert_set_clientdata_hash(assert, message,          if ((r = fido_assert_set_clientdata_hash(assert, message,
             message_len)) != FIDO_OK) {              sizeof(message))) != FIDO_OK) {
                 skdebug(__func__, "fido_assert_set_clientdata_hash: %s",                  skdebug(__func__, "fido_assert_set_clientdata_hash: %s",
                     fido_strerr(r));                      fido_strerr(r));
                 goto out;                  goto out;
Line 779  sk_sign(uint32_t alg, const uint8_t *mes
Line 807  sk_sign(uint32_t alg, const uint8_t *mes
         response = NULL;          response = NULL;
         ret = 0;          ret = 0;
  out:   out:
           explicit_bzero(message, sizeof(message));
         free(device);          free(device);
         if (response != NULL) {          if (response != NULL) {
                 free(response->sig_r);                  free(response->sig_r);
Legend:
Removed from v.1.1.1.1  
changed lines
  Added in v.1.1.1.2
CVSweb <webmaster@jp.NetBSD.org>