Print PKCS#11 URI also for ECDSA keys

This commit is contained in:
Jakub Jelen 2018-02-16 16:16:39 +01:00
parent 7e9748a2b5
commit aad4430f17

View File

@ -3459,7 +3459,7 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-uri openssh-7.6p1/ssh-pkcs11.c
void *handle; void *handle;
CK_FUNCTION_LIST *function_list; CK_FUNCTION_LIST *function_list;
CK_INFO info; CK_INFO info;
@@ -68,12 +70,48 @@ struct pkcs11_key { @@ -68,12 +70,57 @@ struct pkcs11_key {
CK_ULONG slotidx; CK_ULONG slotidx;
int (*orig_finish)(RSA *rsa); int (*orig_finish)(RSA *rsa);
RSA_METHOD rsa_method; RSA_METHOD rsa_method;
@ -3482,9 +3482,18 @@ diff -up openssh-7.6p1/ssh-pkcs11.c.pkcs11-uri openssh-7.6p1/ssh-pkcs11.c
+ struct pkcs11_key *k11; + struct pkcs11_key *k11;
+ +
+ /* sanity - is it a RSA key with associated app_data? */ + /* sanity - is it a RSA key with associated app_data? */
+ if (key->type != KEY_RSA || + switch (key->type) {
+ (k11 = RSA_get_app_data(key->rsa)) == NULL) + case KEY_RSA:
+ if ((k11 = RSA_get_app_data(key->rsa)) == NULL)
+ return -1;
+ break;
+ case KEY_ECDSA:
+ if ((k11 = EC_KEY_get_ex_data(key->ecdsa, pkcs11_key_idx)) == NULL)
+ return -1;
+ break;
+ default:
+ return -1; + return -1;
+ }
+ +
+ /* omit type -- we are looking for private-public or private-certificate pairs */ + /* omit type -- we are looking for private-public or private-certificate pairs */
+ uri.id = k11->keyid; + uri.id = k11->keyid;