diff options
| author | Damien Miller <djm@mindrot.org> | 2022-02-07 02:53:47 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2022-02-07 02:53:47 +0100 |
| commit | 56192518e329b39f063487bc2dc4d796f791eca0 (patch) | |
| tree | 69ebf76e7aafcae214db5d2a4d701d2e29b29df7 /sk-usbhid.c | |
| parent | upstream: use libfido2 1.8.0+ fido_assert_set_clientdata() instead (diff) | |
| download | openssh-56192518e329b39f063487bc2dc4d796f791eca0.tar.xz openssh-56192518e329b39f063487bc2dc4d796f791eca0.zip | |
compat code for fido_assert_set_clientdata()
Diffstat (limited to 'sk-usbhid.c')
| -rw-r--r-- | sk-usbhid.c | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index d01dd2924..77afe802f 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -312,7 +312,8 @@ sk_touch_poll(struct sk_usbhid **skv, size_t nsk, int *touch, size_t *idx) return 0; } -#ifndef HAVE_FIDO_CRED_SET_CLIENTDATA +#if !defined(FIDO_ASSERT_SET_CLIENTDATA) || \ + !defined(HAVE_FIDO_CRED_SET_CLIENTDATA) /* Calculate SHA256(m) */ static int sha256_mem(const void *m, size_t mlen, u_char *d, size_t dlen) @@ -336,8 +337,10 @@ sha256_mem(const void *m, size_t mlen, u_char *d, size_t dlen) #endif return 0; } +#endif /* !FIDO_ASSERT_SET_CLIENTDATA || !HAVE_FIDO_CRED_SET_CLIENTDATA */ -int +#ifndef HAVE_FIDO_CRED_SET_CLIENTDATA +static int fido_cred_set_clientdata(fido_cred_t *cred, const u_char *ptr, size_t len) { uint8_t d[32]; @@ -357,6 +360,27 @@ fido_cred_set_clientdata(fido_cred_t *cred, const u_char *ptr, size_t len) } #endif /* HAVE_FIDO_CRED_SET_CLIENTDATA */ +#ifndef HAVE_ASSERT_CRED_SET_CLIENTDATA +static int +fido_assert_set_clientdata(fido_assert_t *assert, const u_char *ptr, size_t len) +{ + uint8_t d[32]; + int r; + + if (sha256_mem(ptr, len, d, sizeof(d)) != 0) { + skdebug(__func__, "hash challenge failed"); + return FIDO_ERR_INTERNAL; + } + r = fido_assert_set_clientdata_hash(assert, d, sizeof(d)); + explicit_bzero(d, sizeof(d)); + if (r != FIDO_OK) { + skdebug(__func__, "fido_assert_set_clientdata_hash failed: %s", + fido_strerr(r)); + } + return r; +} +#endif /* HAVE_FIDO_ASSERT_SET_CLIENTDATA */ + /* Check if the specified key handle exists on a given sk. */ static int sk_try(const struct sk_usbhid *sk, const char *application, |