1/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Adds an identity to the authentication server, or removes an identity.
6 *
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
--- 21 unchanged lines hidden (view full) ---
30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 */
36
37#include "includes.h"
38RCSID("$OpenBSD: ssh-add.c,v 1.66 2003/03/05 22:33:43 markus Exp $");
39RCSID("$FreeBSD: head/crypto/openssh/ssh-add.c 113911 2003-04-23 17:13:13Z des $");
40
41#include <openssl/evp.h>
42
43#include "ssh.h"
44#include "rsa.h"
45#include "log.h"
46#include "xmalloc.h"
47#include "key.h"
--- 18 unchanged lines hidden (view full) ---
66 _PATH_SSH_CLIENT_ID_DSA,
67 _PATH_SSH_CLIENT_IDENTITY,
68 NULL
69};
70
71/* Default lifetime (0 == forever) */
72static int lifetime = 0;
73
74/* User has to confirm key use */
75static int confirm = 0;
76
77/* we keep a cache of one passphrases */
78static char *pass = NULL;
79static void
80clear_pass(void)
81{
82 if (pass) {
83 memset(pass, 0, strlen(pass));
84 xfree(pass);
--- 79 unchanged lines hidden (view full) ---
164 private = key_load_private(filename, pass, &comment);
165 if (private != NULL)
166 break;
167 clear_pass();
168 strlcpy(msg, "Bad passphrase, try again: ", sizeof msg);
169 }
170 }
171
172 if (ssh_add_identity_constrained(ac, private, comment, lifetime,
173 confirm)) {
174 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
175 ret = 0;
176 if (lifetime != 0)
177 fprintf(stderr,
178 "Lifetime set to %d seconds\n", lifetime);
179 if (confirm != 0)
180 fprintf(stderr,
181 "The user has to confirm each use of the key\n");
182 } else if (ssh_add_identity(ac, private, comment)) {
183 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
184 ret = 0;
185 } else {
186 fprintf(stderr, "Could not add identity: %s\n", filename);
187 }
188
189 xfree(comment);
190 key_free(private);
191
192 return ret;
193}
194
195static int
196update_card(AuthenticationConnection *ac, int add, const char *id)
197{
198 char *pin;
199 int ret = -1;
200
201 pin = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN);
202 if (pin == NULL)
203 return -1;
204
205 if (ssh_update_card(ac, add, id, pin)) {
206 fprintf(stderr, "Card %s: %s\n",
207 add ? "added" : "removed", id);
208 ret = 0;
209 } else {
210 fprintf(stderr, "Could not %s card: %s\n",
211 add ? "add" : "remove", id);
212 ret = -1;
213 }
214 xfree(pin);
215 return ret;
216}
217
218static int
219list_identities(AuthenticationConnection *ac, int do_fp)
220{
221 Key *key;
222 char *comment, *fp;
223 int had_identities = 0;
--- 74 unchanged lines hidden (view full) ---
298 fprintf(stderr, "Options:\n");
299 fprintf(stderr, " -l List fingerprints of all identities.\n");
300 fprintf(stderr, " -L List public key parameters of all identities.\n");
301 fprintf(stderr, " -d Delete identity.\n");
302 fprintf(stderr, " -D Delete all identities.\n");
303 fprintf(stderr, " -x Lock agent.\n");
304 fprintf(stderr, " -X Unlock agent.\n");
305 fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n");
306 fprintf(stderr, " -c Require confirmation to sign using identities\n");
307#ifdef SMARTCARD
308 fprintf(stderr, " -s reader Add key in smartcard reader.\n");
309 fprintf(stderr, " -e reader Remove key in smartcard reader.\n");
310#endif
311}
312
313int
314main(int argc, char **argv)
--- 11 unchanged lines hidden (view full) ---
326 SSLeay_add_all_algorithms();
327
328 /* At first, get a connection to the authentication agent. */
329 ac = ssh_get_authentication_connection();
330 if (ac == NULL) {
331 fprintf(stderr, "Could not open a connection to your authentication agent.\n");
332 exit(2);
333 }
334 while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) {
335 switch (ch) {
336 case 'l':
337 case 'L':
338 if (list_identities(ac, ch == 'l' ? 1 : 0) == -1)
339 ret = 1;
340 goto done;
341 break;
342 case 'x':
343 case 'X':
344 if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1)
345 ret = 1;
346 goto done;
347 break;
348 case 'c':
349 confirm = 1;
350 break;
351 case 'd':
352 deleting = 1;
353 break;
354 case 'D':
355 if (delete_all(ac) == -1)
356 ret = 1;
357 goto done;
358 break;
--- 64 unchanged lines hidden ---
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Adds an identity to the authentication server, or removes an identity.
6 *
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
--- 21 unchanged lines hidden (view full) ---
30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 */
36
37#include "includes.h"
38RCSID("$OpenBSD: ssh-add.c,v 1.66 2003/03/05 22:33:43 markus Exp $");
39RCSID("$FreeBSD: head/crypto/openssh/ssh-add.c 113911 2003-04-23 17:13:13Z des $");
40
41#include <openssl/evp.h>
42
43#include "ssh.h"
44#include "rsa.h"
45#include "log.h"
46#include "xmalloc.h"
47#include "key.h"
--- 18 unchanged lines hidden (view full) ---
66 _PATH_SSH_CLIENT_ID_DSA,
67 _PATH_SSH_CLIENT_IDENTITY,
68 NULL
69};
70
71/* Default lifetime (0 == forever) */
72static int lifetime = 0;
73
74/* User has to confirm key use */
75static int confirm = 0;
76
77/* we keep a cache of one passphrases */
78static char *pass = NULL;
79static void
80clear_pass(void)
81{
82 if (pass) {
83 memset(pass, 0, strlen(pass));
84 xfree(pass);
--- 79 unchanged lines hidden (view full) ---
164 private = key_load_private(filename, pass, &comment);
165 if (private != NULL)
166 break;
167 clear_pass();
168 strlcpy(msg, "Bad passphrase, try again: ", sizeof msg);
169 }
170 }
171
172 if (ssh_add_identity_constrained(ac, private, comment, lifetime,
173 confirm)) {
174 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
175 ret = 0;
176 if (lifetime != 0)
177 fprintf(stderr,
178 "Lifetime set to %d seconds\n", lifetime);
179 if (confirm != 0)
180 fprintf(stderr,
181 "The user has to confirm each use of the key\n");
182 } else if (ssh_add_identity(ac, private, comment)) {
183 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
184 ret = 0;
185 } else {
186 fprintf(stderr, "Could not add identity: %s\n", filename);
187 }
188
189 xfree(comment);
190 key_free(private);
191
192 return ret;
193}
194
195static int
196update_card(AuthenticationConnection *ac, int add, const char *id)
197{
198 char *pin;
199 int ret = -1;
200
201 pin = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN);
202 if (pin == NULL)
203 return -1;
204
205 if (ssh_update_card(ac, add, id, pin)) {
206 fprintf(stderr, "Card %s: %s\n",
207 add ? "added" : "removed", id);
208 ret = 0;
209 } else {
210 fprintf(stderr, "Could not %s card: %s\n",
211 add ? "add" : "remove", id);
212 ret = -1;
213 }
214 xfree(pin);
215 return ret;
216}
217
218static int
219list_identities(AuthenticationConnection *ac, int do_fp)
220{
221 Key *key;
222 char *comment, *fp;
223 int had_identities = 0;
--- 74 unchanged lines hidden (view full) ---
298 fprintf(stderr, "Options:\n");
299 fprintf(stderr, " -l List fingerprints of all identities.\n");
300 fprintf(stderr, " -L List public key parameters of all identities.\n");
301 fprintf(stderr, " -d Delete identity.\n");
302 fprintf(stderr, " -D Delete all identities.\n");
303 fprintf(stderr, " -x Lock agent.\n");
304 fprintf(stderr, " -X Unlock agent.\n");
305 fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n");
306 fprintf(stderr, " -c Require confirmation to sign using identities\n");
307#ifdef SMARTCARD
308 fprintf(stderr, " -s reader Add key in smartcard reader.\n");
309 fprintf(stderr, " -e reader Remove key in smartcard reader.\n");
310#endif
311}
312
313int
314main(int argc, char **argv)
--- 11 unchanged lines hidden (view full) ---
326 SSLeay_add_all_algorithms();
327
328 /* At first, get a connection to the authentication agent. */
329 ac = ssh_get_authentication_connection();
330 if (ac == NULL) {
331 fprintf(stderr, "Could not open a connection to your authentication agent.\n");
332 exit(2);
333 }
334 while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) {
335 switch (ch) {
336 case 'l':
337 case 'L':
338 if (list_identities(ac, ch == 'l' ? 1 : 0) == -1)
339 ret = 1;
340 goto done;
341 break;
342 case 'x':
343 case 'X':
344 if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1)
345 ret = 1;
346 goto done;
347 break;
348 case 'c':
349 confirm = 1;
350 break;
351 case 'd':
352 deleting = 1;
353 break;
354 case 'D':
355 if (delete_all(ac) == -1)
356 ret = 1;
357 goto done;
358 break;
--- 64 unchanged lines hidden ---