diff --git a/authfd.c b/authfd.c index 315c6813f..a5162790f 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.116 2019/09/03 08:28:30 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.117 2019/09/03 08:29:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -317,6 +317,32 @@ ssh_free_identitylist(struct ssh_identitylist *idl) free(idl); } +/* + * Check if the ssh agent has a given key. + * Returns 0 if found, or a negative SSH_ERR_* error code on failure. + */ +int +ssh_agent_has_key(int sock, struct sshkey *key) +{ + int r, ret = SSH_ERR_KEY_NOT_FOUND; + size_t i; + struct ssh_identitylist *idlist = NULL; + + if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) { + return r; + } + + for (i = 0; i < idlist->nkeys; i++) { + if (sshkey_equal_public(idlist->keys[i], key)) { + ret = 0; + break; + } + } + + ssh_free_identitylist(idlist); + return ret; +} + /* * Sends a challenge (typically from a server via ssh(1)) to the agent, * and waits for a response from the agent. diff --git a/authfd.h b/authfd.h index 060bed63f..579076504 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.45 2019/06/21 04:21:04 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.46 2019/09/03 08:29:15 djm Exp $ */ /* * Author: Tatu Ylonen @@ -31,6 +31,7 @@ int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); void ssh_free_identitylist(struct ssh_identitylist *idl); int ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, u_int life, u_int confirm, u_int maxsign); +int ssh_agent_has_key(int sock, struct sshkey *key); int ssh_remove_identity(int sock, struct sshkey *key); int ssh_update_card(int sock, int add, const char *reader_id, const char *pin, u_int life, u_int confirm);