From ba72d30aa541015c4e17c21cc1328c7db399d26a Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Fri, 22 Mar 2002 03:51:06 +0000
Subject: [PATCH]    - rees@cvs.openbsd.org 2002/03/21 22:44:05      [authfd.c
 authfd.h ssh-add.c ssh-agent.c ssh.c]      Add PIN-protection for secret key.

---
 ChangeLog   |  5 ++++-
 authfd.c    |  5 +++--
 authfd.h    |  4 ++--
 ssh-add.c   | 10 ++++++++--
 ssh-agent.c | 14 +++++++++-----
 ssh.c       |  4 ++--
 6 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5e4d14907..3f6fdf0d9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -139,6 +139,9 @@
    - rees@cvs.openbsd.org 2002/03/21 21:54:34
      [scard.c scard.h ssh-keygen.c]
      Add PIN-protection for secret key.
+   - rees@cvs.openbsd.org 2002/03/21 22:44:05
+     [authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
+     Add PIN-protection for secret key.
 
 20020317
  - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
@@ -7985,4 +7988,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1964 2002/03/22 03:47:38 mouring Exp $
+$Id: ChangeLog,v 1.1965 2002/03/22 03:51:06 mouring Exp $
diff --git a/authfd.c b/authfd.c
index fa764358f..f3050d64d 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.48 2002/02/24 19:14:59 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.49 2002/03/21 22:44:05 rees Exp $");
 
 #include <openssl/evp.h>
 
@@ -532,7 +532,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
 }
 
 int
-ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id)
+ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin)
 {
 	Buffer msg;
 	int type;
@@ -541,6 +541,7 @@ ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id)
 	buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY :
 	    SSH_AGENTC_REMOVE_SMARTCARD_KEY);
 	buffer_put_cstring(&msg, reader_id);
+	buffer_put_cstring(&msg, pin);
 	if (ssh_request_reply(auth, &msg, &msg) == 0) {
 		buffer_free(&msg);
 		return 0;
diff --git a/authfd.h b/authfd.h
index 0f2ca7a2e..e8a0ec88f 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: authfd.h,v 1.23 2002/03/04 17:27:39 stevesk Exp $	*/
+/*	$OpenBSD: authfd.h,v 1.24 2002/03/21 22:44:05 rees Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -67,7 +67,7 @@ Key	*ssh_get_next_identity(AuthenticationConnection *, char **, int);
 int	 ssh_add_identity(AuthenticationConnection *, Key *, const char *);
 int	 ssh_remove_identity(AuthenticationConnection *, Key *);
 int	 ssh_remove_all_identities(AuthenticationConnection *, int);
-int	 ssh_update_card(AuthenticationConnection *, int, const char *);
+int	 ssh_update_card(AuthenticationConnection *, int, const char *, const char *);
 
 int
 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
diff --git a/ssh-add.c b/ssh-add.c
index baf2b3de7..d24d761a8 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.52 2002/03/21 10:21:20 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.53 2002/03/21 22:44:05 rees Exp $");
 
 #include <openssl/evp.h>
 
@@ -176,7 +176,13 @@ add_file(AuthenticationConnection *ac, const char *filename)
 static int
 update_card(AuthenticationConnection *ac, int add, const char *id)
 {
-	if (ssh_update_card(ac, add, id)) {
+	char *pin;
+
+	pin = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN);
+	if (pin == NULL)
+		return -1;
+
+	if (ssh_update_card(ac, add, id, pin)) {
 		fprintf(stderr, "Card %s: %s\n",
 		    add ? "added" : "removed", id);
 		return 0;
diff --git a/ssh-agent.c b/ssh-agent.c
index 555396fc5..1874eb152 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -34,7 +34,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.82 2002/03/04 17:27:39 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.83 2002/03/21 22:44:05 rees Exp $");
 
 #if defined(HAVE_SYS_QUEUE_H) && !defined(HAVE_BOGUS_SYS_QUEUE_H)
 #include <sys/queue.h>
@@ -454,12 +454,14 @@ process_add_smartcard_key (SocketEntry *e)
 {
 	Idtab *tab;
 	Key *n = NULL, *k = NULL;
-	char *sc_reader_id = NULL;
+	char *sc_reader_id = NULL, *pin;
 	int success = 0;
 
 	sc_reader_id = buffer_get_string(&e->input, NULL);
-	k = sc_get_key(sc_reader_id);
+	pin = buffer_get_string(&e->input, NULL);
+	k = sc_get_key(sc_reader_id, pin);
 	xfree(sc_reader_id);
+	xfree(pin);
 
 	if (k == NULL) {
 		error("sc_get_pubkey failed");
@@ -505,11 +507,13 @@ process_remove_smartcard_key(SocketEntry *e)
 {
 	Key *k = NULL;
 	int success = 0;
-	char *sc_reader_id = NULL;
+	char *sc_reader_id = NULL, *pin;
 
 	sc_reader_id = buffer_get_string(&e->input, NULL);
-	k = sc_get_key(sc_reader_id);
+	pin = buffer_get_string(&e->input, NULL);
+	k = sc_get_key(sc_reader_id, pin);
 	xfree(sc_reader_id);
+	xfree(pin);
 
 	if (k == NULL) {
 		error("sc_get_pubkey failed");
diff --git a/ssh.c b/ssh.c
index 7c57ca790..ae2e85480 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.165 2002/03/19 10:49:35 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.166 2002/03/21 22:44:05 rees Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -1193,7 +1193,7 @@ load_public_identity_files(void)
 #ifdef SMARTCARD
 	if (options.smartcard_device != NULL &&
 	    options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
-	    (public = sc_get_key(options.smartcard_device)) != NULL ) {
+	    (public = sc_get_key(options.smartcard_device, NULL)) != NULL ) {
 		Key *new;
 
 		if (options.num_identity_files + 2 > SSH_MAX_IDENTITY_FILES)