Lines Matching defs:helper
46 * Maintain a list of ssh-pkcs11-helper subprocesses. These may be looked up
49 struct helper {
59 static struct helper **helpers;
62 static struct helper *
77 static struct helper *
93 static struct helper *
110 helper_free(struct helper *helper)
115 if (helper == NULL)
117 if (helper->path == NULL || helper->ec_meth == NULL ||
118 helper->rsa_meth == NULL)
119 fatal_f("inconsistent helper");
120 debug3_f("free helper for provider %s", helper->path);
122 if (helpers[i] == helper) {
124 fatal_f("helper recorded more than once");
135 free(helper->path);
136 EC_KEY_METHOD_free(helper->ec_meth);
137 RSA_meth_free(helper->rsa_meth);
138 free(helper);
142 helper_terminate(struct helper *helper)
144 if (helper == NULL) {
146 } else if (helper->fd == -1) {
149 debug3_f("terminating helper for %s; "
151 helper->path, helper->nrsa, helper->nec);
152 close(helper->fd);
154 helper->fd = -1;
155 helper->pid = -1;
158 * Don't delete the helper entry until there are no remaining keys
162 if (helper->nrsa == 0 && helper->nec == 0)
163 helper_free(helper);
179 error("write to helper failed");
195 error("read from helper failed: %u", len);
207 error("response from helper failed.");
243 struct helper *helper;
245 if ((helper = helper_by_rsa(rsa)) == NULL || helper->fd == -1)
246 fatal_f("no helper for PKCS11 key");
247 debug3_f("signing with PKCS11 provider %s", helper->path);
272 send_msg(helper->fd, msg);
275 if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE) {
294 struct helper *helper;
296 if ((helper = helper_by_rsa(rsa)) == NULL)
297 fatal_f("no helper for PKCS11 key");
298 debug3_f("free PKCS11 RSA key for provider %s", helper->path);
299 if (helper->rsa_finish != NULL)
300 helper->rsa_finish(rsa);
301 if (helper->nrsa == 0)
303 helper->nrsa--;
305 helper->path, helper->nrsa, helper->nec);
306 if (helper->nrsa == 0 && helper->nec == 0)
307 helper_terminate(helper);
322 struct helper *helper;
324 if ((helper = helper_by_ec(ec)) == NULL || helper->fd == -1)
325 fatal_f("no helper for PKCS11 key");
326 debug3_f("signing with PKCS11 provider %s", helper->path);
355 send_msg(helper->fd, msg);
358 if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE) {
376 struct helper *helper;
378 if ((helper = helper_by_ec(ec)) == NULL)
379 fatal_f("no helper for PKCS11 key");
380 debug3_f("free PKCS11 ECDSA key for provider %s", helper->path);
381 if (helper->ec_finish != NULL)
382 helper->ec_finish(ec);
383 if (helper->nec == 0)
385 helper->nec--;
387 helper->path, helper->nrsa, helper->nec);
388 if (helper->nrsa == 0 && helper->nec == 0)
389 helper_terminate(helper);
392 /* redirect private key crypto operations to the ssh-pkcs11-helper */
394 wrap_key(struct helper *helper, struct sshkey *k)
399 debug3_f("wrap %s for provider %s", sshkey_type(k), helper->path);
403 if (RSA_set_method(rsa, helper->rsa_meth) != 1)
405 if (helper->nrsa++ >= INT_MAX)
413 if (EC_KEY_set_method(ecdsa, helper->ec_meth) != 1)
415 if (helper->nec++ >= INT_MAX)
424 helper->path, helper->nrsa, helper->nec);
435 struct helper *helper = NULL;
454 if ((helper = helper_by_rsa(rsa_priv)) == NULL ||
455 helper->fd == -1)
456 fatal_f("no helper for PKCS11 RSA key");
461 if (RSA_set_method(rsa_cert, helper->rsa_meth) != 1)
463 if (helper->nrsa++ >= INT_MAX)
472 if ((helper = helper_by_ec(ec_priv)) == NULL ||
473 helper->fd == -1)
474 fatal_f("no helper for PKCS11 EC key");
479 if (EC_KEY_set_method(ec_cert, helper->ec_meth) != 1)
481 if (helper->nec++ >= INT_MAX)
495 helper->path, helper->nrsa, helper->nec);
502 pkcs11_start_helper_methods(struct helper *helper)
518 EC_KEY_METHOD_get_init(ec_meth, &ec_init, &helper->ec_finish,
525 helper->rsa_finish = RSA_meth_get_finish(rsa_meth);
526 if (!RSA_meth_set1_name(rsa_meth, "ssh-pkcs11-helper") ||
531 helper->ec_meth = ec_meth;
532 helper->rsa_meth = rsa_meth;
536 static struct helper *
541 struct helper *helper;
546 debug3_f("start helper for %s", path);
551 helper = xcalloc(1, sizeof(*helper));
552 if (pkcs11_start_helper_methods(helper) == -1) {
561 RSA_meth_free(helper->rsa_meth);
562 EC_KEY_METHOD_free(helper->ec_meth);
563 free(helper);
585 helper->fd = pair[0];
586 helper->path = xstrdup(path);
587 helper->pid = pid;
588 debug3_f("helper %zu for \"%s\" on fd %d pid %ld", nhelpers,
589 helper->path, helper->fd, (long)helper->pid);
592 helpers[nhelpers++] = helper;
593 return helper;
607 struct helper *helper;
609 if ((helper = helper_by_provider(name)) == NULL &&
610 (helper = pkcs11_start_helper(name)) == NULL)
619 send_msg(helper->fd, msg);
622 type = recv_msg(helper->fd, msg);
636 wrap_key(helper, k);
657 struct helper *helper;
660 * ssh-agent deletes keys before calling this, so the helper entry
664 if ((helper = helper_by_provider(name)) != NULL)
665 helper_terminate(helper);