1 /* $OpenBSD: ssh-sk.c,v 1.40 2023/07/19 14:02:27 djm Exp $ */
3 * Copyright (c) 2019 Google LLC
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 /* #define DEBUG_SK 1 */
32 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
33 #include <openssl/objects.h>
34 #include <openssl/ec.h>
35 #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
46 #include "crypto_api.h"
49 * Almost every use of OpenSSL in this file is for ECDSA-NISTP256.
50 * This is strictly a larger hammer than necessary, but it reduces changes
53 #ifndef OPENSSL_HAS_ECC
57 struct sshsk_provider {
61 /* Return the version of the middleware API */
62 uint32_t (*sk_api_version)(void);
64 /* Enroll a U2F key (private key generation) */
65 int (*sk_enroll)(int alg, const uint8_t *challenge,
66 size_t challenge_len, const char *application, uint8_t flags,
67 const char *pin, struct sk_option **opts,
68 struct sk_enroll_response **enroll_response);
70 /* Sign a challenge */
71 int (*sk_sign)(int alg, const uint8_t *message, size_t message_len,
72 const char *application,
73 const uint8_t *key_handle, size_t key_handle_len,
74 uint8_t flags, const char *pin, struct sk_option **opts,
75 struct sk_sign_response **sign_response);
77 /* Enumerate resident keys */
78 int (*sk_load_resident_keys)(const char *pin, struct sk_option **opts,
79 struct sk_resident_key ***rks, size_t *nrks);
82 /* Built-in version */
83 int ssh_sk_enroll(int alg, const uint8_t *challenge,
84 size_t challenge_len, const char *application, uint8_t flags,
85 const char *pin, struct sk_option **opts,
86 struct sk_enroll_response **enroll_response);
87 int ssh_sk_sign(int alg, const uint8_t *message, size_t message_len,
88 const char *application,
89 const uint8_t *key_handle, size_t key_handle_len,
90 uint8_t flags, const char *pin, struct sk_option **opts,
91 struct sk_sign_response **sign_response);
92 int ssh_sk_load_resident_keys(const char *pin, struct sk_option **opts,
93 struct sk_resident_key ***rks, size_t *nrks);
96 sshsk_free(struct sshsk_provider *p)
101 if (p->dlhandle != NULL)
102 dlclose(p->dlhandle);
106 static struct sshsk_provider *
107 sshsk_open(const char *path)
109 struct sshsk_provider *ret = NULL;
112 if (path == NULL || *path == '\0') {
113 error("No FIDO SecurityKeyProvider specified");
116 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
117 error_f("calloc failed");
120 if ((ret->path = strdup(path)) == NULL) {
121 error_f("strdup failed");
124 /* Skip the rest if we're using the linked in middleware */
125 if (strcasecmp(ret->path, "internal") == 0) {
126 #ifdef ENABLE_SK_INTERNAL
127 ret->sk_enroll = ssh_sk_enroll;
128 ret->sk_sign = ssh_sk_sign;
129 ret->sk_load_resident_keys = ssh_sk_load_resident_keys;
132 error("internal security key support not enabled");
136 if (lib_contains_symbol(path, "sk_api_version") != 0) {
137 error("provider %s is not an OpenSSH FIDO library", path);
140 if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL)
141 fatal("Provider \"%s\" dlopen failed: %s", path, dlerror());
142 if ((ret->sk_api_version = dlsym(ret->dlhandle,
143 "sk_api_version")) == NULL) {
144 error("Provider \"%s\" dlsym(sk_api_version) failed: %s",
148 version = ret->sk_api_version();
149 debug_f("provider %s implements version 0x%08lx", ret->path,
151 if ((version & SSH_SK_VERSION_MAJOR_MASK) != SSH_SK_VERSION_MAJOR) {
152 error("Provider \"%s\" implements unsupported "
153 "version 0x%08lx (supported: 0x%08lx)",
154 path, (u_long)version, (u_long)SSH_SK_VERSION_MAJOR);
157 if ((ret->sk_enroll = dlsym(ret->dlhandle, "sk_enroll")) == NULL) {
158 error("Provider %s dlsym(sk_enroll) failed: %s",
162 if ((ret->sk_sign = dlsym(ret->dlhandle, "sk_sign")) == NULL) {
163 error("Provider \"%s\" dlsym(sk_sign) failed: %s",
167 if ((ret->sk_load_resident_keys = dlsym(ret->dlhandle,
168 "sk_load_resident_keys")) == NULL) {
169 error("Provider \"%s\" dlsym(sk_load_resident_keys) "
170 "failed: %s", path, dlerror());
181 sshsk_free_enroll_response(struct sk_enroll_response *r)
185 freezero(r->key_handle, r->key_handle_len);
186 freezero(r->public_key, r->public_key_len);
187 freezero(r->signature, r->signature_len);
188 freezero(r->attestation_cert, r->attestation_cert_len);
189 freezero(r->authdata, r->authdata_len);
190 freezero(r, sizeof(*r));
194 sshsk_free_sign_response(struct sk_sign_response *r)
198 freezero(r->sig_r, r->sig_r_len);
199 freezero(r->sig_s, r->sig_s_len);
200 freezero(r, sizeof(*r));
204 /* Assemble key from response */
206 sshsk_ecdsa_assemble(struct sk_enroll_response *resp, struct sshkey **keyp)
208 struct sshkey *key = NULL;
209 struct sshbuf *b = NULL;
214 if ((key = sshkey_new(KEY_ECDSA_SK)) == NULL) {
215 error_f("sshkey_new failed");
216 r = SSH_ERR_ALLOC_FAIL;
219 key->ecdsa_nid = NID_X9_62_prime256v1;
220 if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) == NULL ||
221 (q = EC_POINT_new(EC_KEY_get0_group(key->ecdsa))) == NULL ||
222 (b = sshbuf_new()) == NULL) {
223 error_f("allocation failed");
224 r = SSH_ERR_ALLOC_FAIL;
227 if ((r = sshbuf_put_string(b,
228 resp->public_key, resp->public_key_len)) != 0) {
229 error_fr(r, "sshbuf_put_string");
232 if ((r = sshbuf_get_ec(b, q, EC_KEY_get0_group(key->ecdsa))) != 0) {
233 error_fr(r, "parse");
234 r = SSH_ERR_INVALID_FORMAT;
237 if (sshkey_ec_validate_public(EC_KEY_get0_group(key->ecdsa), q) != 0) {
238 error("Authenticator returned invalid ECDSA key");
239 r = SSH_ERR_KEY_INVALID_EC_VALUE;
242 if (EC_KEY_set_public_key(key->ecdsa, q) != 1) {
243 /* XXX assume it is a allocation error */
244 error_f("allocation failed");
245 r = SSH_ERR_ALLOC_FAIL;
250 key = NULL; /* transferred */
258 #endif /* WITH_OPENSSL */
261 sshsk_ed25519_assemble(struct sk_enroll_response *resp, struct sshkey **keyp)
263 struct sshkey *key = NULL;
267 if (resp->public_key_len != ED25519_PK_SZ) {
268 error_f("invalid size: %zu", resp->public_key_len);
269 r = SSH_ERR_INVALID_FORMAT;
272 if ((key = sshkey_new(KEY_ED25519_SK)) == NULL) {
273 error_f("sshkey_new failed");
274 r = SSH_ERR_ALLOC_FAIL;
277 if ((key->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL) {
278 error_f("malloc failed");
279 r = SSH_ERR_ALLOC_FAIL;
282 memcpy(key->ed25519_pk, resp->public_key, ED25519_PK_SZ);
285 key = NULL; /* transferred */
293 sshsk_key_from_response(int alg, const char *application, uint8_t flags,
294 struct sk_enroll_response *resp, struct sshkey **keyp)
296 struct sshkey *key = NULL;
297 int r = SSH_ERR_INTERNAL_ERROR;
301 /* Check response validity */
302 if (resp->public_key == NULL || resp->key_handle == NULL) {
303 error_f("sk_enroll response invalid");
304 r = SSH_ERR_INVALID_FORMAT;
310 if ((r = sshsk_ecdsa_assemble(resp, &key)) != 0)
313 #endif /* WITH_OPENSSL */
315 if ((r = sshsk_ed25519_assemble(resp, &key)) != 0)
319 error_f("unsupported algorithm %d", alg);
320 r = SSH_ERR_INVALID_ARGUMENT;
323 key->sk_flags = flags;
324 if ((key->sk_key_handle = sshbuf_new()) == NULL ||
325 (key->sk_reserved = sshbuf_new()) == NULL) {
326 error_f("allocation failed");
327 r = SSH_ERR_ALLOC_FAIL;
330 if ((key->sk_application = strdup(application)) == NULL) {
331 error_f("strdup application failed");
332 r = SSH_ERR_ALLOC_FAIL;
335 if ((r = sshbuf_put(key->sk_key_handle, resp->key_handle,
336 resp->key_handle_len)) != 0) {
337 error_fr(r, "put key handle");
350 skerr_to_ssherr(int skerr)
353 case SSH_SK_ERR_UNSUPPORTED:
354 return SSH_ERR_FEATURE_UNSUPPORTED;
355 case SSH_SK_ERR_PIN_REQUIRED:
356 return SSH_ERR_KEY_WRONG_PASSPHRASE;
357 case SSH_SK_ERR_DEVICE_NOT_FOUND:
358 return SSH_ERR_DEVICE_NOT_FOUND;
359 case SSH_SK_ERR_CREDENTIAL_EXISTS:
360 return SSH_ERR_KEY_BAD_PERMISSIONS;
361 case SSH_SK_ERR_GENERAL:
363 return SSH_ERR_INVALID_FORMAT;
368 sshsk_free_options(struct sk_option **opts)
374 for (i = 0; opts[i] != NULL; i++) {
376 free(opts[i]->value);
383 sshsk_add_option(struct sk_option ***optsp, size_t *noptsp,
384 const char *name, const char *value, uint8_t required)
386 struct sk_option **opts = *optsp;
387 size_t nopts = *noptsp;
389 if ((opts = recallocarray(opts, nopts, nopts + 2, /* extra for NULL */
390 sizeof(*opts))) == NULL) {
391 error_f("array alloc failed");
392 return SSH_ERR_ALLOC_FAIL;
396 if ((opts[nopts] = calloc(1, sizeof(**opts))) == NULL) {
397 error_f("alloc failed");
398 return SSH_ERR_ALLOC_FAIL;
400 if ((opts[nopts]->name = strdup(name)) == NULL ||
401 (opts[nopts]->value = strdup(value)) == NULL) {
402 error_f("alloc failed");
403 return SSH_ERR_ALLOC_FAIL;
405 opts[nopts]->required = required;
410 make_options(const char *device, const char *user_id,
411 struct sk_option ***optsp)
413 struct sk_option **opts = NULL;
415 int r, ret = SSH_ERR_INTERNAL_ERROR;
417 if (device != NULL &&
418 (r = sshsk_add_option(&opts, &nopts, "device", device, 0)) != 0) {
422 if (user_id != NULL &&
423 (r = sshsk_add_option(&opts, &nopts, "user", user_id, 0)) != 0) {
433 sshsk_free_options(opts);
439 fill_attestation_blob(const struct sk_enroll_response *resp,
440 struct sshbuf *attest)
445 return 0; /* nothing to do */
446 if ((r = sshbuf_put_cstring(attest, "ssh-sk-attest-v01")) != 0 ||
447 (r = sshbuf_put_string(attest,
448 resp->attestation_cert, resp->attestation_cert_len)) != 0 ||
449 (r = sshbuf_put_string(attest,
450 resp->signature, resp->signature_len)) != 0 ||
451 (r = sshbuf_put_string(attest,
452 resp->authdata, resp->authdata_len)) != 0 ||
453 (r = sshbuf_put_u32(attest, 0)) != 0 || /* resvd flags */
454 (r = sshbuf_put_string(attest, NULL, 0)) != 0 /* resvd */) {
455 error_fr(r, "compose");
463 sshsk_enroll(int type, const char *provider_path, const char *device,
464 const char *application, const char *userid, uint8_t flags,
465 const char *pin, struct sshbuf *challenge_buf,
466 struct sshkey **keyp, struct sshbuf *attest)
468 struct sshsk_provider *skp = NULL;
469 struct sshkey *key = NULL;
470 u_char randchall[32];
471 const u_char *challenge;
472 size_t challenge_len;
473 struct sk_enroll_response *resp = NULL;
474 struct sk_option **opts = NULL;
475 int r = SSH_ERR_INTERNAL_ERROR;
478 debug_f("provider \"%s\", device \"%s\", application \"%s\", "
479 "userid \"%s\", flags 0x%02x, challenge len %zu%s",
480 provider_path, device, application, userid, flags,
481 challenge_buf == NULL ? 0 : sshbuf_len(challenge_buf),
482 (pin != NULL && *pin != '\0') ? " with-pin" : "");
486 sshbuf_reset(attest);
488 if ((r = make_options(device, userid, &opts)) != 0)
496 #endif /* WITH_OPENSSL */
498 alg = SSH_SK_ED25519;
501 error_f("unsupported key type");
502 r = SSH_ERR_INVALID_ARGUMENT;
505 if (provider_path == NULL) {
506 error_f("missing provider");
507 r = SSH_ERR_INVALID_ARGUMENT;
510 if (application == NULL || *application == '\0') {
511 error_f("missing application");
512 r = SSH_ERR_INVALID_ARGUMENT;
515 if (challenge_buf == NULL) {
516 debug_f("using random challenge");
517 arc4random_buf(randchall, sizeof(randchall));
518 challenge = randchall;
519 challenge_len = sizeof(randchall);
520 } else if (sshbuf_len(challenge_buf) == 0) {
521 error("Missing enrollment challenge");
522 r = SSH_ERR_INVALID_ARGUMENT;
525 challenge = sshbuf_ptr(challenge_buf);
526 challenge_len = sshbuf_len(challenge_buf);
527 debug3_f("using explicit challenge len=%zd", challenge_len);
529 if ((skp = sshsk_open(provider_path)) == NULL) {
530 r = SSH_ERR_INVALID_FORMAT; /* XXX sshsk_open return code? */
533 /* XXX validate flags? */
535 if ((r = skp->sk_enroll(alg, challenge, challenge_len, application,
536 flags, pin, opts, &resp)) != 0) {
537 debug_f("provider \"%s\" failure %d", provider_path, r);
538 r = skerr_to_ssherr(r);
542 if ((r = sshsk_key_from_response(alg, application, resp->flags,
546 /* Optionally fill in the attestation information */
547 if ((r = fill_attestation_blob(resp, attest)) != 0)
552 key = NULL; /* transferred */
555 sshsk_free_options(opts);
558 sshsk_free_enroll_response(resp);
559 explicit_bzero(randchall, sizeof(randchall));
565 sshsk_ecdsa_sig(struct sk_sign_response *resp, struct sshbuf *sig)
567 struct sshbuf *inner_sig = NULL;
568 int r = SSH_ERR_INTERNAL_ERROR;
570 /* Check response validity */
571 if (resp->sig_r == NULL || resp->sig_s == NULL) {
572 error_f("sk_sign response invalid");
573 r = SSH_ERR_INVALID_FORMAT;
576 if ((inner_sig = sshbuf_new()) == NULL) {
577 r = SSH_ERR_ALLOC_FAIL;
580 /* Prepare and append inner signature object */
581 if ((r = sshbuf_put_bignum2_bytes(inner_sig,
582 resp->sig_r, resp->sig_r_len)) != 0 ||
583 (r = sshbuf_put_bignum2_bytes(inner_sig,
584 resp->sig_s, resp->sig_s_len)) != 0) {
585 error_fr(r, "compose inner");
588 if ((r = sshbuf_put_stringb(sig, inner_sig)) != 0 ||
589 (r = sshbuf_put_u8(sig, resp->flags)) != 0 ||
590 (r = sshbuf_put_u32(sig, resp->counter)) != 0) {
591 error_fr(r, "compose");
595 fprintf(stderr, "%s: sig_r:\n", __func__);
596 sshbuf_dump_data(resp->sig_r, resp->sig_r_len, stderr);
597 fprintf(stderr, "%s: sig_s:\n", __func__);
598 sshbuf_dump_data(resp->sig_s, resp->sig_s_len, stderr);
599 fprintf(stderr, "%s: inner:\n", __func__);
600 sshbuf_dump(inner_sig, stderr);
604 sshbuf_free(inner_sig);
607 #endif /* WITH_OPENSSL */
610 sshsk_ed25519_sig(struct sk_sign_response *resp, struct sshbuf *sig)
612 int r = SSH_ERR_INTERNAL_ERROR;
614 /* Check response validity */
615 if (resp->sig_r == NULL) {
616 error_f("sk_sign response invalid");
617 r = SSH_ERR_INVALID_FORMAT;
620 if ((r = sshbuf_put_string(sig,
621 resp->sig_r, resp->sig_r_len)) != 0 ||
622 (r = sshbuf_put_u8(sig, resp->flags)) != 0 ||
623 (r = sshbuf_put_u32(sig, resp->counter)) != 0) {
624 error_fr(r, "compose");
628 fprintf(stderr, "%s: sig_r:\n", __func__);
629 sshbuf_dump_data(resp->sig_r, resp->sig_r_len, stderr);
637 sshsk_sign(const char *provider_path, struct sshkey *key,
638 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
639 u_int compat, const char *pin)
641 struct sshsk_provider *skp = NULL;
642 int r = SSH_ERR_INTERNAL_ERROR;
644 struct sk_sign_response *resp = NULL;
645 struct sshbuf *inner_sig = NULL, *sig = NULL;
646 struct sk_option **opts = NULL;
648 debug_f("provider \"%s\", key %s, flags 0x%02x%s",
649 provider_path, sshkey_type(key), key->sk_flags,
650 (pin != NULL && *pin != '\0') ? " with-pin" : "");
656 type = sshkey_type_plain(key->type);
662 #endif /* WITH_OPENSSL */
664 alg = SSH_SK_ED25519;
667 return SSH_ERR_INVALID_ARGUMENT;
669 if (provider_path == NULL ||
670 key->sk_key_handle == NULL ||
671 key->sk_application == NULL || *key->sk_application == '\0') {
672 r = SSH_ERR_INVALID_ARGUMENT;
675 if ((skp = sshsk_open(provider_path)) == NULL) {
676 r = SSH_ERR_INVALID_FORMAT; /* XXX sshsk_open return code? */
680 fprintf(stderr, "%s: sk_flags = 0x%02x, sk_application = \"%s\"\n",
681 __func__, key->sk_flags, key->sk_application);
682 fprintf(stderr, "%s: sk_key_handle:\n", __func__);
683 sshbuf_dump(key->sk_key_handle, stderr);
685 if ((r = skp->sk_sign(alg, data, datalen, key->sk_application,
686 sshbuf_ptr(key->sk_key_handle), sshbuf_len(key->sk_key_handle),
687 key->sk_flags, pin, opts, &resp)) != 0) {
688 debug_f("sk_sign failed with code %d", r);
689 r = skerr_to_ssherr(r);
692 /* Assemble signature */
693 if ((sig = sshbuf_new()) == NULL) {
694 r = SSH_ERR_ALLOC_FAIL;
697 if ((r = sshbuf_put_cstring(sig, sshkey_ssh_name_plain(key))) != 0) {
698 error_fr(r, "compose outer");
704 if ((r = sshsk_ecdsa_sig(resp, sig)) != 0)
707 #endif /* WITH_OPENSSL */
709 if ((r = sshsk_ed25519_sig(resp, sig)) != 0)
714 fprintf(stderr, "%s: sig_flags = 0x%02x, sig_counter = %u\n",
715 __func__, resp->flags, resp->counter);
716 fprintf(stderr, "%s: data to sign:\n", __func__);
717 sshbuf_dump_data(data, datalen, stderr);
718 fprintf(stderr, "%s: sigbuf:\n", __func__);
719 sshbuf_dump(sig, stderr);
722 if ((*sigp = malloc(sshbuf_len(sig))) == NULL) {
723 r = SSH_ERR_ALLOC_FAIL;
726 memcpy(*sigp, sshbuf_ptr(sig), sshbuf_len(sig));
729 *lenp = sshbuf_len(sig);
733 sshsk_free_options(opts);
735 sshsk_free_sign_response(resp);
737 sshbuf_free(inner_sig);
742 sshsk_free_sk_resident_keys(struct sk_resident_key **rks, size_t nrks)
746 if (nrks == 0 || rks == NULL)
748 for (i = 0; i < nrks; i++) {
749 free(rks[i]->application);
750 freezero(rks[i]->user_id, rks[i]->user_id_len);
751 freezero(rks[i]->key.key_handle, rks[i]->key.key_handle_len);
752 freezero(rks[i]->key.public_key, rks[i]->key.public_key_len);
753 freezero(rks[i]->key.signature, rks[i]->key.signature_len);
754 freezero(rks[i]->key.attestation_cert,
755 rks[i]->key.attestation_cert_len);
756 freezero(rks[i], sizeof(**rks));
762 sshsk_free_resident_key(struct sshsk_resident_key *srk)
766 sshkey_free(srk->key);
767 freezero(srk->user_id, srk->user_id_len);
773 sshsk_free_resident_keys(struct sshsk_resident_key **srks, size_t nsrks)
777 if (srks == NULL || nsrks == 0)
780 for (i = 0; i < nsrks; i++)
781 sshsk_free_resident_key(srks[i]);
786 sshsk_load_resident(const char *provider_path, const char *device,
787 const char *pin, u_int flags, struct sshsk_resident_key ***srksp,
790 struct sshsk_provider *skp = NULL;
791 int r = SSH_ERR_INTERNAL_ERROR;
792 struct sk_resident_key **rks = NULL;
793 size_t i, nrks = 0, nsrks = 0;
794 struct sshkey *key = NULL;
795 struct sshsk_resident_key *srk = NULL, **srks = NULL, **tmp;
797 struct sk_option **opts = NULL;
799 debug_f("provider \"%s\"%s", provider_path,
800 (pin != NULL && *pin != '\0') ? ", have-pin": "");
802 if (srksp == NULL || nsrksp == NULL)
803 return SSH_ERR_INVALID_ARGUMENT;
807 if ((r = make_options(device, NULL, &opts)) != 0)
809 if ((skp = sshsk_open(provider_path)) == NULL) {
810 r = SSH_ERR_INVALID_FORMAT; /* XXX sshsk_open return code? */
813 if ((r = skp->sk_load_resident_keys(pin, opts, &rks, &nrks)) != 0) {
814 error("Provider \"%s\" returned failure %d", provider_path, r);
815 r = skerr_to_ssherr(r);
818 for (i = 0; i < nrks; i++) {
819 debug3_f("rk %zu: slot %zu, alg %d, app \"%s\", uidlen %zu",
820 i, rks[i]->slot, rks[i]->alg, rks[i]->application,
821 rks[i]->user_id_len);
822 /* XXX need better filter here */
823 if (strncmp(rks[i]->application, "ssh:", 4) != 0)
825 switch (rks[i]->alg) {
832 sk_flags = SSH_SK_USER_PRESENCE_REQD|SSH_SK_RESIDENT_KEY;
833 if ((rks[i]->flags & SSH_SK_USER_VERIFICATION_REQD))
834 sk_flags |= SSH_SK_USER_VERIFICATION_REQD;
835 if ((r = sshsk_key_from_response(rks[i]->alg,
836 rks[i]->application, sk_flags, &rks[i]->key, &key)) != 0)
838 if ((srk = calloc(1, sizeof(*srk))) == NULL) {
839 error_f("calloc failed");
840 r = SSH_ERR_ALLOC_FAIL;
844 key = NULL; /* transferred */
845 if ((srk->user_id = calloc(1, rks[i]->user_id_len)) == NULL) {
846 error_f("calloc failed");
847 r = SSH_ERR_ALLOC_FAIL;
850 memcpy(srk->user_id, rks[i]->user_id, rks[i]->user_id_len);
851 srk->user_id_len = rks[i]->user_id_len;
852 if ((tmp = recallocarray(srks, nsrks, nsrks + 1,
853 sizeof(*tmp))) == NULL) {
854 error_f("recallocarray failed");
855 r = SSH_ERR_ALLOC_FAIL;
861 /* XXX synthesise comment */
870 sshsk_free_options(opts);
872 sshsk_free_sk_resident_keys(rks, nrks);
874 sshsk_free_resident_key(srk);
875 sshsk_free_resident_keys(srks, nsrks);
879 #endif /* ENABLE_SK */