src: Implements PKCS11 URI support

Imports private and public keys from the engine via PKCS11 URIs. Uses
the imported keys to authenticate to the ssh server.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

1 files changed, 15 insertions, 0 deletions

diff --git a/src/pki.c b/src/pki.c
index 24ffd25d..ae470ffc 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -4,6 +4,7 @@
  *
  * Copyright (c) 2010 by Aris Adamantiadis
  * Copyright (c) 2011-2013 Andreas Schneider <asn@cryptomilk.org>
+ * Copyright (c) 2019      Sahana Prasad     <sahana@redhat.com>
  *
  * The SSH Library is free software; you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
@@ -864,6 +865,13 @@ int ssh_pki_import_privkey_file(const char *filename,
         return SSH_ERROR;
     }
 
+#ifdef WITH_PKCS11_URI
+    if (ssh_pki_is_uri(filename)) {
+        rc = pki_uri_import(filename, pkey, SSH_KEY_PRIVATE);
+        return rc;
+    }
+#endif
+
     file = fopen(filename, "rb");
     if (file == NULL) {
         SSH_LOG(SSH_LOG_WARN,
@@ -1639,6 +1647,13 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
         return SSH_ERROR;
     }
 
+#ifdef WITH_PKCS11_URI
+    if (ssh_pki_is_uri(filename)) {
+        rc = pki_uri_import(filename, pkey, SSH_KEY_PUBLIC);
+        return rc;
+    }
+#endif
+
     file = fopen(filename, "rb");
     if (file == NULL) {
         SSH_LOG(SSH_LOG_WARN, "Error opening %s: %s",