diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-12-13 19:09:10 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-14 07:17:44 +1100 |
commit | b52ec0ba3983859514aa7b57d6100fa9759fe696 (patch) | |
tree | 262c9a2ebc4e6972594f45ea75fc15e8ae3bfefb /sshkey.c | |
parent | c33d46868c3d88e04a92610cdb429094aeeb5847 (diff) | |
download | openssh-git-b52ec0ba3983859514aa7b57d6100fa9759fe696.tar.gz |
upstream: use ssh-sk-helper for all security key signing operations
This extracts and refactors the client interface for ssh-sk-helper
from ssh-agent and generalises it for use by the other programs.
This means that most OpenSSH tools no longer need to link against
libfido2 or directly interact with /dev/uhid*
requested by, feedback and ok markus@
OpenBSD-Commit-ID: 1abcd3aea9a7460eccfbf8ca154cdfa62f1dc93f
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 15 |
1 files changed, 5 insertions, 10 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.96 2019/11/25 00:51:37 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.97 2019/12/13 19:09:10 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2750,13 +2750,6 @@ sshkey_sign(struct sshkey *key, case KEY_ECDSA: r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); break; -# ifdef ENABLE_SK - case KEY_ECDSA_SK_CERT: - case KEY_ECDSA_SK: - r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen, - compat); - break; -# endif /* ENABLE_SK */ # endif /* OPENSSL_HAS_ECC */ case KEY_RSA_CERT: case KEY_RSA: @@ -2770,8 +2763,10 @@ sshkey_sign(struct sshkey *key, #ifdef ENABLE_SK case KEY_ED25519_SK: case KEY_ED25519_SK_CERT: - r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen, - compat); + case KEY_ECDSA_SK_CERT: + case KEY_ECDSA_SK: + r = sshsk_sign(sk_provider, key, sigp, lenp, data, + datalen, compat); break; #endif /* ENABLE_SK */ #ifdef WITH_XMSS |