diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-10-31 21:23:19 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-01 09:46:10 +1100 |
commit | 9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9 (patch) | |
tree | d79bb8d66eeba8e353f18dac919cb65d0ad896c7 /sshsig.h | |
parent | 07da39f71d36fb547749a5b16aa8892e621a7e4a (diff) | |
download | openssh-git-9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9.tar.gz |
upstream: Refactor signing - use sshkey_sign for everything,
including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
Diffstat (limited to 'sshsig.h')
-rw-r--r-- | sshsig.h | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -22,7 +22,7 @@ struct sshkey; struct sshsigopt; typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int, void *); + const u_char *, size_t, const char *, const char *, u_int, void *); /* Buffer-oriented API */ @@ -32,8 +32,9 @@ typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, * out is populated with the detached signature, or NULL on failure. */ int sshsig_signb(struct sshkey *key, const char *hashalg, - const struct sshbuf *message, const char *sig_namespace, - struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); + const char *sk_provider, const struct sshbuf *message, + const char *sig_namespace, struct sshbuf **out, + sshsig_signer *signer, void *signer_ctx); /* * Verifies that a detached signature is valid and optionally returns key @@ -52,8 +53,8 @@ int sshsig_verifyb(struct sshbuf *signature, * out is populated with the detached signature, or NULL on failure. */ int sshsig_sign_fd(struct sshkey *key, const char *hashalg, - int fd, const char *sig_namespace, struct sshbuf **out, - sshsig_signer *signer, void *signer_ctx); + const char *sk_provider, int fd, const char *sig_namespace, + struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); /* * Verifies that a detached signature over a file is valid and optionally |