summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-12-13 19:09:10 +0000
committerDamien Miller <djm@mindrot.org>2019-12-14 07:17:44 +1100
commitb52ec0ba3983859514aa7b57d6100fa9759fe696 (patch)
tree262c9a2ebc4e6972594f45ea75fc15e8ae3bfefb /sshkey.c
parentc33d46868c3d88e04a92610cdb429094aeeb5847 (diff)
upstream: use ssh-sk-helper for all security key signing operations
This extracts and refactors the client interface for ssh-sk-helper from ssh-agent and generalises it for use by the other programs. This means that most OpenSSH tools no longer need to link against libfido2 or directly interact with /dev/uhid* requested by, feedback and ok markus@ OpenBSD-Commit-ID: 1abcd3aea9a7460eccfbf8ca154cdfa62f1dc93f
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c15
1 files changed, 5 insertions, 10 deletions
diff --git a/sshkey.c b/sshkey.c
index 920c0dc3..674303c3 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.96 2019/11/25 00:51:37 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.97 2019/12/13 19:09:10 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2750,13 +2750,6 @@ sshkey_sign(struct sshkey *key,
case KEY_ECDSA:
r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat);
break;
-# ifdef ENABLE_SK
- case KEY_ECDSA_SK_CERT:
- case KEY_ECDSA_SK:
- r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen,
- compat);
- break;
-# endif /* ENABLE_SK */
# endif /* OPENSSL_HAS_ECC */
case KEY_RSA_CERT:
case KEY_RSA:
@@ -2770,8 +2763,10 @@ sshkey_sign(struct sshkey *key,
#ifdef ENABLE_SK
case KEY_ED25519_SK:
case KEY_ED25519_SK_CERT:
- r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen,
- compat);
+ case KEY_ECDSA_SK_CERT:
+ case KEY_ECDSA_SK:
+ r = sshsk_sign(sk_provider, key, sigp, lenp, data,
+ datalen, compat);
break;
#endif /* ENABLE_SK */
#ifdef WITH_XMSS