commit 9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9
author djm@openbsd.org <djm@openbsd.org> Thu Oct 31 21:23:19 2019 +0000
committer Damien Miller <djm@mindrot.org> Fri Nov 01 09:46:10 2019 +1100
tree d79bb8d66eeba8e353f18dac919cb65d0ad896c7
parent 07da39f71d36fb547749a5b16aa8892e621a7e4a

upstream: Refactor signing - use sshkey_sign for everything,

including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.

Suggested by / ok markus@

OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c

ssh_api.c

diff --git a/ssh_api.c b/ssh_api.c
index 03dac09..e0b1955 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh_api.c,v 1.18 2019/09/13 04:36:43 dtucker Exp $ */
+/* $OpenBSD: ssh_api.c,v 1.19 2019/10/31 21:23:19 djm Exp $ */
 /*
  * Copyright (c) 2012 Markus Friedl.  All rights reserved.
  *
@@ -54,7 +54,7 @@
  */
 int	use_privsep = 0;
 int	mm_sshkey_sign(struct sshkey *, u_char **, u_int *,
-    u_char *, u_int, char *, u_int);
+    const u_char *, u_int, const char *, const char *, u_int);
 
 #ifdef WITH_OPENSSL
 DH	*mm_choose_dh(int, int, int);
@@ -66,7 +66,8 @@
 
 int
 mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp,
-    u_char *data, u_int datalen, char *alg, u_int compat)
+    const u_char *data, u_int datalen, const char *alg, const char *sk_provider,
+    u_int compat)
 {
 	return (-1);
 }
@@ -568,5 +569,5 @@
     const u_char *data, size_t dlen, const char *alg)
 {
 	return sshkey_sign(privkey, signature, slen, data, dlen,
-	    alg, ssh->compat);
+	    alg, NULL, ssh->compat);
 }