upstream commit

support SHA256 and SHA512 RSA signatures in certificates; ok markus@ Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
author: djm@openbsd.org <djm@openbsd.org> 2016-05-02 09:36:42 +0000
committer: Damien Miller <djm@mindrot.org> 2016-05-02 20:35:05 +1000
commit: 57464e3934ba53ad8590ee3ccd840f693407fc1e (patch)
tree: a87cc5d5de85e4ea3b735d8bff2dbc9f4b35f2dc /sshkey.c
parent: 1a31d02b2411c4718de58ce796dbb7b5e14db93e (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/sshkey.c b/sshkey.c
index 2ce7ada9f..c20e5868b 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.32 2016/04/09 12:39:30 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.33 2016/05/02 09:36:42 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2370,7 +2370,7 @@ sshkey_drop_cert(struct sshkey *k)
 
 /* Sign a certified key, (re-)generating the signed certblob. */
 int
-sshkey_certify(struct sshkey *k, struct sshkey *ca)
+sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg)
 {
 	struct sshbuf *principals = NULL;
 	u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32];
@@ -2460,7 +2460,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
 
 	/* Sign the whole mess */
 	if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert),
-	    sshbuf_len(cert), NULL, 0)) != 0)
+	    sshbuf_len(cert), alg, 0)) != 0)
 		goto out;
 
 	/* Append signature and we are done */
author	djm@openbsd.org <djm@openbsd.org>	2016-05-02 09:36:42 +0000
committer	Damien Miller <djm@mindrot.org>	2016-05-02 20:35:05 +1000
commit	57464e3934ba53ad8590ee3ccd840f693407fc1e (patch)
tree	a87cc5d5de85e4ea3b735d8bff2dbc9f4b35f2dc /sshkey.c
parent	1a31d02b2411c4718de58ce796dbb7b5e14db93e (diff)