===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/key.c,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- src/usr.bin/ssh/Attic/key.c	2012/05/23 03:28:28	1.99
+++ src/usr.bin/ssh/Attic/key.c	2013/01/17 23:00:01	1.100
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.99 2012/05/23 03:28:28 djm Exp $ */
+/* $OpenBSD: key.c,v 1.100 2013/01/17 23:00:01 djm Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -51,6 +51,8 @@
 #include "misc.h"
 #include "ssh2.h"
 
+static int to_blob(const Key *, u_char **, u_int *, int);
+
 static struct KeyCert *
 cert_new(void)
 {
@@ -312,14 +314,15 @@
 }
 
 u_char*
-key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
+key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
+    u_int *dgst_raw_length)
 {
 	const EVP_MD *md = NULL;
 	EVP_MD_CTX ctx;
 	u_char *blob = NULL;
 	u_char *retval = NULL;
 	u_int len = 0;
-	int nlen, elen, otype;
+	int nlen, elen;
 
 	*dgst_raw_length = 0;
 
@@ -357,10 +360,7 @@
 	case KEY_ECDSA_CERT:
 	case KEY_RSA_CERT:
 		/* We want a fingerprint of the _key_ not of the cert */
-		otype = k->type;
-		k->type = key_type_plain(k->type);
-		key_to_blob(k, &blob, &len);
-		k->type = otype;
+		to_blob(k, &blob, &len, 1);
 		break;
 	case KEY_UNSPEC:
 		return retval;
@@ -1530,18 +1530,19 @@
 	return key;
 }
 
-int
-key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
+static int
+to_blob(const Key *key, u_char **blobp, u_int *lenp, int force_plain)
 {
 	Buffer b;
-	int len;
+	int len, type;
 
 	if (key == NULL) {
 		error("key_to_blob: key == NULL");
 		return 0;
 	}
 	buffer_init(&b);
-	switch (key->type) {
+	type = force_plain ? key_type_plain(key->type) : key->type;
+	switch (type) {
 	case KEY_DSA_CERT_V00:
 	case KEY_RSA_CERT_V00:
 	case KEY_DSA_CERT:
@@ -1552,20 +1553,23 @@
 		    buffer_len(&key->cert->certblob));
 		break;
 	case KEY_DSA:
-		buffer_put_cstring(&b, key_ssh_name(key));
+		buffer_put_cstring(&b,
+		    key_ssh_name_from_type_nid(type, key->ecdsa_nid));
 		buffer_put_bignum2(&b, key->dsa->p);
 		buffer_put_bignum2(&b, key->dsa->q);
 		buffer_put_bignum2(&b, key->dsa->g);
 		buffer_put_bignum2(&b, key->dsa->pub_key);
 		break;
 	case KEY_ECDSA:
-		buffer_put_cstring(&b, key_ssh_name(key));
+		buffer_put_cstring(&b,
+		    key_ssh_name_from_type_nid(type, key->ecdsa_nid));
 		buffer_put_cstring(&b, key_curve_nid_to_name(key->ecdsa_nid));
 		buffer_put_ecpoint(&b, EC_KEY_get0_group(key->ecdsa),
 		    EC_KEY_get0_public_key(key->ecdsa));
 		break;
 	case KEY_RSA:
-		buffer_put_cstring(&b, key_ssh_name(key));
+		buffer_put_cstring(&b,
+		    key_ssh_name_from_type_nid(type, key->ecdsa_nid));
 		buffer_put_bignum2(&b, key->rsa->e);
 		buffer_put_bignum2(&b, key->rsa->n);
 		break;
@@ -1587,6 +1591,12 @@
 }
 
 int
+key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
+{
+	return to_blob(key, blobp, lenp, 0);
+}
+
+int
 key_sign(
     const Key *key,
     u_char **sigp, u_int *lenp,
@@ -1957,7 +1967,7 @@
 }
 
 int
-key_cert_is_legacy(Key *k)
+key_cert_is_legacy(const Key *k)
 {
 	switch (k->type) {
 	case KEY_DSA_CERT_V00: