version 1.32, 2016/04/09 12:39:30 |
version 1.33, 2016/05/02 09:36:42 |
|
|
|
|
/* Sign a certified key, (re-)generating the signed certblob. */ |
/* Sign a certified key, (re-)generating the signed certblob. */ |
int |
int |
sshkey_certify(struct sshkey *k, struct sshkey *ca) |
sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) |
{ |
{ |
struct sshbuf *principals = NULL; |
struct sshbuf *principals = NULL; |
u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; |
u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; |
|
|
|
|
/* Sign the whole mess */ |
/* Sign the whole mess */ |
if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), |
if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), |
sshbuf_len(cert), NULL, 0)) != 0) |
sshbuf_len(cert), alg, 0)) != 0) |
goto out; |
goto out; |
|
|
/* Append signature and we are done */ |
/* Append signature and we are done */ |