From e1d01ea6ff42361412175340de505ec4eac0e788 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 2 May 2016 09:36:43 +0000 Subject: support SHA256 and SHA512 RSA signatures in certificates; ok markus@ --- usr.bin/ssh/sshkey.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'usr.bin/ssh/sshkey.c') diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index 2b7fb55495a..b8a80532477 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.32 2016/04/09 12:39:30 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.33 2016/05/02 09:36:42 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2326,7 +2326,7 @@ sshkey_drop_cert(struct sshkey *k) /* Sign a certified key, (re-)generating the signed certblob. */ int -sshkey_certify(struct sshkey *k, struct sshkey *ca) +sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) { struct sshbuf *principals = NULL; u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; @@ -2414,7 +2414,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) /* Sign the whole mess */ if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), - sshbuf_len(cert), NULL, 0)) != 0) + sshbuf_len(cert), alg, 0)) != 0) goto out; /* Append signature and we are done */ -- cgit v1.2.3