diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-09-03 08:35:27 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-09-03 18:40:24 +1000 |
commit | d637c4aee6f9b5280c13c020d7653444ac1fcaa5 (patch) | |
tree | f4844d9e77f1008b5928f72d5542ec075239dd4e /sshsig.h | |
parent | 2a9c9f7272c1e8665155118fe6536bebdafb6166 (diff) |
upstream: sshsig tweaks and improvements from and suggested by
Markus
ok markus/me
OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
Diffstat (limited to 'sshsig.h')
-rw-r--r-- | sshsig.h | 28 |
1 files changed, 17 insertions, 11 deletions
@@ -23,16 +23,29 @@ struct sshkey; typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, u_int, void *); +/* Buffer-oriented API */ + /* - * Creates a detached SSH signature for a given message. + * Creates a detached SSH signature for a given buffer. * Returns 0 on success or a negative SSH_ERR_* error code on failure. * out is populated with the detached signature, or NULL on failure. */ -int sshsig_sign_message(struct sshkey *key, const char *hashalg, +int sshsig_signb(struct sshkey *key, const char *hashalg, const struct sshbuf *message, const char *sig_namespace, struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); /* + * Verifies that a detached signature is valid and optionally returns key + * used to sign via argument. + * Returns 0 on success or a negative SSH_ERR_* error code on failure. + */ +int sshsig_verifyb(struct sshbuf *signature, + const struct sshbuf *message, const char *sig_namespace, + struct sshkey **sign_keyp); + +/* File/FD-oriented API */ + +/* * Creates a detached SSH signature for a given file. * Returns 0 on success or a negative SSH_ERR_* error code on failure. * out is populated with the detached signature, or NULL on failure. @@ -42,15 +55,6 @@ int sshsig_sign_fd(struct sshkey *key, const char *hashalg, sshsig_signer *signer, void *signer_ctx); /* - * Verifies that a detached signature is valid and optionally returns key - * used to sign via argument. - * Returns 0 on success or a negative SSH_ERR_* error code on failure. - */ -int sshsig_verify_message(struct sshbuf *signature, - const struct sshbuf *message, const char *sig_namespace, - struct sshkey **sign_keyp); - -/* * Verifies that a detached signature over a file is valid and optionally * returns key used to sign via argument. * Returns 0 on success or a negative SSH_ERR_* error code on failure. @@ -58,6 +62,8 @@ int sshsig_verify_message(struct sshbuf *signature, int sshsig_verify_fd(struct sshbuf *signature, int fd, const char *sig_namespace, struct sshkey **sign_keyp); +/* Utility functions */ + /* * Return a base64 encoded "ASCII armoured" version of a raw signature. */ |