upstream: add support for ECDSA keys in PKCS#11 tokens

Work by markus@ and Pedro Martelletto, feedback and ok me@ OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424
author: djm@openbsd.org <djm@openbsd.org> 2019-01-20 22:51:37 +0000
committer: Damien Miller <djm@mindrot.org> 2019-01-21 10:54:37 +1100
commit: 93f02107f44d63a016d8c23ebd2ca9205c495c48 (patch)
tree: 1d8d6ca8e146c9bd325614f33a59adf7199b40c9 /ssh-pkcs11.h
parent: aa22c20e0c36c2fc610cfcc793b0d14079c38814 (diff)
1 files changed, 17 insertions, 1 deletions
diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h
index 0ced74f29..b9038450d 100644
--- a/ssh-pkcs11.h
+++ b/ssh-pkcs11.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.h,v 1.4 2015/01/15 09:40:00 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.h,v 1.5 2019/01/20 22:51:37 djm Exp $ */
 /*
 * Copyright (c) 2010 Markus Friedl.  All rights reserved.
 *
@@ -14,10 +14,26 @@
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
+/* Errors for pkcs11_add_provider() */
+#define SSH_PKCS11_ERR_GENERIC                  1
+#define SSH_PKCS11_ERR_LOGIN_FAIL               2
+#define SSH_PKCS11_ERR_NO_SLOTS                 3
+#define SSH_PKCS11_ERR_PIN_REQUIRED             4
+#define SSH_PKCS11_ERR_PIN_LOCKED               5
 int     pkcs11_init(int);
 void    pkcs11_terminate(void);
 int     pkcs11_add_provider(char *, char *, struct sshkey ***);
 int     pkcs11_del_provider(char *);
+#ifdef WITH_PKCS11_KEYGEN
+struct sshkey *
+        pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int,
+            unsigned int, unsigned char, u_int32_t *);
+struct sshkey *
+        pkcs11_destroy_keypair(char *, char *, unsigned long, unsigned char,
+            u_int32_t *);
+#endif
 #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)
 #undef ENABLE_PKCS11
author	djm@openbsd.org <djm@openbsd.org>	2019-01-20 22:51:37 +0000
committer	Damien Miller <djm@mindrot.org>	2019-01-21 10:54:37 +1100
commit	93f02107f44d63a016d8c23ebd2ca9205c495c48 (patch)
tree	1d8d6ca8e146c9bd325614f33a59adf7199b40c9 /ssh-pkcs11.h
parent	aa22c20e0c36c2fc610cfcc793b0d14079c38814 (diff)

diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index 0ced74f29..b9038450d 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-pkcs11.h,v 1.4 2015/01/15 09:40:00 djm Exp $ */	1	/* $OpenBSD: ssh-pkcs11.h,v 1.5 2019/01/20 22:51:37 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2010 Markus Friedl. All rights reserved.	3	* Copyright (c) 2010 Markus Friedl. All rights reserved.
4	*	4	*
@@ -14,10 +14,26 @@
14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	*/	16	*/
		17
		18	/* Errors for pkcs11_add_provider() */
		19	#define SSH_PKCS11_ERR_GENERIC 1
		20	#define SSH_PKCS11_ERR_LOGIN_FAIL 2
		21	#define SSH_PKCS11_ERR_NO_SLOTS 3
		22	#define SSH_PKCS11_ERR_PIN_REQUIRED 4
		23	#define SSH_PKCS11_ERR_PIN_LOCKED 5
		24
17	int pkcs11_init(int);	25	int pkcs11_init(int);
18	void pkcs11_terminate(void);	26	void pkcs11_terminate(void);
19	int pkcs11_add_provider(char , char , struct sshkey ***);	27	int pkcs11_add_provider(char , char , struct sshkey ***);
20	int pkcs11_del_provider(char *);	28	int pkcs11_del_provider(char *);
		29	#ifdef WITH_PKCS11_KEYGEN
		30	struct sshkey *
		31	pkcs11_gakp(char , char , unsigned int, char *, unsigned int,
		32	unsigned int, unsigned char, u_int32_t *);
		33	struct sshkey *
		34	pkcs11_destroy_keypair(char , char , unsigned long, unsigned char,
		35	u_int32_t *);
		36	#endif
21		37
22	#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)	38	#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)
23	#undef ENABLE_PKCS11	39	#undef ENABLE_PKCS11