upstream: Refactor signing - use sshkey_sign for everything,

including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.

Suggested by / ok markus@

OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c

1 files changed, 18 insertions, 8 deletions

diff --git a/sshkey.c b/sshkey.c
index d87fee8ee..4744dfbef 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.85 2019/10/31 21:15:14 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.86 2019/10/31 21:23:19 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -57,6 +57,7 @@
 #define SSHKEY_INTERNAL
 #include "sshkey.h"
 #include "match.h"
+#include "ssh-sk.h"
 
 #ifdef WITH_XMSS
 #include "sshkey-xmss.h"
@@ -2658,7 +2659,8 @@ sshkey_check_sigtype(const u_char *sig, size_t siglen,
 int
 sshkey_sign(struct sshkey *key,
     u_char **sigp, size_t *lenp,
-    const u_char *data, size_t datalen, const char *alg, u_int compat)
+    const u_char *data, size_t datalen,
+    const char *alg, const char *sk_provider, u_int compat)
 {
         int was_shielded = sshkey_is_shielded(key);
         int r2, r = SSH_ERR_INTERNAL_ERROR;
@@ -2682,6 +2684,11 @@ sshkey_sign(struct sshkey *key,
         case KEY_ECDSA:
                 r = ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat);
                 break;
+        case KEY_ECDSA_SK_CERT:
+        case KEY_ECDSA_SK:
+                r = sshsk_ecdsa_sign(sk_provider, key, sigp, lenp,
+                    data, datalen, compat);
+                break;
 # endif /* OPENSSL_HAS_ECC */
         case KEY_RSA_CERT:
         case KEY_RSA:
@@ -2802,7 +2809,7 @@ sshkey_drop_cert(struct sshkey *k)
 /* Sign a certified key, (re-)generating the signed certblob. */
 int
 sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
-    sshkey_certify_signer *signer, void *signer_ctx)
+    const char *sk_provider, sshkey_certify_signer *signer, void *signer_ctx)
 {
         struct sshbuf *principals = NULL;
         u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32];
@@ -2934,7 +2941,7 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
 
         /* Sign the whole mess */
         if ((ret = signer(ca, &sig_blob, &sig_len, sshbuf_ptr(cert),
-            sshbuf_len(cert), alg, 0, signer_ctx)) != 0)
+            sshbuf_len(cert), alg, sk_provider, 0, signer_ctx)) != 0)
                 goto out;
         /* Check and update signature_type against what was actually used */
         if ((ret = sshkey_get_sigtype(sig_blob, sig_len, &sigtype)) != 0)
@@ -2964,17 +2971,20 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
 static int
 default_key_sign(struct sshkey *key, u_char **sigp, size_t *lenp,
     const u_char *data, size_t datalen,
-    const char *alg, u_int compat, void *ctx)
+    const char *alg, const char *sk_provider, u_int compat, void *ctx)
 {
         if (ctx != NULL)
                 return SSH_ERR_INVALID_ARGUMENT;
-        return sshkey_sign(key, sigp, lenp, data, datalen, alg, compat);
+        return sshkey_sign(key, sigp, lenp, data, datalen, alg,
+            sk_provider, compat);
 }
 
 int
-sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg)
+sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg,
+    const char *sk_provider)
 {
-        return sshkey_certify_custom(k, ca, alg, default_key_sign, NULL);
+        return sshkey_certify_custom(k, ca, alg, sk_provider,
+            default_key_sign, NULL);
 }
 
 int