upstream: fix shield/unshield for xmss keys: - in ssh-agent we need

to delay the call to shield until we have received key specific options. - when serializing xmss keys for shield we need to deal with all optional components (e.g. state might not be loaded). ok djm@ OpenBSD-Commit-ID: cc2db82524b209468eb176d6b4d6b9486422f41f
author: markus@openbsd.org <markus@openbsd.org> 2019-11-13 07:53:10 +0000
committer: Damien Miller <djm@mindrot.org> 2019-11-15 08:50:10 +1100
commit: bf219920b70cafbf29ebc9890ef67d0efa54e738 (patch)
tree: 58f360f1387c7238a4bc1f8c63cdc5ccbfb88dd5 /sshkey.c
parent: 40598b85d72a509566b7b2a6d57676c7231fed34 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshkey.c b/sshkey.c
index 80186206c..190426e28 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.90 2019/11/12 19:33:08 markus Exp $ */
+/* $OpenBSD: sshkey.c,v 1.91 2019/11/13 07:53:10 markus Exp $ */
 /*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2045,7 +2045,7 @@ sshkey_shield_private(struct sshkey *k)
        if (sshkey_is_shielded(k) && (r = sshkey_unshield_private(k)) != 0)
                goto out;
        if ((r = sshkey_private_serialize_opt(k, prvbuf,
-             SSHKEY_SERIALIZE_FULL)) != 0)
+             SSHKEY_SERIALIZE_SHIELD)) != 0)
                goto out;
        /* pad to cipher blocksize */
        i = 0;
author	markus@openbsd.org <markus@openbsd.org>	2019-11-13 07:53:10 +0000
committer	Damien Miller <djm@mindrot.org>	2019-11-15 08:50:10 +1100
commit	bf219920b70cafbf29ebc9890ef67d0efa54e738 (patch)
tree	58f360f1387c7238a4bc1f8c63cdc5ccbfb88dd5 /sshkey.c
parent	40598b85d72a509566b7b2a6d57676c7231fed34 (diff)

diff --git a/sshkey.c b/sshkey.c index 80186206c..190426e28 100644 --- a/sshkey.c +++ b/sshkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshkey.c,v 1.90 2019/11/12 19:33:08 markus Exp $ */	1	/* $OpenBSD: sshkey.c,v 1.91 2019/11/13 07:53:10 markus Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4	* Copyright (c) 2008 Alexander von Gernler. All rights reserved.	4	* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2045,7 +2045,7 @@ sshkey_shield_private(struct sshkey *k)
2045	if (sshkey_is_shielded(k) && (r = sshkey_unshield_private(k)) != 0)	2045	if (sshkey_is_shielded(k) && (r = sshkey_unshield_private(k)) != 0)
2046	goto out;	2046	goto out;
2047	if ((r = sshkey_private_serialize_opt(k, prvbuf,	2047	if ((r = sshkey_private_serialize_opt(k, prvbuf,
2048	SSHKEY_SERIALIZE_FULL)) != 0)	2048	SSHKEY_SERIALIZE_SHIELD)) != 0)
2049	goto out;	2049	goto out;
2050	/* pad to cipher blocksize */	2050	/* pad to cipher blocksize */
2051	i = 0;	2051	i = 0;