1 files changed, 13 insertions, 6 deletions

diff --git a/sshkey.h b/sshkey.h
index 1b9e42f45..9093eac51 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.15 2017/03/10 04:07:20 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.21 2017/07/01 13:50:45 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -46,14 +46,13 @@
 # define EC_POINT       void
 #endif /* WITH_OPENSSL */
 
-#define SSH_RSA_MINIMUM_MODULUS_SIZE    768
+#define SSH_RSA_MINIMUM_MODULUS_SIZE    1024
 #define SSH_KEY_MAX_SIGN_DATA_SIZE      (1 << 20)
 
 struct sshbuf;
 
 /* Key types */
 enum sshkey_types {
-        KEY_RSA1,
         KEY_RSA,
         KEY_DSA,
         KEY_ECDSA,
@@ -125,6 +124,7 @@ int		 sshkey_fingerprint_raw(const struct sshkey *k,
     int, u_char **retp, size_t *lenp);
 const char      *sshkey_type(const struct sshkey *);
 const char      *sshkey_cert_type(const struct sshkey *);
+int              sshkey_format_text(const struct sshkey *, struct sshbuf *);
 int              sshkey_write(const struct sshkey *, FILE *);
 int              sshkey_read(struct sshkey *, char **);
 u_int            sshkey_size(const struct sshkey *);
@@ -137,13 +137,19 @@ int	 sshkey_type_is_cert(int);
 int      sshkey_type_plain(int);
 int      sshkey_to_certified(struct sshkey *);
 int      sshkey_drop_cert(struct sshkey *);
-int      sshkey_certify(struct sshkey *, struct sshkey *, const char *);
 int      sshkey_cert_copy(const struct sshkey *, struct sshkey *);
 int      sshkey_cert_check_authority(const struct sshkey *, int, int,
     const char *, const char **);
 size_t   sshkey_format_cert_validity(const struct sshkey_cert *,
     char *, size_t) __attribute__((__bounded__(__string__, 2, 3)));
 
+int      sshkey_certify(struct sshkey *, struct sshkey *, const char *);
+/* Variant allowing use of a custom signature function (e.g. for ssh-agent) */
+typedef int sshkey_certify_signer(const struct sshkey *, u_char **, size_t *,
+    const u_char *, size_t, const char *, u_int, void *);
+int      sshkey_certify_custom(struct sshkey *, struct sshkey *, const char *,
+    sshkey_certify_signer *, void *);
+
 int              sshkey_ecdsa_nid_from_name(const char *);
 int              sshkey_curve_name_to_nid(const char *);
 const char *     sshkey_curve_nid_to_name(int);
@@ -185,13 +191,14 @@ int	sshkey_private_deserialize(struct sshbuf *buf,  struct sshkey **keyp);
 int     sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
     const char *passphrase, const char *comment,
     int force_new_format, const char *new_format_cipher, int new_format_rounds);
-int     sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
-    struct sshkey **keyp, char **commentp);
 int     sshkey_parse_private_fileblob(struct sshbuf *buffer,
     const char *passphrase, struct sshkey **keyp, char **commentp);
 int     sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
     const char *passphrase, struct sshkey **keyp, char **commentp);
 
+/* XXX should be internal, but used by ssh-keygen */
+int ssh_rsa_generate_additional_parameters(struct sshkey *);
+
 #ifdef SSHKEY_INTERNAL
 int ssh_rsa_sign(const struct sshkey *key,
     u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,