Displaying 3 results from an estimated 3 matches for "ssh_add_engine_key".
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2017 Oct 26
3
[RFC 0/2] add engine based keys
Engine keys are private key files which are only understood by openssl
external engines. ?The problem is they can't be loaded with the usual
openssl methods, they have to be loaded via ENGINE_load_private_key().
?Because they're files, they fit well into openssh pub/private file
structure, so they're not very appropriately handled by the pkcs11
interface because it assumes the private
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...e.o $(SKOBJS)
SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(SKOBJS)
diff --git a/authfd.c b/authfd.c
index 05fd45401..7cd22044e 100644
--- a/authfd.c
+++ b/authfd.c
@@ -569,6 +569,52 @@ ssh_remove_identity(int sock, struct sshkey *key)
return r;
}
+/*
+ * Add an engine based identity
+ */
+int
+ssh_add_engine_key(int sock, const char *file, const char *engine,
+ const char *pin, u_int lifetime, u_int confirm,
+ u_int maxsign)
+{
+ struct sshbuf *msg;
+ int r, constrained = (lifetime || confirm);
+ u_char type = constrained ? SSH_AGENTC_ADD_ENGINE_KEY_CONSTRAINED :
+ SSH_AGENTC_ADD_ENGINE_KEY;...