Only enable sk-* key types if ENABLE_SK is defined

This commit is contained in:
Darren Tucker 2021-10-07 14:28:02 +11:00
parent 52d4232b49
commit ef5916b8ac
1 changed files with 6 additions and 0 deletions

View File

@ -107,10 +107,12 @@ static const struct keytype keytypes[] = {
{ "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 }, { "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 },
{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL, { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL,
KEY_ED25519_CERT, 0, 1, 0 }, KEY_ED25519_CERT, 0, 1, 0 },
#ifdef ENABLE_SK
{ "sk-ssh-ed25519@openssh.com", "ED25519-SK", NULL, { "sk-ssh-ed25519@openssh.com", "ED25519-SK", NULL,
KEY_ED25519_SK, 0, 0, 0 }, KEY_ED25519_SK, 0, 0, 0 },
{ "sk-ssh-ed25519-cert-v01@openssh.com", "ED25519-SK-CERT", NULL, { "sk-ssh-ed25519-cert-v01@openssh.com", "ED25519-SK-CERT", NULL,
KEY_ED25519_SK_CERT, 0, 1, 0 }, KEY_ED25519_SK_CERT, 0, 1, 0 },
#endif
#ifdef WITH_XMSS #ifdef WITH_XMSS
{ "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 }, { "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 },
{ "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL, { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL,
@ -130,10 +132,12 @@ static const struct keytype keytypes[] = {
{ "ecdsa-sha2-nistp521", "ECDSA", NULL, { "ecdsa-sha2-nistp521", "ECDSA", NULL,
KEY_ECDSA, NID_secp521r1, 0, 0 }, KEY_ECDSA, NID_secp521r1, 0, 0 },
# endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_NISTP521 */
# ifdef ENABLE_SK
{ "sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL, { "sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL,
KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 0 }, KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 0 },
{ "webauthn-sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL, { "webauthn-sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL,
KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 1 }, KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 1 },
# endif /* ENABLE_SK */
# endif /* OPENSSL_HAS_ECC */ # endif /* OPENSSL_HAS_ECC */
{ "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL, { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL,
KEY_RSA_CERT, 0, 1, 0 }, KEY_RSA_CERT, 0, 1, 0 },
@ -152,8 +156,10 @@ static const struct keytype keytypes[] = {
{ "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", NULL, { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", NULL,
KEY_ECDSA_CERT, NID_secp521r1, 1, 0 }, KEY_ECDSA_CERT, NID_secp521r1, 1, 0 },
# endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_NISTP521 */
# ifdef ENABLE_SK
{ "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-SK-CERT", NULL, { "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-SK-CERT", NULL,
KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 }, KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 },
# endif /* ENABLE_SK */
# endif /* OPENSSL_HAS_ECC */ # endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */ #endif /* WITH_OPENSSL */
{ NULL, NULL, NULL, -1, -1, 0, 0 } { NULL, NULL, NULL, -1, -1, 0, 0 }