gpg-agent: SSH certificate support

Werner Koch wk at
Fri Aug 5 13:28:44 CEST 2016

On Fri,  5 Aug 2016 10:48, gniibe at said:
>   read_key_file (const unsigned char *grip, gcry_sexp_t *result, int *ssh)
> When SSH is not NULL, it means allowing returning SSH certificate.

I would suggest to change to "char **ssh" and return a malloced buffer
with the certificate (in some encoding).  The creation and parsing of
the s-expressions is quite complicate when not using Lisp and we need to
return that data anyway as a plain buffer.  This way we reduce the risk
of introducing bugs in code paths not related to the ssh certificates.

To be future proof an strlist_t could also be used which would allow to
return several certifciates or other info.

> Anyway, here is a clean up part.




Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
 /* Join us at OpenPGP.conf  <> */

More information about the Gnupg-devel mailing list