[PATCH] ssh: update certificate support
Werner Koch
wk at gnupg.org
Mon Apr 19 13:14:36 CEST 2021
On Sun, 18 Apr 2021 17:02, Igor Okulist said:
> + if (0 == strcmp(spec.ssh_identifier, "ssh-rsa-cert-v01 at openssh.com"))
Don't do this. Use this pattern:
if (!strcmp(spec.ssh_identifier, "ssh-rsa-cert-v01 at openssh.com"))
> + "(private-key "
> + " (rsa (n %m) (e %m) (d %m) (p %m) (q %m) (u %m) )"
> + " (comment %s)"
> + " (key-type %s)"
> + " (certificate %s)"
That is never going to fly. The "certificate" and other new items are
nothing we want as the part of a private key. See keyformat.txt on how
to add meta information to a key.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210419/180d0138/attachment.sig>
More information about the Gnupg-devel
mailing list