pki crypto: expose new ssh_pki_key_ecdsa_name API

Enable retrieving the "ecdsa-sha2-nistpNNN" name of ECDSA keys with a new 'ssh_pki_key_ecdsa_name' API. This gives more information than the 'ssh_key_type_to_char' API, which yields "ssh-ecdsa" for ECDSA keys. The motivation is that this info is useful to have in a server context. The torture_pki unit test is updated to include the new API, and a few more passes are added to additionally test 384 and 521-bit keys. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-12-02 01:17:52 +03:00 · 2014-04-04 15:37:43 -07:00
parent 89e154f78c
commit 48aca98cd5
3 changed files with 158 additions and 10 deletions
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -105,6 +105,20 @@ static const char *pki_key_ecdsa_nid_to_name(int nid)
    return "unknown";
 }

+/**
+ * @brief returns the ECDSA key name ("ecdsa-sha2-nistp256" for example)
+ *
+ * @param[in] key the ssh_key whose ECDSA name to get
+ *
+ * @returns the ECDSA key name ("ecdsa-sha2-nistp256" for example)
+ *
+ * @returns "unknown" if the ECDSA key name is not known
+ */
+const char *ssh_pki_key_ecdsa_name(const ssh_key key)
+{
+	return pki_key_ecdsa_nid_to_name(key->ecdsa_nid);
+}
+
 static const char *pki_key_ecdsa_nid_to_char(int nid)
 {
    switch (nid) {