2 files changed, 60 insertions, 0 deletions

diff --git a/include/libssh/pki.h b/include/libssh/pki.h
index f4dc950..6c009d5 100644
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -46,8 +46,25 @@ struct ssh_key_struct {
     void *cert;
 };
 
+struct ssh_signature_struct {
+    enum ssh_keytypes_e type;
+#ifdef HAVE_LIBGCRYPT
+    gcry_sexp_t dsa_sig;
+    gcry_sexp_t rsa_sig;
+#elif defined HAVE_LIBCRYPTO
+    DSA_SIG *dsa_sig;
+    ssh_string rsa_sig;
+#endif
+    void *ecdsa;
+};
+
+typedef struct ssh_signature_struct *ssh_signature;
+
 void ssh_pki_log(const char *format, ...) PRINTF_ATTRIBUTE(1, 2);
 
+ssh_signature ssh_signature_new(void);
+void ssh_signature_free(ssh_signature sign);
+
 /* internal pki functions */
 ssh_key pki_key_dup(const ssh_key key, int demote);
 
diff --git a/src/pki.c b/src/pki.c
index ebe2f04..effeb70 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -229,6 +229,49 @@ int ssh_key_is_private(const ssh_key k) {
     return (k->flags & SSH_KEY_FLAG_PRIVATE);
 }
 
+ssh_signature ssh_signature_new(void)
+{
+    struct ssh_signature_struct *sig;
+
+    sig = malloc(sizeof(struct ssh_signature_struct));
+    if (sig == NULL) {
+        return NULL;
+    }
+    ZERO_STRUCTP(sig);
+
+    return sig;
+}
+
+void ssh_signature_free(ssh_signature sig)
+{
+    if (sig == NULL) {
+        return;
+    }
+
+    switch(sig->type) {
+        case SSH_KEYTYPE_DSS:
+#ifdef HAVE_LIBGCRYPT
+            gcry_sexp_release(sig->dsa_sig);
+#elif defined HAVE_LIBCRYPTO
+            DSA_SIG_free(sig->dsa_sig);
+#endif
+            break;
+        case SSH_KEYTYPE_RSA:
+        case SSH_KEYTYPE_RSA1:
+#ifdef HAVE_LIBGCRYPT
+            gcry_sexp_release(sig->rsa_sig);
+#elif defined HAVE_LIBCRYPTO
+            SAFE_FREE(sig->rsa_sig);
+#endif
+            break;
+        case SSH_KEYTYPE_ECDSA:
+        case SSH_KEYTYPE_UNKNOWN:
+            break;
+    }
+
+    SAFE_FREE(sig);
+}
+
 /**
  * @brief import a base64 formated key from a memory c-string
  *