From 1b0cc8ff3b989ca9268f14d43b68a395663a7938 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Jan 14 2019 14:39:08 +0000
Subject: Correctly initialize ECDSA key structures from PKCS#11


---

diff --git a/openssh-7.6p1-pkcs11-ecdsa.patch b/openssh-7.6p1-pkcs11-ecdsa.patch
index 7f5f130..d356a90 100644
--- a/openssh-7.6p1-pkcs11-ecdsa.patch
+++ b/openssh-7.6p1-pkcs11-ecdsa.patch
@@ -124,10 +124,10 @@ diff -up openssh/ssh-pkcs11-client.c.pkcs11-ecdsa openssh/ssh-pkcs11-client.c
  				fatal("%s: bad key: %s", __func__, ssh_err(r));
 -			wrap_key(k->rsa);
 +			if(k->type == KEY_RSA) {
-+				 wrap_rsa_key(k->rsa);
++				wrap_rsa_key(k->rsa);
 +#ifdef ENABLE_PKCS11_ECDSA
 +			} else if(k->type == KEY_ECDSA) {
-+				 wrap_ecdsa_key(k->ecdsa);
++				wrap_ecdsa_key(k->ecdsa);
 +#endif /* ENABLE_PKCS11_ECDSA */
 +			} else {
 +				/* Unsupported type */
@@ -640,7 +640,7 @@ diff -up openssh/ssh-pkcs11.c.pkcs11-ecdsa openssh/ssh-pkcs11.c
  			}
  			X509_free(x509);
  			EVP_PKEY_free(evp);
-@@ -725,6 +1021,17 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
+@@ -725,6 +1021,18 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
  			key->rsa = rsa;
  			key->type = KEY_RSA;
  			key->flags |= SSHKEY_FLAG_EXT;
@@ -650,6 +650,7 @@ diff -up openssh/ssh-pkcs11.c.pkcs11-ecdsa openssh/ssh-pkcs11.c
 +			if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
 +				fatal("sshkey_new failed");
 +			key->ecdsa = ecdsa;
++			key->ecdsa_nid = sshkey_ecdsa_key_to_nid(key->ecdsa);
 +			key->type = KEY_ECDSA;
 +			key->flags |= SSHKEY_FLAG_EXT;
 +#endif /* ENABLE_PKCS11_ECDSA */