pki: Add support to encode public keys in SSH key format

configure.ac

@@ -1009,7 +1009,7 @@ ADD_PLUGIN([pkcs8],                [s charon openac scepclient pki scripts manag
 ADD_PLUGIN([pkcs12],               [s charon scepclient pki scripts cmd])
 ADD_PLUGIN([pgp],                  [s charon])
 ADD_PLUGIN([dnskey],               [s charon pki])
-ADD_PLUGIN([sshkey],               [s charon nm cmd])
+ADD_PLUGIN([sshkey],               [s charon pki nm cmd])
 ADD_PLUGIN([ipseckey],             [c charon])
 ADD_PLUGIN([pem],                  [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
 ADD_PLUGIN([padlock],              [s charon])

src/pki/commands/pub.c

@@ -158,7 +158,7 @@ static void __attribute__ ((constructor))reg()
 		pub, 'p', "pub",
 		"extract the public key from a private key/certificate",
 		{"[--in file|--keyid hex] [--type rsa|ecdsa|pkcs10|x509]",
-		 "[--outform der|pem|dnskey]"},
+		 "[--outform der|pem|dnskey|sshkey]"},
 		{
 			{"help",	'h', 0, "show usage information"},
 			{"in",		'i', 1, "input file, default: stdin"},

src/pki/man/pki---pub.1.in

@@ -53,7 +53,8 @@ certificate), defaults to \fIrsa\fR.
 .TP
 .BI "\-f, \-\-outform " encoding
 Encoding of the extracted public key. One of \fIder\fR (ASN.1 DER), \fIpem\fR
-(Base64 PEM), or \fIdnskey\fR (RFC 3110 DNS key), defaults to \fIder\fR.
+(Base64 PEM), \fIdnskey\fR (RFC 3110 DNS key), or \fIsshkey\fR (RFC 4253 SSH
+key), defaults to \fIder\fR.
 .
 .SH "EXAMPLES"
 .
@@ -72,4 +73,4 @@ Extract the public key from an X.509 certificate:
 .
 .SH "SEE ALSO"
 .
-.BR pki (1)
+.BR pki (1)

src/pki/pki.c

@@ -81,7 +81,18 @@ bool get_form(char *form, cred_encoding_type_t *enc, credential_type_t type)
 		switch (type)
 		{
 			case CRED_PUBLIC_KEY:
-				*enc =PUBKEY_DNSKEY;
+				*enc = PUBKEY_DNSKEY;
+				return TRUE;
+			default:
+				return FALSE;
+		}
+	}
+	else if (streq(form, "sshkey"))
+	{
+		switch (type)
+		{
+			case CRED_PUBLIC_KEY:
+				*enc = PUBKEY_SSHKEY;
 				return TRUE;
 			default:
 				return FALSE;