From e43e0a0c63c56b64c8d29a439567539e50a088be Mon Sep 17 00:00:00 2001
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Date: Tue, 9 Jul 2024 14:47:25 +0200
Subject: [PATCH 1/2] ssh-key: Expose `KeyData::decode_as`

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
---
 ssh-key/src/public/key_data.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssh-key/src/public/key_data.rs b/ssh-key/src/public/key_data.rs
index fe7cb87..8fdb52c 100644
--- a/ssh-key/src/public/key_data.rs
+++ b/ssh-key/src/public/key_data.rs
@@ -174,7 +174,7 @@ impl KeyData {
     }
 
     /// Decode [`KeyData`] for the specified algorithm.
-    pub(crate) fn decode_as(reader: &mut impl Reader, algorithm: Algorithm) -> Result<Self> {
+    pub fn decode_as(reader: &mut impl Reader, algorithm: Algorithm) -> Result<Self> {
         match algorithm {
             #[cfg(feature = "alloc")]
             Algorithm::Dsa => DsaPublicKey::decode(reader).map(Self::Dsa),

From 9cbe34a0c55506c6daffb106c74e6ec6fc2efd3b Mon Sep 17 00:00:00 2001
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Date: Tue, 9 Jul 2024 14:48:55 +0200
Subject: [PATCH 2/2] ssh-key: Add `Certificate::decode_as`

This additional function is needed for SSH Agent Protocol where, based on
the algorithm, we need to parse the `Certificate` or the `KeyData`.

Without `decode_as` the `decode` function will greedily consume additional
string from the reader.

See: https://github.com/wiktor-k/ssh-agent-lib/issues/83
Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
---
 ssh-key/src/certificate.rs | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/ssh-key/src/certificate.rs b/ssh-key/src/certificate.rs
index 2c24dcf..399738c 100644
--- a/ssh-key/src/certificate.rs
+++ b/ssh-key/src/certificate.rs
@@ -455,14 +455,9 @@ impl Certificate {
         self.reserved.encode(writer)?;
         self.signature_key.encode_prefixed(writer)
     }
-}
-
-impl Decode for Certificate {
-    type Error = Error;
-
-    fn decode(reader: &mut impl Reader) -> Result<Self> {
-        let algorithm = Algorithm::new_certificate(&String::decode(reader)?)?;
 
+    /// Decode [`Certificate`] for the specified algorithm.
+    pub fn decode_as(reader: &mut impl Reader, algorithm: Algorithm) -> Result<Self> {
         Ok(Self {
             nonce: Vec::decode(reader)?,
             public_key: KeyData::decode_as(reader, algorithm)?,
@@ -482,6 +477,15 @@ impl Decode for Certificate {
     }
 }
 
+impl Decode for Certificate {
+    type Error = Error;
+
+    fn decode(reader: &mut impl Reader) -> Result<Self> {
+        let algorithm = Algorithm::new_certificate(&String::decode(reader)?)?;
+        Self::decode_as(reader, algorithm)
+    }
+}
+
 impl Encode for Certificate {
     fn encoded_len(&self) -> encoding::Result<usize> {
         [