Make ssh_keyalg's supported_flags a method.

It's a class method rather than an object method, so it doesn't allow
keys with the same algorithm to make different choices about what
flags they support. But that's not what I wanted it for: the real
purpose is to allow one key algorithm to delegate supported_flags to
another, by having its method implementation call the one from the
delegate class.

(If only C's compile/link model permitted me to initialise a field of
one global const struct variable to be a copy of that of another, I
wouldn't need the runtime overhead of this method! But object file
formats don't let you even specify that.)

Most key algorithms support no flags at all, so they all want to use
the same implementation of this method. So I've started a file of
stubs utils/nullkey.c to contain the common stub version.

crypto/dsa.c

@@ -498,6 +498,7 @@ const ssh_keyalg ssh_dsa = {
     .cache_str = dsa_cache_str,
     .components = dsa_components,
     .pubkey_bits = dsa_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ssh-dss",
     .cache_id = "dss",
 };

crypto/ecc-ssh.c

@@ -1257,6 +1257,7 @@ const ssh_keyalg ssh_ecdsa_ed25519 = {
     .cache_str = eddsa_cache_str,
     .components = eddsa_components,
     .pubkey_bits = ec_shared_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ssh-ed25519",
     .cache_id = "ssh-ed25519",
     .extra = &sign_extra_ed25519,
@@ -1280,6 +1281,7 @@ const ssh_keyalg ssh_ecdsa_ed448 = {
     .cache_str = eddsa_cache_str,
     .components = eddsa_components,
     .pubkey_bits = ec_shared_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ssh-ed448",
     .cache_id = "ssh-ed448",
     .extra = &sign_extra_ed448,
@@ -1307,6 +1309,7 @@ const ssh_keyalg ssh_ecdsa_nistp256 = {
     .cache_str = ecdsa_cache_str,
     .components = ecdsa_components,
     .pubkey_bits = ec_shared_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ecdsa-sha2-nistp256",
     .cache_id = "ecdsa-sha2-nistp256",
     .extra = &sign_extra_nistp256,
@@ -1334,6 +1337,7 @@ const ssh_keyalg ssh_ecdsa_nistp384 = {
     .cache_str = ecdsa_cache_str,
     .components = ecdsa_components,
     .pubkey_bits = ec_shared_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ecdsa-sha2-nistp384",
     .cache_id = "ecdsa-sha2-nistp384",
     .extra = &sign_extra_nistp384,
@@ -1361,6 +1365,7 @@ const ssh_keyalg ssh_ecdsa_nistp521 = {
     .cache_str = ecdsa_cache_str,
     .components = ecdsa_components,
     .pubkey_bits = ec_shared_pubkey_bits,
+    .supported_flags = nullkey_supported_flags,
     .ssh_id = "ecdsa-sha2-nistp521",
     .cache_id = "ecdsa-sha2-nistp521",
     .extra = &sign_extra_nistp521,

crypto/rsa.c

@@ -839,6 +839,11 @@ static char *rsa2_invalid(ssh_key *key, unsigned flags)
     return NULL;
 }
 
+static unsigned ssh_rsa_supported_flags(const ssh_keyalg *self)
+{
+    return SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512;
+}
+
 static const struct ssh2_rsa_extra
     rsa_extra = { 0 },
     rsa_sha256_extra = { SSH_AGENT_RSA_SHA2_256 },
@@ -863,21 +868,21 @@ static const struct ssh2_rsa_extra
 const ssh_keyalg ssh_rsa = {
     COMMON_KEYALG_FIELDS,
     .ssh_id = "ssh-rsa",
-    .supported_flags = SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512,
+    .supported_flags = ssh_rsa_supported_flags,
     .extra = &rsa_extra,
 };
 
 const ssh_keyalg ssh_rsa_sha256 = {
     COMMON_KEYALG_FIELDS,
     .ssh_id = "rsa-sha2-256",
-    .supported_flags = 0,
+    .supported_flags = nullkey_supported_flags,
     .extra = &rsa_sha256_extra,
 };
 
 const ssh_keyalg ssh_rsa_sha512 = {
     COMMON_KEYALG_FIELDS,
     .ssh_id = "rsa-sha2-512",
-    .supported_flags = 0,
+    .supported_flags = nullkey_supported_flags,
     .extra = &rsa_sha512_extra,
 };