Merge branch 'refs/heads/t/ssh'

A medium sized series which teaches both crypto backends about the
RFC4716 key format, which has become the default for ssh-keygen as
of openssh-7.8.

Was cooking for almost a year.

* refs/heads/t/ssh:
  manual: Instruct the user to create RFC4716 keys.
  openssl: Add support for RFC4716 keys
  openssl: Move get_private_key() down.
  gcrypt: Add support for RFC4716 private keys.
  crypt: Rename decoding functions.
  gcrypt: Introduce read_openssh_bignum().
  gcrypt: Factor out read_pem_rsa_params().
  gcrypt: Let read_bignum() return bits, not bytes.
  gcrypt: Let decode_key() return blob size through additional argument.
  gcrypt: Drop unnecessary arguments of decode_key().

diff --cc NEWS.md
index eda654a6a155e2f4c484bfa3013d7edc7d278aec,55ef3be947ee76d6b0937b33988b0cd960c0e985..fd587fab054dea33124918870b24351b20586fc6
--- 1/NEWS.md
--- 2/NEWS.md
+++ b/NEWS.md
@@@ -1,26 -1,6 +1,28 @@@
  NEWS
  ====
  
- 
 +----------------------------------------------
 +0.6.3 (to be announced) "generalized activity"
 +----------------------------------------------
 +
 +- The ff command now accepts a negative argument to instruct the
 +  virtual streaming system to jump backwards in the current audio
 +  stream. The old syntax (e.g., "ff 30-") is still supported but it
 +  is deprecated and no longer documented. The compatibility code is
 +  sheduled for removal after 0.7.0.
 +- para_afh: New option: --preserve to reset the modification time to
 +  the value of the original file after meta data modification.
 +- Overhaul of the compress filter code. The refined algorithm should
 +  reduce clipping. The meaning of --aggressiveness has changed, see the
 +  updated and extended documentation of the compress filter for details.
 +- Cleanup of the audio format handler code.
 +- We now build the tree using the .ONESHELL feature of GNU make,
 +  which results in a significant speedup.
 +- Two robustness fixes for FreeBSD.
++- para_client now supports RFC4716 private keys as generated with
++  ssh-keygen -m RFC4716. In fact, this key format has been made the
++  default, and the former PEM keys will be depreciated at some point.
 +
  --------------------------------------
  0.6.2 (2018-06-30) "elastic diversity"
  --------------------------------------

diff --cc error.h
Simple merge

diff --cc openssl.c
index d11b1049d2a321905ab79ce2af6c1e86fe7b7991,9782b5e23cd0530d521f098d2683dc83230b0c78..5f04c845c6ec1e8b5d837f827233df425033fad4
--- 1/openssl.c
--- 2/openssl.c
+++ b/openssl.c
@@@ -57,31 -57,9 +57,11 @@@ void crypt_init(void
  
  void crypt_shutdown(void)
  {
 +#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
        CRYPTO_cleanup_all_ex_data();
 +#endif
  }
  
- static int get_private_key(const char *path, RSA **rsa)
- {
-       EVP_PKEY *pkey;
-       BIO *bio = BIO_new(BIO_s_file());
- 
-       *rsa = NULL;
-       if (!bio)
-               return -E_PRIVATE_KEY;
-       if (BIO_read_filename(bio, path) <= 0)
-               goto bio_free;
-       pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
-       if (!pkey)
-               goto bio_free;
-       *rsa = EVP_PKEY_get1_RSA(pkey);
-       EVP_PKEY_free(pkey);
- bio_free:
-       BIO_free(bio);
-       return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY;
- }
- 
  /*
   * The public key loading functions below were inspired by corresponding code
   * of openssh-5.2p1, Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo,