diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 02:25:15 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
| commit | 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch) | |
| tree | bc2c59d39a33aba84e0576039474668ada2546d2 /key.c | |
| parent | 931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff) | |
upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat (limited to 'key.c')
| -rw-r--r-- | key.c | 17 |
1 files changed, 1 insertions, 16 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * placed in the public domain | 3 | * placed in the public domain |
| 4 | */ | 4 | */ |
| @@ -95,21 +95,6 @@ key_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
| 95 | return 0; | 95 | return 0; |
| 96 | } | 96 | } |
| 97 | 97 | ||
| 98 | int | ||
| 99 | key_verify(const Key *key, const u_char *signature, u_int signaturelen, | ||
| 100 | const u_char *data, u_int datalen) | ||
| 101 | { | ||
| 102 | int r; | ||
| 103 | |||
| 104 | if ((r = sshkey_verify(key, signature, signaturelen, | ||
| 105 | data, datalen, datafellows)) != 0) { | ||
| 106 | fatal_on_fatal_errors(r, __func__, 0); | ||
| 107 | error("%s: %s", __func__, ssh_err(r)); | ||
| 108 | return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1; | ||
| 109 | } | ||
| 110 | return 1; | ||
| 111 | } | ||
| 112 | |||
| 113 | Key * | 98 | Key * |
| 114 | key_demote(const Key *k) | 99 | key_demote(const Key *k) |
| 115 | { | 100 | { |