summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c19
1 files changed, 14 insertions, 5 deletions
diff --git a/sshkey.c b/sshkey.c
index 48dd8bea9..920c0dc3c 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.95 2019/11/18 06:58:00 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.96 2019/11/25 00:51:37 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2301,7 +2301,7 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
2301 goto out; 2301 goto out;
2302 } 2302 }
2303 if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, 2303 if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,
2304 sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) 2304 sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0, NULL)) != 0)
2305 goto out; 2305 goto out;
2306 if ((ret = sshkey_get_sigtype(sig, slen, 2306 if ((ret = sshkey_get_sigtype(sig, slen,
2307 &key->cert->signature_type)) != 0) 2307 &key->cert->signature_type)) != 0)
@@ -2796,8 +2796,11 @@ sshkey_sign(struct sshkey *key,
2796int 2796int
2797sshkey_verify(const struct sshkey *key, 2797sshkey_verify(const struct sshkey *key,
2798 const u_char *sig, size_t siglen, 2798 const u_char *sig, size_t siglen,
2799 const u_char *data, size_t dlen, const char *alg, u_int compat) 2799 const u_char *data, size_t dlen, const char *alg, u_int compat,
2800 struct sshkey_sig_details **detailsp)
2800{ 2801{
2802 if (detailsp != NULL)
2803 *detailsp = NULL;
2801 if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) 2804 if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
2802 return SSH_ERR_INVALID_ARGUMENT; 2805 return SSH_ERR_INVALID_ARGUMENT;
2803 switch (key->type) { 2806 switch (key->type) {
@@ -2813,7 +2816,7 @@ sshkey_verify(const struct sshkey *key,
2813 case KEY_ECDSA_SK_CERT: 2816 case KEY_ECDSA_SK_CERT:
2814 case KEY_ECDSA_SK: 2817 case KEY_ECDSA_SK:
2815 return ssh_ecdsa_sk_verify(key, sig, siglen, data, dlen, 2818 return ssh_ecdsa_sk_verify(key, sig, siglen, data, dlen,
2816 compat); 2819 compat, detailsp);
2817# endif /* ENABLE_SK */ 2820# endif /* ENABLE_SK */
2818# endif /* OPENSSL_HAS_ECC */ 2821# endif /* OPENSSL_HAS_ECC */
2819 case KEY_RSA_CERT: 2822 case KEY_RSA_CERT:
@@ -2826,7 +2829,7 @@ sshkey_verify(const struct sshkey *key,
2826 case KEY_ED25519_SK: 2829 case KEY_ED25519_SK:
2827 case KEY_ED25519_SK_CERT: 2830 case KEY_ED25519_SK_CERT:
2828 return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, 2831 return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen,
2829 compat); 2832 compat, detailsp);
2830#ifdef WITH_XMSS 2833#ifdef WITH_XMSS
2831 case KEY_XMSS: 2834 case KEY_XMSS:
2832 case KEY_XMSS_CERT: 2835 case KEY_XMSS_CERT:
@@ -4661,6 +4664,12 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase,
4661 passphrase, keyp, commentp); 4664 passphrase, keyp, commentp);
4662} 4665}
4663 4666
4667void
4668sshkey_sig_details_free(struct sshkey_sig_details *details)
4669{
4670 freezero(details, sizeof(*details));
4671}
4672
4664#ifdef WITH_XMSS 4673#ifdef WITH_XMSS
4665/* 4674/*
4666 * serialize the key with the current state and forward the state 4675 * serialize the key with the current state and forward the state
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 19:10:19 +0000