diff options
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.58 2017/12/18 02:22:29 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.59 2017/12/18 02:25:15 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -1814,7 +1814,7 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) | |||
1814 | goto out; | 1814 | goto out; |
1815 | } | 1815 | } |
1816 | if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, | 1816 | if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, |
1817 | sshbuf_ptr(key->cert->certblob), signed_len, 0)) != 0) | 1817 | sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) |
1818 | goto out; | 1818 | goto out; |
1819 | 1819 | ||
1820 | /* Success */ | 1820 | /* Success */ |
@@ -2109,11 +2109,12 @@ sshkey_sign(const struct sshkey *key, | |||
2109 | 2109 | ||
2110 | /* | 2110 | /* |
2111 | * ssh_key_verify returns 0 for a correct signature and < 0 on error. | 2111 | * ssh_key_verify returns 0 for a correct signature and < 0 on error. |
2112 | * If "alg" specified, then the signature must use that algorithm. | ||
2112 | */ | 2113 | */ |
2113 | int | 2114 | int |
2114 | sshkey_verify(const struct sshkey *key, | 2115 | sshkey_verify(const struct sshkey *key, |
2115 | const u_char *sig, size_t siglen, | 2116 | const u_char *sig, size_t siglen, |
2116 | const u_char *data, size_t dlen, u_int compat) | 2117 | const u_char *data, size_t dlen, const char *alg, u_int compat) |
2117 | { | 2118 | { |
2118 | if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) | 2119 | if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) |
2119 | return SSH_ERR_INVALID_ARGUMENT; | 2120 | return SSH_ERR_INVALID_ARGUMENT; |
@@ -2129,7 +2130,7 @@ sshkey_verify(const struct sshkey *key, | |||
2129 | # endif /* OPENSSL_HAS_ECC */ | 2130 | # endif /* OPENSSL_HAS_ECC */ |
2130 | case KEY_RSA_CERT: | 2131 | case KEY_RSA_CERT: |
2131 | case KEY_RSA: | 2132 | case KEY_RSA: |
2132 | return ssh_rsa_verify(key, sig, siglen, data, dlen); | 2133 | return ssh_rsa_verify(key, sig, siglen, data, dlen, alg); |
2133 | #endif /* WITH_OPENSSL */ | 2134 | #endif /* WITH_OPENSSL */ |
2134 | case KEY_ED25519: | 2135 | case KEY_ED25519: |
2135 | case KEY_ED25519_CERT: | 2136 | case KEY_ED25519_CERT: |