From 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Mon, 18 Dec 2017 02:25:15 +0000
Subject: upstream commit

pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
---
 key.c | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

(limited to 'key.c')

diff --git a/key.c b/key.c
index 6e338c495..a05fdd3c0 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */
+/* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */
 /*
  * placed in the public domain
  */
@@ -95,21 +95,6 @@ key_sign(const Key *key, u_char **sigp, u_int *lenp,
 	return 0;
 }
 
-int
-key_verify(const Key *key, const u_char *signature, u_int signaturelen,
-    const u_char *data, u_int datalen)
-{
-	int r;
-
-	if ((r = sshkey_verify(key, signature, signaturelen,
-	    data, datalen, datafellows)) != 0) {
-		fatal_on_fatal_errors(r, __func__, 0);
-		error("%s: %s", __func__, ssh_err(r));
-		return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1;
-	}
-	return 1;
-}
-
 Key *
 key_demote(const Key *k)
 {
-- 
cgit v1.2.3