diff options
| author | Jakub Jelen <jjelen@redhat.com> | 2018-11-26 18:00:14 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2018-11-30 16:20:04 +0100 |
| commit | 46d8840f7ea8e0f0569c5a4b9cd4074da8d7973b (patch) | |
| tree | 51c3dd76169be391f5458d1e40bf39c39f654359 | |
| parent | c1fdb56d23c4e6ddffc1a621fc08089566b48de5 (diff) | |
| download | libssh-46d8840f7ea8e0f0569c5a4b9cd4074da8d7973b.tar.gz libssh-46d8840f7ea8e0f0569c5a4b9cd4074da8d7973b.tar.xz libssh-46d8840f7ea8e0f0569c5a4b9cd4074da8d7973b.zip | |
The largest ECDSA key has 521 bits
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
| -rw-r--r-- | src/pki.c | 2 | ||||
| -rw-r--r-- | src/pki_crypto.c | 2 | ||||
| -rw-r--r-- | src/pki_gcrypt.c | 2 | ||||
| -rw-r--r-- | src/pki_mbedcrypto.c | 2 | ||||
| -rw-r--r-- | tests/unittests/torture_options.c | 2 | ||||
| -rw-r--r-- | tests/unittests/torture_pki_ecdsa.c | 2 |
6 files changed, 6 insertions, 6 deletions
@@ -1538,7 +1538,7 @@ int ssh_pki_import_cert_file(const char *filename, ssh_key *pkey) * @param[in] parameter Parameter to the creation of key: * rsa : length of the key in bits (e.g. 1024, 2048, 4096) * dsa : length of the key in bits (e.g. 1024, 2048, 3072) - * ecdsa : bits of the key (e.g. 256, 384, 512) + * ecdsa : bits of the key (e.g. 256, 384, 521) * @param[out] pkey A pointer to store the allocated private key. You need * to free the memory. * diff --git a/src/pki_crypto.c b/src/pki_crypto.c index ccd22a13..0c9f8ab4 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -558,7 +558,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) { case 384: nid = NID_secp384r1; break; - case 512: + case 521: nid = NID_secp521r1; break; case 256: diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index 4ef4d882..e0c356b8 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -1348,7 +1348,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) { case 384: nid = NID_gcrypt_nistp384; break; - case 512: + case 521: nid = NID_gcrypt_nistp521; break; case 256: diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c index 26a80be0..f4138ab4 100644 --- a/src/pki_mbedcrypto.c +++ b/src/pki_mbedcrypto.c @@ -1439,7 +1439,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) case 384: nid = NID_mbedtls_nistp384; break; - case 512: + case 521: nid = NID_mbedtls_nistp521; break; case 256: diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c index 80fe84b2..d35502a9 100644 --- a/tests/unittests/torture_options.c +++ b/tests/unittests/torture_options.c @@ -674,7 +674,7 @@ static void torture_bind_options_import_key(void **state) assert_int_equal(rc, 0); #endif /* set ecdsa key */ - base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 512, 0); + base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 521, 0); rc = ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key); assert_int_equal(rc, SSH_OK); assert_non_null(key); diff --git a/tests/unittests/torture_pki_ecdsa.c b/tests/unittests/torture_pki_ecdsa.c index 2f0f7d96..07020eb6 100644 --- a/tests/unittests/torture_pki_ecdsa.c +++ b/tests/unittests/torture_pki_ecdsa.c @@ -451,7 +451,7 @@ static void torture_pki_generate_key_ecdsa(void **state) ssh_signature_free(sign); SSH_KEY_FREE(key); - rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 512, &key); + rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 521, &key); assert_true(rc == SSH_OK); assert_true(key != NULL); sign = pki_do_sign(key, ECDSA_HASH, 20); |