aboutsummaryrefslogtreecommitdiff
path: root/include/libssh
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-05-09 17:38:54 +0200
committerAndreas Schneider <asn@cryptomilk.org>2019-05-13 16:37:51 +0200
commit248e5acd5c9f9bb08b7d04dce13564bf4c817cca (patch)
tree6f2c2e7bf876e7f02177b44cf70c60bea94e6ce4 /include/libssh
parent550a1a766789c7655e13ccf1ba9b8c4c8bb46bbf (diff)
downloadlibssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.tar.gz
libssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.tar.xz
libssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.zip
pki: Fail to sign when using wrong hash algorithm
Do not allow using SSH_DIGEST_AUTO for any algorithm other than ed25519. Do not allow using incompatible hash algorithms when signing or verifying signatures. Added negative tests for all combinations of signature and hash algorithms. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include/libssh')
-rw-r--r--include/libssh/pki_priv.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/libssh/pki_priv.h b/include/libssh/pki_priv.h
index a104f1c8..39a22cac 100644
--- a/include/libssh/pki_priv.h
+++ b/include/libssh/pki_priv.h
@@ -61,6 +61,8 @@ int pki_key_compare(const ssh_key k1,
const ssh_key k2,
enum ssh_keycmp_e what);
+int pki_key_check_hash_compatible(ssh_key key,
+ enum ssh_digest_e hash_type);
/* SSH Private Key Functions */
enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey);
ssh_key pki_private_key_from_base64(const char *b64_key,