diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2019-05-09 17:38:54 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-05-13 16:37:51 +0200 |
commit | 248e5acd5c9f9bb08b7d04dce13564bf4c817cca (patch) | |
tree | 6f2c2e7bf876e7f02177b44cf70c60bea94e6ce4 /include/libssh | |
parent | 550a1a766789c7655e13ccf1ba9b8c4c8bb46bbf (diff) | |
download | libssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.tar.gz libssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.tar.xz libssh-248e5acd5c9f9bb08b7d04dce13564bf4c817cca.zip |
pki: Fail to sign when using wrong hash algorithm
Do not allow using SSH_DIGEST_AUTO for any algorithm other than
ed25519.
Do not allow using incompatible hash algorithms when signing or
verifying signatures.
Added negative tests for all combinations of signature and hash
algorithms.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include/libssh')
-rw-r--r-- | include/libssh/pki_priv.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/libssh/pki_priv.h b/include/libssh/pki_priv.h index a104f1c8..39a22cac 100644 --- a/include/libssh/pki_priv.h +++ b/include/libssh/pki_priv.h @@ -61,6 +61,8 @@ int pki_key_compare(const ssh_key k1, const ssh_key k2, enum ssh_keycmp_e what); +int pki_key_check_hash_compatible(ssh_key key, + enum ssh_digest_e hash_type); /* SSH Private Key Functions */ enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey); ssh_key pki_private_key_from_base64(const char *b64_key, |