diff options
author | Jakub Jelen <jjelen@redhat.com> | 2018-11-22 10:43:18 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-11-30 16:21:18 +0100 |
commit | d2434c69c008aa1cd3bd488ca6bc524da0e4ca3a (patch) | |
tree | 9c7e75f20d783734a4644dcd81cf1766ea62adb6 /src/messages.c | |
parent | 7f83a1efae6a7da19e18268d6298fc11b4e68c57 (diff) | |
download | libssh-d2434c69c008aa1cd3bd488ca6bc524da0e4ca3a.tar.gz libssh-d2434c69c008aa1cd3bd488ca6bc524da0e4ca3a.tar.xz libssh-d2434c69c008aa1cd3bd488ca6bc524da0e4ca3a.zip |
pki: Separate signature extraction and verification
Initial solution proposed by Tilo Eckert <tilo.eckert@flam.de>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/messages.c')
-rw-r--r-- | src/messages.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/messages.c b/src/messages.c index 9273fda7..4c83cf0b 100644 --- a/src/messages.c +++ b/src/messages.c @@ -730,6 +730,7 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session, */ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ ssh_message msg = NULL; + ssh_signature sig = NULL; char *service = NULL; char *method = NULL; int cmp; @@ -863,13 +864,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ goto error; } - rc = ssh_pki_signature_verify_blob(session, - sig_blob, + rc = ssh_pki_import_signature_blob(sig_blob, msg->auth_request.pubkey, - ssh_buffer_get(digest), - ssh_buffer_get_len(digest)); + &sig); + if (rc == SSH_OK) { + rc = ssh_pki_signature_verify(session, + sig, + msg->auth_request.pubkey, + ssh_buffer_get(digest), + ssh_buffer_get_len(digest)); + } ssh_string_free(sig_blob); ssh_buffer_free(digest); + ssh_signature_free(sig); if (rc < 0) { SSH_LOG( SSH_LOG_PACKET, |