diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2019-05-06 17:33:25 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-05-13 16:37:51 +0200 |
commit | e775182c2e07bed49e94733cc36e05d2f720d3cf (patch) | |
tree | f1ce182cbd85ae39d790f43cd7fd9a4176289072 /src/pki.c | |
parent | 76f9808eb2fa83376981cebba63b467fa3a8c4be (diff) | |
download | libssh-e775182c2e07bed49e94733cc36e05d2f720d3cf.tar.gz libssh-e775182c2e07bed49e94733cc36e05d2f720d3cf.tar.xz libssh-e775182c2e07bed49e94733cc36e05d2f720d3cf.zip |
pki: Make DSA signature to use SHA1 instead of AUTO
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki.c')
-rw-r--r-- | src/pki.c | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -286,6 +286,8 @@ static enum ssh_digest_e ssh_key_hash_from_name(const char *name) if (strcmp(name, "ssh-rsa") == 0) { return SSH_DIGEST_SHA1; + } else if (strcmp(name, "ssh-dss") == 0) { + return SSH_DIGEST_SHA1; } else if (strcmp(name, "rsa-sha2-256") == 0) { return SSH_DIGEST_SHA256; } else if (strcmp(name, "rsa-sha2-512") == 0) { @@ -300,6 +302,8 @@ static enum ssh_digest_e ssh_key_hash_from_name(const char *name) return SSH_DIGEST_AUTO; } + SSH_LOG(SSH_LOG_WARN, "Unknown signature name %s", name); + /* TODO we should rather fail */ return SSH_DIGEST_AUTO; } @@ -340,6 +344,8 @@ enum ssh_digest_e ssh_key_type_to_hash(ssh_session session, enum ssh_keytypes_e type) { switch (type) { + case SSH_KEYTYPE_DSS: + return SSH_DIGEST_SHA1; case SSH_KEYTYPE_RSA: if (ssh_key_algorithm_allowed(session, "rsa-sha2-512") && (session->extensions & SSH_EXT_SIG_RSA_SHA512)) { @@ -363,9 +369,15 @@ enum ssh_digest_e ssh_key_type_to_hash(ssh_session session, case SSH_KEYTYPE_ECDSA_P521_CERT01: case SSH_KEYTYPE_ECDSA_P521: return SSH_DIGEST_SHA512; - default: - /* Other key types use the default value (not used) */ + case SSH_KEYTYPE_ED25519_CERT01: + case SSH_KEYTYPE_ED25519: return SSH_DIGEST_AUTO; + case SSH_KEYTYPE_RSA1: + case SSH_KEYTYPE_ECDSA: + case SSH_KEYTYPE_UNKNOWN: + default: + SSH_LOG(SSH_LOG_WARN, "Digest algorithm to be used with key type %u " + "is not defined", type); } /* We should never reach this */ |