diff options
author | Justus Winter <justus@g10code.com> | 2016-05-02 16:00:25 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2016-11-03 15:20:30 +0100 |
commit | f62cded9f0bc2d08afe0ef2d79e247951f193559 (patch) | |
tree | f4e325a50af6f6b42f96b66170c2ab8f9a136f82 /src/pki.c | |
parent | 7e315629b9b70aae3b2a686def5cd053729652bd (diff) | |
download | libssh-f62cded9f0bc2d08afe0ef2d79e247951f193559.tar.gz libssh-f62cded9f0bc2d08afe0ef2d79e247951f193559.tar.xz libssh-f62cded9f0bc2d08afe0ef2d79e247951f193559.zip |
pki_gcrypt: Handle ECDSA keys and signatures
* ConfigureChecks.cmake: Set 'HAVE_ECC' and 'HAVE_GCRYPT_ECC' if
applicable.
* include/libssh/pki.h (struct ssh_key_struct): Fix type of field
'ecdsa'.
(struct ssh_signature_struct): Likewise for 'ecdsa_sig'.
* src/pki.c (ssh_pki_key_ecdsa_name): Relax guard now that the used
function is also provided by the gcrypt backend.
(ssh_signature_free): Free ecdsa signature.
* src/pki_gcrypt.c (ECDSA_HEADER_{BEGIN,END}): New macros.
(privatekey_string_to_buffer): Handle ECDSA keys.
(pki_key_ecdsa_to_nid): New function.
(pki_key_ecdsa_nid_to_gcrypt_name): Likewise.
(pki_key_ecdsa_nid_to_name): Likewise.
(pki_key_ecdsa_nid_to_char): Likewise.
(pki_key_ecdsa_nid_from_name): Implement.
(asn1_oi_to_nid): New function.
(b64decode_ecdsa_privatekey): Likewise.
(pki_private_key_from_base64): Handle ECDSA keys.
(pki_pubkey_build_ecdsa): Implement.
(pki_key_dup): Handle ECDSA keys.
(pki_key_generate): Likewise.
(pki_key_generate_ecdsa): Implement.
(pki_key_compare): Handle ECDSA keys.
(pki_publickey_to_blob): Likewise.
(pki_signature_from_blob): Likewise.
(pki_signature_verify): Likewise.
(pki_do_sign): Likewise.
(pki_do_sign_sessionid): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki.c')
-rw-r--r-- | src/pki.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -91,7 +91,7 @@ enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey) { */ const char *ssh_pki_key_ecdsa_name(const ssh_key key) { -#ifdef HAVE_OPENSSL_ECC /* FIXME Better ECC check needed */ +#ifdef HAVE_ECC /* FIXME Better ECC check needed */ return pki_key_ecdsa_nid_to_name(key->ecdsa_nid); #else (void) key; /* unused */ @@ -357,7 +357,9 @@ void ssh_signature_free(ssh_signature sig) #endif break; case SSH_KEYTYPE_ECDSA: -#if defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_ECC) +#ifdef HAVE_LIBGCRYPT_ECC + gcry_sexp_release(sig->ecdsa_sig); +#elif defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_ECC) ECDSA_SIG_free(sig->ecdsa_sig); #endif break; |