diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2012-02-04 23:45:01 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2012-02-04 23:45:01 +0100 |
commit | 4019dbed8531381f0971151d83c6f7eb31ae841a (patch) | |
tree | 3e915d5d10c75e1f1b73138695aa51e1faf5a9fa /src/pki.c | |
parent | 216cb8b1aa86d6fd5cf8db38938e70d5986403cd (diff) | |
download | libssh-4019dbed8531381f0971151d83c6f7eb31ae841a.tar.gz libssh-4019dbed8531381f0971151d83c6f7eb31ae841a.tar.xz libssh-4019dbed8531381f0971151d83c6f7eb31ae841a.zip |
pki: Add ecdsa support for signature verification.
Diffstat (limited to 'src/pki.c')
-rw-r--r-- | src/pki.c | 32 |
1 files changed, 24 insertions, 8 deletions
@@ -1191,7 +1191,6 @@ int ssh_pki_signature_verify_blob(ssh_session session, unsigned char *digest, size_t dlen) { - unsigned char hash[SHA_DIGEST_LEN] = {0}; ssh_signature sig; int rc; @@ -1206,17 +1205,34 @@ int ssh_pki_signature_verify_blob(ssh_session session, key->type_c); - sha1(digest, dlen, hash); + if (key->type == SSH_KEYTYPE_ECDSA) { +#if HAVE_ECC + unsigned char ehash[EVP_DIGEST_LEN] = {0}; + uint32_t elen; + + evp(key->ecdsa_nid, digest, dlen, ehash, &elen); + rc = pki_signature_verify(session, + sig, + key, + ehash, + elen); +#endif + } else { + unsigned char hash[SHA_DIGEST_LEN] = {0}; + + sha1(digest, dlen, hash); #ifdef DEBUG_CRYPTO - ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN); + ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN); #endif - rc = pki_signature_verify(session, - sig, - key, - hash, - SHA_DIGEST_LEN); + rc = pki_signature_verify(session, + sig, + key, + hash, + SHA_DIGEST_LEN); + } + ssh_signature_free(sig); return rc; |