aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-08-23 13:30:46 +0200
committerAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-09-24 16:49:35 +0200
commit55cd04fbee7bf6c8157e2338695b03342615a261 (patch)
treef716a5fc5eab6fd59763f2daa6a9e7efdae17acb
parent2a2c1c98bf4129f4c70ec1fef6558c2e5af15e5d (diff)
downloadlibssh-55cd04fbee7bf6c8157e2338695b03342615a261.tar.gz
libssh-55cd04fbee7bf6c8157e2338695b03342615a261.tar.xz
libssh-55cd04fbee7bf6c8157e2338695b03342615a261.zip
pki: Remove unused function pki_signature_verify()
This removes unused function pki_signature_verify() from pki_{crypto, mbedcrypto, gcrypt}. The function was also removed from include/libssh/pki_priv.h. The function ssh_pki_signature_verify() was changed to receive a const unsigned char *input. All tests calling pki_signature_verify() were changed to call ssh_pki_signature_verify() instead. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r--include/libssh/pki.h2
-rw-r--r--include/libssh/pki_priv.h5
-rw-r--r--src/pki.c2
-rw-r--r--src/pki_crypto.c40
-rw-r--r--src/pki_gcrypt.c41
-rw-r--r--src/pki_mbedcrypto.c36
-rw-r--r--tests/unittests/torture_pki.c8
-rw-r--r--tests/unittests/torture_pki_dsa.c8
-rw-r--r--tests/unittests/torture_pki_ecdsa.c14
-rw-r--r--tests/unittests/torture_pki_ed25519.c12
-rw-r--r--tests/unittests/torture_pki_rsa.c18
-rw-r--r--tests/unittests/torture_threads_pki_rsa.c6
12 files changed, 35 insertions, 157 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h
index e7a20156..533d3e09 100644
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -133,7 +133,7 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
int ssh_pki_signature_verify(ssh_session session,
ssh_signature sig,
const ssh_key key,
- unsigned char *digest,
+ const unsigned char *digest,
size_t dlen);
/* SSH Public Key Functions */
diff --git a/include/libssh/pki_priv.h b/include/libssh/pki_priv.h
index 24538d8e..d365a2dd 100644
--- a/include/libssh/pki_priv.h
+++ b/include/libssh/pki_priv.h
@@ -124,11 +124,6 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
const ssh_string sig_blob,
enum ssh_keytypes_e type,
enum ssh_digest_e hash_type);
-int pki_signature_verify(ssh_session session,
- const ssh_signature sig,
- const ssh_key key,
- const unsigned char *input,
- size_t input_len);
/* SSH Signing Functions */
ssh_signature pki_do_sign(const ssh_key privkey,
diff --git a/src/pki.c b/src/pki.c
index 2ee1bb5b..488500cc 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -2239,7 +2239,7 @@ int pki_key_check_hash_compatible(ssh_key key,
int ssh_pki_signature_verify(ssh_session session,
ssh_signature sig,
const ssh_key key,
- unsigned char *input,
+ const unsigned char *input,
size_t input_len)
{
int rc;
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index f73199c8..13198249 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -1856,46 +1856,6 @@ error:
return NULL;
}
-int pki_signature_verify(ssh_session session,
- const ssh_signature sig,
- const ssh_key key,
- const unsigned char *input,
- size_t input_len)
-{
- int rc;
-
- if (session == NULL || sig == NULL || key == NULL || input == NULL) {
- SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
- "pki_signature_verify()");
- return SSH_ERROR;
- }
-
- if (ssh_key_type_plain(key->type) != sig->type) {
- SSH_LOG(SSH_LOG_WARN,
- "Can not verify %s signature with %s key",
- sig->type_c,
- key->type_c);
- return SSH_ERROR;
- }
-
- /* Check if public key and hash type are compatible */
- rc = pki_key_check_hash_compatible(key, sig->hash_type);
- if (rc != SSH_OK) {
- return SSH_ERROR;
- }
-
- rc = pki_verify_data_signature(sig, key, input, input_len);
-
- if (rc != SSH_OK){
- ssh_set_error(session,
- SSH_FATAL,
- "Signature verification error");
- return SSH_ERROR;
- }
-
- return SSH_OK;
-}
-
static const EVP_MD *pki_digest_to_md(enum ssh_digest_e hash_type)
{
const EVP_MD *md = NULL;
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 8adc8165..6e00194a 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -2087,47 +2087,6 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
return sig;
}
-int pki_signature_verify(ssh_session session,
- const ssh_signature sig,
- const ssh_key key,
- const unsigned char *input,
- size_t input_len)
-{
- int rc;
-
- if (session == NULL || sig == NULL || key == NULL || input == NULL) {
- SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
- "pki_signature_verify()");
- return SSH_ERROR;
- }
-
- if (ssh_key_type_plain(key->type) != sig->type) {
- SSH_LOG(SSH_LOG_WARN,
- "Can not verify %s signature with %s key",
- sig->type_c,
- key->type_c);
- return SSH_ERROR;
- }
-
- /* Check if public key and hash type are compatible */
- rc = pki_key_check_hash_compatible(key, sig->hash_type);
- if (rc != SSH_OK) {
- return SSH_ERROR;
- }
-
- /* For the other key types, calculate the hash and verify the signature */
- rc = pki_verify_data_signature(sig, key, input, input_len);
-
- if (rc != SSH_OK){
- ssh_set_error(session,
- SSH_FATAL,
- "Signature verification error");
- return SSH_ERROR;
- }
-
- return SSH_OK;
-}
-
ssh_signature pki_do_sign_hash(const ssh_key privkey,
const unsigned char *hash,
size_t hlen,
diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c
index 7236210a..3774192f 100644
--- a/src/pki_mbedcrypto.c
+++ b/src/pki_mbedcrypto.c
@@ -1022,42 +1022,6 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
return sig;
}
-int pki_signature_verify(ssh_session session, const ssh_signature sig, const
- ssh_key key, const unsigned char *input, size_t input_len)
-{
- int rc;
-
- if (session == NULL || sig == NULL || key == NULL || input == NULL) {
- SSH_LOG(SSH_LOG_TRACE, "Bad parameter provided to "
- "pki_signature_verify()");
- return SSH_ERROR;
- }
-
- if (ssh_key_type_plain(key->type) != sig->type) {
- SSH_LOG(SSH_LOG_WARN,
- "Can not verify %s signature with %s key",
- sig->type_c,
- key->type_c);
- return SSH_ERROR;
- }
-
- /* Check if public key and hash type are compatible */
- rc = pki_key_check_hash_compatible(key, sig->hash_type);
- if (rc != SSH_OK) {
- return SSH_ERROR;
- }
-
- rc = pki_verify_data_signature(sig, key, input, input_len);
- if (rc != SSH_OK){
- ssh_set_error(session,
- SSH_FATAL,
- "Signature verification error");
- return SSH_ERROR;
- }
-
- return SSH_OK;
-}
-
static ssh_string rsa_do_sign_hash(const unsigned char *digest,
int dlen,
mbedtls_pk_context *privkey,
diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c
index 0e4ea1af..d886245c 100644
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -331,7 +331,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_int_equal(import_sig->type, key->type);
assert_string_equal(import_sig->type_c, skey_attrs.sig_type_c);
- rc = pki_signature_verify(session,
+ rc = ssh_pki_signature_verify(session,
import_sig,
pubkey,
INPUT,
@@ -374,7 +374,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_non_null(verify_pubkey);
/* Should gracefully fail, but not crash */
- rc = pki_signature_verify(session,
+ rc = ssh_pki_signature_verify(session,
sign,
verify_pubkey,
INPUT,
@@ -382,7 +382,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_true(rc != SSH_OK);
/* Try the same with the imported signature */
- rc = pki_signature_verify(session,
+ rc = ssh_pki_signature_verify(session,
import_sig,
verify_pubkey,
INPUT,
@@ -401,7 +401,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_string_equal(new_sig->type_c, skey_attrs.sig_type_c);
/* The verification should not work */
- rc = pki_signature_verify(session,
+ rc = ssh_pki_signature_verify(session,
new_sig,
verify_pubkey,
INPUT,
diff --git a/tests/unittests/torture_pki_dsa.c b/tests/unittests/torture_pki_dsa.c
index 08e6235c..b555e487 100644
--- a/tests/unittests/torture_pki_dsa.c
+++ b/tests/unittests/torture_pki_dsa.c
@@ -809,7 +809,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -823,7 +823,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -837,7 +837,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -868,7 +868,7 @@ static void torture_pki_dsa_cert_verify(void **state)
sign = pki_do_sign(privkey, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);
diff --git a/tests/unittests/torture_pki_ecdsa.c b/tests/unittests/torture_pki_ecdsa.c
index 161fe713..22f06a46 100644
--- a/tests/unittests/torture_pki_ecdsa.c
+++ b/tests/unittests/torture_pki_ecdsa.c
@@ -546,7 +546,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P256);
@@ -568,7 +568,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P256);
@@ -589,7 +589,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA384);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P384);
@@ -611,7 +611,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA384);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P384);
@@ -632,7 +632,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P521);
@@ -654,7 +654,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P521);
@@ -696,7 +696,7 @@ static void torture_pki_ecdsa_cert_verify(void **state)
sign = pki_do_sign(privkey, INPUT, sizeof(INPUT), hash_type);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);
diff --git a/tests/unittests/torture_pki_ed25519.c b/tests/unittests/torture_pki_ed25519.c
index 422be580..3d486965 100644
--- a/tests/unittests/torture_pki_ed25519.c
+++ b/tests/unittests/torture_pki_ed25519.c
@@ -440,7 +440,7 @@ static void torture_pki_ed25519_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, HASH, 20, SSH_DIGEST_AUTO);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, pubkey, HASH, 20);
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ED25519);
@@ -455,7 +455,7 @@ static void torture_pki_ed25519_generate_key(void **state)
#endif
assert_non_null(raw_sig_data);
(raw_sig_data)[3]^= 0xff;
- rc = pki_signature_verify(session, sign, pubkey, HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, pubkey, HASH, 20);
assert_true(rc == SSH_ERROR);
ssh_signature_free(sign);
@@ -494,7 +494,7 @@ static void torture_pki_ed25519_cert_verify(void **state)
sign = pki_do_sign(privkey, HASH, 20, SSH_DIGEST_AUTO);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, cert, HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, cert, HASH, 20);
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);
@@ -683,7 +683,7 @@ static void torture_pki_ed25519_verify(void **state){
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);
- rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
+ rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_OK);
/* Alter signature and expect verification error */
@@ -694,7 +694,7 @@ static void torture_pki_ed25519_verify(void **state){
#endif
assert_non_null(raw_sig_data);
(raw_sig_data)[3]^= 0xff;
- rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
+ rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_ERROR);
ssh_signature_free(sig);
@@ -741,7 +741,7 @@ static void torture_pki_ed25519_verify_bad(void **state){
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);
- rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
+ rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_ERROR);
ssh_signature_free(sig);
diff --git a/tests/unittests/torture_pki_rsa.c b/tests/unittests/torture_pki_rsa.c
index d3a02a11..a9867069 100644
--- a/tests/unittests/torture_pki_rsa.c
+++ b/tests/unittests/torture_pki_rsa.c
@@ -553,7 +553,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -570,7 +570,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -586,7 +586,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -625,9 +625,9 @@ static void torture_pki_rsa_sha2(void **state)
/* Sign using old SHA1 digest */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
- rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
}
@@ -635,18 +635,18 @@ static void torture_pki_rsa_sha2(void **state)
/* Sign using new SHA256 digest */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
- rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
/* Sign using rsa-sha2-512 algorithm */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
- rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
+ rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
diff --git a/tests/unittests/torture_threads_pki_rsa.c b/tests/unittests/torture_threads_pki_rsa.c
index 03d526cd..a04a7462 100644
--- a/tests/unittests/torture_threads_pki_rsa.c
+++ b/tests/unittests/torture_threads_pki_rsa.c
@@ -583,7 +583,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
@@ -602,7 +602,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
@@ -620,7 +620,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
- rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
+ rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_true(rc == SSH_OK);
ssh_signature_free(sign);