diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 18:20:28 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 18:41:47 +0200 |
commit | 82ca6a6c532c3da9bb6c7d932a2d7447d6a4a17e (patch) | |
tree | 0c35f0286eb1aa0a02d236b9d171137d350be32e | |
parent | 5cc98ed7205ba68b88d24c85753fb8e60296d2f7 (diff) | |
download | libssh-82ca6a6c532c3da9bb6c7d932a2d7447d6a4a17e.tar.gz libssh-82ca6a6c532c3da9bb6c7d932a2d7447d6a4a17e.tar.xz libssh-82ca6a6c532c3da9bb6c7d932a2d7447d6a4a17e.zip |
pki: Add ssh_srv_pki_signature_verify_blob().
-rw-r--r-- | include/libssh/pki.h | 5 | ||||
-rw-r--r-- | src/pki.c | 38 |
2 files changed, 43 insertions, 0 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h index 3e908a6..ef2ea09 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -70,6 +70,11 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob, ssh_signature *psig); int ssh_pki_signature_verify_blob(ssh_session session, ssh_string sig_blob); +int ssh_srv_pki_signature_verify_blob(ssh_session session, + ssh_string sig_blob, + const ssh_key key, + unsigned char *digest, + size_t dlen); /* SSH Public Key Functions */ ssh_string ssh_pki_export_pubkey_blob(const ssh_key key); @@ -1141,6 +1141,44 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session, #endif /* _WIN32 */ #ifdef WITH_SERVER +int ssh_srv_pki_signature_verify_blob(ssh_session session, + ssh_string sig_blob, + const ssh_key key, + unsigned char *digest, + size_t dlen) +{ + unsigned char hash[SHA_DIGEST_LEN + 1] = {0}; + ssh_signature sig; + int rc; + + rc = ssh_pki_import_signature_blob(sig_blob, key, &sig); + if (rc < 0) { + ssh_key_free(key); + return SSH_ERROR; + } + + ssh_log(session, + SSH_LOG_FUNCTIONS, + "Going to verify a %s type signature", + key->type_c); + + + sha1(digest, dlen, hash + 1); + +#ifdef DEBUG_CRYPTO + ssh_print_hexa("Hash to be verified with dsa", hash + 1, SHA_DIGEST_LEN); +#endif + + rc = pki_signature_verify(session, + sig, + key, + hash, + SHA_DIGEST_LEN); + ssh_signature_free(sig); + + return rc; +} + ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session, const ssh_key privkey) { |