aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2012-02-04 23:45:01 +0100
committerAndreas Schneider <asn@cryptomilk.org>2012-02-04 23:45:01 +0100
commit4019dbed8531381f0971151d83c6f7eb31ae841a (patch)
tree3e915d5d10c75e1f1b73138695aa51e1faf5a9fa
parent216cb8b1aa86d6fd5cf8db38938e70d5986403cd (diff)
downloadlibssh-4019dbed8531381f0971151d83c6f7eb31ae841a.tar.gz
libssh-4019dbed8531381f0971151d83c6f7eb31ae841a.tar.xz
libssh-4019dbed8531381f0971151d83c6f7eb31ae841a.zip
pki: Add ecdsa support for signature verification.
-rw-r--r--src/pki.c32
1 files changed, 24 insertions, 8 deletions
diff --git a/src/pki.c b/src/pki.c
index b615ded..73153ba 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -1191,7 +1191,6 @@ int ssh_pki_signature_verify_blob(ssh_session session,
unsigned char *digest,
size_t dlen)
{
- unsigned char hash[SHA_DIGEST_LEN] = {0};
ssh_signature sig;
int rc;
@@ -1206,17 +1205,34 @@ int ssh_pki_signature_verify_blob(ssh_session session,
key->type_c);
- sha1(digest, dlen, hash);
+ if (key->type == SSH_KEYTYPE_ECDSA) {
+#if HAVE_ECC
+ unsigned char ehash[EVP_DIGEST_LEN] = {0};
+ uint32_t elen;
+
+ evp(key->ecdsa_nid, digest, dlen, ehash, &elen);
+ rc = pki_signature_verify(session,
+ sig,
+ key,
+ ehash,
+ elen);
+#endif
+ } else {
+ unsigned char hash[SHA_DIGEST_LEN] = {0};
+
+ sha1(digest, dlen, hash);
#ifdef DEBUG_CRYPTO
- ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN);
+ ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN);
#endif
- rc = pki_signature_verify(session,
- sig,
- key,
- hash,
- SHA_DIGEST_LEN);
+ rc = pki_signature_verify(session,
+ sig,
+ key,
+ hash,
+ SHA_DIGEST_LEN);
+ }
+
ssh_signature_free(sig);
return rc;