aboutsummaryrefslogtreecommitdiff
path: root/src/pki_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki_crypto.c')
-rw-r--r--src/pki_crypto.c47
1 files changed, 47 insertions, 0 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index d4f48d3..386ac99 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -673,6 +673,53 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
return sig;
}
+int pki_signature_verify(ssh_session session,
+ const ssh_signature sig,
+ const ssh_key key,
+ const unsigned char *hash,
+ size_t len)
+{
+ int rc;
+
+ switch(key->type) {
+ case SSH_KEYTYPE_DSS:
+ rc = DSA_do_verify(hash + 1,
+ len,
+ sig->dsa_sig,
+ key->dsa);
+ if (rc < 0) {
+ ssh_set_error(session,
+ SSH_FATAL,
+ "DSA error: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ return SSH_ERROR;
+ }
+ break;
+ case SSH_KEYTYPE_RSA:
+ case SSH_KEYTYPE_RSA1:
+ rc = RSA_verify(NID_sha1,
+ hash + 1,
+ len,
+ string_data(sig->rsa_sig),
+ ssh_string_len(sig->rsa_sig),
+ key->rsa);
+ if (rc < 0) {
+ ssh_set_error(session,
+ SSH_FATAL,
+ "RSA error: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ return SSH_ERROR;
+ }
+ break;
+ case SSH_KEYTYPE_ECDSA:
+ case SSH_KEYTYPE_UNKNOWN:
+ ssh_set_error(session, SSH_FATAL, "Unknown public key type");
+ return SSH_ERROR;
+ }
+
+ return SSH_OK;
+}
+
struct signature_struct *pki_do_sign(ssh_key privatekey,
const unsigned char *hash) {
struct signature_struct *sign;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 19:16:05 +0000