mirror of
https://git.libssh.org/projects/libssh.git
synced 2025-08-08 19:02:06 +03:00
pki: Add ecdsa support for signature verification.
This commit is contained in:
Andreas Schneider
20
src/pki.c
20
src/pki.c
@@ -1191,7 +1191,6 @@ int ssh_pki_signature_verify_blob(ssh_session session,
|
|||||||
unsigned char *digest,
|
unsigned char *digest,
|
||||||
size_t dlen)
|
size_t dlen)
|
||||||
{
|
{
|
||||||
unsigned char hash[SHA_DIGEST_LEN] = {0};
|
|
||||||
ssh_signature sig;
|
ssh_signature sig;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
@@ -1206,8 +1205,23 @@ int ssh_pki_signature_verify_blob(ssh_session session,
|
|||||||
key->type_c);
|
key->type_c);
|
||||||
|
|
||||||
|
|
||||||
sha1(digest, dlen, hash);
|
if (key->type == SSH_KEYTYPE_ECDSA) {
|
||||||
|
#if HAVE_ECC
|
||||||
|
unsigned char ehash[EVP_DIGEST_LEN] = {0};
|
||||||
|
uint32_t elen;
|
||||||
|
|
||||||
|
evp(key->ecdsa_nid, digest, dlen, ehash, &elen);
|
||||||
|
|
||||||
|
rc = pki_signature_verify(session,
|
||||||
|
sig,
|
||||||
|
key,
|
||||||
|
ehash,
|
||||||
|
elen);
|
||||||
|
#endif
|
||||||
|
} else {
|
||||||
|
unsigned char hash[SHA_DIGEST_LEN] = {0};
|
||||||
|
|
||||||
|
sha1(digest, dlen, hash);
|
||||||
#ifdef DEBUG_CRYPTO
|
#ifdef DEBUG_CRYPTO
|
||||||
ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN);
|
ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN);
|
||||||
#endif
|
#endif
|
||||||
@@ -1217,6 +1231,8 @@ int ssh_pki_signature_verify_blob(ssh_session session,
|
|||||||
key,
|
key,
|
||||||
hash,
|
hash,
|
||||||
SHA_DIGEST_LEN);
|
SHA_DIGEST_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
ssh_signature_free(sig);
|
ssh_signature_free(sig);
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
|
|||||||
Reference in New Issue
Block a user