lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

pki: Add support for comparing certificates

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
Jakub Jelen
2023-09-22 22:57:32 +02:00
committed by Sahana Prasad
parent 16ebd4597e
commit 44de06e8db
3 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/libssh/libssh.h
View File

@@ -295,7 +295,8 @@ enum ssh_keytypes_e{
enum ssh_keycmp_e { enum ssh_keycmp_e {
SSH_KEY_CMP_PUBLIC = 0, SSH_KEY_CMP_PUBLIC = 0,
SSH_KEY_CMP_PRIVATE SSH_KEY_CMP_PRIVATE = 1,
SSH_KEY_CMP_CERTIFICATE = 2,
}; };
#define SSH_ADDRSTRLEN 46 #define SSH_ADDRSTRLEN 46

16
src/pki.c
View File

@@ -685,6 +685,22 @@ int ssh_key_cmp(const ssh_key k1,
} }
} }
if (what == SSH_KEY_CMP_CERTIFICATE) {
if (!is_cert_type(k1->type) ||
!is_cert_type(k2->type)) {
return 1;
}
if (k1->cert == NULL || k2->cert == NULL) {
return 1;
}
if (ssh_buffer_get_len(k1->cert) != ssh_buffer_get_len(k2->cert)) {
return 1;
}
return memcmp(ssh_buffer_get(k1->cert),
ssh_buffer_get(k2->cert),
ssh_buffer_get_len(k1->cert));
}
if (k1->type == SSH_KEYTYPE_ED25519 || if (k1->type == SSH_KEYTYPE_ED25519 ||
k1->type == SSH_KEYTYPE_SK_ED25519) { k1->type == SSH_KEYTYPE_SK_ED25519) {
return pki_ed25519_key_cmp(k1, k2, what); return pki_ed25519_key_cmp(k1, k2, what);

4
src/pki_ed25519_common.c
View File

@@ -121,6 +121,10 @@ int pki_ed25519_key_cmp(const ssh_key k1,
if (cmp != 0) { if (cmp != 0) {
return 1; return 1;
} }
break;
case SSH_KEY_CMP_CERTIFICATE:
/* handled globally */
return 1;
} }
return 0; return 0;