lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-08 19:02:06 +03:00
Code Activity

The largest ECDSA key has 521 bits

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2018-11-26 18:00:14 +01:00
committed by Andreas Schneider
parent c1fdb56d23
commit 46d8840f7e
6 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pki.c
View File

@@ -1538,7 +1538,7 @@ int ssh_pki_import_cert_file(const char *filename, ssh_key *pkey)
* @param[in] parameter Parameter to the creation of key: * @param[in] parameter Parameter to the creation of key:
* rsa : length of the key in bits (e.g. 1024, 2048, 4096) * rsa : length of the key in bits (e.g. 1024, 2048, 4096)
* dsa : length of the key in bits (e.g. 1024, 2048, 3072) * dsa : length of the key in bits (e.g. 1024, 2048, 3072)
* ecdsa : bits of the key (e.g. 256, 384, 512) * ecdsa : bits of the key (e.g. 256, 384, 521)
* @param[out] pkey A pointer to store the allocated private key. You need * @param[out] pkey A pointer to store the allocated private key. You need
* to free the memory. * to free the memory.
* *

2
src/pki_crypto.c
View File

@@ -558,7 +558,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) {
case 384: case 384:
nid = NID_secp384r1; nid = NID_secp384r1;
break; break;
case 512: case 521:
nid = NID_secp521r1; nid = NID_secp521r1;
break; break;
case 256: case 256:

2
src/pki_gcrypt.c
View File

@@ -1348,7 +1348,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter) {
case 384: case 384:
nid = NID_gcrypt_nistp384; nid = NID_gcrypt_nistp384;
break; break;
case 512: case 521:
nid = NID_gcrypt_nistp521; nid = NID_gcrypt_nistp521;
break; break;
case 256: case 256:

2
src/pki_mbedcrypto.c
View File

@@ -1439,7 +1439,7 @@ int pki_key_generate_ecdsa(ssh_key key, int parameter)
case 384: case 384:
nid = NID_mbedtls_nistp384; nid = NID_mbedtls_nistp384;
break; break;
case 512: case 521:
nid = NID_mbedtls_nistp521; nid = NID_mbedtls_nistp521;
break; break;
case 256: case 256:

2
tests/unittests/torture_options.c
View File

@@ -674,7 +674,7 @@ static void torture_bind_options_import_key(void **state)
assert_int_equal(rc, 0); assert_int_equal(rc, 0);
#endif #endif
/* set ecdsa key */ /* set ecdsa key */
base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 512, 0); base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 521, 0);
rc = ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key); rc = ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key);
assert_int_equal(rc, SSH_OK); assert_int_equal(rc, SSH_OK);
assert_non_null(key); assert_non_null(key);

2
tests/unittests/torture_pki_ecdsa.c
View File

@@ -451,7 +451,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
ssh_signature_free(sign); ssh_signature_free(sign);
SSH_KEY_FREE(key); SSH_KEY_FREE(key);
rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 512, &key); rc = ssh_pki_generate(SSH_KEYTYPE_ECDSA, 521, &key);
assert_true(rc == SSH_OK); assert_true(rc == SSH_OK);
assert_true(key != NULL); assert_true(key != NULL);
sign = pki_do_sign(key, ECDSA_HASH, 20); sign = pki_do_sign(key, ECDSA_HASH, 20);