pki: Sanitize input to verification

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

src/pki_crypto.c

@@ -1797,7 +1797,15 @@ int pki_signature_verify(ssh_session session,
     int rc;
     int nid;
 
-    switch(key->type) {
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
+    switch (key->type) {
         case SSH_KEYTYPE_DSS:
             rc = DSA_do_verify(hash,
                                hlen,

src/pki_gcrypt.c

@@ -2034,6 +2034,14 @@ int pki_signature_verify(ssh_session session,
     gcry_sexp_t sexp;
     gcry_error_t err;
 
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
     switch(key->type) {
         case SSH_KEYTYPE_DSS:
             /* That is to mark the number as positive */

src/pki_mbedcrypto.c

@@ -1008,6 +1008,14 @@ int pki_signature_verify(ssh_session session, const ssh_signature sig, const
     int rc;
     mbedtls_md_type_t md = 0;
 
+    if (key->type != sig->type) {
+        SSH_LOG(SSH_LOG_WARN,
+                "Can not verify %s signature with %s key",
+                sig->type_c,
+                key->type_c);
+        return SSH_ERROR;
+    }
+
     switch (key->type) {
         case SSH_KEYTYPE_RSA:
             switch (sig->hash_type) {