lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

pki: Make sure public keys match when adding certificate data

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
Jakub Jelen
2023-09-21 18:02:08 +02:00
committed by Sahana Prasad
parent a8c844c9c2
commit d604d7f872
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/pki.c
View File

@@ -2162,7 +2162,7 @@ int ssh_pki_export_pubkey_file(const ssh_key key,
**/ **/
int ssh_pki_copy_cert_to_privkey(const ssh_key certkey, ssh_key privkey) { int ssh_pki_copy_cert_to_privkey(const ssh_key certkey, ssh_key privkey) {
ssh_buffer cert_buffer; ssh_buffer cert_buffer;
int rc; int rc, cmp;
if (certkey == NULL || privkey == NULL) { if (certkey == NULL || privkey == NULL) {
return SSH_ERROR; return SSH_ERROR;
@@ -2176,6 +2176,12 @@ int ssh_pki_copy_cert_to_privkey(const ssh_key certkey, ssh_key privkey) {
return SSH_ERROR; return SSH_ERROR;
} }
/* make sure the public keys match */
cmp = ssh_key_cmp(certkey, privkey, SSH_KEY_CMP_PUBLIC);
if (cmp != 0) {
return SSH_ERROR;
}
cert_buffer = ssh_buffer_new(); cert_buffer = ssh_buffer_new();
if (cert_buffer == NULL) { if (cert_buffer == NULL) {
return SSH_ERROR; return SSH_ERROR;