version 1.113, 2013/12/29 02:49:52 |
version 1.114, 2013/12/29 04:20:04 |
|
|
return 0; |
return 0; |
} |
} |
|
|
|
static int |
|
key_type_is_valid_ca(int type) |
|
{ |
|
switch (type) { |
|
case KEY_RSA: |
|
case KEY_DSA: |
|
case KEY_ECDSA: |
|
case KEY_ED25519: |
|
return 1; |
|
default: |
|
return 0; |
|
} |
|
} |
|
|
u_int |
u_int |
key_size(const Key *k) |
key_size(const Key *k) |
{ |
{ |
|
|
error("%s: Signature key invalid", __func__); |
error("%s: Signature key invalid", __func__); |
goto out; |
goto out; |
} |
} |
if (key->cert->signature_key->type != KEY_RSA && |
if (!key_type_is_valid_ca(key->cert->signature_key->type)) { |
key->cert->signature_key->type != KEY_DSA && |
|
key->cert->signature_key->type != KEY_ECDSA && |
|
key->cert->signature_key->type != KEY_ED25519) { |
|
error("%s: Invalid signature key type %s (%d)", __func__, |
error("%s: Invalid signature key type %s (%d)", __func__, |
key_type(key->cert->signature_key), |
key_type(key->cert->signature_key), |
key->cert->signature_key->type); |
key->cert->signature_key->type); |
|
|
return -1; |
return -1; |
} |
} |
|
|
if (ca->type != KEY_RSA && ca->type != KEY_DSA && |
if (!key_type_is_valid_ca(ca->type)) { |
ca->type != KEY_ECDSA && ca->type != KEY_ED25519) { |
|
error("%s: CA key has unsupported type %s", __func__, |
error("%s: CA key has unsupported type %s", __func__, |
key_type(ca)); |
key_type(ca)); |
return -1; |
return -1; |