===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-dss.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- src/usr.bin/ssh/ssh-dss.c	2022/10/28 00:41:17	1.44
+++ src/usr.bin/ssh/ssh-dss.c	2022/10/28 00:41:52	1.45
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.44 2022/10/28 00:41:17 djm Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.45 2022/10/28 00:41:52 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -96,7 +96,7 @@
 
 static int
 ssh_dss_serialize_public(const struct sshkey *key, struct sshbuf *b,
-    const char *typename, enum sshkey_serialize_rep opts)
+    enum sshkey_serialize_rep opts)
 {
 	int r;
 	const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key;
@@ -108,8 +108,7 @@
 	if (dsa_p == NULL || dsa_q == NULL ||
 	    dsa_g == NULL || dsa_pub_key == NULL)
 		return SSH_ERR_INTERNAL_ERROR;
-	if ((r = sshbuf_put_cstring(b, typename)) != 0 ||
-	    (r = sshbuf_put_bignum2(b, dsa_p)) != 0 ||
+	if ((r = sshbuf_put_bignum2(b, dsa_p)) != 0 ||
 	    (r = sshbuf_put_bignum2(b, dsa_q)) != 0 ||
 	    (r = sshbuf_put_bignum2(b, dsa_g)) != 0 ||
 	    (r = sshbuf_put_bignum2(b, dsa_pub_key)) != 0)
@@ -173,6 +172,43 @@
 	return r;
 }
 
+static int
+ssh_dss_deserialize_public(const char *ktype, struct sshbuf *b,
+    struct sshkey *key)
+{
+	int ret = SSH_ERR_INTERNAL_ERROR;
+	BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL, *dsa_pub_key = NULL;
+
+	if (sshbuf_get_bignum2(b, &dsa_p) != 0 ||
+	    sshbuf_get_bignum2(b, &dsa_q) != 0 ||
+	    sshbuf_get_bignum2(b, &dsa_g) != 0 ||
+	    sshbuf_get_bignum2(b, &dsa_pub_key) != 0) {
+		ret = SSH_ERR_INVALID_FORMAT;
+		goto out;
+	}
+	if (!DSA_set0_pqg(key->dsa, dsa_p, dsa_q, dsa_g)) {
+		ret = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+	dsa_p = dsa_q = dsa_g = NULL; /* transferred */
+	if (!DSA_set0_key(key->dsa, dsa_pub_key, NULL)) {
+		ret = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+	dsa_pub_key = NULL; /* transferred */
+#ifdef DEBUG_PK
+	DSA_print_fp(stderr, key->dsa, 8);
+#endif
+	/* success */
+	ret = 0;
+ out:
+	BN_clear_free(dsa_p);
+	BN_clear_free(dsa_q);
+	BN_clear_free(dsa_g);
+	BN_clear_free(dsa_pub_key);
+	return ret;
+}
+
 int
 ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
     const u_char *data, size_t datalen, u_int compat)
@@ -336,6 +372,7 @@
 	/* .cleanup = */	ssh_dss_cleanup,
 	/* .equal = */		ssh_dss_equal,
 	/* .ssh_serialize_public = */ ssh_dss_serialize_public,
+	/* .ssh_deserialize_public = */ ssh_dss_deserialize_public,
 	/* .generate = */	ssh_dss_generate,
 	/* .copy_public = */	ssh_dss_copy_public,
 };