| version 1.81, 2019/07/16 13:18:39 |
version 1.82, 2019/09/03 08:31:20 |
|
|
| struct sshbuf *buf, enum sshkey_serialize_rep); |
struct sshbuf *buf, enum sshkey_serialize_rep); |
| static int sshkey_from_blob_internal(struct sshbuf *buf, |
static int sshkey_from_blob_internal(struct sshbuf *buf, |
| struct sshkey **keyp, int allow_cert); |
struct sshkey **keyp, int allow_cert); |
| static int get_sigtype(const u_char *sig, size_t siglen, char **sigtypep); |
|
| |
|
| /* Supported key types */ |
/* Supported key types */ |
| struct keytype { |
struct keytype { |
|
|
| if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, |
if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, |
| sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) |
sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) |
| goto out; |
goto out; |
| if ((ret = get_sigtype(sig, slen, &key->cert->signature_type)) != 0) |
if ((ret = sshkey_get_sigtype(sig, slen, |
| |
&key->cert->signature_type)) != 0) |
| goto out; |
goto out; |
| |
|
| /* Success */ |
/* Success */ |
|
|
| return r; |
return r; |
| } |
} |
| |
|
| static int |
int |
| get_sigtype(const u_char *sig, size_t siglen, char **sigtypep) |
sshkey_get_sigtype(const u_char *sig, size_t siglen, char **sigtypep) |
| { |
{ |
| int r; |
int r; |
| struct sshbuf *b = NULL; |
struct sshbuf *b = NULL; |
|
|
| return 0; |
return 0; |
| if ((expected_alg = sshkey_sigalg_by_name(requested_alg)) == NULL) |
if ((expected_alg = sshkey_sigalg_by_name(requested_alg)) == NULL) |
| return SSH_ERR_INVALID_ARGUMENT; |
return SSH_ERR_INVALID_ARGUMENT; |
| if ((r = get_sigtype(sig, siglen, &sigtype)) != 0) |
if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) |
| return r; |
return r; |
| r = strcmp(expected_alg, sigtype) == 0; |
r = strcmp(expected_alg, sigtype) == 0; |
| free(sigtype); |
free(sigtype); |
|
|
| sshbuf_len(cert), alg, 0, signer_ctx)) != 0) |
sshbuf_len(cert), alg, 0, signer_ctx)) != 0) |
| goto out; |
goto out; |
| /* Check and update signature_type against what was actually used */ |
/* Check and update signature_type against what was actually used */ |
| if ((ret = get_sigtype(sig_blob, sig_len, &sigtype)) != 0) |
if ((ret = sshkey_get_sigtype(sig_blob, sig_len, &sigtype)) != 0) |
| goto out; |
goto out; |
| if (alg != NULL && strcmp(alg, sigtype) != 0) { |
if (alg != NULL && strcmp(alg, sigtype) != 0) { |
| ret = SSH_ERR_SIGN_ALG_UNSUPPORTED; |
ret = SSH_ERR_SIGN_ALG_UNSUPPORTED; |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshkey.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh