version 1.95, 2019/11/18 06:58:00 |
version 1.96, 2019/11/25 00:51:37 |
|
|
goto out; |
goto out; |
} |
} |
if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, |
if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, |
sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) |
sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0, NULL)) != 0) |
goto out; |
goto out; |
if ((ret = sshkey_get_sigtype(sig, slen, |
if ((ret = sshkey_get_sigtype(sig, slen, |
&key->cert->signature_type)) != 0) |
&key->cert->signature_type)) != 0) |
|
|
int |
int |
sshkey_verify(const struct sshkey *key, |
sshkey_verify(const struct sshkey *key, |
const u_char *sig, size_t siglen, |
const u_char *sig, size_t siglen, |
const u_char *data, size_t dlen, const char *alg, u_int compat) |
const u_char *data, size_t dlen, const char *alg, u_int compat, |
|
struct sshkey_sig_details **detailsp) |
{ |
{ |
|
if (detailsp != NULL) |
|
*detailsp = NULL; |
if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) |
if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) |
return SSH_ERR_INVALID_ARGUMENT; |
return SSH_ERR_INVALID_ARGUMENT; |
switch (key->type) { |
switch (key->type) { |
|
|
case KEY_ECDSA_SK_CERT: |
case KEY_ECDSA_SK_CERT: |
case KEY_ECDSA_SK: |
case KEY_ECDSA_SK: |
return ssh_ecdsa_sk_verify(key, sig, siglen, data, dlen, |
return ssh_ecdsa_sk_verify(key, sig, siglen, data, dlen, |
compat); |
compat, detailsp); |
case KEY_RSA_CERT: |
case KEY_RSA_CERT: |
case KEY_RSA: |
case KEY_RSA: |
return ssh_rsa_verify(key, sig, siglen, data, dlen, alg); |
return ssh_rsa_verify(key, sig, siglen, data, dlen, alg); |
|
|
case KEY_ED25519_SK: |
case KEY_ED25519_SK: |
case KEY_ED25519_SK_CERT: |
case KEY_ED25519_SK_CERT: |
return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, |
return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, |
compat); |
compat, detailsp); |
#ifdef WITH_XMSS |
#ifdef WITH_XMSS |
case KEY_XMSS: |
case KEY_XMSS: |
case KEY_XMSS_CERT: |
case KEY_XMSS_CERT: |
|
|
|
|
return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, |
return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, |
passphrase, keyp, commentp); |
passphrase, keyp, commentp); |
|
} |
|
|
|
void |
|
sshkey_sig_details_free(struct sshkey_sig_details *details) |
|
{ |
|
freezero(details, sizeof(*details)); |
} |
} |
|
|
#ifdef WITH_XMSS |
#ifdef WITH_XMSS |