diff options
author | Hans Nilsson <[email protected]> | 2016-09-06 14:29:30 +0200 |
---|---|---|
committer | Hans Nilsson <[email protected]> | 2016-09-06 14:29:30 +0200 |
commit | 9da5e0fae44d8c85ad14e20e27568f86ad52cc0f (patch) | |
tree | 10339e1e33d318c05015f3cd4eb819dcea964077 | |
parent | 10ffae2b1c12f6d564dfc3fbf3e316491b71b2c3 (diff) | |
parent | 9b988fa6edd9db2396ade2141e14f0fc7b68cfd2 (diff) | |
download | otp-9da5e0fae44d8c85ad14e20e27568f86ad52cc0f.tar.gz otp-9da5e0fae44d8c85ad14e20e27568f86ad52cc0f.tar.bz2 otp-9da5e0fae44d8c85ad14e20e27568f86ad52cc0f.zip |
Merge branch 'hans/ssh/correct_sha_ecdsa/OTP-13850' into maint
-rw-r--r-- | lib/ssh/src/ssh_auth.erl | 4 | ||||
-rw-r--r-- | lib/ssh/src/ssh_transport.erl | 7 |
2 files changed, 8 insertions, 3 deletions
diff --git a/lib/ssh/src/ssh_auth.erl b/lib/ssh/src/ssh_auth.erl index 1dcf5d0708..afc6ec5a56 100644 --- a/lib/ssh/src/ssh_auth.erl +++ b/lib/ssh/src/ssh_auth.erl @@ -140,7 +140,7 @@ publickey_msg([Alg, #ssh{user = User, session_id = SessionId, service = Service, opts = Opts} = Ssh]) -> - Hash = sha, %% Maybe option?! + Hash = ssh_transport:sha(Alg), KeyCb = proplists:get_value(key_cb, Opts, ssh_file), case KeyCb:user_key(Alg, Opts) of {ok, PrivKey} -> @@ -495,7 +495,7 @@ verify_sig(SessionId, User, Service, Alg, KeyBlob, SigWLen, Opts) -> <<?UINT32(AlgSigLen), AlgSig:AlgSigLen/binary>> = SigWLen, <<?UINT32(AlgLen), _Alg:AlgLen/binary, ?UINT32(SigLen), Sig:SigLen/binary>> = AlgSig, - ssh_transport:verify(PlainText, sha, Sig, Key); + ssh_transport:verify(PlainText, ssh_transport:sha(list_to_atom(Alg)), Sig, Key); false -> false end. diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index 7cb3b75ac0..15b80de30a 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -46,7 +46,7 @@ handle_kex_ecdh_reply/2, extract_public_key/1, ssh_packet/2, pack/2, - sign/3, verify/4]). + sha/1, sign/3, verify/4]). %%% For test suites -export([pack/3]). @@ -1619,6 +1619,11 @@ kex_h(SSH, Key, Min, NBits, Max, Prime, Gen, E, F, K) -> crypto:hash(sha((SSH#ssh.algorithms)#alg.kex), L). +sha('ssh-rsa') -> sha; +sha('ssh-dss') -> sha; +sha('ecdsa-sha2-nistp256') -> sha(secp256r1); +sha('ecdsa-sha2-nistp384') -> sha(secp384r1); +sha('ecdsa-sha2-nistp521') -> sha(secp521r1); sha(secp256r1) -> sha256; sha(secp384r1) -> sha384; sha(secp521r1) -> sha512; |