diff options
author | Hans Nilsson <[email protected]> | 2017-10-10 19:59:01 +0200 |
---|---|---|
committer | Hans Nilsson <[email protected]> | 2017-10-30 11:59:23 +0100 |
commit | 70114aab0eeed0ba10f5ee7497362dcb62d9d892 (patch) | |
tree | d4f48a91c4c1a5edfc55dc9d53cc8b99ab8edf9f | |
parent | 3ffdb15e2315a0ad784f1b45db97c3748325e567 (diff) | |
download | otp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.tar.gz otp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.tar.bz2 otp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.zip |
ssh: Sharpen the PubKey validity check
-rw-r--r-- | lib/ssh/src/ssh_transport.erl | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index e92c727559..2c5a8ad26e 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -1830,11 +1830,14 @@ valid_key_sha_alg(#'RSAPrivateKey'{}, 'ssh-rsa' ) -> true; valid_key_sha_alg({_, #'Dss-Parms'{}}, 'ssh-dss') -> true; valid_key_sha_alg(#'DSAPrivateKey'{}, 'ssh-dss') -> true; -valid_key_sha_alg({#'ECPoint'{},{namedCurve,OID}}, Alg) -> sha(OID) == sha(Alg); -valid_key_sha_alg(#'ECPrivateKey'{parameters = {namedCurve,OID}}, Alg) -> sha(OID) == sha(Alg); +valid_key_sha_alg({#'ECPoint'{},{namedCurve,OID}}, Alg) -> valid_key_sha_alg_ec(OID, Alg); +valid_key_sha_alg(#'ECPrivateKey'{parameters = {namedCurve,OID}}, Alg) -> valid_key_sha_alg_ec(OID, Alg); valid_key_sha_alg(_, _) -> false. - +valid_key_sha_alg_ec(OID, Alg) -> + Curve = public_key:oid2ssh_curvename(OID), + Alg == list_to_atom("ecdsa-sha2-" ++ binary_to_list(Curve)). + public_algo(#'RSAPublicKey'{}) -> 'ssh-rsa'; % FIXME: Not right with draft-curdle-rsa-sha2 public_algo({_, #'Dss-Parms'{}}) -> 'ssh-dss'; |