aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2017-10-10 19:59:01 +0200
committerHans Nilsson <[email protected]>2017-10-30 11:59:23 +0100
commit70114aab0eeed0ba10f5ee7497362dcb62d9d892 (patch)
treed4f48a91c4c1a5edfc55dc9d53cc8b99ab8edf9f
parent3ffdb15e2315a0ad784f1b45db97c3748325e567 (diff)
downloadotp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.tar.gz
otp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.tar.bz2
otp-70114aab0eeed0ba10f5ee7497362dcb62d9d892.zip
ssh: Sharpen the PubKey validity check
-rw-r--r--lib/ssh/src/ssh_transport.erl9
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index e92c727559..2c5a8ad26e 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -1830,11 +1830,14 @@ valid_key_sha_alg(#'RSAPrivateKey'{}, 'ssh-rsa' ) -> true;
valid_key_sha_alg({_, #'Dss-Parms'{}}, 'ssh-dss') -> true;
valid_key_sha_alg(#'DSAPrivateKey'{}, 'ssh-dss') -> true;
-valid_key_sha_alg({#'ECPoint'{},{namedCurve,OID}}, Alg) -> sha(OID) == sha(Alg);
-valid_key_sha_alg(#'ECPrivateKey'{parameters = {namedCurve,OID}}, Alg) -> sha(OID) == sha(Alg);
+valid_key_sha_alg({#'ECPoint'{},{namedCurve,OID}}, Alg) -> valid_key_sha_alg_ec(OID, Alg);
+valid_key_sha_alg(#'ECPrivateKey'{parameters = {namedCurve,OID}}, Alg) -> valid_key_sha_alg_ec(OID, Alg);
valid_key_sha_alg(_, _) -> false.
-
+valid_key_sha_alg_ec(OID, Alg) ->
+ Curve = public_key:oid2ssh_curvename(OID),
+ Alg == list_to_atom("ecdsa-sha2-" ++ binary_to_list(Curve)).
+
public_algo(#'RSAPublicKey'{}) -> 'ssh-rsa'; % FIXME: Not right with draft-curdle-rsa-sha2
public_algo({_, #'Dss-Parms'{}}) -> 'ssh-dss';