upstream commit

handle certs in rsa_hash_alg_from_ident(), saving an
unnecessary special case elsewhere.

Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4
This commit is contained in:
djm@openbsd.org 2016-09-12 23:39:34 +00:00 committed by Darren Tucker
parent 130f5df4fa
commit 445e218878
1 changed files with 4 additions and 4 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-rsa.c,v 1.59 2016/04/21 06:08:02 djm Exp $ */ /* $OpenBSD: ssh-rsa.c,v 1.60 2016/09/12 23:39:34 djm Exp $ */
/* /*
* Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
* *
@ -53,7 +53,8 @@ rsa_hash_alg_ident(int hash_alg)
static int static int
rsa_hash_alg_from_ident(const char *ident) rsa_hash_alg_from_ident(const char *ident)
{ {
if (strcmp(ident, "ssh-rsa") == 0) if (strcmp(ident, "ssh-rsa") == 0 ||
strcmp(ident, "ssh-rsa-cert-v01@openssh.com") == 0)
return SSH_DIGEST_SHA1; return SSH_DIGEST_SHA1;
if (strcmp(ident, "rsa-sha2-256") == 0) if (strcmp(ident, "rsa-sha2-256") == 0)
return SSH_DIGEST_SHA256; return SSH_DIGEST_SHA256;
@ -93,8 +94,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
if (sigp != NULL) if (sigp != NULL)
*sigp = NULL; *sigp = NULL;
if (alg_ident == NULL || strlen(alg_ident) == 0 || if (alg_ident == NULL || strlen(alg_ident) == 0)
strncmp(alg_ident, "ssh-rsa-cert", strlen("ssh-rsa-cert")) == 0)
hash_alg = SSH_DIGEST_SHA1; hash_alg = SSH_DIGEST_SHA1;
else else
hash_alg = rsa_hash_alg_from_ident(alg_ident); hash_alg = rsa_hash_alg_from_ident(alg_ident);