- djm@cvs.openbsd.org 2013/12/29 02:28:10

[key.c] allow ed25519 keys to appear as certificate authorities
2013-12-29 17:48:38 +11:00 · 2013-12-29 17:48:38 +11:00 · 83f2fe26cb
parent 06122e9a74
commit 83f2fe26cb
2 changed files with 6 additions and 2 deletions
--- a/3
+++ b/3
@ -43,6 +43,9 @@
   - djm@cvs.openbsd.org 2013/12/27 22:37:18
     [ssh-rsa.c]
     correct comment
+   - djm@cvs.openbsd.org 2013/12/29 02:28:10
+     [key.c]
+     allow ed25519 keys to appear as certificate authorities

 20131221
 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
--- a/key.c
+++ b/key.c
@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.110 2013/12/07 00:19:15 djm Exp $ */
+/* $OpenBSD: key.c,v 1.111 2013/12/29 02:28:10 djm Exp $ */
 /*
 * read_bignum():
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1481,7 +1481,8 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
 	}
 	if (key->cert->signature_key->type != KEY_RSA &&
 	    key->cert->signature_key->type != KEY_DSA &&
-	    key->cert->signature_key->type != KEY_ECDSA) {
+	    key->cert->signature_key->type != KEY_ECDSA &&
+	    key->cert->signature_key->type != KEY_ED25519) {
 		error("%s: Invalid signature key type %s (%d)", __func__,
 		    key_type(key->cert->signature_key),
 		    key->cert->signature_key->type);