- djm@cvs.openbsd.org 2013/12/27 22:30:17
[ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
make the original RSA and DSA signing/verification code look more like
the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
rather than tediously listing all variants, use __func__ for debug/
error messages
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 7663389..52f9e74 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.7 2013/12/27 22:30:17 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -54,11 +54,12 @@
u_int len, dlen;
Buffer b, bb;
- if (key == NULL || key->ecdsa == NULL ||
- (key->type != KEY_ECDSA && key->type != KEY_ECDSA_CERT)) {
+ if (key == NULL || key_type_plain(key->type) != KEY_ECDSA ||
+ key->ecdsa == NULL) {
error("%s: no ECDSA key", __func__);
return -1;
}
+
evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid);
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
@@ -105,11 +106,12 @@
Buffer b, bb;
char *ktype;
- if (key == NULL || key->ecdsa == NULL ||
- (key->type != KEY_ECDSA && key->type != KEY_ECDSA_CERT)) {
+ if (key == NULL || key_type_plain(key->type) != KEY_ECDSA ||
+ key->ecdsa == NULL) {
error("%s: no ECDSA key", __func__);
return -1;
}
+
evp_md = key_ec_nid_to_evpmd(key->ecdsa_nid);
/* fetch signature */