Skip to content

Commit

Permalink
Fix up ECCP384 support
Browse files Browse the repository at this point in the history
  • Loading branch information
@arekinath
arekinath committed Sep 26, 2018
1 parent 21752c5 commit a9c41e5
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 3 deletions.
14 changes: 13 additions & 1 deletion agent.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -646,7 +646,19 @@ process_sign_request2(SocketEntry *e)
else if (flags & SSH_AGENT_RSA_SHA2_512)
hashalg = SSH_DIGEST_SHA512;
} else if (key->type == KEY_ECDSA) {
hashalg = SSH_DIGEST_SHA256;
switch (sshkey_curve_nid_to_bits(key->ecdsa_nid)) {
case 256:
hashalg = SSH_DIGEST_SHA256;
break;
case 384:
hashalg = SSH_DIGEST_SHA384;
break;
case 521:
hashalg = SSH_DIGEST_SHA512;
break;
default:
hashalg = SSH_DIGEST_SHA256;
}
}
ohashalg = hashalg;
r = piv_sign(selk, slot, data, dlen, &hashalg, &rawsig, &rslen);
Expand Down
11 changes: 9 additions & 2 deletions piv.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2247,8 +2247,15 @@ piv_sign(struct piv_token *tk, struct piv_slot *slot, const uint8_t *data,
}
break;
case PIV_ALG_ECCP384:
*hashalgo = SSH_DIGEST_SHA384;
inplen = (dglen = 48);
inplen = 48;
if (*hashalgo == SSH_DIGEST_SHA1) {
dglen = 20;
} else if (*hashalgo == SSH_DIGEST_SHA256) {
dglen = 32;
} else {
*hashalgo = SSH_DIGEST_SHA384;
dglen = 48;
}
break;
default:
assert(0);
Expand Down

0 comments on commit a9c41e5

Please sign in to comment.