mirror of https://github.com/wolfSSL/wolfssh.git
Public key authentication
1. Remove a forced test value for a sigSz in PrepareUserAuthRequestEcc. 2. When building the PrepareUserAuthRequest message for ECC user public keys, the temporary buffer for the signature should be the size of a signature for prime256 signatures, not 512 bytes.pull/169/head
parent
56616d3416
commit
3db449d736
|
@ -6918,7 +6918,6 @@ static int PrepareUserAuthRequestEcc(WOLFSSH* ssh, word32* payloadSz,
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
if (authData->sf.publicKey.hasSignature) {
|
if (authData->sf.publicKey.hasSignature) {
|
||||||
int sigSz = wc_ecc_sig_size(&keySig->ks.ecc.key);
|
int sigSz = wc_ecc_sig_size(&keySig->ks.ecc.key);
|
||||||
sigSz = 64;
|
|
||||||
|
|
||||||
if (sigSz >= 0) {
|
if (sigSz >= 0) {
|
||||||
*payloadSz += (LENGTH_SZ * 5) + (word32)sigSz +
|
*payloadSz += (LENGTH_SZ * 5) + (word32)sigSz +
|
||||||
|
@ -6949,7 +6948,7 @@ static int BuildUserAuthRequestEcc(WOLFSSH* ssh,
|
||||||
int ret = WS_SUCCESS;
|
int ret = WS_SUCCESS;
|
||||||
byte* r;
|
byte* r;
|
||||||
byte* s;
|
byte* s;
|
||||||
byte sig[512];
|
byte sig[72]; /* wc_ecc_sig_size() for a prime256 key. */
|
||||||
word32 sigSz = sizeof(sig), rSz, sSz;
|
word32 sigSz = sizeof(sig), rSz, sSz;
|
||||||
|
|
||||||
if (ssh == NULL || output == NULL || idx == NULL || authData == NULL ||
|
if (ssh == NULL || output == NULL || idx == NULL || authData == NULL ||
|
||||||
|
|
Loading…
Reference in New Issue