Add rsa-sha2 certificates

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



This PR adds capability to create and use rsa-sha2 certificates.

diff --git a/ssh-rsa.c b/ssh-rsa.c
index 49e71c8..69de09c 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -57,9 +57,11 @@ rsa_hash_alg_from_ident(const char *ident)
  if (strcmp(ident, "ssh-rsa") == 0 ||
      strcmp(ident, "ssh-rsa-cert-v01@xxxxxxxxxxx") == 0)
  return SSH_DIGEST_SHA1;
- if (strcmp(ident, "rsa-sha2-256") == 0)
+ if (strcmp(ident, "rsa-sha2-256") == 0 ||
+     strcmp(ident, "rsa-sha2-256-cert-v01@xxxxxxxxxxx") == 0)
  return SSH_DIGEST_SHA256;
- if (strcmp(ident, "rsa-sha2-512") == 0)
+ if (strcmp(ident, "rsa-sha2-512") == 0 ||
+     strcmp(ident, "rsa-sha2-512-cert-v01@xxxxxxxxxxx") == 0)
  return SSH_DIGEST_SHA512;
  return -1;
 }
diff --git a/sshkey.c b/sshkey.c
index 7712fba..2d43887 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -110,6 +110,8 @@ static const struct keytype keytypes[] = {
 #  endif /* OPENSSL_HAS_NISTP521 */
 # endif /* OPENSSL_HAS_ECC */
  { "ssh-rsa-cert-v01@xxxxxxxxxxx", "RSA-CERT", KEY_RSA_CERT, 0, 1, 0 },
+ { "rsa-sha2-256-cert-v01@xxxxxxxxxxx", "RSA-CERT", KEY_RSA_CERT, 0, 1, 1 },
+ { "rsa-sha2-512-cert-v01@xxxxxxxxxxx", "RSA-CERT", KEY_RSA_CERT, 0, 1, 1 },
  { "ssh-dss-cert-v01@xxxxxxxxxxx", "DSA-CERT", KEY_DSA_CERT, 0, 1, 0 },
 # ifdef OPENSSL_HAS_ECC
  { "ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx", "ECDSA-CERT",

Please set email of commit to koops1997+github@xxxxxxxxx and name to
Yegor Ievlev, so commit will be attributed to me on GitHub.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux