From 33b0cfc199a1f8657a23ae9ce05d2fd4b8261257 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Fri, 30 Dec 2011 11:10:38 +0100
Subject: pki: Add ecdsa support for signature_verify.

---
 src/pki_crypto.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'src')

diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 3480a9e5..4030d479 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -1233,6 +1233,20 @@ int pki_signature_verify(ssh_session session,
             }
             break;
         case SSH_KEYTYPE_ECDSA:
+#ifdef HAVE_OPENSSL_ECC
+            rc = ECDSA_do_verify(hash,
+                                 hlen,
+                                 sig->ecdsa_sig,
+                                 key->ecdsa);
+            if (rc <= 0) {
+                ssh_set_error(session,
+                              SSH_FATAL,
+                              "ECDSA error: %s",
+                              ERR_error_string(ERR_get_error(), NULL));
+                return SSH_ERROR;
+            }
+            break;
+#endif
         case SSH_KEYTYPE_UNKNOWN:
             ssh_set_error(session, SSH_FATAL, "Unknown public key type");
             return SSH_ERROR;
-- 
cgit