Attachment #3100 for bug #2799

Lines 144-150 userauth_hostbased(struct ssh *ssh) Link Here

(-)a/auth2-hostbased.c (-1 / +1 lines)
144	authenticated = 0;	144	authenticated = 0;
145	if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&	145	if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
146	PRIVSEP(sshkey_verify(key, sig, slen,	146	PRIVSEP(sshkey_verify(key, sig, slen,
147	sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0)	147	sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0)
148	authenticated = 1;	148	authenticated = 1;
149		149
150	auth2_record_key(authctxt, authenticated, key);	150	auth2_record_key(authctxt, authenticated, key);

Lines 198-204 userauth_pubkey(struct ssh *ssh) Link Here

(-)a/auth2-pubkey.c (-1 / +1 lines)
198	authenticated = 0;	198	authenticated = 0;
199	if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&	199	if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
200	PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),	200	PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
201	sshbuf_len(b), ssh->compat)) == 0) {	201	sshbuf_len(b), pkalg, ssh->compat)) == 0) {
202	authenticated = 1;	202	authenticated = 1;
203	}	203	}
204	sshbuf_free(b);	204	sshbuf_free(b);

Lines 1960-1966 client_global_hostkeys_private_confirm(struct ssh *ssh, int type, Link Here

(-)a/clientloop.c (-1 / +1 lines)
1960	goto out;	1960	goto out;
1961	}	1961	}
1962	if ((r = sshkey_verify(ctx->keys[i], sig, siglen,	1962	if ((r = sshkey_verify(ctx->keys[i], sig, siglen,
1963	sshbuf_ptr(signdata), sshbuf_len(signdata), 0)) != 0) {	1963	sshbuf_ptr(signdata), sshbuf_len(signdata), NULL, 0)) != 0) {
1964	error("%s: server gave bad signature for %s key %zu",	1964	error("%s: server gave bad signature for %s key %zu",
1965	__func__, sshkey_type(ctx->keys[i]), i);	1965	__func__, sshkey_type(ctx->keys[i]), i);
1966	goto out;	1966	goto out;

Lines 141-147 input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh) Link Here

(-)a/kexc25519c.c (-1 / +1 lines)
141	goto out;	141	goto out;
142		142
143	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,	143	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
144	ssh->compat)) != 0)	144	NULL, ssh->compat)) != 0)
145	goto out;	145	goto out;
146		146
147	/* save session id */	147	/* save session id */

Lines 192-198 input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) Link Here

(-)a/kexdhc.c (-1 / +1 lines)
192	goto out;	192	goto out;
193		193
194	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,	194	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
195	ssh->compat)) != 0)	195	NULL, ssh->compat)) != 0)
196	goto out;	196	goto out;
197		197
198	/* save session id */	198	/* save session id */

Lines 188-194 input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) Link Here

(-)a/kexecdhc.c (-1 / +1 lines)
188	goto out;	188	goto out;
189		189
190	if ((r = sshkey_verify(server_host_key, signature, slen, hash,	190	if ((r = sshkey_verify(server_host_key, signature, slen, hash,
191	hashlen, ssh->compat)) != 0)	191	hashlen, NULL, ssh->compat)) != 0)
192	goto out;	192	goto out;
193		193
194	/* save session id */	194	/* save session id */

Lines 238-244 input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) Link Here

(-)a/kexgexc.c (-1 / +1 lines)
238	goto out;	238	goto out;
239		239
240	if ((r = sshkey_verify(server_host_key, signature, slen, hash,	240	if ((r = sshkey_verify(server_host_key, signature, slen, hash,
241	hashlen, ssh->compat)) != 0)	241	hashlen, NULL, ssh->compat)) != 0)
242	goto out;	242	goto out;
243		243
244	/* save session id */	244	/* save session id */

Lines 102-108 key_verify(const Key key, const u_char signature, u_int signaturelen, Link Here

(-)a/key.c (-1 / +1 lines)
102	int r;	102	int r;
103		103
104	if ((r = sshkey_verify(key, signature, signaturelen,	104	if ((r = sshkey_verify(key, signature, signaturelen,
105	data, datalen, datafellows)) != 0) {	105	data, datalen, NULL, datafellows)) != 0) {
106	fatal_on_fatal_errors(r, __func__, 0);	106	fatal_on_fatal_errors(r, __func__, 0);
107	error("%s: %s", __func__, ssh_err(r));	107	error("%s: %s", __func__, ssh_err(r));
108	return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1;	108	return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1;

Lines 929-934 ssh_krl_from_blob(struct sshbuf buf, struct ssh_krl *krlp, Link Here

(-)a/krl.c (-1 / +6 lines)
929	const u_char *blob;	929	const u_char *blob;
930	size_t i, j, sig_off, sects_off, rlen, blen, nca_used;	930	size_t i, j, sig_off, sects_off, rlen, blen, nca_used;
931	u_int format_version;	931	u_int format_version;
		932	char *sigtype = NULL;
932		933
933	nca_used = 0;	934	nca_used = 0;
934	*krlp = NULL;	935	*krlp = NULL;
Lines 1012-1020 ssh_krl_from_blob(struct sshbuf buf, struct ssh_krl *krlp, Link Here
1012	r = SSH_ERR_INVALID_FORMAT;	1013	r = SSH_ERR_INVALID_FORMAT;
1013	goto out;	1014	goto out;
1014	}	1015	}
		1016	if ((r = sshkey_sigtype(blob, blen, &sigtype)) != 0) {
		1017	goto out;
		1018	}
1015	/* Check signature over entire KRL up to this point */	1019	/* Check signature over entire KRL up to this point */
1016	if ((r = sshkey_verify(key, blob, blen,	1020	if ((r = sshkey_verify(key, blob, blen,
1017	sshbuf_ptr(buf), sig_off, 0)) != 0)	1021	sshbuf_ptr(buf), sig_off, sigtype, 0)) != 0)
1018	goto out;	1022	goto out;
1019	/* Check if this key has already signed this KRL */	1023	/* Check if this key has already signed this KRL */
1020	for (i = 0; i < nca_used; i++) {	1024	for (i = 0; i < nca_used; i++) {
Lines 1154-1159 ssh_krl_from_blob(struct sshbuf buf, struct ssh_krl *krlp, Link Here
1154	sshkey_free(key);	1158	sshkey_free(key);
1155	sshbuf_free(copy);	1159	sshbuf_free(copy);
1156	sshbuf_free(sect);	1160	sshbuf_free(sect);
		1161	sshbuf_free(sigtype);
1157	return r;	1162	return r;
1158	}	1163	}
1159		1164




{
	struct sshkey *key;
	u_char *signature, *data, *blob;
	char *alg;
	size_t signaturelen, datalen, bloblen;
	int r, ret, valid_data = 0, encoded_ret;

	if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
	    (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
	    (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
	    (r = sshbuf_get_cstring(m, &alg, NULL)) != 0)
		fatal("%s: buffer error: %s", __func__, ssh_err(r));

	if (hostbased_cuser == NULL || hostbased_chost == NULL ||

		fatal("%s: bad signature data blob", __func__);

	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
	    alg, active_state->compat);
	debug3("%s: %s %p signature %s", __func__, auth_method, key,
	    (ret == 0) ? "verified" : "unverified");
	auth2_record_key(authctxt, ret == 0, key);

Lines 441-447 mm_key_allowed(enum mm_keytype type, const char user, const char host, Link Here

(-)a/monitor_wrap.c (-1 / +2 lines)
441		441
442	int	442	int
443	mm_sshkey_verify(const struct sshkey key, const u_char sig, size_t siglen,	443	mm_sshkey_verify(const struct sshkey key, const u_char sig, size_t siglen,
444	const u_char *data, size_t datalen, u_int compat)	444	const u_char data, size_t datalen, const char alg, u_int compat)
445	{	445	{
446	Buffer m;	446	Buffer m;
447	u_char *blob;	447	u_char *blob;
Lines 458-463 mm_sshkey_verify(const struct sshkey key, const u_char sig, size_t siglen, Link Here
458	buffer_put_string(&m, blob, len);	458	buffer_put_string(&m, blob, len);
459	buffer_put_string(&m, sig, siglen);	459	buffer_put_string(&m, sig, siglen);
460	buffer_put_string(&m, data, datalen);	460	buffer_put_string(&m, data, datalen);
		461	buffer_put_cstring(&m, alg);
461	free(blob);	462	free(blob);
462		463
463	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);	464	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);

Lines 51-57 int mm_user_key_allowed(struct passwd , struct sshkey , int); Link Here

(-)a/monitor_wrap.h (-1 / +1 lines)
51	int mm_hostbased_key_allowed(struct passwd , const char ,	51	int mm_hostbased_key_allowed(struct passwd , const char ,
52	const char , struct sshkey );	52	const char , struct sshkey );
53	int mm_sshkey_verify(const struct sshkey , const u_char , size_t,	53	int mm_sshkey_verify(const struct sshkey , const u_char , size_t,
54	const u_char *, size_t, u_int);	54	const u_char , size_t, const char , u_int);
55		55
56	#ifdef GSSAPI	56	#ifdef GSSAPI
57	OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);	57	OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);

Lines 566-572 do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) Link Here

(-)a/ssh-keygen.c (-1 / +1 lines)
566		566
567	/* try the key */	567	/* try the key */
568	if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 \|\|	568	if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 \|\|
569	sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) {	569	sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0) != 0) {
570	sshkey_free(key);	570	sshkey_free(key);
571	free(sig);	571	free(sig);
572	return NULL;	572	return NULL;

Lines 207-213 ssh_rsa_sign(const struct sshkey key, u_char sigp, size_t lenp, Link Here

(-)a/ssh-rsa.c (-1 / +6 lines)
207		207
208	int	208	int
209	ssh_rsa_verify(const struct sshkey *key,	209	ssh_rsa_verify(const struct sshkey *key,
210	const u_char sig, size_t siglen, const u_char data, size_t datalen)	210	const u_char sig, size_t siglen, const u_char data, size_t datalen,
		211	const char *alg)
211	{	212	{
212	char *ktype = NULL;	213	char *ktype = NULL;
213	int hash_alg, ret = SSH_ERR_INTERNAL_ERROR;	214	int hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
Lines 228-233 ssh_rsa_verify(const struct sshkey *key, Link Here
228	ret = SSH_ERR_INVALID_FORMAT;	229	ret = SSH_ERR_INVALID_FORMAT;
229	goto out;	230	goto out;
230	}	231	}
		232	if (alg != NULL && strcmp(ktype, alg) != 0) {
		233	ret = SSH_ERR_KEY_TYPE_MISMATCH;
		234	goto out;
		235	}
231	if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) {	236	if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) {
232	ret = SSH_ERR_KEY_TYPE_MISMATCH;	237	ret = SSH_ERR_KEY_TYPE_MISMATCH;
233	goto out;	238	goto out;




}

static int
sshkey_ktype_from_blob(struct sshbuf *b, char **ktypep)
{
	int ret = SSH_ERR_INTERNAL_ERROR;
	struct sshbuf *copy;
	char *ktype = NULL;

	if (ktypep != NULL)
		*ktypep = NULL;
	if ((copy = sshbuf_fromb(b)) == NULL) {
		ret = SSH_ERR_ALLOC_FAIL;
		goto out;
	}
	if (sshbuf_get_cstring(b, &ktype, NULL) != 0) {
		ret = SSH_ERR_INVALID_FORMAT;
		goto out;
	}
	if (ktypep != NULL) {
		*ktypep = ktype;
		ktype = NULL;
	}
	/* Success */
	ret = 0;
out:
	sshbuf_free(copy);
	free(ktype);
	return ret;
}

static int
cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
{
	struct sshbuf *principals = NULL, *crit = NULL;
	struct sshbuf *exts = NULL, *ca = NULL;
	u_char *sig = NULL;
	char *alg = NULL;
	size_t signed_len = 0, slen = 0, kidlen = 0;
	int ret = SSH_ERR_INTERNAL_ERROR;


		ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
		goto out;
	}
	if (!sshkey_ktype_from_blob(ca, &alg)) {
		ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
		goto out;
	}
	if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,
	    sshbuf_ptr(key->cert->certblob), signed_len, alg, 0)) != 0)
		goto out;

	/* Success */

	sshbuf_free(exts);
	sshbuf_free(principals);
	free(sig);
	free(alg);
	return ret;
}


int
sshkey_verify(const struct sshkey *key,
    const u_char *sig, size_t siglen,
    const u_char *data, size_t dlen, const char *alg, u_int compat)
{
	if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
		return SSH_ERR_INVALID_ARGUMENT;

# endif /* OPENSSL_HAS_ECC */
	case KEY_RSA_CERT:
	case KEY_RSA:
		return ssh_rsa_verify(key, sig, siglen, data, dlen, alg);
#endif /* WITH_OPENSSL */
	case KEY_ED25519:
	case KEY_ED25519_CERT:




int	 sshkey_sign(const struct sshkey *, u_char **, size_t *,
    const u_char *, size_t, const char *, u_int);
int	 sshkey_verify(const struct sshkey *, const u_char *, size_t,
    const u_char *, size_t, const char *, u_int);

/* for debug */
void	sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *);

    u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
    const char *ident);
int ssh_rsa_verify(const struct sshkey *key,
    const u_char *sig, size_t siglen, const u_char *data, size_t datalen,
    const char *alg);
int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
    const u_char *data, size_t datalen, u_int compat);
int ssh_dss_verify(const struct sshkey *key,
- 

Return to bug 2799

Lines 1735-1745 sshkey_from_private(const struct sshkey k, struct sshkey *pkp) Link Here

(-)a/sshkey.c (-3 / +38 lines)
1735	}	1735	}
1736		1736
1737	static int	1737	static int
		1738	sshkey_ktype_from_blob(struct sshbuf b, char *ktypep)
		1739	{
		1740	int ret = SSH_ERR_INTERNAL_ERROR;
		1741	struct sshbuf *copy;
		1742	char *ktype = NULL;
		1743
		1744	if (ktypep != NULL)
		1745	*ktypep = NULL;
		1746	if ((copy = sshbuf_fromb(b)) == NULL) {
		1747	ret = SSH_ERR_ALLOC_FAIL;
		1748	goto out;
		1749	}
		1750	if (sshbuf_get_cstring(b, &ktype, NULL) != 0) {
		1751	ret = SSH_ERR_INVALID_FORMAT;
		1752	goto out;
		1753	}
		1754	if (ktypep != NULL) {
		1755	*ktypep = ktype;
		1756	ktype = NULL;
		1757	}
		1758	/* Success */
		1759	ret = 0;
		1760	out:
		1761	sshbuf_free(copy);
		1762	free(ktype);
		1763	return ret;
		1764	}
		1765
		1766	static int
1738	cert_parse(struct sshbuf b, struct sshkey key, struct sshbuf *certbuf)	1767	cert_parse(struct sshbuf b, struct sshkey key, struct sshbuf *certbuf)
1739	{	1768	{
1740	struct sshbuf principals = NULL, crit = NULL;	1769	struct sshbuf principals = NULL, crit = NULL;
1741	struct sshbuf exts = NULL, ca = NULL;	1770	struct sshbuf exts = NULL, ca = NULL;
1742	u_char *sig = NULL;	1771	u_char *sig = NULL;
		1772	char *alg = NULL;
1743	size_t signed_len = 0, slen = 0, kidlen = 0;	1773	size_t signed_len = 0, slen = 0, kidlen = 0;
1744	int ret = SSH_ERR_INTERNAL_ERROR;	1774	int ret = SSH_ERR_INTERNAL_ERROR;
1745		1775
Lines 1842-1849 cert_parse(struct sshbuf b, struct sshkey key, struct sshbuf *certbuf) Link Here
1842	ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;	1872	ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
1843	goto out;	1873	goto out;
1844	}	1874	}
		1875	if (!sshkey_ktype_from_blob(ca, &alg)) {
		1876	ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
		1877	goto out;
		1878	}
1845	if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,	1879	if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,
1846	sshbuf_ptr(key->cert->certblob), signed_len, 0)) != 0)	1880	sshbuf_ptr(key->cert->certblob), signed_len, alg, 0)) != 0)
1847	goto out;	1881	goto out;
1848		1882
1849	/* Success */	1883	/* Success */
Lines 1854-1859 cert_parse(struct sshbuf b, struct sshkey key, struct sshbuf *certbuf) Link Here
1854	sshbuf_free(exts);	1888	sshbuf_free(exts);
1855	sshbuf_free(principals);	1889	sshbuf_free(principals);
1856	free(sig);	1890	free(sig);
		1891	free(alg);
1857	return ret;	1892	return ret;
1858	}	1893	}
1859		1894
Lines 2174-2180 sshkey_sign(const struct sshkey *key, Link Here
2174	int	2209	int
2175	sshkey_verify(const struct sshkey *key,	2210	sshkey_verify(const struct sshkey *key,
2176	const u_char *sig, size_t siglen,	2211	const u_char *sig, size_t siglen,
2177	const u_char *data, size_t dlen, u_int compat)	2212	const u_char data, size_t dlen, const char alg, u_int compat)
2178	{	2213	{
2179	if (siglen == 0 \|\| dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)	2214	if (siglen == 0 \|\| dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
2180	return SSH_ERR_INVALID_ARGUMENT;	2215	return SSH_ERR_INVALID_ARGUMENT;
Lines 2190-2196 sshkey_verify(const struct sshkey *key, Link Here
2190	# endif /* OPENSSL_HAS_ECC */	2225	# endif /* OPENSSL_HAS_ECC */
2191	case KEY_RSA_CERT:	2226	case KEY_RSA_CERT:
2192	case KEY_RSA:	2227	case KEY_RSA:
2193	return ssh_rsa_verify(key, sig, siglen, data, dlen);	2228	return ssh_rsa_verify(key, sig, siglen, data, dlen, alg);
2194	#endif /* WITH_OPENSSL */	2229	#endif /* WITH_OPENSSL */
2195	case KEY_ED25519:	2230	case KEY_ED25519:
2196	case KEY_ED25519_CERT:	2231	case KEY_ED25519_CERT:

Lines 1359-1370 mm_answer_keyverify(int sock, struct sshbuf *m) Link Here

(-)a/monitor.c (-2 / +4 lines)
1359	{	1359	{
1360	struct sshkey *key;	1360	struct sshkey *key;
1361	u_char signature, data, *blob;	1361	u_char signature, data, *blob;
		1362	char *alg;
1362	size_t signaturelen, datalen, bloblen;	1363	size_t signaturelen, datalen, bloblen;
1363	int r, ret, valid_data = 0, encoded_ret;	1364	int r, ret, valid_data = 0, encoded_ret;
1364		1365
1365	if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 \|\|	1366	if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 \|\|
1366	(r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 \|\|	1367	(r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 \|\|
1367	(r = sshbuf_get_string(m, &data, &datalen)) != 0)	1368	(r = sshbuf_get_string(m, &data, &datalen)) != 0 \|\|
		1369	(r = sshbuf_get_cstring(m, &alg, NULL)) != 0)
1368	fatal("%s: buffer error: %s", __func__, ssh_err(r));	1370	fatal("%s: buffer error: %s", __func__, ssh_err(r));
1369		1371
1370	if (hostbased_cuser == NULL \|\| hostbased_chost == NULL \|\|	1372	if (hostbased_cuser == NULL \|\| hostbased_chost == NULL \|\|
Lines 1393-1399 mm_answer_keyverify(int sock, struct sshbuf *m) Link Here
1393	fatal("%s: bad signature data blob", __func__);	1395	fatal("%s: bad signature data blob", __func__);
1394		1396
1395	ret = sshkey_verify(key, signature, signaturelen, data, datalen,	1397	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
1396	active_state->compat);	1398	alg, active_state->compat);
1397	debug3("%s: %s %p signature %s", __func__, auth_method, key,	1399	debug3("%s: %s %p signature %s", __func__, auth_method, key,
1398	(ret == 0) ? "verified" : "unverified");	1400	(ret == 0) ? "verified" : "unverified");
1399	auth2_record_key(authctxt, ret == 0, key);	1401	auth2_record_key(authctxt, ret == 0, key);

Lines 179-185 int sshkey_sigtype(const u_char , size_t, char *); Link Here

(-)a/sshkey.h (-3 / +3 lines)
179	int sshkey_sign(const struct sshkey , u_char , size_t ,	179	int sshkey_sign(const struct sshkey , u_char , size_t ,
180	const u_char , size_t, const char , u_int);	180	const u_char , size_t, const char , u_int);
181	int sshkey_verify(const struct sshkey , const u_char , size_t,	181	int sshkey_verify(const struct sshkey , const u_char , size_t,
182	const u_char *, size_t, u_int);	182	const u_char , size_t, const char , u_int);
183		183
184	/* for debug */	184	/* for debug */
185	void sshkey_dump_ec_point(const EC_GROUP , const EC_POINT );	185	void sshkey_dump_ec_point(const EC_GROUP , const EC_POINT );
Lines 206-212 int ssh_rsa_sign(const struct sshkey *key, Link Here
206	u_char *sigp, size_t lenp, const u_char *data, size_t datalen,	206	u_char *sigp, size_t lenp, const u_char *data, size_t datalen,
207	const char *ident);	207	const char *ident);
208	int ssh_rsa_verify(const struct sshkey *key,	208	int ssh_rsa_verify(const struct sshkey *key,
209	const u_char sig, size_t siglen, const u_char data, size_t datalen);	209	const u_char sig, size_t siglen, const u_char data, size_t datalen,
		210	const char *alg);
210	int ssh_dss_sign(const struct sshkey key, u_char sigp, size_t lenp,	211	int ssh_dss_sign(const struct sshkey key, u_char sigp, size_t lenp,
211	const u_char *data, size_t datalen, u_int compat);	212	const u_char *data, size_t datalen, u_int compat);
212	int ssh_dss_verify(const struct sshkey *key,	213	int ssh_dss_verify(const struct sshkey *key,
213	-