summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshkey.c
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2016-10-04 21:34:41 +0000
committerDamien Miller <djm@cvs.openbsd.org>2016-10-04 21:34:41 +0000
commitf0bb84136ee684280126a520cc438cd8844d5f9a (patch)
tree19ebcec4ceceeb1cc962f6c3841b054f4d7e107e /usr.bin/ssh/sshkey.c
parent8e93166158e655bbf69cf8ba6f73dce4a35b34e2 (diff)
add a comment about implicitly-expected checks to
sshkey_ec_validate_public()
Diffstat (limited to 'usr.bin/ssh/sshkey.c')
-rw-r--r--usr.bin/ssh/sshkey.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c
index eaaeaddbca2..e6c64ae05e2 100644
--- a/usr.bin/ssh/sshkey.c
+++ b/usr.bin/ssh/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.39 2016/09/26 21:16:11 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.40 2016/10/04 21:34:40 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -2814,6 +2814,14 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
BIGNUM *order, *x, *y, *tmp;
int ret = SSH_ERR_KEY_INVALID_EC_VALUE;
+ /*
+ * NB. This assumes OpenSSL has already verified that the public
+ * point lies on the curve. This is done by EC_POINT_oct2point()
+ * implicitly calling EC_POINT_is_on_curve(). If this code is ever
+ * reachable with public points not unmarshalled using
+ * EC_POINT_oct2point then the caller will need to explicitly check.
+ */
+
if ((bnctx = BN_CTX_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
BN_CTX_start(bnctx);