diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2020-04-08 00:06:00 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2020-04-08 00:06:00 +0000 |
| commit | 4a38a41d4ad881851fbce28cb3c2b14b44a1b2f0 (patch) | |
| tree | 62e2fc07b002c1d918ae8d971f0c4297e6fdde82 /usr.bin/ssh | |
| parent | 05e394fdf4f9f7ac95ecd133c7bafdd252749e31 (diff) | |
check private key type against requested key type in new-style private
decoding; ok markus@
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/sshkey.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index 1bc794e49e0..51562200355 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.104 2020/04/08 00:04:32 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.105 2020/04/08 00:05:59 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -4271,6 +4271,12 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, &decrypted, &pubkey)) != 0) goto out; + if (type != KEY_UNSPEC && + sshkey_type_plain(type) != sshkey_type_plain(pubkey->type)) { + r = SSH_ERR_KEY_TYPE_MISMATCH; + goto out; + } + /* Load the private key and comment */ if ((r = sshkey_private_deserialize(decrypted, &k)) != 0 || (r = sshbuf_get_cstring(decrypted, &comment, NULL)) != 0) |