- djm@cvs.openbsd.org 2010/09/09 10:45:45

     [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
     ECDH/ECDSA compliance fix: these methods vary the hash function they use
     (SHA256/384/512) depending on the length of the curve in use. The previous
     code incorrectly used SHA256 in all cases.

     This fix will cause authentication failure when using 384 or 521-bit curve
     keys if one peer hasn't been upgraded and the other has. (256-bit curve
     keys work ok). In particular you may need to specify HostkeyAlgorithms
     when connecting to a server that has not been upgraded from an upgraded
     client.

     ok naddy@

1 files changed, 3 insertions, 1 deletions

diff --git a/key.h b/key.h
index 2eb12436..ba1a20c0 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.h,v 1.31 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: key.h,v 1.32 2010/09/09 10:45:45 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -112,8 +112,10 @@ int	 key_cert_is_legacy(Key *);
 int		 key_ecdsa_nid_from_name(const char *);
 int		 key_curve_name_to_nid(const char *);
 const char *	 key_curve_nid_to_name(int);
+u_int		 key_curve_nid_to_bits(int);
 int		 key_ecdsa_bits_to_nid(int);
 int		 key_ecdsa_group_to_nid(const EC_GROUP *);
+const EVP_MD *	 key_ec_nid_to_evpmd(int nid);
 int		 key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
 int		 key_ec_validate_private(const EC_KEY *);