From 83f2fe26cb19330712c952eddbd3c0b621674adc Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 29 Dec 2013 17:48:38 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2013/12/29 02:28:10 [key.c] allow ed25519 keys to appear as certificate authorities --- ChangeLog | 3 +++ key.c | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index fe048ae51..3a541c8ee 100644 --- a/ChangeLog +++ b/ChangeLog @@ -43,6 +43,9 @@ - djm@cvs.openbsd.org 2013/12/27 22:37:18 [ssh-rsa.c] correct comment + - djm@cvs.openbsd.org 2013/12/29 02:28:10 + [key.c] + allow ed25519 keys to appear as certificate authorities 20131221 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. diff --git a/key.c b/key.c index 814f9a001..ec40cb152 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.110 2013/12/07 00:19:15 djm Exp $ */ +/* $OpenBSD: key.c,v 1.111 2013/12/29 02:28:10 djm Exp $ */ /* * read_bignum(): * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1481,7 +1481,8 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) } if (key->cert->signature_key->type != KEY_RSA && key->cert->signature_key->type != KEY_DSA && - key->cert->signature_key->type != KEY_ECDSA) { + key->cert->signature_key->type != KEY_ECDSA && + key->cert->signature_key->type != KEY_ED25519) { error("%s: Invalid signature key type %s (%d)", __func__, key_type(key->cert->signature_key), key->cert->signature_key->type); -- 2.47.3