add a comment about implicitly-expected checks to

sshkey_ec_validate_public()
author: djm <djm@openbsd.org> 2016-10-04 21:34:40 +0000
committer: djm <djm@openbsd.org> 2016-10-04 21:34:40 +0000
commit: 2959d888130c9de811602bdb8c46c8a4ae91152b (patch)
tree: 206974320304b7dabfdf2f033b96ae2664da9205 /usr.bin/ssh/sshkey.c
parent: Improve description of the noperm option. (diff)
download: wireguard-openbsd-2959d888130c9de811602bdb8c46c8a4ae91152b.tar.xz
wireguard-openbsd-2959d888130c9de811602bdb8c46c8a4ae91152b.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c
index eaaeaddbca2..e6c64ae05e2 100644
--- a/usr.bin/ssh/sshkey.c
+++ b/usr.bin/ssh/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.39 2016/09/26 21:16:11 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.40 2016/10/04 21:34:40 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2814,6 +2814,14 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
 	BIGNUM *order, *x, *y, *tmp;
 	int ret = SSH_ERR_KEY_INVALID_EC_VALUE;
 
+	/*
+	 * NB. This assumes OpenSSL has already verified that the public
+	 * point lies on the curve. This is done by EC_POINT_oct2point()
+	 * implicitly calling EC_POINT_is_on_curve(). If this code is ever
+	 * reachable with public points not unmarshalled using
+	 * EC_POINT_oct2point then the caller will need to explicitly check.
+	 */
+
 	if ((bnctx = BN_CTX_new()) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
 	BN_CTX_start(bnctx);
author	djm <djm@openbsd.org>	2016-10-04 21:34:40 +0000
committer	djm <djm@openbsd.org>	2016-10-04 21:34:40 +0000
commit	2959d888130c9de811602bdb8c46c8a4ae91152b (patch)
tree	206974320304b7dabfdf2f033b96ae2664da9205 /usr.bin/ssh/sshkey.c
parent	Improve description of the noperm option. (diff)
download	wireguard-openbsd-2959d888130c9de811602bdb8c46c8a4ae91152b.tar.xz wireguard-openbsd-2959d888130c9de811602bdb8c46c8a4ae91152b.zip