Upgrade to caddy v2.10.0

1 files changed, 7 insertions, 13 deletions

diff --git a/vendor/go.step.sm/crypto/sshutil/sshutil.go b/vendor/go.step.sm/crypto/sshutil/sshutil.go
index b21ff65..c309c2d 100644
--- a/vendor/go.step.sm/crypto/sshutil/sshutil.go
+++ b/vendor/go.step.sm/crypto/sshutil/sshutil.go
@@ -2,14 +2,12 @@ package sshutil
 
 import (
 	"crypto"
-	"crypto/dsa" // support for DSA fingerprints
-	"crypto/ecdh"
+	"crypto/dsa" //nolint:staticcheck // support for DSA fingerprints
 	"crypto/ecdsa"
 	"crypto/ed25519"
 	"crypto/elliptic"
 	"crypto/rsa"
 	"fmt"
-	"math/big"
 
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/agent"
@@ -50,17 +48,13 @@ func cryptoSKPublicKey(pub ssh.PublicKey) (crypto.PublicKey, error) {
 		if err := ssh.Unmarshal(pub.Marshal(), &w); err != nil {
 			return nil, err
 		}
-
-		p, err := ecdh.P256().NewPublicKey(w.Key)
-		if err != nil {
-			return nil, fmt.Errorf("failed decoding ECDSA key: %w", err)
+		key := new(ecdsa.PublicKey)
+		key.Curve = elliptic.P256()
+		key.X, key.Y = elliptic.Unmarshal(key.Curve, w.Key)
+		if key.X == nil || key.Y == nil {
+			return nil, fmt.Errorf("invalid curve point")
 		}
-
-		return &ecdsa.PublicKey{
-			Curve: elliptic.P256(),
-			X:     big.NewInt(0).SetBytes(p.Bytes()[1:33]),
-			Y:     big.NewInt(0).SetBytes(p.Bytes()[33:]),
-		}, nil
+		return key, nil
 	case "sk-ssh-ed25519@openssh.com":
 		var w struct {
 			Name        string