diff options
| author | Jon Simons <jon@jonsimons.org> | 2014-01-19 16:37:57 -0800 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2014-01-21 16:12:00 +0100 |
| commit | 92dde09a37f6eb35839fb26b36093ddc05439ed7 (patch) | |
| tree | 732baf754ccef6361efd2ff0f9ef053e52efcdbe /include/libssh/libssh.h | |
| parent | 809d76cbf2ae509c6a29fd491e81a92827a85f25 (diff) | |
pki_crypto: pad RSA signature blobs
Pad RSA signature blobs to the expected RSA signature length
when processing via 'pki_signature_to_blob'.
Some clients, notably PuTTY, may send unpadded RSA signatures
during the public key exchange: before this change, one can
sometimes observe failure in signature validation when using
PuTTY's 'plink' client, along these lines:
ssh_packet_process: ssh_packet_process: Dispatching handler for packet type 50
ssh_packet_userauth_request: ssh_packet_userauth_request: Auth request for service ssh-connection, method publickey for user 'foo'
ssh_pki_signature_verify_blob: ssh_pki_signature_verify_blob: Going to verify a ssh-rsa type signature
pki_signature_verify: pki_signature_verify: RSA error: error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature length
ssh_packet_userauth_request: ssh_packet_userauth_request: Received an invalid signature from peer
For cross-reference this issue once also existed between
PuTTY and OpenSSH:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed.html
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c?rev=1.19;content-type=text%2Fx-cvsweb-markup
With the fix I am unable to reproduce the above failure mode when
testing with 'plink'.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include/libssh/libssh.h')
0 files changed, 0 insertions, 0 deletions