diff options
| author | Jon Simons <jon@jonsimons.org> | 2014-01-19 16:37:57 -0800 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2014-01-21 16:11:12 +0100 |
| commit | 465816f4a0ad194394342f579da55b84a9a3ca60 (patch) | |
| tree | 621bfa711e5bfc0e715c0fc247c4083464fbd75f /include/libssh/string.h | |
| parent | 9fff70fa4179171a532da6c52910c51b90cc7fe5 (diff) | |
| download | libssh-465816f4a0ad194394342f579da55b84a9a3ca60.tar.gz libssh-465816f4a0ad194394342f579da55b84a9a3ca60.tar.xz libssh-465816f4a0ad194394342f579da55b84a9a3ca60.zip | |
pki_crypto: pad RSA signature blobs
Pad RSA signature blobs to the expected RSA signature length
when processing via 'pki_signature_to_blob'.
Some clients, notably PuTTY, may send unpadded RSA signatures
during the public key exchange: before this change, one can
sometimes observe failure in signature validation when using
PuTTY's 'plink' client, along these lines:
ssh_packet_process: ssh_packet_process: Dispatching handler for packet type 50
ssh_packet_userauth_request: ssh_packet_userauth_request: Auth request for service ssh-connection, method publickey for user 'foo'
ssh_pki_signature_verify_blob: ssh_pki_signature_verify_blob: Going to verify a ssh-rsa type signature
pki_signature_verify: pki_signature_verify: RSA error: error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature length
ssh_packet_userauth_request: ssh_packet_userauth_request: Received an invalid signature from peer
For cross-reference this issue once also existed between
PuTTY and OpenSSH:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed.html
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c?rev=1.19;content-type=text%2Fx-cvsweb-markup
With the fix I am unable to reproduce the above failure mode when
testing with 'plink'.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'include/libssh/string.h')
0 files changed, 0 insertions, 0 deletions