octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-11 08:10:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

SSH2: neither of the DSA signature values should be 0

Browse Source
This commit is contained in:
terrafrost 2013-08-31 00:22:47 -05:00
parent ebb1d53af5
commit 24a06eeff3
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpseclib/Net/SSH2.php
View File

@ -3339,6 +3339,8 @@ class Net_SSH2 {
switch ($this->signature_format) {
case 'ssh-dss':
$zero = new Math_BigInteger();
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
$p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
@ -3363,9 +3365,13 @@ class Net_SSH2 {
$r = new Math_BigInteger($this->_string_shift($signature, 20), 256);
$s = new Math_BigInteger($this->_string_shift($signature, 20), 256);
if ($r->compare($q) >= 0 || $s->compare($q) >= 0) {
user_error('Invalid signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
switch (true) {
case $r->equals($zero):
case $r->compare($q) >= 0:
case $s->equals($zero):
case $s->compare($q) >= 0:
user_error('Invalid signature');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
$w = $s->modInverse($q);