mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-11-11 08:10:58 +00:00
SSH2: fix issues with RSA key verification
Sometimes SSH servers will null pad their RSA keys. this null padding broke Net/SSH2.php's RSA implementation (Crypt/RSA.php's implementation works just fine). Also, the -3 was counting the initial "\0" of $h twice so adjust it to -2.
This commit is contained in:
parent
e63fe3fbdf
commit
3eac2582d6
@ -77,7 +77,7 @@ define('NET_SSH2_MASK_CONNECTED', 0x00000002);
|
|||||||
define('NET_SSH2_MASK_LOGIN_REQ', 0x00000004);
|
define('NET_SSH2_MASK_LOGIN_REQ', 0x00000004);
|
||||||
define('NET_SSH2_MASK_LOGIN', 0x00000008);
|
define('NET_SSH2_MASK_LOGIN', 0x00000008);
|
||||||
define('NET_SSH2_MASK_SHELL', 0x00000010);
|
define('NET_SSH2_MASK_SHELL', 0x00000010);
|
||||||
define('NET_SSH2_MASK_WINDOW_ADJUST', 0X00000020);
|
define('NET_SSH2_MASK_WINDOW_ADJUST', 0x00000020);
|
||||||
/**#@-*/
|
/**#@-*/
|
||||||
|
|
||||||
/**#@+
|
/**#@+
|
||||||
@ -3769,8 +3769,9 @@ class Net_SSH2
|
|||||||
$e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
||||||
|
|
||||||
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
||||||
$n = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
$rawN = $this->_string_shift($server_public_host_key, $temp['length']);
|
||||||
$nLength = $temp['length'];
|
$n = new Math_BigInteger($rawN, -256);
|
||||||
|
$nLength = strlen(ltrim($rawN, "\0"));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
||||||
@ -3807,7 +3808,7 @@ class Net_SSH2
|
|||||||
$s = $s->toBytes();
|
$s = $s->toBytes();
|
||||||
|
|
||||||
$h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash));
|
$h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash));
|
||||||
$h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 3 - strlen($h)) . $h;
|
$h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 2 - strlen($h)) . $h;
|
||||||
|
|
||||||
if ($s != $h) {
|
if ($s != $h) {
|
||||||
user_error('Bad server signature');
|
user_error('Bad server signature');
|
||||||
|
Loading…
Reference in New Issue
Block a user