mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-11-11 08:10:58 +00:00
SSH2: rsa-sha2-256 and rsa-sha2-512 sigs weren't verifying
This commit is contained in:
parent
7c000843ab
commit
decbde4f5d
@ -4968,12 +4968,10 @@ class SSH2
|
||||
case 'ssh-rsa':
|
||||
case 'rsa-sha2-256':
|
||||
case 'rsa-sha2-512':
|
||||
if (strlen($signature) < 15) {
|
||||
return false;
|
||||
}
|
||||
Strings::shift($signature, 11);
|
||||
$temp = unpack('Nlength', Strings::shift($signature, 4));
|
||||
$signature = Strings::shift($signature, $temp['length']);
|
||||
// could be ssh-rsa, rsa-sha2-256, rsa-sha2-512
|
||||
// we don't check here because we already checked in key_exchange
|
||||
// some signatures have the type embedded within the message and some don't
|
||||
Strings::unpackSSH2('s', $signature);
|
||||
|
||||
$key = RSA::loadFormat('OpenSSH', $server_public_host_key)
|
||||
->withPadding(RSA::SIGNATURE_PKCS1);
|
||||
|
Loading…
Reference in New Issue
Block a user