rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA* key)
{
char *inbuf, *outbuf;
- int in_len;
- int out_len;
- int len;
+ int len, ilen, olen;
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
fatal("rsa_public_encrypt() exponent too small or not odd");
- out_len = BN_num_bytes(key->n);
- outbuf = xmalloc(out_len);
+ olen = BN_num_bytes(key->n);
+ outbuf = xmalloc(olen);
- in_len = BN_num_bytes(in);
- inbuf = xmalloc(in_len);
+ ilen = BN_num_bytes(in);
+ inbuf = xmalloc(ilen);
BN_bn2bin(in, inbuf);
- if ((len = RSA_public_encrypt(in_len, inbuf, outbuf, key,
+ if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key,
RSA_PKCS1_PADDING)) <= 0)
fatal("rsa_public_encrypt() failed");
BN_bin2bn(outbuf, len, out);
- memset(outbuf, 0, out_len);
- memset(inbuf, 0, in_len);
+ memset(outbuf, 0, olen);
+ memset(inbuf, 0, ilen);
xfree(outbuf);
xfree(inbuf);
}
rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
{
char *inbuf, *outbuf;
- int in_len;
- int out_len;
- int len;
+ int len, ilen, olen;
- out_len = BN_num_bytes(key->n);
- outbuf = xmalloc(out_len);
+ olen = BN_num_bytes(key->n);
+ outbuf = xmalloc(olen);
- in_len = BN_num_bytes(in);
- inbuf = xmalloc(in_len);
+ ilen = BN_num_bytes(in);
+ inbuf = xmalloc(ilen);
BN_bn2bin(in, inbuf);
- if ((len = RSA_private_decrypt(in_len, inbuf, outbuf, key,
+ if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key,
RSA_SSLV23_PADDING)) <= 0)
fatal("rsa_private_decrypt() failed");
BN_bin2bn(outbuf, len, out);
- memset(outbuf, 0, out_len);
- memset(inbuf, 0, in_len);
+ memset(outbuf, 0, olen);
+ memset(inbuf, 0, ilen);
xfree(outbuf);
xfree(inbuf);
}
BIGNUM *key;
RSA *host_key, *file_key;
RSA *public_key;
+ int bits, rbits;
unsigned char session_key[SSH_SESSION_KEY_LENGTH];
const char *server_user, *local_user;
char *cp, *host, *ip = NULL;
/* Get the public key. */
public_key = RSA_new();
- packet_get_int(); /* bits */
+ bits = packet_get_int(); /* bits */
public_key->e = BN_new();
packet_get_bignum(public_key->e, &clen);
sum_len += clen;
packet_get_bignum(public_key->n, &clen);
sum_len += clen;
+ rbits = BN_num_bits(public_key->n);
+ if (bits != rbits) {
+ log("Warning: Server lies about size of server public key,");
+ log("Warning: this may be due to an old implementation of ssh.");
+ log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits);
+ }
+
/* Get the host key. */
host_key = RSA_new();
- packet_get_int(); /* bits */
+ bits = packet_get_int(); /* bits */
host_key->e = BN_new();
packet_get_bignum(host_key->e, &clen);
sum_len += clen;
packet_get_bignum(host_key->n, &clen);
sum_len += clen;
+ rbits = BN_num_bits(host_key->n);
+ if (bits != rbits) {
+ log("Warning: Server lies about size of server host key,");
+ log("Warning: this may be due to an old implementation of ssh.");
+ log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits);
+ }
+
/* Store the host key from the known host file in here
* so that we can compare it with the key for the IP
* address. */