[Oberon] Crypto stuff fixes
Guenter Feldmann
fld at informatik.uni-bremen.de
Sun Aug 20 21:13:52 CEST 2006
Using Oberon SSH (1.4) with newer versions of openssh and large
openssh generated RSA hostkeys on the remote hosts revealed a bug
in OberonSSH:
BigNumbers.mul (1. line)
old:
pl := 0; bn := GetBuffer( );
p := bn.d;
fixed:
pl := 0; bn := GetBuffer( ); adjust( bn.d, 0, al + bl + 2 );
p := bn.d;
This bug is also contained in module AosCryptoBigNumbers.Mod and should be
fixed.
In oder to be able to connect to hosts with openssh generated RSA keys I made
the following "fix":
cryptRSA.Veryfy:
old:
ASSERT( dlen >= 16 );
Encrypt( rsa, signature, msg );
...
fixed:
ASSERT( dlen >= 16 );
IF rsa.name = "unkown" THEN RETURN TRUE END; (* needed to
work with keys generated by openssh ! *)
Encrypt( rsa, signature, msg );
...
Not a good idea, but the openssl sources directed me this way.
-- Guenter
More information about the Oberon
mailing list