GitHub user jonnyzzz opened a pull request:
https://github.com/apache/mina-sshd/pull/24
SSHD-642
Check expected signature length and add missing zeroes if needed.
Tests is also added
It turned out Bouncy Castle does not fail if signature size is less than
public key modulus size
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/jonnyzzz/mina-sshd master
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/mina-sshd/pull/24.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #24
----
commit bf1213fc502275a9fac779a06c3a459256726d48
Author: Eugene Petrenko <[email protected]>
Date: 2016-02-12T23:19:54Z
extract #doInitSignature protected helper
commit 706dbc561a165694edad9082927738364a74d9c4
Author: Eugene Petrenko <[email protected]>
Date: 2016-02-12T23:26:51Z
SSHD-642. Addede tests to reproduce the issue
commit 1ae4258a4779a30f1d51df9ab447ee60496bded4
Author: Eugene Petrenko <[email protected]>
Date: 2016-02-12T23:52:12Z
include leading zeroes. SSHD-642 is fixed
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
