Hi,
I have got the problem that a client that periodically connects
to a dropbear server occasionally fails to authenticate as the
size check in buf_rsa_verify() fails (slen is 127 vs. 128 as
calculated from n).
if (slen != (unsigned int)mp_unsigned_bin_size(key->n)) {
TRACE(("bad size"))
goto out;
}
Removing the check I can see that the user can be authenticated.
After stepping a bit into the topic it seems to me like the following
issue that was solved for OpenSSH. Also this client only faces the
problem when connecting to a dropbear server.
<http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed
.html>
At the moment I am not sure whether this check is stricter than
the requirements stated in the RFCs. Any suggestions?
Regards,
Christian
