Hi, Kamil Dudka wrote: > occasional failure of curl test suite,
Kamil and I debugged this and found that signature verification failed on the server even though the hash that was signed respectively verified was identical. I looked further and I have just pushed a fix for the problem. Could someone please close the tracker item? - Log ----------------------------------------------------------------- commit 1aba38cd7d2658146675ce1737e5090f879f3068 Author: Peter Stuge <[email protected]> Commit: Peter Stuge <[email protected]> Fix padding in ssh-dss signature blob encoding DSA signatures consist of two 160-bit integers called r and s. In ssh-dss signature blobs r and s are stored directly after each other in binary representation, making up a 320-bit (40 byte) string. (See RFC4253 p14.) The crypto wrappers in libssh2 would either pack r and s incorrectly, or fail, when at least one integer was small enough to be stored in 19 bytes or less. The patch ensures that r and s are always stored as two 160 bit numbers. ----------------------------------------------------------------------- Summary of changes: src/libgcrypt.c | 30 ++++++------------------------ src/openssl.c | 15 ++++++++++----- 2 files changed, 16 insertions(+), 29 deletions(-) //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
