shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-06-11 12:56:21 +09:00
Code Issues Packages Projects Releases Wiki Activity

dh: Validate peer public key

Browse Source 
The RFC 4253, Section 8 says that the

   Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
   sent or accepted by either side.  If this condition is violated, the
   key exchange fails.

Originally reported by Oren Yomtov

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Aris Adamantiadis <aris@0xbadc0de.be>
This commit is contained in:
Jakub Jelen
2026-03-17 13:47:01 +01:00
parent 44b186fa17
commit d8ccda1d6f
1 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/dh_key.c
View File

@@ -171,6 +171,32 @@ int ssh_dh_keypair_set_keys(struct dh_ctx *ctx, int peer,
ctx->keypair[peer].priv_key = priv;
}
if (pub) {
int rc;
bignum one = bignum_new();
bignum pmin1 = bignum_new();
if (one == NULL || pmin1 == NULL) {
bignum_safe_free(one);
bignum_safe_free(pmin1);
return SSH_ERROR;
}
rc = bignum_set_word(one, 1);
if (rc != 1) {
bignum_safe_free(one);
bignum_safe_free(pmin1);
return SSH_ERROR;
}
bignum_sub(pmin1, ctx->modulus, one);
/* Validate the peer public key `x` is 1 < x < (modulus - 1) */
if (bignum_cmp(pub, one) <= 0 ||
bignum_cmp(pub, pmin1) >= 0) {
bignum_safe_free(one);
bignum_safe_free(pmin1);
return SSH_ERROR;
}
bignum_safe_free(one);
bignum_safe_free(pmin1);
bignum_safe_free(ctx->keypair[peer].pub_key);
ctx->keypair[peer].pub_key = pub;
}