Comments (4)
mback2k
commented on July 22, 2024
Thanks for your report. To me it looks like the public DSA key cannot be imported by BCryptImportKeyPair and hostkey_method_ssh_dss_init does not validate the return value of _libssh2_dsa_new/_libssh2_wincng_dsa_new. Can you confirm that the public DSA key is a valid DSA key and should be importable by WinCNG?
from libssh2.
dimmaq
commented on July 22, 2024
Host key is big.
Host key fingerprint is:
ssh-dss 2048 fb:b0:3d:28:09:d4:1d:32:64:e4:ec:f4:50:63:46:cf
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375472(v=vs.85).aspx
BCRYPT_DSA_KEY_BLOB is used for key lengths from 512 to 1024 bits.
from libssh2.
mback2k
commented on July 22, 2024
So, the crash is fixed, but the WinCNG backend does not support DSS key length > 1024 bit yet.
from libssh2.
mback2k
commented on July 22, 2024
It seems like q is 21 bytes long and p (modulus) is 257 bytes long, because they are prefixed with a zero byte. Generator g and public y are both 256 bytes long and would fit the BCRYPT_DSA_KEY_BLOB structure. I will try to add support for BCRYPT_DSA_KEY_BLOB_V2.
from libssh2.
Related Issues (20)
- (question) when is the terrapin fix going to be released? HOT 1
- libssh2 in PHP: how can I check the supported ciphers and mac algorithms HOT 1
- compilation error with cmake, without passing -DENABLE_ZLIB_COMPRESSION=ON HOT 2
- Unused code setting channel ignore mode HOT 3
- After running this code, the memory usage continuously spikes. What could be the reason? libssh2-1.10.0 HOT 9
- KEX extension indicators are lost in libssh2_session_method_pref() HOT 3
- libssh2 tests are failing HOT 1
- Encrypt-then-MAC feature should be tested in remote end's configuration when receiving data
- Fix AIX build HOT 1
- SFTP failed with the error -41 working with Openssl HOT 9
- libssh2_session_handshake() hangs HOT 3
- libssh2_session_handshake LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE HOT 6
- Key exchange issue on Debian 12 (Bookworm) HOT 4
- LIBSSH2_ERROR_EAGAIN ambiguity HOT 2
- Instable connections in case of SSH transfers over nonblocking sockets HOT 7
- IPV6 format & host key validation with known_hosts file
- Memory leak in _libssh2_transport_read HOT 2
- MAXPATHLEN not defined on hurd systems HOT 4
- CMakeLists defines hidden in C flags, but doesn't define LIBSSH2_API to unhide them HOT 4
- The function "agent_sign" seems to always return ERROR HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libssh2.