openssl: DSA: don't hardcode expected signature size

The default value of the Q parameters for DSA keys changed in Ruby OpenSSL 3.0.0, and that causes DSA signatures to be longer by default. This change might have been accidental, and this may be reverted; see https://github.com/ruby/openssl/issues/483 This changes the check for the signature length to not be against a hardcoded expected lenght, but against the expected length as calculated from the Q parameter.
author: Antonio Terceiro <asa@terceiro.xyz> 2022-02-21 11:58:23 -0300
committer: Florian Wininger <fw.centrale@gmail.com> 2022-04-12 11:34:36 +0200
commit: 23a15cc8c77097ca15b0b11f131d4f4613b6e48e (patch)
tree: 1177a778f330dbaa76d39a5090a9d7b314dc8766
parent: 7eeedd22c112e7bd84738da851553c2c1b4dcc99 (diff)
download: net-ssh-23a15cc8c77097ca15b0b11f131d4f4613b6e48e.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/net/ssh/transport/openssl.rb b/lib/net/ssh/transport/openssl.rb
index 1c23651..a398326 100644
--- a/lib/net/ssh/transport/openssl.rb
+++ b/lib/net/ssh/transport/openssl.rb
@@ -124,7 +124,8 @@ module OpenSSL
         sig_r = a1sig.value[0].value.to_s(2)
         sig_s = a1sig.value[1].value.to_s(2)
 
-        raise OpenSSL::PKey::DSAError, "bad sig size" if sig_r.length > 20 || sig_s.length > 20
+        sig_size = params["q"].num_bits / 8
+        raise OpenSSL::PKey::DSAError, "bad sig size" if sig_r.length > sig_size || sig_s.length > sig_size
 
         sig_r = "\0" * (20 - sig_r.length) + sig_r if sig_r.length < 20
         sig_s = "\0" * (20 - sig_s.length) + sig_s if sig_s.length < 20
author	Antonio Terceiro <asa@terceiro.xyz>	2022-02-21 11:58:23 -0300
committer	Florian Wininger <fw.centrale@gmail.com>	2022-04-12 11:34:36 +0200
commit	23a15cc8c77097ca15b0b11f131d4f4613b6e48e (patch)
tree	1177a778f330dbaa76d39a5090a9d7b314dc8766
parent	7eeedd22c112e7bd84738da851553c2c1b4dcc99 (diff)
download	net-ssh-23a15cc8c77097ca15b0b11f131d4f4613b6e48e.tar.gz