From 9375f594c22617ac543aa04b0f46e8ee4a36f5c0 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 26 May 2018 18:00:23 +0100 Subject: [PATCH] Pageant: verify SSH-1 RSA keys before accepting them. In Friday's testing of the BinarySink work, I noticed that if you accidentally add a mathematically invalid RSA1 key to Pageant, it will accept it, getting into a state where it can fail assertions when asked to use the key later. Added a call to rsa_verify(), triggering an SSH_AGENT_FAILURE response if it doesn't agree the key is good. --- pageant.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pageant.c b/pageant.c index dcee20c6..2a62dfd0 100644 --- a/pageant.c +++ b/pageant.c @@ -487,6 +487,11 @@ void pageant_handle_msg(BinarySink *bs, goto add1_cleanup; } + if (!rsa_verify(key)) { + pageant_failure_msg(bs, "key is invalid", logctx, logfn); + goto add1_cleanup; + } + comment = snewn(commentlen+1, char); if (comment) { memcpy(comment, p + 4, commentlen);