From 252c6ec68d06404ade64daf3cff63c401a12fd80 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 2 Jun 2013 16:54:02 +0200 Subject: [PATCH 1/2] [fix-weak-ssh-dh-keys] $keyLength is in bytes. Do not compare to 160 bits. --- phpseclib/Net/SSH2.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index bd676dc3..bb75fc2d 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1167,7 +1167,7 @@ class Net_SSH2 { '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'); - $keyLength = $keyLength < 160 ? $keyLength : 160; + $keyLength = $keyLength < 20 ? $keyLength : 20; $hash = 'sha1'; break; // see http://tools.ietf.org/html/rfc3526#section-3 @@ -1180,7 +1180,7 @@ class Net_SSH2 { '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'); - $keyLength = $keyLength < 160 ? $keyLength : 160; + $keyLength = $keyLength < 20 ? $keyLength : 20; $hash = 'sha1'; } From 1733c3366c2ff81bef8ba9139075607732cc0478 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 2 Jun 2013 16:55:19 +0200 Subject: [PATCH 2/2] [fix-weak-ssh-dh-keys] bitwise_leftShift() expects number of bits, not bytes. --- phpseclib/Net/SSH2.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index bb75fc2d..aa87e06d 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -1195,7 +1195,7 @@ class Net_SSH2 { -- http://tools.ietf.org/html/rfc4419#section-6.2 */ $q = new Math_BigInteger(1); - $q = $q->bitwise_leftShift(2 * $keyLength); + $q = $q->bitwise_leftShift(16 * $keyLength); // 2 * 8 * $keyLength $q = $q->subtract(new Math_BigInteger(1)); $g = new Math_BigInteger(2);