[project @ Arch-1:robey@lag.net--2005-master-shake%paramiko--dev--1--patch-66]

fix a test that failed once: the encoding of R or S in dss signatures might not always be exactly 20 bytes
author: Robey Pointer <robey@lag.net> 2005-10-17 16:36:55 +0000
committer: Robey Pointer <robey@lag.net> 2005-10-17 16:36:55 +0000
commit: 64d89583c73dda6c22136f3bc138d209835c68b1 (patch)
tree: 0f023bd6d62b8be5d1df66c046e7c4bfc5706467
parent: 6eab0b3b4df096aa6b9421c8fe342078d182c523 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/paramiko/dsskey.py b/paramiko/dsskey.py
index 6e94d814..35bf08c0 100644
--- a/paramiko/dsskey.py
+++ b/paramiko/dsskey.py
@@ -88,14 +88,21 @@ class DSSKey (PKey):
         dss = DSA.construct((long(self.y), long(self.g), long(self.p), long(self.q), long(self.x)))
         # generate a suitable k
         qsize = len(util.deflate_long(self.q, 0))
-        while 1:
+        while True:
             k = util.inflate_long(rpool.get_bytes(qsize), 1)
             if (k > 2) and (k < self.q):
                 break
         r, s = dss.sign(util.inflate_long(digest, 1), k)
         m = Message()
         m.add_string('ssh-dss')
-        m.add_string(util.deflate_long(r, 0) + util.deflate_long(s, 0))
+        # apparently, in rare cases, r or s may be shorter than 20 bytes!
+        rstr = util.deflate_long(r, 0)
+        sstr = util.deflate_long(s, 0)
+        if len(rstr) < 20:
+            rstr = '\x00' * (20 - len(rstr)) + rstr
+        if len(sstr) < 20:
+            sstr = '\x00' * (20 - len(sstr)) + sstr
+        m.add_string(rstr + sstr)
         return m
 
     def verify_ssh_sig(self, data, msg):
author	Robey Pointer <robey@lag.net>	2005-10-17 16:36:55 +0000
committer	Robey Pointer <robey@lag.net>	2005-10-17 16:36:55 +0000
commit	64d89583c73dda6c22136f3bc138d209835c68b1 (patch)
tree	0f023bd6d62b8be5d1df66c046e7c4bfc5706467
parent	6eab0b3b4df096aa6b9421c8fe342078d182c523 (diff)