search for: iqmp

...at line 3344: http://pkgs.fedoraproject.org/cgit/rpms/openssh.git/tree/openssh-7.3p1-openssl-1.1.0.patch#n3344 as shown in the below snippet: /* calculate p-1 and q-1 */ - if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0) + if ((r = rsa_generate_additional_parameters(prv->rsa, iqmp)) != 0) + BN_free(iqmp); goto out; /* enable blinding */ FYI, venkat

OpenSSH Developers, I'm researching whether or not OpenSSH is a viable commercial alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the kind of results that I expected from a "Non patent encumbered ssh client". When I attempt to build OpenSSH against an OpenSSL build without rc5, idea, or rsa it bombs since OpenSSL doesn't place the header files in the

...0000001 0x198b820: 0x0198b780 0x00000000 0x00000000 0x00000000 0x198b830: 0x00000000 0x00000000 0x00000000 0x00000000 (gdb) p *rsa $3 = {pad = 0, version = 0, meth = 0x195bb1c, n = 0x199d480, e = 0x199d3c0, d = 0x0, p = 0x0, q = 0x0, dmp1 = 0x0, dmq1 = 0x0, iqmp = 0x0, ex_data = { sk = 0x0, dummy = 1848469362}, references = 1, flags = 6, _method_mod_n = 0x0, _method_mod_p = 0x0, _method_mod_q = 0x0, bignum_data = 0x0, blinding = 0x0} (gdb) x/40x 0x199d480 0x199d480: 0x0199d4a0 0x00000001 0x00000001 0x00000000 0x199d490: 0x0...

...+ buffer_put_bignum_bits(&b, key->dsa->priv_key); + break; + case KEY_RSA: + buffer_put_bignum_bits(&b, key->rsa->e); + buffer_put_bignum_bits(&b, key->rsa->d); + buffer_put_bignum_bits(&b, key->rsa->n); + buffer_put_bignum_bits(&b, key->rsa->iqmp); + buffer_put_bignum_bits(&b, key->rsa->q); + buffer_put_bignum_bits(&b, key->rsa->p); + break; + } + len = buffer_len(&b); + if (lenp != NULL) + *lenp = len; + pb = buffer_ptr(&b); + PUT_32BIT(pb + 4, len); + PUT_32BIT(pb + len1, len - len1 - 4); + PUT_32BIT(pb + l...

..."log.h" +#include "key.h" +#include "rsa.h" + +static void +buffer_put_key_rsa(Buffer *buffer, const RSA *key) +{ + buffer_put_bignum(buffer, key->e); + buffer_put_bignum(buffer, key->n); + buffer_put_bignum(buffer, key->d); + buffer_put_bignum(buffer, key->iqmp); + buffer_put_bignum(buffer, key->p); + buffer_put_bignum(buffer, key->q); +} + +static void +buffer_get_key_rsa(Buffer *buffer, RSA *key) +{ + buffer_get_bignum(buffer, key->e); + buffer_get_bignum(buffer, key->n); + buffer_get_bignum(buffer, key->d); + buffer_get_bignum(buffer, ke...

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

...nt +sshkey_is_private(const struct sshkey *k) +{ + switch (k->type) { +#ifdef WITH_OPENSSL + case KEY_RSA1: + case KEY_RSA: + case KEY_RSA_CERT_V00: + case KEY_RSA_CERT: + if (k->rsa && k->rsa->d && k->rsa->q && k->rsa->p && + k->rsa->iqmp && + !BN_is_zero(k->rsa->d) && + !BN_is_zero(k->rsa->q) && + !BN_is_zero(k->rsa->p) && + !BN_is_zero(k->rsa->iqmp)) + return 1; + break; + case KEY_DSA: + case KEY_DSA_CERT_V00: + case KEY_DSA_CERT: + if (k->dsa && k-&g...

...e entire 'encrypted' section in this key looks like this: uint32 0x92773013 (checkint) uint32 0x92773013 (checkint again) string "ssh-rsa" mpint modulus mpint 0x10001 (public exponent) mpint private exponent mpint iqmp mpint p mpint q string "simon at resolution" (key comment) data 0x01 0x02 0x03 (padding) so you can see that a decoder of this format has to see "ssh-rsa" and know that that means six mpints follow, otherwise they cannot know where to fin...

We've run into an interesting dilemma regarding last log information and ssh 4.2p1. In 3.8, we didn't see this problem, but now has cropped up in 4.2. When a user logs in, sshd seems to call 'last' to get the last log information. 'last' then opens the /var/log/wtmp file and processes the information. On some systems, this file can be quite large, and we're seeing