search for: sig_off

...my effort has been devoted to (and all of my code snippets come from) openssl-portable. The bug is that an offset is incorrectly treated as a length [2]: /* Check signature over entire KRL up to this point */ > if ((r = sshkey_verify(key, blob, blen, > sshbuf_ptr(buf), sshbuf_len(buf) - sig_off, 0)) != 0) > goto out; "sshbuf_len(buf) - sig_off" should read "sig_off". The result of this bug is that the number of unparsed bytes after our current parse cursor, rather than the number of parsed bytes before the cursor, is used as the length of the data to be ve...

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a