search for: sshkey_private_deserialize

...goto out; } if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); ret = SSH_ERR_KEY_LENGTH; goto out; } @@ -2664,6 +2673,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = ssh_rsa_generate_additional_parameters(k)) != 0) goto out; if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(k->rsa->n), SSH_RS...

...doing something like that for the private parts. I don't agree that it should just have BN members that are not set to a real value. So I removed that code and the checks. I'm not even sure why this was done. But sshkey_add_private() ends up as a rather useless function now. - In sshkey_private_deserialize() there was a KEY_RSA_CERT case. I'm not sure what it's about and I guess the test suite also doesn't check it. But it seems that it only has the private key in that case and OpenSSL now seems to insist that an RSA needs to have the public key information too. PS: I didn't...

Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at