Remove leading "00" byte from prime, if present

The primes in https://svn.nmap.org/nmap/scripts/ssl-dh-params.nse do not include a leading "00" byte, so don't include it in `$dh_p`.
This commit is contained in:
David Cooper 2016-12-30 11:32:41 -05:00 committed by GitHub
parent b7ff8a1ee3
commit 62aee8f846
1 changed files with 2 additions and 0 deletions

View File

@ -9392,7 +9392,9 @@ run_logjam() {
if [[ -n "$key_bitstring" ]]; then if [[ -n "$key_bitstring" ]]; then
dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)" dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)"
dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")" dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")"
[[ "${dh_p:0:2}" == "00" ]] && dh_p="${dh_p:2}"
# At this point the DH key's prime has been extracted into $dh_p. Compare is against known weak primes. # At this point the DH key's prime has been extracted into $dh_p. Compare is against known weak primes.
echo "dh_p = $dh_p"
fi fi
tmpfile_handle $FUNCNAME.txt tmpfile_handle $FUNCNAME.txt