Remove leading "00" byte from prime, if present
The primes in https://svn.nmap.org/nmap/scripts/ssl-dh-params.nse do not include a leading "00" byte, so don't include it in `$dh_p`.
This commit is contained in:
parent
b7ff8a1ee3
commit
62aee8f846
|
@ -9392,7 +9392,9 @@ run_logjam() {
|
||||||
if [[ -n "$key_bitstring" ]]; then
|
if [[ -n "$key_bitstring" ]]; then
|
||||||
dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)"
|
dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)"
|
||||||
dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")"
|
dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")"
|
||||||
|
[[ "${dh_p:0:2}" == "00" ]] && dh_p="${dh_p:2}"
|
||||||
# At this point the DH key's prime has been extracted into $dh_p. Compare is against known weak primes.
|
# At this point the DH key's prime has been extracted into $dh_p. Compare is against known weak primes.
|
||||||
|
echo "dh_p = $dh_p"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
tmpfile_handle $FUNCNAME.txt
|
tmpfile_handle $FUNCNAME.txt
|
||||||
|
|
Loading…
Reference in New Issue