$NetBSD: patch-bg,v 1.1 2006/09/22 13:58:46 kivinen Exp $

--- lib/sshcrypto/sshpk/sshrgf.c.orig	2003-12-03 15:17:33.000000000 +0200
+++ lib/sshcrypto/sshpk/sshrgf.c
@@ -412,6 +412,7 @@ rgf_pkcs1_verify(Boolean do_unpad,
   unsigned char *digest;
   size_t digest_len, return_len;
   Boolean rv;
+  int ps_len, digestinfo_len;
 
   if (hash->context == NULL)
     return SSH_RGF_OP_FAILED;
@@ -419,6 +420,9 @@ rgf_pkcs1_verify(Boolean do_unpad,
   *output_msg     = NULL;
   *output_msg_len = 0;
 
+  ps_len = 0;
+  digestinfo_len = 0;
+
   /* Decode the msg. */
   if ((ber_buf = ssh_malloc(max_output_msg_len)) == NULL)
     return SSH_RGF_OP_FAILED;
@@ -457,8 +461,25 @@ rgf_pkcs1_verify(Boolean do_unpad,
   (*hash->def->rgf_hash_finalize)(hash, digest);
   hash_oid = (*hash->def->rgf_hash_asn1_oid)(hash);
 
+  /* size of 'ff' padding */
+  for(ps_len = 0; decrypted_signature[ps_len+2] == 255; ps_len++)
+    ;
+
+  /* size of encoded digestinfo from the signature  */
+  switch(decrypted_signature[ps_len+4]){
+  case 0x20:
+    digestinfo_len = 18;
+    break;
+  case 0x21:
+    digestinfo_len = 15;
+    break;
+  default :
+    digestinfo_len = 19;
+  }
+
   /* Compare. */
-  if (hash_oid == NULL || digest_len != return_len)
+  if (hash_oid == NULL || digest_len != return_len ||
+      digestinfo_len + digest_len + 3 + ps_len != decrypted_signature_len)
     {
       ssh_free(oid);
       ssh_free(temp_buf);