chiark
/
gitweb
/
~ianmdlvl
/
secnet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
polypath: Break up child process handling
[secnet.git]
/
rsa.c
diff --git
a/rsa.c
b/rsa.c
index 0ca5d19fc08475a22a6c62d2f3d82a0acc2c06df..f7dd69db6f69115e03c94779a2529468b642619f 100644
(file)
--- a/
rsa.c
+++ b/
rsa.c
@@
-34,12
+34,18
@@
struct rsapub {
};
/* Sign data. NB data must be smaller than modulus */
};
/* Sign data. NB data must be smaller than modulus */
+#define RSA_MAX_MODBYTES 2048
+/* The largest modulus I've seen is 15360 bits, which works out at 1920
+ * bytes. Using keys this big is quite implausible, but it doesn't cost us
+ * much to support them.
+ */
+
static const char *hexchars="0123456789abcdef";
static void emsa_pkcs1(MP_INT *n, MP_INT *m,
const uint8_t *data, int32_t datalen)
{
static const char *hexchars="0123456789abcdef";
static void emsa_pkcs1(MP_INT *n, MP_INT *m,
const uint8_t *data, int32_t datalen)
{
- char buff[2
048
];
+ char buff[2
*RSA_MAX_MODBYTES + 1
];
int msize, i;
/* RSA PKCS#1 v1.5 signature padding:
int msize, i;
/* RSA PKCS#1 v1.5 signature padding:
@@
-193,6
+199,9
@@
static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide an encryption key\n");
}
} else {
cfgfatal(loc,"rsa-public","you must provide an encryption key\n");
}
+ if (mpz_sizeinbase(&st->e, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large public exponent\n");
+ }
i=list_elem(args,1);
if (i) {
i=list_elem(args,1);
if (i) {
@@
-207,6
+216,9
@@
static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide a modulus\n");
}
} else {
cfgfatal(loc,"rsa-public","you must provide a modulus\n");
}
+ if (mpz_sizeinbase(&st->n, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large modulus\n");
+ }
return new_closure(&st->cl);
}
return new_closure(&st->cl);
}
@@
-296,7
+308,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
/* Read the public key */
keyfile_get_int(loc,f); /* Not sure what this is */
length=(keyfile_get_short(loc,f)+7)/8;
/* Read the public key */
keyfile_get_int(loc,f); /* Not sure what this is */
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausible length %ld for modulus\n",
length);
}
cfgfatal(loc,"rsa-private","implausible length %ld for modulus\n",
length);
}
@@
-308,7
+320,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
read_mpbin(&st->n,b,length);
free(b);
length=(keyfile_get_short(loc,f)+7)/8;
read_mpbin(&st->n,b,length);
free(b);
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausible length %ld for e\n",length);
}
b=safe_malloc(length,"rsapriv_apply");
cfgfatal(loc,"rsa-private","implausible length %ld for e\n",length);
}
b=safe_malloc(length,"rsapriv_apply");
@@
-339,7
+351,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
/* Read d */
length=(keyfile_get_short(loc,f)+7)/8;
/* Read d */
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausibly long (%ld) decryption key\n",
length);
}
cfgfatal(loc,"rsa-private","implausibly long (%ld) decryption key\n",
length);
}
@@
-353,7
+365,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
free(b);
/* Read iqmp (inverse of q mod p) */
length=(keyfile_get_short(loc,f)+7)/8;
free(b);
/* Read iqmp (inverse of q mod p) */
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausibly long (%ld)"
" iqmp auxiliary value\n", length);
}
cfgfatal(loc,"rsa-private","implausibly long (%ld)"
" iqmp auxiliary value\n", length);
}
@@
-367,7
+379,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
free(b);
/* Read q (the smaller of the two primes) */
length=(keyfile_get_short(loc,f)+7)/8;
free(b);
/* Read q (the smaller of the two primes) */
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausibly long (%ld) q value\n",
length);
}
cfgfatal(loc,"rsa-private","implausibly long (%ld) q value\n",
length);
}
@@
-381,7
+393,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
free(b);
/* Read p (the larger of the two primes) */
length=(keyfile_get_short(loc,f)+7)/8;
free(b);
/* Read p (the larger of the two primes) */
length=(keyfile_get_short(loc,f)+7)/8;
- if (length>
1024
) {
+ if (length>
RSA_MAX_MODBYTES
) {
cfgfatal(loc,"rsa-private","implausibly long (%ld) p value\n",
length);
}
cfgfatal(loc,"rsa-private","implausibly long (%ld) p value\n",
length);
}