msize=mpz_sizeinbase(&st->n, 16);
+ if (datalen*2+4>=msize) {
+ fatal("rsa_sign: message too big\n");
+ }
+
strcpy(buff,"0001");
for (i=0; i<datalen; i++) {
buff[5+i*2]=hexchars[data[i]&0xf];
}
buff[4+datalen*2]=0;
-
+
for (i=datalen*2+4; i<msize; i++)
buff[i]='f';
f=fopen(filename,"rb");
if (!f) {
- fatal_perror("rsa-private (%s:%d): cannot open file \"%s\"",
- loc.file,loc.line,filename);
+ if (just_check_config) {
+ Message(M_WARNING,"rsa-private (%s:%d): cannot open keyfile "
+ "\"%s\"; assuming it's valid while we check the "
+ "rest of the configuration\n",loc.file,loc.line,filename);
+ goto assume_valid;
+ } else {
+ fatal_perror("rsa-private (%s:%d): cannot open file \"%s\"",
+ loc.file,loc.line,filename);
+ }
}
/* Check that the ID string is correct */
/* Now do trial signature/check to make sure it's a real keypair:
sign the comment string! */
- mpz_init(&sig);
- mpz_init(&plain);
- mpz_init(&check);
- read_mpbin(&plain,c,strlen(c));
- mpz_powm(&sig, &plain, &st->d, &st->n);
- mpz_powm(&check, &sig, &e, &st->n);
- if (mpz_cmp(&plain,&check)!=0) {
- cfgfatal(loc,"rsa-private","file \"%s\" does not contain a "
- "valid RSA key!\n",filename);
+ i=list_elem(args,1);
+ if (i && i->type==t_bool && i->data.bool==False) {
+ Message(M_INFO,"rsa-private (%s:%d): skipping RSA key validity "
+ "check\n",loc.file,loc.line);
+ } else {
+ mpz_init(&sig);
+ mpz_init(&plain);
+ mpz_init(&check);
+ read_mpbin(&plain,c,strlen(c));
+ mpz_powm(&sig, &plain, &st->d, &st->n);
+ mpz_powm(&check, &sig, &e, &st->n);
+ if (mpz_cmp(&plain,&check)!=0) {
+ cfgfatal(loc,"rsa-private","file \"%s\" does not contain a "
+ "valid RSA key!\n",filename);
+ }
+ mpz_clear(&sig);
+ mpz_clear(&plain);
+ mpz_clear(&check);
}
- mpz_clear(&sig);
- mpz_clear(&plain);
- mpz_clear(&check);
free(c);
mpz_clear(&e);
+assume_valid:
return new_closure(&st->cl);
}