[PATCH 4/4] rsa.c: Check public key length.
Ian Jackson
ijackson at chiark.greenend.org.uk
Mon Jul 22 00:19:41 BST 2013
From: Mark Wooding <mdw at distorted.org.uk>
The private key is checked quite carefully -- even to a fault -- for
being sensibly sized, but the corresponding function for public keys
appears to have no checking at all. This is a shame since message-
representative construction assumes that the message representative will
fit in a fixed-size buffer.
Fix this situation by checking public key sizes in `rsapub_apply'.
Signed-off-by: Mark Wooding <mdw at distorted.org.uk>
---
rsa.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/rsa.c b/rsa.c
index 2db03c9..f4de7b4 100644
--- a/rsa.c
+++ b/rsa.c
@@ -199,6 +199,9 @@ static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide an encryption key\n");
}
+ if (mpz_sizeinbase(&st->e, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large public exponent");
+ }
i=list_elem(args,1);
if (i) {
@@ -213,6 +216,9 @@ static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide a modulus\n");
}
+ if (mpz_sizeinbase(&st->n, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large public exponent");
+ }
return new_closure(&st->cl);
}
--
1.7.2.5
More information about the sgo-software-discuss
mailing list