Mercurial > dropbear
comparison rsa.c @ 1512:b024f9695782 fuzz
limit rsa->e size to 64 bits
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 17 Feb 2018 19:41:44 +0800 |
| parents | 5916af64acd4 |
| children | bb8eaa26bc93 |
comparison
equal
deleted
inserted
replaced
| 1511:5916af64acd4 | 1512:b024f9695782 |
|---|---|
| 66 if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) { | 66 if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) { |
| 67 dropbear_log(LOG_WARNING, "RSA key too short"); | 67 dropbear_log(LOG_WARNING, "RSA key too short"); |
| 68 goto out; | 68 goto out; |
| 69 } | 69 } |
| 70 | 70 |
| 71 /* 64 bit is limit used by openssl, so we won't block any keys in the wild */ | |
| 72 if (mp_count_bits(key->e) > 64) { | |
| 73 dropbear_log(LOG_WARNING, "RSA key bad e"); | |
| 74 goto out; | |
| 75 } | |
| 76 | |
| 71 TRACE(("leave buf_get_rsa_pub_key: success")) | 77 TRACE(("leave buf_get_rsa_pub_key: success")) |
| 72 ret = DROPBEAR_SUCCESS; | 78 ret = DROPBEAR_SUCCESS; |
| 73 out: | 79 out: |
| 74 if (ret == DROPBEAR_FAILURE) { | 80 if (ret == DROPBEAR_FAILURE) { |
| 75 m_mp_free_multi(&key->e, &key->n, NULL); | 81 m_mp_free_multi(&key->e, &key->n, NULL); |