comparison rsa.c @ 1512:b024f9695782 fuzz

limit rsa->e size to 64 bits
author Matt Johnston <matt@ucc.asn.au>
date Sat, 17 Feb 2018 19:41:44 +0800
parents 5916af64acd4
children bb8eaa26bc93
comparison
equal deleted inserted replaced
1511:5916af64acd4 1512:b024f9695782
66 if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) { 66 if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) {
67 dropbear_log(LOG_WARNING, "RSA key too short"); 67 dropbear_log(LOG_WARNING, "RSA key too short");
68 goto out; 68 goto out;
69 } 69 }
70 70
71 /* 64 bit is limit used by openssl, so we won't block any keys in the wild */
72 if (mp_count_bits(key->e) > 64) {
73 dropbear_log(LOG_WARNING, "RSA key bad e");
74 goto out;
75 }
76
71 TRACE(("leave buf_get_rsa_pub_key: success")) 77 TRACE(("leave buf_get_rsa_pub_key: success"))
72 ret = DROPBEAR_SUCCESS; 78 ret = DROPBEAR_SUCCESS;
73 out: 79 out:
74 if (ret == DROPBEAR_FAILURE) { 80 if (ret == DROPBEAR_FAILURE) {
75 m_mp_free_multi(&key->e, &key->n, NULL); 81 m_mp_free_multi(&key->e, &key->n, NULL);