~mdw
/
secnet
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
site: When reporting resolution complete, print only iaddr
[secnet]
/
rsa.c
diff --git
a/rsa.c
b/rsa.c
index
2db03c9
..
bdacfe9
100644
(file)
--- a/
rsa.c
+++ b/
rsa.c
@@
-177,7
+177,7
@@
static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
item_t *i;
string_t e,n;
item_t *i;
string_t e,n;
-
st=safe_malloc(sizeof(*st),"rsapub_apply"
);
+
NEW(st
);
st->cl.description="rsapub";
st->cl.type=CL_RSAPUBKEY;
st->cl.apply=NULL;
st->cl.description="rsapub";
st->cl.type=CL_RSAPUBKEY;
st->cl.apply=NULL;
@@
-199,6
+199,9
@@
static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide an encryption key\n");
}
} else {
cfgfatal(loc,"rsa-public","you must provide an encryption key\n");
}
+ if (mpz_sizeinbase(&st->e, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large public exponent\n");
+ }
i=list_elem(args,1);
if (i) {
i=list_elem(args,1);
if (i) {
@@
-213,6
+216,9
@@
static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
} else {
cfgfatal(loc,"rsa-public","you must provide a modulus\n");
}
} else {
cfgfatal(loc,"rsa-public","you must provide a modulus\n");
}
+ if (mpz_sizeinbase(&st->n, 256) > RSA_MAX_MODBYTES) {
+ cfgfatal(loc, "rsa-public", "implausibly large modulus\n");
+ }
return new_closure(&st->cl);
}
return new_closure(&st->cl);
}
@@
-249,7
+255,7
@@
static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
MP_INT e,d,iqmp,tmp,tmp2,tmp3;
bool_t valid;
MP_INT e,d,iqmp,tmp,tmp2,tmp3;
bool_t valid;
-
st=safe_malloc(sizeof(*st),"rsapriv_apply"
);
+
NEW(st
);
st->cl.description="rsapriv";
st->cl.type=CL_RSAPRIVKEY;
st->cl.apply=NULL;
st->cl.description="rsapriv";
st->cl.type=CL_RSAPRIVKEY;
st->cl.apply=NULL;