tfactotum: double-check RSA/DSA keys when loading - plan9port - [fork] Plan 9 from user space
HTML git clone git://src.adamsgaard.dk/plan9port
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit ddfc031c3bb99a251eb927a71f7f77288c869de3
DIR parent 8e4ac5f7fadafb278a0ef31d6082c30d6cdc8494
HTML Author: Russ Cox <rsc@swtch.com>
Date: Thu, 11 Mar 2010 18:03:53 -0800
factotum: double-check RSA/DSA keys when loading
R=rsc
http://codereview.appspot.com/463041
Diffstat:
M src/cmd/auth/factotum/dsa.c | 4 ++++
M src/cmd/auth/factotum/rsa.c | 4 ++++
2 files changed, 8 insertions(+), 0 deletions(-)
---
DIR diff --git a/src/cmd/auth/factotum/dsa.c b/src/cmd/auth/factotum/dsa.c
t@@ -86,6 +86,10 @@ readdsapriv(Key *k)
|| (priv->pub.q=strtomp(a, nil, 16, nil))==nil)
goto Error;
strlwr(a);
+ if(!probably_prime(priv->pub.p, 20) && !probably_prime(priv->pub.q, 20)) {
+ werrstr("dsa: p or q not prime");
+ goto Error;
+ }
if((a=strfindattr(k->attr, "alpha"))==nil
|| (priv->pub.alpha=strtomp(a, nil, 16, nil))==nil)
goto Error;
DIR diff --git a/src/cmd/auth/factotum/rsa.c b/src/cmd/auth/factotum/rsa.c
t@@ -199,6 +199,10 @@ readrsapriv(Key *k)
|| (priv->q=strtomp(a, nil, 16, nil))==nil)
goto Error;
strlwr(a);
+ if(!probably_prime(priv->p, 20) || !probably_prime(priv->q, 20)) {
+ werrstr("rsa: p or q not prime");
+ goto Error;
+ }
if((a=strfindattr(k->privattr, "!kp"))==nil
|| (priv->kp=strtomp(a, nil, 16, nil))==nil)
goto Error;