From 1cdd95f9970e5826598e954800c2c3ba51ea97b8 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Thu, 10 Nov 2022 13:20:09 +0800
Subject: [PATCH] Fix dropbearkey to disallow 512 bit keys

The key loading code rejected <1024 bit keys already
---
 dropbearkey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dropbearkey.c b/dropbearkey.c
index e25f748..e554e5b 100644
--- a/dropbearkey.c
+++ b/dropbearkey.c
@@ -127,8 +127,8 @@ static void check_signkey_bits(enum signkey_type type, int bits)
 #endif
 #if DROPBEAR_RSA
 		case DROPBEAR_SIGNKEY_RSA:
-			if (bits < 512 || bits > 4096 || (bits % 8 != 0)) {
-				dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a"
+			if (bits < 1024 || bits > 4096 || (bits % 8 != 0)) {
+				dropbear_exit("Bits must satisfy 1024 <= bits <= 4096, and be a"
 				              " multiple of 8\n");
 			}
 			break;