ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-12 07:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check p and q lengths

Browse Source
This commit is contained in:
Matt Johnston 2017-06-16 22:35:18 +08:00
parent af2caaab72
commit eb7ca20379
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
dss.c
View File

@ -61,8 +61,15 @@ int buf_get_dss_pub_key(buffer* buf, dropbear_dss_key *key) {
goto out; goto out;
} }
if (mp_count_bits(key->p) < MIN_DSS_KEYLEN) { if (mp_count_bits(key->p) < DSS_P_BITS) {
dropbear_log(LOG_WARNING, "DSS key too short"); dropbear_log(LOG_WARNING, "Bad DSS p");
TRACE(("leave buf_get_dss_pub_key: short key"))
ret = DROPBEAR_FAILURE;
goto out;
}
if (mp_count_bits(key->q) < DSS_Q_BITS) {
dropbear_log(LOG_WARNING, "Bad DSS q");
TRACE(("leave buf_get_dss_pub_key: short key")) TRACE(("leave buf_get_dss_pub_key: short key"))
ret = DROPBEAR_FAILURE; ret = DROPBEAR_FAILURE;
goto out; goto out;

3
dss.h
View File

@ -41,6 +41,9 @@ typedef struct {
} dropbear_dss_key; } dropbear_dss_key;
#define DSS_P_BITS 1024
#define DSS_Q_BITS 160
void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, buffer *data_buf); void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, buffer *data_buf);
#if DROPBEAR_SIGNKEY_VERIFY #if DROPBEAR_SIGNKEY_VERIFY
int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf); int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf);