- markus@cvs.openbsd.org 2002/03/26 23:13:03
[auth-rsa.c]
disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
diff --git a/ChangeLog b/ChangeLog
index 46b6d0f..3bf991d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,9 @@
- markus@cvs.openbsd.org 2002/03/26 22:50:39
[channels.h]
CHANNEL_EFD_OUTPUT_ACTIVE is false for CHAN_CLOSE_RCVD, too
+ - markus@cvs.openbsd.org 2002/03/26 23:13:03
+ [auth-rsa.c]
+ disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
20020325
- (stevesk) import OpenBSD <sys/tree.h> as "openbsd-compat/tree.h"
@@ -8080,4 +8083,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1998 2002/03/27 17:36:41 mouring Exp $
+$Id: ChangeLog,v 1.1999 2002/03/27 17:38:43 mouring Exp $
diff --git a/auth-rsa.c b/auth-rsa.c
index c51400c..5b98f2c 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.53 2002/03/25 09:21:13 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $");
#include <openssl/rsa.h>
#include <openssl/md5.h>
@@ -78,6 +78,13 @@
MD5_CTX md;
int len;
+ /* don't allow short keys */
+ if (BN_num_bits(key->rsa->n) < 768) {
+ error("auth_rsa_verify_response: n too small: %d bits",
+ BN_num_bits(key->rsa->n));
+ return (0);
+ }
+
/* The response is MD5 of decrypted challenge plus session id. */
len = BN_num_bytes(challenge);
if (len <= 0 || len > 32)