tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- stevesk@cvs.openbsd.org 2002/03/29 19:18:33 

[auth-rsa.c ssh-rsa.c ssh.h]
     make RSA modulus minimum #define; ok markus@
This commit is contained in:
Ben Lindstrom 2002-04-02 20:43:11 +00:00
parent 0d0be02a29
commit 03f3932829
4 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -16,6 +16,9 @@
- stevesk@cvs.openbsd.org 2002/03/29 19:16:22
[sshd.8]
RSA key modulus size minimum 768; ok markus@
- stevesk@cvs.openbsd.org 2002/03/29 19:18:33
[auth-rsa.c ssh-rsa.c ssh.h]
make RSA modulus minimum #define; ok markus@
20020401
- (stevesk) [monitor.c] PAM should work again; will *not* work with
@ -8123,4 +8126,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.2011 2002/04/02 20:39:29 mouring Exp $
$Id: ChangeLog,v 1.2012 2002/04/02 20:43:11 mouring Exp $

5
auth-rsa.c
View File

@ -14,7 +14,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $");
RCSID("$OpenBSD: auth-rsa.c,v 1.55 2002/03/29 19:18:33 stevesk Exp $");
#include <openssl/rsa.h>
#include <openssl/md5.h>
@ -33,6 +33,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $");
#include "auth.h"
#include "hostfile.h"
#include "monitor_wrap.h"
#include "ssh.h"
/* import */
extern ServerOptions options;
@ -79,7 +80,7 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
int len;
/* don't allow short keys */
if (BN_num_bits(key->rsa->n) < 768) {
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
error("auth_rsa_verify_response: n too small: %d bits",
BN_num_bits(key->rsa->n));
return (0);

5
ssh-rsa.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-rsa.c,v 1.16 2002/02/24 19:14:59 markus Exp $");
RCSID("$OpenBSD: ssh-rsa.c,v 1.17 2002/03/29 19:18:33 stevesk Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@ -35,6 +35,7 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.16 2002/02/24 19:14:59 markus Exp $");
#include "key.h"
#include "ssh-rsa.h"
#include "compat.h"
#include "ssh.h"
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
@ -129,7 +130,7 @@ ssh_rsa_verify(
error("ssh_rsa_verify: SSH_BUG_SIGBLOB not supported");
return -1;
}
if (BN_num_bits(key->rsa->n) < 768) {
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
error("ssh_rsa_verify: n too small: %d bits",
BN_num_bits(key->rsa->n));
return -1;

5
ssh.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.h,v 1.65 2002/03/20 19:12:25 stevesk Exp $ */
/* $OpenBSD: ssh.h,v 1.66 2002/03/29 19:18:33 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -106,4 +106,7 @@
*/
#define SSH_PRIVSEP_USER "nobody"
/* Minimum modulus size (n) for RSA keys. */
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
#endif /* SSH_H */