*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.2 2000/12/19 23:17:58 markus Exp $");
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include "buffer.h"
-#include "bufaux.h"
+RCSID("$OpenBSD: ssh-rsa.c,v 1.5 2001/01/21 19:05:58 markus Exp $");
#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/err.h>
+#include "xmalloc.h"
+#include "log.h"
+#include "buffer.h"
+#include "bufaux.h"
#include "key.h"
-#define INTBLOB_LEN 20
-#define SIGBLOB_LEN (2*INTBLOB_LEN)
-
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
ssh_rsa_sign(
error("ssh_rsa_verify: no RSA key");
return -1;
}
+ if (BN_num_bits(key->rsa->n) < 768) {
+ error("ssh_rsa_verify: n too small: %d bits",
+ BN_num_bits(key->rsa->n));
+ return -1;
+ }
buffer_init(&b);
buffer_append(&b, (char *) signature, signaturelen);
ktype = buffer_get_string(&b, NULL);