-/* $OpenBSD: key.c,v 1.77 2008/06/25 11:13:43 otto Exp $ */
+/* $OpenBSD: key.c,v 1.82 2010/01/13 01:10:56 dtucker Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
default:
fatal("key_equal: bad key type %d", a->type);
}
+ /* NOTREACHED */
}
u_char*
y = MIN(y, FLDSIZE_Y - 1);
/* augment the field */
- field[x][y]++;
+ if (field[x][y] < len - 2)
+ field[x][y]++;
input = input >> 2;
}
}
retval = key_fingerprint_randomart(dgst_raw, dgst_raw_len, k);
break;
default:
- fatal("key_fingerprint_ex: bad digest representation %d",
+ fatal("key_fingerprint: bad digest representation %d",
dgst_rep);
break;
}
return -1;
if (!read_bignum(cpp, ret->rsa->n))
return -1;
+ /* validate the claimed number of bits */
+ if ((u_int)BN_num_bits(ret->rsa->n) != bits) {
+ verbose("key_read: claimed key size %d does not match "
+ "actual %d", bits, BN_num_bits(ret->rsa->n));
+ return -1;
+ }
success = 1;
break;
case KEY_UNSPEC:
{
RSA *private;
- private = RSA_generate_key(bits, 35, NULL, NULL);
+ private = RSA_generate_key(bits, RSA_F4, NULL, NULL);
if (private == NULL)
fatal("rsa_generate_private_key: key generation failed.");
return private;