]> andersk Git - openssh.git/blobdiff - key.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
[openssh.git] / key.c
diff --git a/key.c b/key.c
index 515103cb4d1839a0da4ea83c4ee42c149c7906f0..5aea416b33ea7575027ec769c5b963308296d307 100644 (file)
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.77 2008/06/25 11:13:43 otto Exp $ */
+/* $OpenBSD: key.c,v 1.82 2010/01/13 01:10:56 dtucker Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -174,6 +174,7 @@ key_equal(const Key *a, const Key *b)
        default:
                fatal("key_equal: bad key type %d", a->type);
        }
+       /* NOTREACHED */
 }
 
 u_char*
@@ -368,7 +369,8 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k)
                        y = MIN(y, FLDSIZE_Y - 1);
 
                        /* augment the field */
-                       field[x][y]++;
+                       if (field[x][y] < len - 2)
+                               field[x][y]++;
                        input = input >> 2;
                }
        }
@@ -426,7 +428,7 @@ key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
                retval = key_fingerprint_randomart(dgst_raw, dgst_raw_len, k);
                break;
        default:
-               fatal("key_fingerprint_ex: bad digest representation %d",
+               fatal("key_fingerprint: bad digest representation %d",
                    dgst_rep);
                break;
        }
@@ -520,6 +522,12 @@ key_read(Key *ret, char **cpp)
                        return -1;
                if (!read_bignum(cpp, ret->rsa->n))
                        return -1;
+               /* validate the claimed number of bits */
+               if ((u_int)BN_num_bits(ret->rsa->n) != bits) {
+                       verbose("key_read: claimed key size %d does not match "
+                          "actual %d", bits, BN_num_bits(ret->rsa->n));
+                       return -1;
+               }
                success = 1;
                break;
        case KEY_UNSPEC:
@@ -683,7 +691,7 @@ rsa_generate_private_key(u_int bits)
 {
        RSA *private;
 
-       private = RSA_generate_key(bits, 35, NULL, NULL);
+       private = RSA_generate_key(bits, RSA_F4, NULL, NULL);
        if (private == NULL)
                fatal("rsa_generate_private_key: key generation failed.");
        return private;
git-cvsimport mirror of OpenSSH
This page took 0.78897 seconds and 4 git commands to generate.