From 51529944e9ab39541ed61a8267e7a4e003b1e271 Mon Sep 17 00:00:00 2001 From: dtucker Date: Wed, 13 Jan 2010 11:43:05 +0000 Subject: [PATCH] - dtucker@cvs.openbsd.org 2010/01/13 01:10:56 [key.c] Ignore and log any Protocol 1 keys where the claimed size is not equal to the actual size. Noted by Derek Martin, ok djm@ --- ChangeLog | 4 ++++ key.c | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 8ee8e276..866e4aa4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,10 @@ - dtucker@cvs.openbsd.org 2010/01/13 00:19:04 [sshconnect.c auth.c] Fix a couple of typos/mispellings in comments + - dtucker@cvs.openbsd.org 2010/01/13 01:10:56 + [key.c] + Ignore and log any Protocol 1 keys where the claimed size is not equal to + the actual size. Noted by Derek Martin, ok djm@ 20100112 - (dtucker) OpenBSD CVS Sync diff --git a/key.c b/key.c index f2edf6d5..5aea416b 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.81 2009/12/11 18:16:33 markus Exp $ */ +/* $OpenBSD: key.c,v 1.82 2010/01/13 01:10:56 dtucker Exp $ */ /* * read_bignum(): * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -522,6 +522,12 @@ key_read(Key *ret, char **cpp) return -1; if (!read_bignum(cpp, ret->rsa->n)) return -1; + /* validate the claimed number of bits */ + if ((u_int)BN_num_bits(ret->rsa->n) != bits) { + verbose("key_read: claimed key size %d does not match " + "actual %d", bits, BN_num_bits(ret->rsa->n)); + return -1; + } success = 1; break; case KEY_UNSPEC: -- 2.45.1