src/usr.bin/ssh/sshkey.c - diff

Return to sshkey.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/sshkey.c between version 1.121 and 1.122

version 1.121, 2022/05/05 01:04:14

version 1.122, 2022/09/17 10:30:45

Line 2319

return ret;

}

#ifdef WITH_OPENSSL

int

static int

sshkey_check_rsa_length(const struct sshkey *k, int min_size)

check_rsa_length(const RSA *rsa)

{

#ifdef WITH_OPENSSL

const BIGNUM *rsa_n;

int nbits;

RSA_get0_key(rsa, &rsa_n, NULL, NULL);

if (k == NULL || k->rsa == NULL ||

if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE)

(k->type != KEY_RSA && k->type != KEY_RSA_CERT))

return 0;

RSA_get0_key(k->rsa, &rsa_n, NULL, NULL);

nbits = BN_num_bits(rsa_n);

if (nbits < SSH_RSA_MINIMUM_MODULUS_SIZE ||

(min_size > 0 && nbits < min_size))

return SSH_ERR_KEY_LENGTH;

#endif /* WITH_OPENSSL */

return 0;

}

#endif /* WITH_OPENSSL */

static int

sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,

Line 2391

Line 2397

goto out;

}

rsa_n = rsa_e = NULL; /* transferred */

if ((ret = check_rsa_length(key->rsa)) != 0)

if ((ret = sshkey_check_rsa_length(key, 0)) != 0)

goto out;

#ifdef DEBUG_PK

RSA_print_fp(stderr, key->rsa, 8);

Line 3580

Line 3586

goto out;

}

rsa_p = rsa_q = NULL; /* transferred */

if ((r = check_rsa_length(k->rsa)) != 0)

if ((r = sshkey_check_rsa_length(k, 0)) != 0)

goto out;

if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0)

goto out;

Line 4566

Line 4572

r = SSH_ERR_LIBCRYPTO_ERROR;

goto out;

}

if ((r = check_rsa_length(prv->rsa)) != 0)

if ((r = sshkey_check_rsa_length(prv, 0)) != 0)

goto out;

} else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA &&

(type == KEY_UNSPEC || type == KEY_DSA)) {