aboutsummaryrefslogtreecommitdiff
path: root/src/cmd/auth
diff options
context:
space:
mode:
authorRuss Cox <rsc@swtch.com>2010-03-11 18:03:53 -0800
committerRuss Cox <rsc@swtch.com>2010-03-11 18:03:53 -0800
commitddfc031c3bb99a251eb927a71f7f77288c869de3 (patch)
tree1bc0a831704447ef374bf9e8d4401f8715c9dbdd /src/cmd/auth
parent8e4ac5f7fadafb278a0ef31d6082c30d6cdc8494 (diff)
downloadplan9port-ddfc031c3bb99a251eb927a71f7f77288c869de3.tar.gz
plan9port-ddfc031c3bb99a251eb927a71f7f77288c869de3.tar.bz2
plan9port-ddfc031c3bb99a251eb927a71f7f77288c869de3.zip
factotum: double-check RSA/DSA keys when loading
R=rsc http://codereview.appspot.com/463041
Diffstat (limited to 'src/cmd/auth')
-rw-r--r--src/cmd/auth/factotum/dsa.c4
-rw-r--r--src/cmd/auth/factotum/rsa.c4
2 files changed, 8 insertions, 0 deletions
diff --git a/src/cmd/auth/factotum/dsa.c b/src/cmd/auth/factotum/dsa.c
index c0d199e4..ced10355 100644
--- a/src/cmd/auth/factotum/dsa.c
+++ b/src/cmd/auth/factotum/dsa.c
@@ -86,6 +86,10 @@ readdsapriv(Key *k)
|| (priv->pub.q=strtomp(a, nil, 16, nil))==nil)
goto Error;
strlwr(a);
+ if(!probably_prime(priv->pub.p, 20) && !probably_prime(priv->pub.q, 20)) {
+ werrstr("dsa: p or q not prime");
+ goto Error;
+ }
if((a=strfindattr(k->attr, "alpha"))==nil
|| (priv->pub.alpha=strtomp(a, nil, 16, nil))==nil)
goto Error;
diff --git a/src/cmd/auth/factotum/rsa.c b/src/cmd/auth/factotum/rsa.c
index a865810d..95545f93 100644
--- a/src/cmd/auth/factotum/rsa.c
+++ b/src/cmd/auth/factotum/rsa.c
@@ -199,6 +199,10 @@ readrsapriv(Key *k)
|| (priv->q=strtomp(a, nil, 16, nil))==nil)
goto Error;
strlwr(a);
+ if(!probably_prime(priv->p, 20) || !probably_prime(priv->q, 20)) {
+ werrstr("rsa: p or q not prime");
+ goto Error;
+ }
if((a=strfindattr(k->privattr, "!kp"))==nil
|| (priv->kp=strtomp(a, nil, 16, nil))==nil)
goto Error;