summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/ssh/key.c6
-rw-r--r--usr.bin/ssh/ssh-rsa.c7
2 files changed, 9 insertions, 4 deletions
diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c
index f9474b16be9..21e13b8631f 100644
--- a/usr.bin/ssh/key.c
+++ b/usr.bin/ssh/key.c
@@ -46,7 +46,7 @@
#include "buffer.h"
#include "bufaux.h"
-RCSID("$OpenBSD: key.c,v 1.13 2000/12/19 23:17:56 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.14 2001/01/16 19:20:06 markus Exp $");
Key *
key_new(int type)
@@ -555,8 +555,8 @@ key_from_blob(char *blob, int blen)
switch(type){
case KEY_RSA:
key = key_new(type);
- buffer_get_bignum2(&b, key->rsa->n);
buffer_get_bignum2(&b, key->rsa->e);
+ buffer_get_bignum2(&b, key->rsa->n);
#ifdef DEBUG_PK
RSA_print_fp(stderr, key->rsa, 8);
#endif
@@ -608,8 +608,8 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
break;
case KEY_RSA:
buffer_put_cstring(&b, key_ssh_name(key));
- buffer_put_bignum2(&b, key->rsa->n);
buffer_put_bignum2(&b, key->rsa->e);
+ buffer_put_bignum2(&b, key->rsa->n);
break;
default:
error("key_to_blob: illegal key type %d", key->type);
diff --git a/usr.bin/ssh/ssh-rsa.c b/usr.bin/ssh/ssh-rsa.c
index aab9168ebc7..e53af9e0a3b 100644
--- a/usr.bin/ssh/ssh-rsa.c
+++ b/usr.bin/ssh/ssh-rsa.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.3 2001/01/06 11:23:27 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.4 2001/01/16 19:20:06 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -122,6 +122,11 @@ ssh_rsa_verify(
error("ssh_rsa_verify: no RSA key");
return -1;
}
+ if (BN_num_bits(key->rsa->n) < 768) {
+ error("ssh_rsa_verify: n too small: %d bits",
+ BN_num_bits(key->rsa->n));
+ return -1;
+ }
buffer_init(&b);
buffer_append(&b, (char *) signature, signaturelen);
ktype = buffer_get_string(&b, NULL);