op public repos

Commit Diff

Commit:: ddfc031c3bb99a251eb927a71f7f77288c869de3
From:: Russ Cox <rsc@swtch.com>
Date:: Fri Mar 12 02:03:53 2010 UTC
Message:: factotum: double-check RSA/DSA keys when loading R=rsc http://codereview.appspot.com/463041
Actions:: Patch | Tree

commit - 8e4ac5f7fadafb278a0ef31d6082c30d6cdc8494
commit + ddfc031c3bb99a251eb927a71f7f77288c869de3
blob - c0d199e412f7e5a25b1b312fb31693e6f0482ab9
blob + ced10355f3d448107392334c409b238979779bb4
--- src/cmd/auth/factotum/dsa.c
+++ src/cmd/auth/factotum/dsa.c
@@ -86,6 +86,10 @@ readdsapriv(Key *k)
 	|| (priv->pub.q=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
 	strlwr(a);
+	if(!probably_prime(priv->pub.p, 20) && !probably_prime(priv->pub.q, 20)) {
+		werrstr("dsa: p or q not prime");
+		goto Error;
+	}
 	if((a=strfindattr(k->attr, "alpha"))==nil 
 	|| (priv->pub.alpha=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
blob - a865810dade08114e72307ddf12368791323f5ce
blob + 95545f931a2decbdc5a249e3bfbdc39dc5f5c39c
--- src/cmd/auth/factotum/rsa.c
+++ src/cmd/auth/factotum/rsa.c
@@ -199,6 +199,10 @@ readrsapriv(Key *k)
 	|| (priv->q=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
 	strlwr(a);
+	if(!probably_prime(priv->p, 20) || !probably_prime(priv->q, 20)) {
+		werrstr("rsa: p or q not prime");
+		goto Error;
+	}
 	if((a=strfindattr(k->privattr, "!kp"))==nil 
 	|| (priv->kp=strtomp(a, nil, 16, nil))==nil)
 		goto Error;