diff options
author | Nick Mathewson <nickm@torproject.org> | 2011-06-03 11:34:32 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2011-06-03 11:34:32 -0400 |
commit | 7aa20b20bffcbc4c9b4e3eb1c874616e1cab119f (patch) | |
tree | df99f8fe91e4503ae70aaa178cbf29182916d87e | |
parent | de069f5ea73a4fe841df27d85c28c0d79ad2c13e (diff) | |
parent | bbf2fee8ff7bbb8f645b7d973cd84bc97e93ae54 (diff) | |
download | tor-7aa20b20bffcbc4c9b4e3eb1c874616e1cab119f.tar.gz tor-7aa20b20bffcbc4c9b4e3eb1c874616e1cab119f.zip |
Merge branch 'bug3318c' into maint-0.2.2
-rw-r--r-- | changes/bug3318 | 6 | ||||
-rw-r--r-- | src/common/crypto.c | 11 | ||||
-rw-r--r-- | src/common/crypto.h | 1 | ||||
-rw-r--r-- | src/or/routerparse.c | 4 | ||||
-rw-r--r-- | src/test/test_crypto.c | 2 |
5 files changed, 21 insertions, 3 deletions
diff --git a/changes/bug3318 b/changes/bug3318 index 38991c4b1d..8a3c27825f 100644 --- a/changes/bug3318 +++ b/changes/bug3318 @@ -1,3 +1,7 @@ o Minor bugfixes: - Fix a log message that said "bits" while displaying a value in - bytes. Fixes bug 3318; bugfix on 0.2.0.1-alpha. + bytes. Found by wanoskarnet. Fixes bug 3318; bugfix on + 0.2.0.1-alpha. + - When checking for 1024-bit keys, check for 1024 bits, not 128 + bytes. This allows Tor to correctly discard keys of length + 1017 through 1023. Bugfix on 0.0.9pre5. diff --git a/src/common/crypto.c b/src/common/crypto.c index 1ecc24ce23..d8e6619c9f 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -777,6 +777,17 @@ crypto_pk_keysize(crypto_pk_env_t *env) return (size_t) RSA_size(env->key); } +/** Return the size of the public key modulus of <b>env</b>, in bits. */ +int +crypto_pk_num_bits(crypto_pk_env_t *env) +{ + tor_assert(env); + tor_assert(env->key); + tor_assert(env->key->n); + + return BN_num_bits(env->key->n); +} + /** Increase the reference count of <b>env</b>, and return it. */ crypto_pk_env_t * diff --git a/src/common/crypto.h b/src/common/crypto.h index 54c7a67a3b..1a8c81f837 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -119,6 +119,7 @@ int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env, int crypto_pk_check_key(crypto_pk_env_t *env); int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b); size_t crypto_pk_keysize(crypto_pk_env_t *env); +int crypto_pk_num_bits(crypto_pk_env_t *env); crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig); crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig); int crypto_pk_key_is_private(const crypto_pk_env_t *key); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 3728e9932b..f855f9d027 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3765,9 +3765,9 @@ token_check_object(memarea_t *area, const char *kwd, break; case NEED_KEY_1024: /* There must be a 1024-bit public key. */ case NEED_SKEY_1024: /* There must be a 1024-bit private key. */ - if (tok->key && crypto_pk_keysize(tok->key) != PK_BYTES) { + if (tok->key && crypto_pk_num_bits(tok->key) != PK_BYTES*8) { tor_snprintf(ebuf, sizeof(ebuf), "Wrong size on key for %s: %d bits", - kwd, (int)crypto_pk_keysize(tok->key)*8); + kwd, crypto_pk_num_bits(tok->key)); RET_ERR(ebuf); } /* fall through */ diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index bf2cc48174..121af279c7 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -343,7 +343,9 @@ test_crypto_pk(void) test_eq(0, crypto_pk_cmp_keys(pk1, pk2)); test_eq(128, crypto_pk_keysize(pk1)); + test_eq(1024, crypto_pk_num_bits(pk1)); test_eq(128, crypto_pk_keysize(pk2)); + test_eq(1024, crypto_pk_num_bits(pk2)); test_eq(128, crypto_pk_public_encrypt(pk2, data1, sizeof(data1), "Hello whirled.", 15, |