diff options
author | Nick Mathewson <nickm@torproject.org> | 2011-06-02 12:32:59 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2011-06-03 11:31:19 -0400 |
commit | bbf2fee8ff7bbb8f645b7d973cd84bc97e93ae54 (patch) | |
tree | d9db511a467af11a94c9e4d375f14cc9383638bc /src/test | |
parent | 1d8bcba067ef8d96ebe022f06459d55c308343ec (diff) | |
download | tor-bbf2fee8ff7bbb8f645b7d973cd84bc97e93ae54.tar.gz tor-bbf2fee8ff7bbb8f645b7d973cd84bc97e93ae54.zip |
Reject 128-byte keys that are not 1024-bit
When we added the check for key size, we required that the keys be
128 bytes. But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024. This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.
Also, credit the original bug3318 in the changes file.
Diffstat (limited to 'src/test')
-rw-r--r-- | src/test/test_crypto.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index bf2cc48174..121af279c7 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -343,7 +343,9 @@ test_crypto_pk(void) test_eq(0, crypto_pk_cmp_keys(pk1, pk2)); test_eq(128, crypto_pk_keysize(pk1)); + test_eq(1024, crypto_pk_num_bits(pk1)); test_eq(128, crypto_pk_keysize(pk2)); + test_eq(1024, crypto_pk_num_bits(pk2)); test_eq(128, crypto_pk_public_encrypt(pk2, data1, sizeof(data1), "Hello whirled.", 15, |