#
source:
trunk/third/xntp/README.rsa
@
17260

Revision 17260, 3.1 KB checked in by zacheiss, 22 years ago (diff) |
---|

Line | |
---|---|

1 | If you want to use the RSA stuff for crypto keys: |

2 | |

3 | - Get RSAREF or RSAEURO. |

4 | - - Unpack it in the top-level source directory of the NTP distribution |

5 | in a directory named rsaref2 or rsaeuro1, respectively |

6 | (You should see directories like ports, rsaref2, scripts) |

7 | |

8 | Make sure rsa.c has the security patch applied - a copy of it is at the |

9 | end of this file. |

10 | |

11 | When you run configure, the Right Thing will happen. |

12 | |

13 | Be advised that the RSA DES code is not quite as portable os one might |

14 | wish for. In particular, DES under NTP will only work between machines |

15 | of the same "endianness". |

16 | |

17 | Dave would prefer that new/alternative encryption schemes follow the |

18 | RSA API. |

19 | |

20 | |

21 | --- rsa.c.orig Fri Mar 25 14:01:48 1994 |

22 | +++ rsaref2/source/rsa.c Mon Dec 13 13:10:28 1999 |

23 | @@ -33,6 +33,9 @@ |

24 | unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; |

25 | unsigned int i, modulusLen; |

26 | |

27 | + if (publicKey->bits > MAX_RSA_MODULUS_BITS) |

28 | + return (RE_LEN); |

29 | + |

30 | modulusLen = (publicKey->bits + 7) / 8; |

31 | if (inputLen + 11 > modulusLen) |

32 | return (RE_LEN); |

33 | @@ -78,6 +81,9 @@ |

34 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

35 | unsigned int i, modulusLen, pkcsBlockLen; |

36 | |

37 | + if (publicKey->bits > MAX_RSA_MODULUS_BITS) |

38 | + return (RE_LEN); |

39 | + |

40 | modulusLen = (publicKey->bits + 7) / 8; |

41 | if (inputLen > modulusLen) |

42 | return (RE_LEN); |

43 | @@ -128,6 +134,9 @@ |

44 | int status; |

45 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

46 | unsigned int i, modulusLen; |

47 | + |

48 | + if (privateKey->bits > MAX_RSA_MODULUS_BITS) |

49 | + return (RE_LEN); |

50 | |

51 | modulusLen = (privateKey->bits + 7) / 8; |

52 | if (inputLen + 11 > modulusLen) |

53 | @@ -168,6 +177,9 @@ |

54 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

55 | unsigned int i, modulusLen, pkcsBlockLen; |

56 | |

57 | + if (privateKey->bits > MAX_RSA_MODULUS_BITS) |

58 | + return (RE_LEN); |

59 | + |

60 | modulusLen = (privateKey->bits + 7) / 8; |

61 | if (inputLen > modulusLen) |

62 | return (RE_LEN); |

63 | |

64 | --- rsa.c.orig Sat Sep 28 22:59:40 1996 |

65 | +++ rsaeuro1/source/rsa.c Sat Jul 8 00:33:13 2000 |

66 | @@ -51,6 +51,9 @@ R_RANDOM_STRUCT *randomStruct; /* rando |

67 | unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; |

68 | unsigned int i, modulusLen; |

69 | |

70 | + if (publicKey->bits > MAX_RSA_MODULUS_BITS) |

71 | + return (RE_LEN); |

72 | + |

73 | modulusLen = (publicKey->bits + 7) / 8; |

74 | |

75 | if(inputLen + 11 > modulusLen) |

76 | @@ -101,6 +104,9 @@ R_RSA_PUBLIC_KEY *publicKey; /* RSA p |

77 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

78 | unsigned int i, modulusLen, pkcsBlockLen; |

79 | |

80 | + if (publicKey->bits > MAX_RSA_MODULUS_BITS) |

81 | + return (RE_LEN); |

82 | + |

83 | modulusLen = (publicKey->bits + 7) / 8; |

84 | |

85 | if(inputLen > modulusLen) |

86 | @@ -154,6 +160,9 @@ R_RSA_PRIVATE_KEY *privateKey; /* RSA p |

87 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

88 | unsigned int i, modulusLen; |

89 | |

90 | + if (privateKey->bits > MAX_RSA_MODULUS_BITS) |

91 | + return (RE_LEN); |

92 | + |

93 | modulusLen = (privateKey->bits + 7) / 8; |

94 | |

95 | if(inputLen + 11 > modulusLen) |

96 | @@ -193,6 +202,9 @@ R_RSA_PRIVATE_KEY *privateKey; /* RSA p |

97 | unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; |

98 | unsigned int i, modulusLen, pkcsBlockLen; |

99 | |

100 | + if (privateKey->bits > MAX_RSA_MODULUS_BITS) |

101 | + return (RE_LEN); |

102 | + |

103 | modulusLen = (privateKey->bits + 7) / 8; |

104 | |

105 | if(inputLen > modulusLen) |

**Note:**See TracBrowser for help on using the repository browser.