source: trunk/third/xntp/README.rsa @ 17260

Revision 17260, 3.1 KB checked in by zacheiss, 23 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r17259, which included commits to RCS files with non-trunk default branches.
Line 
1If you want to use the RSA stuff for crypto keys:
2
3- Get RSAREF or RSAEURO.
4- - Unpack it in the top-level source directory of the NTP distribution
5    in a directory named rsaref2 or rsaeuro1, respectively
6    (You should see directories like ports, rsaref2, scripts)
7
8Make sure rsa.c has the security patch applied - a copy of it is at the
9end of this file.
10
11When you run configure, the Right Thing will happen.
12
13Be advised that the RSA DES code is not quite as portable os one might
14wish for.  In particular, DES under NTP will only work between machines
15of the same "endianness".
16
17Dave would prefer that new/alternative encryption schemes follow the
18RSA API.
19
20
21--- rsa.c.orig  Fri Mar 25 14:01:48 1994
22+++ rsaref2/source/rsa.c        Mon Dec 13 13:10:28 1999
23@@ -33,6 +33,9 @@
24   unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
25   unsigned int i, modulusLen;
26   
27+  if (publicKey->bits > MAX_RSA_MODULUS_BITS)
28+    return (RE_LEN);
29+
30   modulusLen = (publicKey->bits + 7) / 8;
31   if (inputLen + 11 > modulusLen)
32     return (RE_LEN);
33@@ -78,6 +81,9 @@
34   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
35   unsigned int i, modulusLen, pkcsBlockLen;
36   
37+  if (publicKey->bits > MAX_RSA_MODULUS_BITS)
38+    return (RE_LEN);
39+
40   modulusLen = (publicKey->bits + 7) / 8;
41   if (inputLen > modulusLen)
42     return (RE_LEN);
43@@ -128,6 +134,9 @@
44   int status;
45   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
46   unsigned int i, modulusLen;
47+
48+  if (privateKey->bits > MAX_RSA_MODULUS_BITS)
49+    return (RE_LEN);
50   
51   modulusLen = (privateKey->bits + 7) / 8;
52   if (inputLen + 11 > modulusLen)
53@@ -168,6 +177,9 @@
54   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
55   unsigned int i, modulusLen, pkcsBlockLen;
56   
57+  if (privateKey->bits > MAX_RSA_MODULUS_BITS)
58+    return (RE_LEN);
59+
60   modulusLen = (privateKey->bits + 7) / 8;
61   if (inputLen > modulusLen)
62     return (RE_LEN);
63
64--- rsa.c.orig  Sat Sep 28 22:59:40 1996
65+++ rsaeuro1/source/rsa.c       Sat Jul  8 00:33:13 2000
66@@ -51,6 +51,9 @@ R_RANDOM_STRUCT *randomStruct;  /* rando
67        unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
68        unsigned int i, modulusLen;
69 
70+       if (publicKey->bits > MAX_RSA_MODULUS_BITS)
71+       return (RE_LEN);
72+
73        modulusLen = (publicKey->bits + 7) / 8;
74 
75        if(inputLen + 11 > modulusLen)
76@@ -101,6 +104,9 @@ R_RSA_PUBLIC_KEY *publicKey;    /* RSA p
77        unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
78        unsigned int i, modulusLen, pkcsBlockLen;
79 
80+       if (publicKey->bits > MAX_RSA_MODULUS_BITS)
81+       return (RE_LEN);
82+
83        modulusLen = (publicKey->bits + 7) / 8;
84 
85        if(inputLen > modulusLen)
86@@ -154,6 +160,9 @@ R_RSA_PRIVATE_KEY *privateKey;  /* RSA p
87        unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
88        unsigned int i, modulusLen;
89 
90+       if (privateKey->bits > MAX_RSA_MODULUS_BITS)
91+       return (RE_LEN);
92+
93        modulusLen = (privateKey->bits + 7) / 8;
94 
95        if(inputLen + 11 > modulusLen)
96@@ -193,6 +202,9 @@ R_RSA_PRIVATE_KEY *privateKey;  /* RSA p
97        unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
98        unsigned int i, modulusLen, pkcsBlockLen;
99 
100+       if (privateKey->bits > MAX_RSA_MODULUS_BITS)
101+       return (RE_LEN);
102+
103        modulusLen = (privateKey->bits + 7) / 8;
104 
105        if(inputLen > modulusLen)
Note: See TracBrowser for help on using the repository browser.