diff options
author | Jay Sorg <jay.sorg@gmail.com> | 2016-02-22 11:38:03 -0800 |
---|---|---|
committer | Jay Sorg <jay.sorg@gmail.com> | 2016-02-22 11:38:03 -0800 |
commit | 0d192aee62c6eab93611f2dde088711d7764bacd (patch) | |
tree | 249b9374c60c7346f5ae57d3c757fd435873f43d /common/ssl_calls.c | |
parent | ac901fd283e2cd418740ea1445b41502aa57ccb5 (diff) | |
download | xrdp-proprietary-0d192aee62c6eab93611f2dde088711d7764bacd.tar.gz xrdp-proprietary-0d192aee62c6eab93611f2dde088711d7764bacd.zip |
common: fix for key generated smaller than asked for
Diffstat (limited to 'common/ssl_calls.c')
-rw-r--r-- | common/ssl_calls.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/common/ssl_calls.c b/common/ssl_calls.c index 43002a40..3fc38043 100644 --- a/common/ssl_calls.c +++ b/common/ssl_calls.c @@ -401,6 +401,7 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, tui8 *lexp; int error; int len; + int diff; if ((exp_len != 4) || ((mod_len != 64) && (mod_len != 256)) || ((pri_len != 64) && (pri_len != 256))) @@ -408,8 +409,9 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, return 1; } - lmod = (char *)g_malloc(mod_len, 0); - lpri = (char *)g_malloc(pri_len, 0); + diff = 0; + lmod = (char *)g_malloc(mod_len, 1); + lpri = (char *)g_malloc(pri_len, 1); lexp = (tui8 *)exp; my_e = lexp[0]; my_e |= lexp[1] << 8; @@ -423,7 +425,8 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, if (error == 0) { len = BN_num_bytes(my_key->n); - error = len != mod_len; + error = (len < 1) || (len > mod_len); + diff = mod_len - len; } if (error == 0) @@ -435,12 +438,13 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, if (error == 0) { len = BN_num_bytes(my_key->d); - error = len != pri_len; + error = (len < 1) || (len > pri_len); + diff = pri_len - len; } if (error == 0) { - BN_bn2bin(my_key->d, (tui8 *)lpri); + BN_bn2bin(my_key->d, (tui8 *)(lpri + diff)); ssl_reverse_it(lpri, pri_len); } @@ -471,6 +475,7 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, char *lpri; int error; int len; + int diff; if ((exp_len != 4) || ((mod_len != 64) && (mod_len != 256)) || ((pri_len != 64) && (pri_len != 256))) @@ -478,9 +483,10 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, return 1; } - lexp = (char *)g_malloc(exp_len, 0); - lmod = (char *)g_malloc(mod_len, 0); - lpri = (char *)g_malloc(pri_len, 0); + diff = 0; + lexp = (char *)g_malloc(exp_len, 1); + lmod = (char *)g_malloc(mod_len, 1); + lpri = (char *)g_malloc(pri_len, 1); g_memcpy(lexp, exp, exp_len); ssl_reverse_it(lexp, exp_len); my_e = BN_new(); @@ -491,24 +497,26 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len, if (error == 0) { len = BN_num_bytes(my_key->n); - error = len != mod_len; + error = (len < 1) || (len > mod_len); + diff = mod_len - len; } if (error == 0) { - BN_bn2bin(my_key->n, (tui8 *)lmod); + BN_bn2bin(my_key->n, (tui8 *)(lmod + diff)); ssl_reverse_it(lmod, mod_len); } if (error == 0) { len = BN_num_bytes(my_key->d); - error = len != pri_len; + error = (len < 1) || (len > pri_len); + diff = pri_len - len; } if (error == 0) { - BN_bn2bin(my_key->d, (tui8 *)lpri); + BN_bn2bin(my_key->d, (tui8 *)(lpri + diff)); ssl_reverse_it(lpri, pri_len); } |