factotum: double-check RSA/DSA keys when loading

R=rsc http://codereview.appspot.com/463041
2010-03-11 18:03:53 -08:00 · 2010-03-11 18:03:53 -08:00 · ddfc031c3b
commit ddfc031c3b
parent 8e4ac5f7fa
2 changed files with 8 additions and 0 deletions
--- a/src/cmd/auth/factotum/dsa.c
+++ b/src/cmd/auth/factotum/dsa.c
@ -86,6 +86,10 @@ readdsapriv(Key *k)
 	|| (priv->pub.q=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
 	strlwr(a);
+	if(!probably_prime(priv->pub.p, 20) && !probably_prime(priv->pub.q, 20)) {
+		werrstr("dsa: p or q not prime");
+		goto Error;
+	}
 	if((a=strfindattr(k->attr, "alpha"))==nil 
 	|| (priv->pub.alpha=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
--- a/src/cmd/auth/factotum/rsa.c
+++ b/src/cmd/auth/factotum/rsa.c
@ -199,6 +199,10 @@ readrsapriv(Key *k)
 	|| (priv->q=strtomp(a, nil, 16, nil))==nil)
 		goto Error;
 	strlwr(a);
+	if(!probably_prime(priv->p, 20) || !probably_prime(priv->q, 20)) {
+		werrstr("rsa: p or q not prime");
+		goto Error;
+	}
 	if((a=strfindattr(k->privattr, "!kp"))==nil 
 	|| (priv->kp=strtomp(a, nil, 16, nil))==nil)
 		goto Error;