crypto: rsa - limit supported key lengths
Introduce constrains for RSA keys lengths. Only key lengths of 512, 1024, 1536, 2048, 3072, and 4096 bits will be supported. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
a990532023
commit
6e8ec66c3d
1 changed files with 25 additions and 1 deletions
26
crypto/rsa.c
26
crypto/rsa.c
|
@ -267,12 +267,36 @@ static int rsa_verify(struct akcipher_request *req)
|
|||
return ret;
|
||||
}
|
||||
|
||||
static int rsa_check_key_length(unsigned int len)
|
||||
{
|
||||
switch (len) {
|
||||
case 512:
|
||||
case 1024:
|
||||
case 1536:
|
||||
case 2048:
|
||||
case 3072:
|
||||
case 4096:
|
||||
return 0;
|
||||
}
|
||||
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
static int rsa_setkey(struct crypto_akcipher *tfm, const void *key,
|
||||
unsigned int keylen)
|
||||
{
|
||||
struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
|
||||
int ret;
|
||||
|
||||
return rsa_parse_key(pkey, key, keylen);
|
||||
ret = rsa_parse_key(pkey, key, keylen);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
|
||||
rsa_free_key(pkey);
|
||||
ret = -EINVAL;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void rsa_exit_tfm(struct crypto_akcipher *tfm)
|
||||
|
|
Loading…
Reference in a new issue