diff options
| author | Werner Koch <[email protected]> | 2006-08-29 13:12:01 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2006-08-29 13:12:01 +0000 |
| commit | 6870dcf05dd994aafb634a06f5736a671b9eaf1b (patch) | |
| tree | f1c9a4a35b8bd45da27433e569a5b7f860c639cf /agent/command-ssh.c | |
| parent | Missing m4 macros (diff) | |
| download | gnupg-6870dcf05dd994aafb634a06f5736a671b9eaf1b.tar.gz gnupg-6870dcf05dd994aafb634a06f5736a671b9eaf1b.zip | |
Allow for 4k ssh keys and better error reporting.
Diffstat (limited to 'agent/command-ssh.c')
| -rw-r--r-- | agent/command-ssh.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 4e81aa2f2..d038768fe 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -526,6 +526,15 @@ stream_read_mpi (estream_t stream, unsigned int secure, gcry_mpi_t *mpint) if (err) goto out; + /* To avoid excessive use of secure memory we check that an MPI is + not too large. */ + if (mpi_data_size > 520) + { + log_error (_("ssh keys greater than %d bits are not supported\n"), 4096); + err = GPG_ERR_TOO_LARGE; + goto out; + } + err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_STD, mpi_data, mpi_data_size, NULL); if (err) goto out; |