Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit2914761

Browse files
committed
fix(agentssh): ensure RSA key generation always produces valid keys
Change-Id: I0a453e1e1f8c638e40e7a4b87a6d0d7299e1cb5dSigned-off-by: Thomas Kosiewski <tk@coder.com>
1 parent6bdddd5 commit2914761

File tree

1 file changed

+50
-45
lines changed

1 file changed

+50
-45
lines changed

‎agent/agentssh/agentssh.go‎

Lines changed: 50 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -1133,61 +1133,66 @@ func CoderSigner(seed int64) (gossh.Signer, error) {
11331133
q:=big.NewInt(0)
11341134
e:=big.NewInt(65537)// Standard RSA public exponent
11351135

1136-
// Generate deterministic primes using the seeded random
1137-
// Each prime should be ~1024 bits to get a 2048-bit key
11381136
for {
1139-
p.SetBit(p,1024,1)// Ensure it's large enough
1140-
fori:=0;i<1024;i++ {
1141-
ifdeterministicRand.Int63()%2==1 {
1142-
p.SetBit(p,i,1)
1143-
}else {
1144-
p.SetBit(p,i,0)
1137+
// Generate deterministic primes using the seeded random
1138+
// Each prime should be ~1024 bits to get a 2048-bit key
1139+
for {
1140+
p.SetBit(p,1024,1)// Ensure it's large enough
1141+
fori:=range1024 {
1142+
ifdeterministicRand.Int63()%2==1 {
1143+
p.SetBit(p,i,1)
1144+
}else {
1145+
p.SetBit(p,i,0)
1146+
}
1147+
}
1148+
p1:=new(big.Int).Sub(p,big.NewInt(1))
1149+
ifp.ProbablyPrime(20)&&new(big.Int).GCD(nil,nil,e,p1).Cmp(big.NewInt(1))==0 {
1150+
break
11451151
}
11461152
}
1147-
ifp.ProbablyPrime(20) {
1148-
break
1149-
}
1150-
}
11511153

1152-
for {
1153-
q.SetBit(q,1024,1)// Ensure it's large enough
1154-
fori:=0;i<1024;i++ {
1155-
ifdeterministicRand.Int63()%2==1 {
1156-
q.SetBit(q,i,1)
1157-
}else {
1158-
q.SetBit(q,i,0)
1154+
for {
1155+
q.SetBit(q,1024,1)// Ensure it's large enough
1156+
fori:=range1024 {
1157+
ifdeterministicRand.Int63()%2==1 {
1158+
q.SetBit(q,i,1)
1159+
}else {
1160+
q.SetBit(q,i,0)
1161+
}
1162+
}
1163+
q1:=new(big.Int).Sub(q,big.NewInt(1))
1164+
ifq.ProbablyPrime(20)&&p.Cmp(q)!=0&&new(big.Int).GCD(nil,nil,e,q1).Cmp(big.NewInt(1))==0 {
1165+
break
11591166
}
11601167
}
1161-
ifq.ProbablyPrime(20)&&p.Cmp(q)!=0 {
1162-
break
1163-
}
1164-
}
11651168

1166-
// Calculate n = p * q
1167-
n:=new(big.Int).Mul(p,q)
1168-
1169-
// Calculate phi = (p-1) * (q-1)
1170-
p1:=new(big.Int).Sub(p,big.NewInt(1))
1171-
q1:=new(big.Int).Sub(q,big.NewInt(1))
1172-
phi:=new(big.Int).Mul(p1,q1)
1169+
// Calculate phi = (p-1) * (q-1)
1170+
p1:=new(big.Int).Sub(p,big.NewInt(1))
1171+
q1:=new(big.Int).Sub(q,big.NewInt(1))
1172+
phi:=new(big.Int).Mul(p1,q1)
1173+
1174+
// Calculate private exponent d
1175+
d:=new(big.Int).ModInverse(e,phi)
1176+
ifd!=nil {
1177+
// Calculate n = p * q
1178+
n:=new(big.Int).Mul(p,q)
1179+
1180+
// Create the private key
1181+
privateKey:=&rsa.PrivateKey{
1182+
PublicKey: rsa.PublicKey{
1183+
N:n,
1184+
E:int(e.Int64()),
1185+
},
1186+
D:d,
1187+
Primes: []*big.Int{p,q},
1188+
}
11731189

1174-
//Calculate private exponent d
1175-
d:=new(big.Int).ModInverse(e,phi)
1190+
//Compute precomputed values
1191+
privateKey.Precompute()
11761192

1177-
// Create the private key
1178-
privateKey:=&rsa.PrivateKey{
1179-
PublicKey: rsa.PublicKey{
1180-
N:n,
1181-
E:int(e.Int64()),
1182-
},
1183-
D:d,
1184-
Primes: []*big.Int{p,q},
1193+
returnprivateKey
1194+
}
11851195
}
1186-
1187-
// Compute precomputed values
1188-
privateKey.Precompute()
1189-
1190-
returnprivateKey
11911196
}()
11921197

11931198
coderSigner,err:=gossh.NewSignerFromKey(coderHostKey)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp