DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-05 07:55:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

keys: warn when loaded key is shorter than 80 bits

Browse Source 
Consider 80 bits as the absolute minimum for a secure symmetric key.  If
a loaded key is shorter, send a warning to the system log to encourage
the admin to replace it with a longer key.
This commit is contained in:
Miroslav Lichvar
2016-01-13 19:29:15 +01:00
parent 54c8732c46
commit 0d12410eaa
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
keys.c
View File

@@ -39,6 +39,8 @@
#include "local.h"
#include "logging.h"
/* Consider 80 bits as the absolute minimum for a secure key */
#define MIN_SECURE_KEY_LENGTH 10
typedef struct {
uint32_t id;
@@ -196,6 +198,9 @@ KEY_Reload(void)
continue;
}
if (key.len < MIN_SECURE_KEY_LENGTH)
LOG(LOGS_WARN, LOGF_Keys, "Key %"PRIu32" is too short", key_id);
key.id = key_id;
key.val = MallocArray(char, key.len);
memcpy(key.val, keyval, key.len);