* sexp2rsa.c (rsa_keypair_from_sexp): New limit argument. Use

nettle_mpz_set_sexp.

* sexp2bignum.c (nettle_mpz_set_sexp): New file, and new function.
Moved from sexp2rsa.c:get_value.

Rev: src/nettle/rsa.h:1.17
Rev: src/nettle/sexp2rsa.c:1.8

rsa.h

@@ -228,6 +228,7 @@ struct sexp_iterator;
 int
 rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 			    struct rsa_private_key *priv,
+			    unsigned limit,
 			    struct sexp_iterator *i);
 
 /* If PRIV is NULL, expect a public-key expression. If PUB is NULL,
@@ -237,6 +238,7 @@ rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 int
 rsa_keypair_from_sexp(struct rsa_public_key *pub,
 		      struct rsa_private_key *priv,
+		      unsigned limit,
 		      unsigned length, const uint8_t *expr);
 
 

sexp2rsa.c

-/* sexp2rsa.h
+/* sexp2rsa.c
  *
  */
 
@@ -35,23 +35,8 @@
 
 #include <string.h>
 
-static int
-get_value(mpz_t x, struct sexp_iterator *i)
-{
-  if (i->type == SEXP_ATOM
-      && !i->display)
-    {
-      nettle_mpz_set_str_256(x, i->atom_length, i->atom);
-      return 1;
-    }
-  else
-    return 0;
-}
-
-#define GET(x, v) do { if (!get_value(x, v)) return 0; } while(0)
-
-/* FIXME: Pass in a maximum key size, to avoid denial-of-service
- * problems. */
+#define GET(x, l, v) \
+do { if (!nettle_mpz_set_sexp((x), (l), (v))) return 0; } while(0)
 
 /* Iterator should point past the algorithm tag, e.g.
  *
@@ -62,6 +47,7 @@ get_value(mpz_t x, struct sexp_iterator *i)
 int
 rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 			    struct rsa_private_key *priv,
+			    unsigned limit,
 			    struct sexp_iterator *i)
 {
   static const uint8_t *names[8]
@@ -74,12 +60,12 @@ rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 
   if (priv)
     {
-      GET(priv->d, &values[2]);
-      GET(priv->p, &values[3]);
-      GET(priv->q, &values[4]);
-      GET(priv->a, &values[5]);
-      GET(priv->b, &values[6]);
-      GET(priv->c, &values[7]);
+      GET(priv->d, limit, &values[2]);
+      GET(priv->p, limit, &values[3]);
+      GET(priv->q, limit, &values[4]);
+      GET(priv->a, limit, &values[5]);
+      GET(priv->b, limit, &values[6]);
+      GET(priv->c, limit, &values[7]);
 
       if (!rsa_prepare_private_key(priv))
 	return 0;
@@ -87,8 +73,8 @@ rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 
   if (pub)
     {
-      GET(pub->n, &values[0]);
-      GET(pub->e, &values[1]);
+      GET(pub->n, limit, &values[0]);
+      GET(pub->e, limit, &values[1]);
 
       if (!rsa_prepare_public_key(pub))
 	return 0;
@@ -100,6 +86,7 @@ rsa_keypair_from_sexp_alist(struct rsa_public_key *pub,
 int
 rsa_keypair_from_sexp(struct rsa_public_key *pub,
 		      struct rsa_private_key *priv,
+		      unsigned limit, 
 		      unsigned length, const uint8_t *expr)
 {
   struct sexp_iterator i;
@@ -115,7 +102,7 @@ rsa_keypair_from_sexp(struct rsa_public_key *pub,
   if (!sexp_iterator_check_types(&i, 3, names))
     return 0;
 
-  return rsa_keypair_from_sexp_alist(pub, priv, &i);
+  return rsa_keypair_from_sexp_alist(pub, priv, limit, &i);
 }
 
 #endif /* WITH_PUBLIC_KEY */