Don't hardcode the signature length to RSA-2048 (#1872)

docs/source/about/advanced_usage.rst

@@ -605,7 +605,9 @@ pkey
 ^^^^
 
 **Description**
-   The private key. This must be 2048 bits.
+   The private key used for the web UI and Moonlight client pairing. For best compatibility, this should be an RSA-2048 private key.
+
+   .. Warning:: Not all Moonlight clients support ECDSA keys or RSA key lengths other than 2048 bits.
 
 **Default**
    ``credentials/cakey.pem``
@@ -619,7 +621,9 @@ cert
 ^^^^
 
 **Description**
-   The certificate. Must be signed with a 2048 bit key.
+   The certificate used for the web UI and Moonlight client pairing. For best compatibility, this should have an RSA-2048 public key.
+
+   .. Warning:: Not all Moonlight clients support ECDSA keys or RSA key lengths other than 2048 bits.
 
 **Default**
    ``credentials/cacert.pem``

src/config.h

@@ -92,8 +92,8 @@ namespace config {
     // pc|lan|wan
     std::string origin_web_ui_allowed;
 
-    std::string pkey;  // must be 2048 bits
+    std::string pkey;
-    std::string cert;  // must be signed with a key of 2048 bits
+    std::string cert;
 
     std::string sunshine_name;
 

src/crypto.cpp

@@ -409,11 +409,12 @@ namespace crypto {
       return {};
     }
 
-    std::size_t slen = digest_size;
+    std::size_t slen;
-
+    if (EVP_DigestSignFinal(ctx.get(), nullptr, &slen) != 1) {
-    std::vector<uint8_t> digest;
+      return {};
-    digest.resize(slen);
+    }
 
+    std::vector<uint8_t> digest(slen);
     if (EVP_DigestSignFinal(ctx.get(), digest.data(), &slen) != 1) {
       return {};
     }

src/crypto.h

@@ -17,7 +17,6 @@ namespace crypto {
     std::string x509;
     std::string pkey;
   };
-  constexpr std::size_t digest_size = 256;
 
   void
   md_ctx_destroy(EVP_MD_CTX *);

src/nvhttp.cpp

@@ -380,11 +380,15 @@ namespace nvhttp {
     auto &client = sess.client;
 
     auto pairingsecret = util::from_hex_vec(get_arg(args, "clientpairingsecret"), true);
+    if (pairingsecret.size() <= 16) {
+      tree.put("root.paired", 0);
+      tree.put("root.<xmlattr>.status_code", 400);
+      tree.put("root.<xmlattr>.status_message", "Clientpairingsecret too short");
+      return;
+    }
 
     std::string_view secret { pairingsecret.data(), 16 };
-    std::string_view sign { pairingsecret.data() + secret.size(), crypto::digest_size };
+    std::string_view sign { pairingsecret.data() + secret.size(), pairingsecret.size() - secret.size() };
-
-    assert((secret.size() + sign.size()) == pairingsecret.size());
 
     auto x509 = crypto::x509(client.cert);
     auto x509_sign = crypto::signature(x509);

src_assets/common/assets/web/config.html

@@ -316,11 +316,13 @@
           placeholder="/dir/pkey.pem"
           v-model="config.pkey"
         />
-        <div class="form-text">The private key must be 2048 bits</div>
+        <div class="form-text">
+          The private key used for the web UI and Moonlight client pairing. For best compatibility, this should be an RSA-2048 private key.
         </div>
-      <!--Cert-->
+      </div>
+      <!--Certificate-->
       <div class="mb-3">
-        <label for="cert" class="form-label">Cert</label>
+        <label for="cert" class="form-label">Certificate</label>
         <input
           type="text"
           class="form-control"
@@ -329,7 +331,7 @@
           v-model="config.cert"
         />
         <div class="form-text">
-          The certificate must be signed with a 2048 bit key
+          The certificate used for the web UI and Moonlight client pairing. For best compatibility, this should have an RSA-2048 public key.
         </div>
       </div>