gcrypt: Fix return value of apc_get_pubkey().

The function is supposed to return the key size in bytes, but it
returns the number of *bits*. A consequence of this bug is that
RSA keys which are too short to encrypt our 128 byte buffer are not
rejected as they should be. This is not too serious because we'll fail
later during the encryption step. Fix the bug anyway and clarify the
documentation of apc_get_pubkey().

diff --git a/crypt.h b/crypt.h
index 9623a0035a3b1a89818bd99c3c09c1dac041519b..cee108f2da62179526c6353002d4e8cbdff794cb 100644 (file)
--- a/crypt.h
+++ b/crypt.h
@@ -48,7 +48,7 @@ int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,
  * \param key_file The file containing the key.
  * \param result The key structure is returned here.
  *
- * \return The size of the key on success, negative on errors.
+ * \return The size of the key in bytes on success, negative on errors.
  */
 int apc_get_pubkey(const char *key_file, struct asymmetric_key **result);
 

diff --git a/gcrypt.c b/gcrypt.c
index dbe4900862fef83a552d9c60d9ac21d4c8253d5e..c6024d285c15315b25c8fd3ce26966093caa1fe9 100644 (file)
--- a/gcrypt.c
+++ b/gcrypt.c
@@ -444,7 +444,7 @@ int apc_get_pubkey(const char *key_file, struct asymmetric_key **result)
        key->num_bytes = ret;
        key->sexp = sexp;
        *result = key;
-       ret = bits;
+       ret = bits / 8;
 release_n:
        gcry_mpi_release(n);
 release_e: