gcrypt: Return key size in bytes.

The crypto API requires get_asymmetric_key() to return the size of
the RSA key in bytes on success.  The return value is evaluated in
populate_user_list() where keys which are too short to encrypt a
challenge buffer are rejected right away.

However, for ASN.1 keys, the gcrypt implementation returned the number
of *bits* instead. This caused para_server to accept keys which are
in fact not suitable for authentication.

The fix is trivial.

diff --git a/gcrypt.c b/gcrypt.c
index 775abd764902b53cf60930270fc6fea73a62e9a1..b40b7b6e818ad387da3f2dffa96c06615eae5c10 100644 (file)
--- a/gcrypt.c
+++ b/gcrypt.c
@@ -587,7 +587,7 @@ static int get_asn_public_key(const char *key_file, struct asymmetric_key **resu
        key = para_malloc(sizeof(*key));
        key->sexp = sexp;
        *result = key;
-       ret = n_size * 8;
+       ret = n_size;
        PARA_INFO_LOG("successfully read %u bit asn public key\n", n_size * 8);
 
 release_e: