From: Andre Noll Date: Fri, 4 Sep 2009 07:23:05 +0000 (+0200) Subject: Fix check for short rsa keys. X-Git-Tag: v0.4.0~30^2 X-Git-Url: http://git.tue.mpg.de/?a=commitdiff_plain;h=353b91a4e76096d9335a5e54229aed728999e261;p=paraslash.git Fix check for short rsa keys. And add a comment that explains the magic constant 41. --- diff --git a/user_list.c b/user_list.c index 3c0b4f85..f1b4b212 100644 --- a/user_list.c +++ b/user_list.c @@ -18,6 +18,7 @@ #include "string.h" #include "list.h" #include "user_list.h" +#include "rc4.h" static struct list_head user_list; @@ -56,8 +57,15 @@ static void populate_user_list(char *user_list_file) para_strerror(-ret)); continue; } - if (ret < CHALLENGE_SIZE + 2 * CHALLENGE_SIZE + 41) { - PARA_WARNING_LOG("rsa key for %s too small\n", n); + /* + * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN + * bytes using RSA_public_encrypt() with EME-OAEP padding mode, + * RSA_size(rsa) must be greater than len + 41. So ignore keys + * which are too short. For details see RSA_public_encrypt(3). + */ + if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) { + PARA_WARNING_LOG("rsa key %s too short (%d)\n", + k, ret); rsa_free(rsa); continue; }