#include "string.h"
#include "list.h"
#include "user_list.h"
+#include "rc4.h"
static struct list_head user_list;
struct user *u;
RSA *rsa;
- ret = para_fgets(line, MAXLINE, file_ptr);
+ ret = para_fgets(line, sizeof(line), file_ptr);
if (ret <= 0)
break;
if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3)
para_strerror(-ret));
continue;
}
- if (ret < CHALLENGE_SIZE + 2 * CHALLENGE_SIZE + 41) {
- PARA_WARNING_LOG("rsa key for %s too small\n", n);
+ /*
+ * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+ * bytes using RSA_public_encrypt() with EME-OAEP padding mode,
+ * RSA_size(rsa) must be greater than len + 41. So ignore keys
+ * which are too short. For details see RSA_public_encrypt(3).
+ */
+ if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
+ PARA_WARNING_LOG("rsa key %s too short (%d)\n",
+ k, ret);
rsa_free(rsa);
continue;
}