The users of the crypto API should not need to care about which stream
cipher is in use. This trivial patch only renames the name of the
constant value and updates the documentation.
- * Get the current afs status items from the afs process and send it using RC4.
+ * Get the current afs status items from the afs process and send it.
*
* \param scc The stream cipher context for data encryption.
* \param parser_friendly Whether parser-friendly output format should be used.
*
* \param scc The stream cipher context for data encryption.
* \param parser_friendly Whether parser-friendly output format should be used.
if (ret < 0)
goto out;
sha1_hash((char *)crypt_buf, CHALLENGE_SIZE, challenge_sha1);
if (ret < 0)
goto out;
sha1_hash((char *)crypt_buf, CHALLENGE_SIZE, challenge_sha1);
- ct->scc.send = sc_new(crypt_buf + CHALLENGE_SIZE, RC4_KEY_LEN);
- ct->scc.recv = sc_new(crypt_buf + CHALLENGE_SIZE + RC4_KEY_LEN,
- RC4_KEY_LEN);
+ ct->scc.send = sc_new(crypt_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
+ ct->scc.recv = sc_new(crypt_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
+ SESSION_KEY_LEN);
hash_to_asc(challenge_sha1, buf);
PARA_INFO_LOG("--> %s\n", buf);
ret = send_bin_buffer(ct->scc.fd, (char *)challenge_sha1,
hash_to_asc(challenge_sha1, buf);
PARA_INFO_LOG("--> %s\n", buf);
ret = send_bin_buffer(ct->scc.fd, (char *)challenge_sha1,
* calls this function.
*
* An RSA-based challenge/response is used to authenticate
* calls this function.
*
* An RSA-based challenge/response is used to authenticate
- * the peer. It that authentication succeeds, a random RC4
+ * the peer. It that authentication succeeds, a random
* session key is generated and sent back to the peer,
* encrypted with its RSA public key. From this point on,
* all transfers are crypted with this session key.
* session key is generated and sent back to the peer,
* encrypted with its RSA public key. From this point on,
* all transfers are crypted with this session key.
{
int ret, argc;
char buf[4096];
{
int ret, argc;
char buf[4096];
- unsigned char rand_buf[CHALLENGE_SIZE + 2 * RC4_KEY_LEN];
+ unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
unsigned char challenge_sha1[HASH_SIZE];
struct user *u;
struct server_command *cmd = NULL;
unsigned char challenge_sha1[HASH_SIZE];
struct user *u;
struct server_command *cmd = NULL;
alarm(0);
PARA_INFO_LOG("good auth for %s\n", u->name);
/* init stream cipher keys with the second part of the random buffer */
alarm(0);
PARA_INFO_LOG("good auth for %s\n", u->name);
/* init stream cipher keys with the second part of the random buffer */
- scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, RC4_KEY_LEN);
- scc.send = sc_new(rand_buf + CHALLENGE_SIZE + RC4_KEY_LEN, RC4_KEY_LEN);
+ scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
+ scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN);
ret = sc_send_buffer(&scc, PROCEED_MSG);
if (ret < 0)
goto net_err;
ret = sc_send_buffer(&scc, PROCEED_MSG);
if (ret < 0)
goto net_err;
/** \file rc4.h common symbols of command.c and client_common.c */
/** \file rc4.h common symbols of command.c and client_common.c */
-/** Number of bytes of the rc4 session key. */
-#define RC4_KEY_LEN 32
+/** Number of bytes of the session key. */
+#define SESSION_KEY_LEN 32
- * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+ * In order to encrypt len := CHALLENGE_SIZE + 2 * SESSION_KEY_LEN
* bytes using RSA_public_encrypt() with EME-OAEP padding mode,
* RSA_size(rsa) must be greater than len + 41. So ignore keys
* which are too short. For details see RSA_public_encrypt(3).
*/
* bytes using RSA_public_encrypt() with EME-OAEP padding mode,
* RSA_size(rsa) must be greater than len + 41. So ignore keys
* which are too short. For details see RSA_public_encrypt(3).
*/
- if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
+ if (ret <= CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + 41) {
PARA_WARNING_LOG("public key %s too short (%d)\n",
k, ret);
free_asymmetric_key(pubkey);
PARA_WARNING_LOG("public key %s too short (%d)\n",
k, ret);
free_asymmetric_key(pubkey);