diff options
author | Werner Koch <wk@gnupg.org> | 2013-09-07 10:06:46 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-09-20 17:41:19 +0200 |
commit | 722bfc1e5f2268453db62f38cc46b5ec6ef3adee (patch) | |
tree | a59265211609e084227958e308e1d3236c79fcbb /cipher/pubkey.c | |
parent | 64cd7ab93da7c95cc8aa320c61c6e29f9e2399c4 (diff) | |
download | libgcrypt-722bfc1e5f2268453db62f38cc46b5ec6ef3adee.tar.gz |
pk: Move s-exp creation for gcry_pk_decrypt to the modules.
* cipher/pubkey.c (sexp_to_enc): Remove RET_MODERN arg and merge it
into FLAGS.
(gcry_pk_decrypt): Move result s-exp building into the modules.
* src/cipher-proto.h (gcry_pk_decrypt_t): Add some args.
* cipher/ecc.c (ecc_decrypt_raw): Change to return an s-exp.
* cipher/elgamal.c (elg_decrypt): Ditto.
* cipher/rsa.c (rsa_decrypt): Ditto.
(rsa_blind, rsa_unblind): Merge into rsa_decrypt. This saves several
extra MPI allocations.
--
The extra args added to gcry_pk_decrypt_t are a temporary solution
unti we move the input s-exp parsing also into the modules.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/pubkey.c')
-rw-r--r-- | cipher/pubkey.c | 58 |
1 files changed, 10 insertions, 48 deletions
diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 7085b25f..99b9ba8a 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -714,7 +714,7 @@ get_hash_algo (const char *s, size_t n) */ static gcry_err_code_t sexp_to_enc (gcry_sexp_t sexp, gcry_mpi_t **retarray, gcry_pk_spec_t **r_spec, - int *ret_modern, int *flags, struct pk_encoding_ctx *ctx) + int *flags, struct pk_encoding_ctx *ctx) { gcry_err_code_t err = 0; gcry_sexp_t list = NULL; @@ -726,8 +726,6 @@ sexp_to_enc (gcry_sexp_t sexp, gcry_mpi_t **retarray, gcry_pk_spec_t **r_spec, const char *elems; gcry_mpi_t *array = NULL; - *ret_modern = 0; - /* Check that the first element is valid. */ list = gcry_sexp_find_token (sexp, "enc-val" , 0); if (!list) @@ -757,7 +755,6 @@ sexp_to_enc (gcry_sexp_t sexp, gcry_mpi_t **retarray, gcry_pk_spec_t **r_spec, const char *s; int i; - *ret_modern = 1; for (i = gcry_sexp_length (l2) - 1; i > 0; i--) { s = gcry_sexp_nth_data (l2, i, &n); @@ -863,6 +860,8 @@ sexp_to_enc (gcry_sexp_t sexp, gcry_mpi_t **retarray, gcry_pk_spec_t **r_spec, list = l2; l2 = NULL; } + else + parsed_flags |= PUBKEY_FLAG_LEGACYRESULT; spec = spec_from_name (name); if (!spec) @@ -1533,11 +1532,8 @@ gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey) gcry_err_code_t rc; gcry_mpi_t *skey = NULL; gcry_mpi_t *data = NULL; - gcry_mpi_t plain = NULL; - unsigned char *unpad = NULL; - size_t unpadlen = 0; int i; - int modern, flags; + int flags; struct pk_encoding_ctx ctx; gcry_pk_spec_t *spec = NULL; gcry_pk_spec_t *spec_enc = NULL; @@ -1551,7 +1547,7 @@ gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey) goto leave; init_encoding_ctx (&ctx, PUBKEY_OP_DECRYPT, gcry_pk_get_nbits (s_skey)); - rc = sexp_to_enc (s_data, &data, &spec_enc, &modern, &flags, &ctx); + rc = sexp_to_enc (s_data, &data, &spec_enc, &flags, &ctx); if (rc) goto leave; @@ -1571,59 +1567,25 @@ gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey) } if (spec->decrypt) - rc = spec->decrypt (spec->algo, &plain, data, skey, flags); + rc = spec->decrypt (spec->algo, r_plain, data, skey, flags, + ctx.encoding, ctx.hash_algo, + ctx.label, ctx.labellen); else rc = GPG_ERR_NOT_IMPLEMENTED; if (rc) goto leave; - if (DBG_CIPHER && !fips_mode ()) - log_mpidump (" plain", plain); - - /* Do un-padding if necessary. */ - switch (ctx.encoding) - { - case PUBKEY_ENC_PKCS1: - rc = _gcry_rsa_pkcs1_decode_for_enc (&unpad, &unpadlen, - gcry_pk_get_nbits (s_skey), - plain); - mpi_free (plain); - plain = NULL; - if (!rc) - rc = gcry_err_code (gcry_sexp_build (r_plain, NULL, "(value %b)", - (int)unpadlen, unpad)); - break; - - case PUBKEY_ENC_OAEP: - rc = _gcry_rsa_oaep_decode (&unpad, &unpadlen, - gcry_pk_get_nbits (s_skey), ctx.hash_algo, - plain, ctx.label, ctx.labellen); - mpi_free (plain); - plain = NULL; - if (!rc) - rc = gcry_err_code (gcry_sexp_build (r_plain, NULL, "(value %b)", - (int)unpadlen, unpad)); - break; + /* if (DBG_CIPHER && !fips_mode ()) */ + /* log_mpidump (" plain", plain); */ - default: - /* Raw format. For backward compatibility we need to assume a - signed mpi by using the sexp format string "%m". */ - rc = gcry_err_code (gcry_sexp_build - (r_plain, NULL, modern? "(value %m)" : "%m", plain)); - break; - } leave: - gcry_free (unpad); - if (skey) { release_mpi_array (skey); gcry_free (skey); } - mpi_free (plain); - if (data) { release_mpi_array (data); |