diff options
author | Werner Koch <wk@gnupg.org> | 2013-07-19 18:14:38 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-07-19 18:14:38 +0200 |
commit | 37d0a1ebdc2dc74df4fb6bf0621045018122a68f (patch) | |
tree | b516be67206ef44bcb92076faa7afcceb12d98b7 /cipher/rsa.c | |
parent | 2d3e8d4d9562d666420aadd9ffa8ac0456a1cd91 (diff) | |
download | libgcrypt-37d0a1ebdc2dc74df4fb6bf0621045018122a68f.tar.gz |
pk: Allow the use of a hash element for DSA sign and verify.
* cipher/pubkey.c (pubkey_sign): Add arg ctx and pass it to the sign
module.
(gcry_pk_sign): Pass CTX to pubkey_sign.
(sexp_data_to_mpi): Add flag rfc6979 and code to alls hash with *DSA
* cipher/rsa.c (rsa_sign, rsa_verify): Return an error if an opaque
MPI is given for DATA/HASH.
* cipher/elgamal.c (elg_sign, elg_verify): Ditto.
* cipher/dsa.c (dsa_sign, dsa_verify): Convert a given opaque MPI.
* cipher/ecc.c (ecc_sign, ecc_verify): Ditto.
* tests/basic.c (check_pubkey_sign_ecdsa): Add a test for using a hash
element with DSA.
--
This patch allows the use of
(data (flags raw)
(hash sha256 #80112233445566778899AABBCCDDEEFF
000102030405060708090A0B0C0D0E0F#))
in addition to the old but more efficient
(data (flags raw)
(value #80112233445566778899AABBCCDDEEFF
000102030405060708090A0B0C0D0E0F#))
for DSA and ECDSA. With the hash element the flag "raw" must be
explicitly given because existing regression test code expects that
conflict error is return if no flags but a hash element is given.
Note that the hash algorithm name is currently not checked. It may
eventually be used to cross-check the length of the provided hash
value. It is suggested that the correct hash name is given - even if
a truncated hash value is used.
Finally this patch adds a way to pass the hash algorithm and flag
values to the signing module. "rfc6979" as been implemented as a new
but not yet used flag.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/rsa.c')
-rw-r--r-- | cipher/rsa.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/cipher/rsa.c b/cipher/rsa.c index 4787f813..c9fcebf0 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -700,7 +700,7 @@ stronger_key_check ( RSA_secret_key *skey ) * Where m is OUTPUT, c is INPUT and d,n,p,q,u are elements of SKEY. */ static void -secret(gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey ) +secret (gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey ) { if (!skey->p || !skey->q || !skey->u) { @@ -1002,6 +1002,9 @@ rsa_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey, (void)flags; (void)hashalgo; + if (mpi_is_opaque (data)) + return GPG_ERR_INV_DATA; + sk.n = skey[0]; sk.e = skey[1]; sk.d = skey[2]; @@ -1028,6 +1031,9 @@ rsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, (void)cmp; (void)opaquev; + if (mpi_is_opaque (hash)) + return GPG_ERR_INV_DATA; + pk.n = pkey[0]; pk.e = pkey[1]; result = gcry_mpi_new ( 160 ); |