diff options
author | Werner Koch <wk@gnupg.org> | 2013-07-19 18:14:38 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-07-19 18:14:38 +0200 |
commit | 37d0a1ebdc2dc74df4fb6bf0621045018122a68f (patch) | |
tree | b516be67206ef44bcb92076faa7afcceb12d98b7 /tests/basic.c | |
parent | 2d3e8d4d9562d666420aadd9ffa8ac0456a1cd91 (diff) | |
download | libgcrypt-37d0a1ebdc2dc74df4fb6bf0621045018122a68f.tar.gz |
pk: Allow the use of a hash element for DSA sign and verify.
* cipher/pubkey.c (pubkey_sign): Add arg ctx and pass it to the sign
module.
(gcry_pk_sign): Pass CTX to pubkey_sign.
(sexp_data_to_mpi): Add flag rfc6979 and code to alls hash with *DSA
* cipher/rsa.c (rsa_sign, rsa_verify): Return an error if an opaque
MPI is given for DATA/HASH.
* cipher/elgamal.c (elg_sign, elg_verify): Ditto.
* cipher/dsa.c (dsa_sign, dsa_verify): Convert a given opaque MPI.
* cipher/ecc.c (ecc_sign, ecc_verify): Ditto.
* tests/basic.c (check_pubkey_sign_ecdsa): Add a test for using a hash
element with DSA.
--
This patch allows the use of
(data (flags raw)
(hash sha256 #80112233445566778899AABBCCDDEEFF
000102030405060708090A0B0C0D0E0F#))
in addition to the old but more efficient
(data (flags raw)
(value #80112233445566778899AABBCCDDEEFF
000102030405060708090A0B0C0D0E0F#))
for DSA and ECDSA. With the hash element the flag "raw" must be
explicitly given because existing regression test code expects that
conflict error is return if no flags but a hash element is given.
Note that the hash algorithm name is currently not checked. It may
eventually be used to cross-check the length of the provided hash
value. It is suggested that the correct hash name is given - even if
a truncated hash value is used.
Finally this patch adds a way to pass the hash algorithm and flag
values to the signing module. "rfc6979" as been implemented as a new
but not yet used flag.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tests/basic.c')
-rw-r--r-- | tests/basic.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/tests/basic.c b/tests/basic.c index 88ae1316..46e213cb 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -3073,6 +3073,14 @@ check_pubkey_sign_ecdsa (int n, gcry_sexp_t skey, gcry_sexp_t pkey) int dummy; } datas[] = { + { 192, + "(data (flags raw)\n" + " (value #00112233445566778899AABBCCDDEEFF0001020304050607#))", + 0, + "(data (flags raw)\n" + " (value #80112233445566778899AABBCCDDEEFF0001020304050607#))", + 0 + }, { 256, "(data (flags raw)\n" " (value #00112233445566778899AABBCCDDEEFF" @@ -3083,12 +3091,14 @@ check_pubkey_sign_ecdsa (int n, gcry_sexp_t skey, gcry_sexp_t pkey) /* */ "000102030405060708090A0B0C0D0E0F#))", 0 }, - { 192, + { 256, "(data (flags raw)\n" - " (value #00112233445566778899AABBCCDDEEFF0001020304050607#))", + " (hash sha256 #00112233445566778899AABBCCDDEEFF" + /* */ "000102030405060708090A0B0C0D0E0F#))", 0, "(data (flags raw)\n" - " (value #80112233445566778899AABBCCDDEEFF0001020304050607#))", + " (hash sha256 #80112233445566778899AABBCCDDEEFF" + /* */ "000102030405060708090A0B0C0D0E0F#))", 0 }, { 0, NULL } |