Hard coded hash names make pk_sign less useful
Closed, ResolvedPublic

Description

Release: 1.2.2

Environment

i686, GNU/Linux, gentoo

Description

When performing a gcry_pk_sign operation, the hash methods are hard coded into the C code in pubkey.c (sexp_data_to_mpi). Thus, if a coder wishes to use another hash (which has been dynamically registered), gcry_pk_sign will return "Invalid Digest Algorithm" as an error.

By using the gcry_md_map_name() call to discover the algorithm type, the same functionality can be retained, but dynamically registered hashes can also be handled.

You can also program round this by pushing the PKCS-1 padding up to the calling program, and using a single MPI "blob" as the data to be signed, but this then violates the library layers - anyway, the blob signing is marked as legacy behaviour in the text.

I've included a small patch to pubkey.c which (I think) changes the behaviour such that it will work with all hashes.

Fix

Patch against 1.2.2 attached

Related Objects

werner added a subscriber: werner.Feb 1 2007, 3:28 PM

Scheduled for 1.3

I have commited a similar fix to the SVN (-r1214).

It is in fact useful as it also allows the use of OIDs instead of the algorithm
names. If you try this and provide a string with the S-expression, recall that
items a leading digit need to be prefixed with the length: "5:1.2.3" - or use an
old libgcrypt kludge and prefix the OID with oid.: "oid.1.2.3:.

werner closed this task as Resolved.Feb 22 2007, 7:23 PM