Changeset View
Changeset View
Standalone View
Standalone View
libgcrypt-1.2.2-pkhash/cipher/pubkey.c
Context not available. | |||||
#include <string.h> | #include <string.h> | ||||
#include <errno.h> | #include <errno.h> | ||||
#include <assert.h> | #include <assert.h> | ||||
#include <ctype.h> | |||||
#include "g10lib.h" | #include "g10lib.h" | ||||
#include "mpi.h" | #include "mpi.h" | ||||
Context not available. | |||||
passing to the low level functions. We currently support the | passing to the low level functions. We currently support the | ||||
old style way of passing just a MPI and the modern interface which | old style way of passing just a MPI and the modern interface which | ||||
allows to pass flags so that we can choose between raw and pkcs1 | allows to pass flags so that we can choose between raw and pkcs1 | ||||
padding - may be more padding options later. | padding - may be more padding options later. | ||||
(<mpi>) | (<mpi>) | ||||
or | or | ||||
Context not available. | |||||
[(hash <algo> <value>)] | [(hash <algo> <value>)] | ||||
[(value <text>)] | [(value <text>)] | ||||
) | ) | ||||
Either the VALUE or the HASH element must be present for use | Either the VALUE or the HASH element must be present for use | ||||
with signatures. VALUE is used for encryption. | with signatures. VALUE is used for encryption. | ||||
NBITS is the length of the key in bits. | NBITS is the length of the key in bits. | ||||
*/ | */ | ||||
static gcry_err_code_t | static gcry_err_code_t | ||||
Context not available. | |||||
rc = GPG_ERR_INV_OBJ; | rc = GPG_ERR_INV_OBJ; | ||||
else | else | ||||
{ | { | ||||
/* | |||||
* Having the hashes hard coded like this seems | |||||
* odd. It means that hash algorithms which are | |||||
* dynamically added cannot be part of a signature | |||||
* mechanism. | |||||
* | |||||
* Given that the name->id mapping can be done via | |||||
* the gcry_md_map_name(), it seems better to | |||||
* ask the MD registry for algorithm details rather | |||||
* than maintain the data in 2 separate places. | |||||
* | |||||
* You could, of course, just prepare the data to | |||||
* be signed outside of this routine and pass it | |||||
* as a single (mpi) sexp, but that's clearly legacy | |||||
* behaviour, and building new dependencies on it | |||||
* seems like a bad idea. | |||||
*/ | |||||
#if 0 | |||||
static struct { const char *name; int algo; } hashnames[] = | static struct { const char *name; int algo; } hashnames[] = | ||||
{ { "sha1", GCRY_MD_SHA1 }, | { { "sha1", GCRY_MD_SHA1 }, | ||||
{ "md5", GCRY_MD_MD5 }, | { "md5", GCRY_MD_MD5 }, | ||||
Context not available. | |||||
{ "haval", GCRY_MD_HAVAL }, | { "haval", GCRY_MD_HAVAL }, | ||||
{ NULL } | { NULL } | ||||
}; | }; | ||||
int algo; | #endif | ||||
byte asn[100]; | byte asn[100]; | ||||
byte *frame = NULL; | byte *frame = NULL; | ||||
size_t nframe = (nbits+7) / 8; | size_t nframe = (nbits+7) / 8; | ||||
const void * value; | const void * value; | ||||
size_t valuelen; | size_t valuelen; | ||||
size_t asnlen, dlen; | size_t asnlen, dlen = 0; | ||||
int algo; | |||||
#if 0 | |||||
for (i=0; hashnames[i].name; i++) | for (i=0; hashnames[i].name; i++) | ||||
{ | { | ||||
if ( strlen (hashnames[i].name) == n | if ( strlen (hashnames[i].name) == n | ||||
Context not available. | |||||
if (!hashnames[i].name) | if (!hashnames[i].name) | ||||
rc = GPG_ERR_DIGEST_ALGO; | rc = GPG_ERR_DIGEST_ALGO; | ||||
#else | |||||
char *hname; | |||||
hname = gcry_xmalloc( n + 1 ); | |||||
for(i=0; i<n; i++) hname[i] = s[i]; hname[n] = '\0'; | |||||
algo = gcry_md_map_name( hname ); | |||||
gcry_free(hname); | |||||
asnlen = DIM(asn); | |||||
dlen = gcry_md_get_algo_dlen( algo ); | |||||
if (algo == 0) | |||||
rc = GPG_ERR_DIGEST_ALGO; | |||||
#endif | |||||
else if ( !(value=gcry_sexp_nth_data (lhash, 2, &valuelen)) | else if ( !(value=gcry_sexp_nth_data (lhash, 2, &valuelen)) | ||||
|| !valuelen ) | || !valuelen ) | ||||
rc = GPG_ERR_INV_OBJ; | rc = GPG_ERR_INV_OBJ; | ||||
Context not available. |