Page MenuHome GnuPG
Differential D254 Diff 1082 b/tests/fipsdrv.c

Changeset View

Standalone View

View Options

b/tests/fipsdrv.c

Context not available.
encoded KEYFILE and the hash algorithm HASHALGO. */ encoded KEYFILE and the hash algorithm HASHALGO. */
static void static void
run_rsa_sign (const void *data, size_t datalen, run_rsa_sign (const void *data, size_t datalen,
int hashalgo, int pkcs1, const char *keyfile) int hashalgo, int pkcs1, int pss, const char *keyfile)
{ {
gpg_error_t err; gpg_error_t err;
Context not available.
gcry_md_algo_name (hashalgo), gcry_md_algo_name (hashalgo),
(int)hashsize, hash); (int)hashsize, hash);
} }
else if (pss)
{
unsigned char hash[64];
unsigned int hashsize;
hashsize = gcry_md_get_algo_dlen (hashalgo);
if (!hashsize || hashsize > sizeof hash)
die ("digest too long for buffer or unknown hash algorithm\n");
gcry_md_hash_buffer (hashalgo, hash, data, datalen);
err = gcry_sexp_build (&s_data, NULL,
"(data (flags pss)(salt-length #00#)(hash %s %b))",
gcry_md_algo_name (hashalgo),
(int)hashsize, hash);
}
else else
{ {
gcry_mpi_t tmp; gcry_mpi_t tmp;
Context not available.
binary signature in SIGFILE. */ binary signature in SIGFILE. */
static void static void
run_rsa_verify (const void *data, size_t datalen, int hashalgo, int pkcs1, run_rsa_verify (const void *data, size_t datalen, int hashalgo, int pkcs1,
const char *keyfile, const char *sigfile) int pss, const char *keyfile, const char *sigfile)
{ {
gpg_error_t err; gpg_error_t err;
Context not available.
gcry_md_algo_name (hashalgo), gcry_md_algo_name (hashalgo),
(int)hashsize, hash); (int)hashsize, hash);
} }
else if (pss)
{
unsigned char hash[64];
unsigned int hashsize;
hashsize = gcry_md_get_algo_dlen (hashalgo);
if (!hashsize || hashsize > sizeof hash)
die ("digest too long for buffer or unknown hash algorithm\n");
gcry_md_hash_buffer (hashalgo, hash, data, datalen);
err = gcry_sexp_build (&s_data, NULL,
"(data (flags pss)(salt-length #00#)(hash %s %b))",
gcry_md_algo_name (hashalgo),
(int)hashsize, hash);
}
else else
{ {
gcry_mpi_t tmp; gcry_mpi_t tmp;
Context not available.
int no_fips = 0; int no_fips = 0;
int progress = 0; int progress = 0;
int use_pkcs1 = 0; int use_pkcs1 = 0;
int use_pss = 0;
const char *mode_string; const char *mode_string;
const char *curve_string = NULL; const char *curve_string = NULL;
const char *key_string = NULL; const char *key_string = NULL;
Context not available.
use_pkcs1 = 1; use_pkcs1 = 1;
argc--; argv++; argc--; argv++;
} }
else if (!strcmp (*argv, "--pss"))
{
use_pss = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--mct-server")) else if (!strcmp (*argv, "--mct-server"))
{ {
mct_server = 1; mct_server = 1;
Context not available.
if (!data) if (!data)
die ("no data available (do not use --chunk)\n"); die ("no data available (do not use --chunk)\n");
run_rsa_sign (data, datalen, algo, use_pkcs1, key_string); run_rsa_sign (data, datalen, algo, use_pkcs1, use_pss, key_string);
} }
else if (!strcmp (mode_string, "rsa-verify")) else if (!strcmp (mode_string, "rsa-verify"))
Context not available.
if (access (signature_string, R_OK)) if (access (signature_string, R_OK))
die ("option --signature needs to specify an existing file\n"); die ("option --signature needs to specify an existing file\n");
run_rsa_verify (data, datalen, algo, use_pkcs1, key_string, run_rsa_verify (data, datalen, algo, use_pkcs1, use_pss, key_string,
signature_string); signature_string);
} }
Context not available.