Diffusion GnuPG ba34f1415366

dirmngr: Support rsaPSS also in the general validate module.

Authored by werner on Apr 9 2020, 1:05 PM.

Description

dirmngr: Support rsaPSS also in the general validate module.

* dirmngr/validate.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(check_cert_sig): Support rsaPSS.
* sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on
error.

Yes, I know that there is a lot of code duplication. In fact some of
the code is ugly and it would be better if we enhance Libgcrypt to
guarantee that returned memory buffers via gcry_sexp_extract_param are
allways Nul terminated and we should also enhance that function to
directly extract into an unsigned int or char *.

  • GnuPG-bug-id: T4538
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerApr 9 2020, 1:05 PM
Parents
rGb45ab0ca08f8: sm,dirmngr: Support rsaPSS signature verification.
Branches
Unknown
Tags
Unknown
Tasks
T4538: Support PSS signed CRLs