diff options
author | Werner Koch <wk@gnupg.org> | 2000-07-25 17:38:12 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2000-07-25 17:38:12 +0200 |
commit | b872ea2577bb68fc29d126cf79900d88d55ba268 (patch) | |
tree | 8464add6c2571724cf174d25b45a7cd05778eed0 /g10 | |
parent | See ChangeLog: Mon Jul 17 16:35:47 CEST 2000 Werner Koch (diff) | |
download | gnupg2-b872ea2577bb68fc29d126cf79900d88d55ba268.tar.xz gnupg2-b872ea2577bb68fc29d126cf79900d88d55ba268.zip |
See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch
Diffstat (limited to 'g10')
-rw-r--r-- | g10/ChangeLog | 16 | ||||
-rw-r--r-- | g10/encode.c | 18 | ||||
-rw-r--r-- | g10/keyedit.c | 2 | ||||
-rw-r--r-- | g10/keygen.c | 53 | ||||
-rw-r--r-- | g10/keylist.c | 83 | ||||
-rw-r--r-- | g10/misc.c | 34 | ||||
-rw-r--r-- | g10/pubkey-enc.c | 42 | ||||
-rw-r--r-- | g10/seckey-cert.c | 36 | ||||
-rw-r--r-- | g10/sig-check.c | 56 | ||||
-rw-r--r-- | g10/sign.c | 30 |
10 files changed, 222 insertions, 148 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 6d3aa7cc4..893fed136 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,19 @@ +Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de> + + * keyedit.c (menu_expire): expire date for primary key can be set again. + + * keylist.c (is_uid_valid): New. + (list_keyblock): Print validity information for all user IDs. Note, this + has to be done at other places too; for now we have only minimal support. + + * sign.c (pk_sign): Changed to use the new S-Exp interface. + * encode.c (pk_encrypt): Ditto. + * sig-check.c (pk_verify): Ditto. + * seckey-cert.c (pk_check_secret_key): Ditto. + * pubkey-enc.c (pk_decrypt): Ditto. + * misc.c (pubkey_nbits): Ditto. + * keygen.c (key_from_sexp,factors_from_sexp,gen_elg,gen_dsa): Ditto. + Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@> Replaced everything with the code from the STABLE-BRANCH-1-0 and diff --git a/g10/encode.c b/g10/encode.c index 6195b533c..e1ef5b2ae 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -54,18 +54,19 @@ pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey ) /* make a sexp from pkey */ if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 3 ), - gcry_sexp_new_name_mpi( "p", pkey[0] ), - gcry_sexp_new_name_mpi( "g", pkey[1] ), - gcry_sexp_new_name_mpi( "y", pkey[2] ), - NULL )); + rc = gcry_sexp_build ( &s_pkey, NULL, + "(public-key(elg(p%m)(g%m)(y%m)))", + pkey[0], pkey[1], pkey[2] ); } else return GPGERR_PUBKEY_ALGO; + if ( rc ) + BUG (); + /* put the data into a simple list */ - s_data = gcry_sexp_new_mpi( data ); + if ( gcry_sexp_build( &s_data, NULL, "%m", data ) ) + BUG (); /* pass it to libgcrypt */ rc = gcry_pk_encrypt( &s_ciph, s_data, s_pkey ); @@ -79,10 +80,13 @@ pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey ) assert( list ); resarr[0] = gcry_sexp_cdr_mpi( list, 0 ); assert( resarr[0] ); + gcry_sexp_release ( list ); + list = gcry_sexp_find_token( s_ciph, "b" , 0 ); assert( list ); resarr[1] = gcry_sexp_cdr_mpi( list, 0 ); assert( resarr[1] ); + gcry_sexp_release ( list ); } gcry_sexp_release( s_ciph ); diff --git a/g10/keyedit.c b/g10/keyedit.c index a64c7e86f..daf4fb41d 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1504,7 +1504,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock ) else if( node->pkt->pkttype == PKT_USER_ID ) uid = node->pkt->pkt.user_id; else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE - && sub_pk != NULL ) { + && (mainkey || sub_pk ) ) { PKT_signature *sig = node->pkt->pkt.signature; if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] && ( (mainkey && uid && (sig->sig_class&~3) == 0x10) diff --git a/g10/keygen.c b/g10/keygen.c index b6c6cc7e3..3b3d95e3b 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -254,7 +254,9 @@ key_from_sexp( GCRY_MPI *array, list = gcry_sexp_find_token( sexp, topname, 0 ); if( !list ) return GCRYERR_INV_OBJ; - list = gcry_sexp_cdr( list ); + l2 = gcry_sexp_cdr( list ); + gcry_sexp_release ( list ); + list = l2; if( !list ) return GCRYERR_NO_OBJ; @@ -266,17 +268,21 @@ key_from_sexp( GCRY_MPI *array, gcry_free( array[i] ); array[i] = NULL; } + gcry_sexp_release ( list ); return GCRYERR_NO_OBJ; /* required parameter not found */ } array[idx] = gcry_sexp_cdr_mpi( l2, GCRYMPI_FMT_USG ); + gcry_sexp_release ( l2 ); if( !array[idx] ) { for(i=0; i<idx; i++) { gcry_free( array[i] ); array[i] = NULL; } + gcry_sexp_release ( list ); return GCRYERR_INV_OBJ; /* required parameter is invalid */ } } + gcry_sexp_release ( list ); return 0; } @@ -294,36 +300,45 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp ) list = gcry_sexp_find_token( sexp, "misc-key-info", 0 ); if( !list ) return GCRYERR_INV_OBJ; - list = gcry_sexp_cdr( list ); + l2 = gcry_sexp_cdr( list ); + gcry_sexp_release ( list ); + list = l2; if( !list ) return GCRYERR_NO_OBJ; - list = gcry_sexp_find_token( list, "pm1-factors", 0 ); + l2 = gcry_sexp_find_token( list, "pm1-factors", 0 ); + gcry_sexp_release ( list ); + list = l2; if( !list ) return GCRYERR_NO_OBJ; /* count factors */ ctx = NULL; for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ ) - ; + gcry_sexp_release ( l2 ); array = gcry_xcalloc( n, sizeof *array ); - if( !array ) + if( !array ) { + gcry_sexp_release ( list ); return GCRYERR_NO_MEM; - - /* retrieve factors (the first enum is to skip the car) */ + } + /* retrieve factors */ ctx = NULL; - if( gcry_sexp_enum( list, &ctx, 0 ) ) { + if( (l2 = gcry_sexp_enum( list, &ctx, 0 )) ) { + gcry_sexp_release ( l2 ); /* skip the car */ for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ ) { array[n] = gcry_sexp_car_mpi( l2, 0 ); + gcry_sexp_release ( l2 ); if( !array[n] ) { for(i=0; i < n; i++ ) gcry_mpi_release( array[i] ); gcry_free(array); + gcry_sexp_release ( list ); return GCRYERR_INV_OBJ; } } } + gcry_sexp_release ( list ); *retarray = array; return 0; } @@ -340,7 +355,6 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, PKT_secret_key *sk; PKT_public_key *pk; MPI *factors; - char buf[100]; GCRY_SEXP s_parms, s_key; assert( is_ELGAMAL(algo) ); @@ -355,12 +369,12 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, log_info(_("keysize rounded up to %u bits\n"), nbits ); } - sprintf(buf, "%u", nbits ); - s_parms = SEXP_CONS( SEXP_NEW( "genkey", 0 ), - SEXP_CONS( SEXP_NEW(algo == GCRY_PK_ELG_E ? "openpgp-elg" : - algo == GCRY_PK_ELG ? "elg" : "x-oops",0), - gcry_sexp_new_name_data( "nbits", buf, 0 ) ) - ); + if ( gcry_sexp_build ( &s_parms, NULL, + "(genkey(%s(nbits %d)))", + algo == GCRY_PK_ELG_E ? "openpgp-elg" : + algo == GCRY_PK_ELG ? "elg" : "x-oops" , + (int)nbits ) ) + BUG (); rc = gcry_pk_genkey( &s_key, s_parms ); gcry_sexp_release( s_parms ); @@ -447,7 +461,6 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, PKT_secret_key *sk; PKT_public_key *pk; MPI *factors; - char buf[100]; GCRY_SEXP s_parms, s_key; if( nbits > 1024 || nbits < 512 ) { @@ -460,11 +473,9 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, log_info(_("keysize rounded up to %u bits\n"), nbits ); } - sprintf(buf, "%u", nbits ); - s_parms = SEXP_CONS( SEXP_NEW( "genkey", 0 ), - SEXP_CONS( SEXP_NEW("dsa",0), - gcry_sexp_new_name_data( "nbits", buf, 0 ) ) - ); + if ( gcry_sexp_build ( &s_parms, NULL, + "(genkey(dsa(nbits %d)))", (int)nbits ) ) + BUG (); rc = gcry_pk_genkey( &s_key, s_parms ); gcry_sexp_release( s_parms ); diff --git a/g10/keylist.c b/g10/keylist.c index 751a61c9b..4109968c0 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -105,6 +105,83 @@ list_all( int secret ) } +/**************** + * Check whether the user ID at NODE is valid; that is it has a + * valid self-signature but no later valid revocation. + * Caller has to pass the keyID of the primary in mainkey. + * Returns: NULL = valid + * string with the reason why it is invalid + */ +static const char * +is_uid_valid ( KBNODE keyblock, KBNODE uidnode, u32 *mainkid ) +{ + KBNODE node; + PKT_signature *selfsig = NULL; /* the latest valid self signature */ + + /* The key signature verify function can's handle secret keys yet and + * becuase we are not sure whether the duplication of user IDs and + * self-signatures should be kept on secret keys we are not going to fix + * it there. */ + if ( keyblock->pkt->pkttype == PKT_SECRET_KEY ) + return NULL; + + assert ( uidnode->pkt->pkttype == PKT_USER_ID + || uidnode->pkt->pkttype == PKT_PHOTO_ID ); + + /* first find out about the latest valid self-signature */ + for ( node = uidnode->next; node; node = node->next ) { + PKT_signature *sig; + + if ( node->pkt->pkttype == PKT_USER_ID + || node->pkt->pkttype == PKT_PHOTO_ID + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY + || node->pkt->pkttype == PKT_SECRET_SUBKEY ) + break; + if ( node->pkt->pkttype != PKT_SIGNATURE ) + continue; + sig = node->pkt->pkt.signature; + if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] ) + continue; /* we only care about self-signatures for now */ + + if ( (sig->sig_class&~3) == 0x10 ) { /* regular self signature */ + if ( !check_key_signature( keyblock, node, NULL ) ) { + if ( !selfsig ) + selfsig = sig; /* use the first valid sig */ + else if ( sig->timestamp > selfsig->timestamp + && sig->sig_class >= selfsig->sig_class ) + selfsig = sig; /* but this one is newer */ + } + } + } + + if ( !selfsig ) + return _("invalid"); /* no valid self signature */ + + /* watch out for a newer revocation */ + for ( node = uidnode->next; node; node = node->next ) { + PKT_signature *sig; + + if ( node->pkt->pkttype == PKT_USER_ID + || node->pkt->pkttype == PKT_PHOTO_ID + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY + || node->pkt->pkttype == PKT_SECRET_SUBKEY ) + break; + if ( node->pkt->pkttype != PKT_SIGNATURE ) + continue; + sig = node->pkt->pkt.signature; + if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] ) + continue; /* we only care about self-signatures for now */ + + if ( sig->sig_class == 0x30 + && sig->timestamp >= selfsig->timestamp ) { + if ( !check_key_signature( keyblock, node, NULL ) ) + return _("revoked"); + } + } + + return NULL; /* UID is valid */ +} + static void list_one( STRLIST names, int secret ) @@ -263,9 +340,13 @@ list_keyblock( KBNODE keyblock, int secret ) node->pkt->pkt.user_id->len, ':' ); putchar(':'); } - else + else { + const char *s = is_uid_valid ( keyblock, node, keyid ); + if ( s ) + printf ("[%s] ", s ); print_utf8_string( stdout, node->pkt->pkt.user_id->name, node->pkt->pkt.user_id->len ); + } putchar('\n'); if( !any ) { diff --git a/g10/misc.c b/g10/misc.c index e7bd8fac6..44a6f76b1 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -420,40 +420,34 @@ pubkey_get_nenc( int algo ) return n > 0? n : 0; } + unsigned int pubkey_nbits( int algo, MPI *key ) { - int nbits; + int rc, nbits; GCRY_SEXP sexp; - if( algo == GCRY_PK_DSA ) { - sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ), - gcry_sexp_new_name_mpi( "p", key[0] ), - gcry_sexp_new_name_mpi( "q", key[1] ), - gcry_sexp_new_name_mpi( "g", key[2] ), - gcry_sexp_new_name_mpi( "y", key[3] ), - NULL )); + rc = gcry_sexp_build ( &sexp, NULL, + "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))", + key[0], key[1], key[2], key[3] ); } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 3 ), - gcry_sexp_new_name_mpi( "p", key[0] ), - gcry_sexp_new_name_mpi( "g", key[1] ), - gcry_sexp_new_name_mpi( "y", key[2] ), - NULL )); + rc = gcry_sexp_build ( &sexp, NULL, + "(public-key(elg(p%m)(g%m)(y%m)))", + key[0], key[1], key[2] ); } else if( algo == GCRY_PK_RSA ) { - sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ), - gcry_sexp_new_name_mpi( "n", key[0] ), - gcry_sexp_new_name_mpi( "e", key[1] ), - NULL )); + rc = gcry_sexp_build ( &sexp, NULL, + "(public-key(rsa(n%m)(e%m)))", + key[0], key[1] ); } else return 0; + if ( rc ) + BUG (); + nbits = gcry_pk_get_nbits( sexp ); gcry_sexp_release( sexp ); return nbits; diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 2019d0301..aa848a2cb 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -51,45 +51,36 @@ pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey ) *result = NULL; /* make a sexp from skey */ if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 0 ), - gcry_sexp_new_name_mpi( "p", skey[0] ), - gcry_sexp_new_name_mpi( "g", skey[1] ), - gcry_sexp_new_name_mpi( "y", skey[2] ), - gcry_sexp_new_name_mpi( "x", skey[3] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(elg(p%m)(g%m)(y%m)(x%m)))", + skey[0], skey[1], skey[2], skey[3] ); } else if( algo == GCRY_PK_RSA ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ), - gcry_sexp_new_name_mpi( "n", skey[0] ), - gcry_sexp_new_name_mpi( "e", skey[1] ), - gcry_sexp_new_name_mpi( "d", skey[2] ), - gcry_sexp_new_name_mpi( "p", skey[3] ), - gcry_sexp_new_name_mpi( "q", skey[4] ), - gcry_sexp_new_name_mpi( "u", skey[5] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))", + skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] ); } else return GPGERR_PUBKEY_ALGO; + if ( rc ) + BUG (); + /* put data into a S-Exp s_data */ if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_data = SEXP_CONS( SEXP_NEW( "enc-val", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 0 ), - gcry_sexp_new_name_mpi( "a", data[0] ), - gcry_sexp_new_name_mpi( "b", data[1] ), - NULL )); + rc = gcry_sexp_build ( &s_data, NULL, + "(enc-val(elg(a%m)(b%m)))", data[0], data[1] ); } else if( algo == GCRY_PK_RSA ) { - s_data = SEXP_CONS( SEXP_NEW( "enc-val", 0 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ), - gcry_sexp_new_name_mpi( "a", data[0] ), - NULL )); + rc = gcry_sexp_build ( &s_data, NULL, + "(enc-val(rsa(a%m)))", data[0] ); } else BUG(); + if ( rc ) + BUG (); + rc = gcry_pk_decrypt( &s_plain, s_data, s_skey ); gcry_sexp_release( s_skey ); gcry_sexp_release( s_data); @@ -97,6 +88,7 @@ pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey ) return rc; *result = gcry_sexp_car_mpi( s_plain, 0 ); + gcry_sexp_release( s_plain ); if( !*result ) return -1; /* oops */ diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index ab09b8f4d..1f511c229 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -46,38 +46,26 @@ pk_check_secret_key( int algo, MPI *skey ) /* make a sexp from skey */ if( algo == GCRY_PK_DSA ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "dsa", 0 ), - gcry_sexp_new_name_mpi( "p", skey[0] ), - gcry_sexp_new_name_mpi( "q", skey[1] ), - gcry_sexp_new_name_mpi( "g", skey[2] ), - gcry_sexp_new_name_mpi( "y", skey[3] ), - gcry_sexp_new_name_mpi( "x", skey[4] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))", + skey[0], skey[1], skey[2], skey[3], skey[4] ); } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 0 ), - gcry_sexp_new_name_mpi( "p", skey[0] ), - gcry_sexp_new_name_mpi( "g", skey[1] ), - gcry_sexp_new_name_mpi( "y", skey[2] ), - gcry_sexp_new_name_mpi( "x", skey[3] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(elg(p%m)(g%m)(y%m)(x%m)))", + skey[0], skey[1], skey[2], skey[3] ); } else if( algo == GCRY_PK_RSA ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ), - gcry_sexp_new_name_mpi( "n", skey[0] ), - gcry_sexp_new_name_mpi( "e", skey[1] ), - gcry_sexp_new_name_mpi( "d", skey[2] ), - gcry_sexp_new_name_mpi( "p", skey[3] ), - gcry_sexp_new_name_mpi( "q", skey[4] ), - gcry_sexp_new_name_mpi( "u", skey[5] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))", + skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] ); } else return GPGERR_PUBKEY_ALGO; + if ( rc ) + BUG (); + rc = gcry_pk_testkey( s_skey ); gcry_sexp_release( s_skey ); return rc; diff --git a/g10/sig-check.c b/g10/sig-check.c index f12cfa6d3..ba392414a 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -61,59 +61,49 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey, /* make a sexp from pkey */ if( algo == GCRY_PK_DSA ) { - s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ), - gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ), - gcry_sexp_new_name_mpi( "p", pkey[0] ), - gcry_sexp_new_name_mpi( "q", pkey[1] ), - gcry_sexp_new_name_mpi( "g", pkey[2] ), - gcry_sexp_new_name_mpi( "y", pkey[3] ), - NULL )); + rc = gcry_sexp_build ( &s_pkey, NULL, + "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))", + pkey[0], pkey[1], pkey[2], pkey[3] ); } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 3 ), - gcry_sexp_new_name_mpi( "p", pkey[0] ), - gcry_sexp_new_name_mpi( "g", pkey[1] ), - gcry_sexp_new_name_mpi( "y", pkey[2] ), - NULL )); + rc = gcry_sexp_build ( &s_pkey, NULL, + "(public-key(dsa(p%m)(g%m)(y%m)))", + pkey[0], pkey[1], pkey[2] ); } else if( algo == GCRY_PK_RSA ) { - s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ), - gcry_sexp_new_name_mpi( "n", pkey[0] ), - gcry_sexp_new_name_mpi( "e", pkey[1] ), - NULL )); + rc = gcry_sexp_build ( &s_pkey, NULL, + "(public-key(rsa(n%m)(e%m)))", + pkey[0], pkey[1] ); } else return GPGERR_PUBKEY_ALGO; + if ( rc ) + BUG (); + /* put hash into a S-Exp s_hash */ - s_hash = gcry_sexp_new_mpi( hash ); + if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) ) + BUG (); /* put data into a S-Exp s_sig */ if( algo == GCRY_PK_DSA ) { - s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ), - gcry_sexp_vlist( SEXP_NEW( "dsa", 0 ), - gcry_sexp_new_name_mpi( "r", data[0] ), - gcry_sexp_new_name_mpi( "s", data[1] ), - NULL )); + rc = gcry_sexp_build ( &s_sig, NULL, + "(sig-val(dsa(r%m)(s%m)))", data[0], data[1] ); } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 0 ), - gcry_sexp_new_name_mpi( "r", data[0] ), - gcry_sexp_new_name_mpi( "s", data[1] ), - NULL )); + rc = gcry_sexp_build ( &s_sig, NULL, + "(sig-val(elg(r%m)(s%m)))", data[0], data[1] ); } else if( algo == GCRY_PK_RSA ) { - s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ), - gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ), - gcry_sexp_new_name_mpi( "s", data[0] ), - NULL )); + rc = gcry_sexp_build ( &s_sig, NULL, + "(sig-val(rsa(s%m)))", data[0] ); } else BUG(); + if ( rc ) + BUG (); + rc = gcry_pk_verify( s_sig, s_hash, s_pkey ); gcry_sexp_release( s_sig ); diff --git a/g10/sign.c b/g10/sign.c index 9d0c203b8..ca469c07c 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -58,29 +58,24 @@ pk_sign( int algo, MPI *data, MPI hash, MPI *skey ) /* make a sexp from skey */ if( algo == GCRY_PK_DSA ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ), - gcry_sexp_new_name_mpi( "p", skey[0] ), - gcry_sexp_new_name_mpi( "q", skey[1] ), - gcry_sexp_new_name_mpi( "g", skey[2] ), - gcry_sexp_new_name_mpi( "y", skey[3] ), - gcry_sexp_new_name_mpi( "x", skey[4] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))", + skey[0], skey[1], skey[2], skey[3], skey[4] ); } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), - gcry_sexp_vlist( SEXP_NEW( "elg", 3 ), - gcry_sexp_new_name_mpi( "p", skey[0] ), - gcry_sexp_new_name_mpi( "g", skey[1] ), - gcry_sexp_new_name_mpi( "y", skey[2] ), - gcry_sexp_new_name_mpi( "x", skey[3] ), - NULL )); + rc = gcry_sexp_build ( &s_skey, NULL, + "(private-key(elg(p%m)(g%m)(y%m)(x%m)))", + skey[0], skey[1], skey[2], skey[3] ); } else return GPGERR_PUBKEY_ALGO; + if ( rc ) + BUG (); + /* put hash into a S-Exp s_hash */ - s_hash = gcry_sexp_new_mpi( hash ); + if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) ) + BUG (); rc = gcry_pk_sign( &s_sig, s_hash, s_skey ); gcry_sexp_release( s_hash ); @@ -93,10 +88,13 @@ pk_sign( int algo, MPI *data, MPI hash, MPI *skey ) assert( list ); data[0] = gcry_sexp_cdr_mpi( list, 0 ); assert( data[0] ); + gcry_sexp_release (list); + list = gcry_sexp_find_token( s_sig, "s" , 0 ); assert( list ); data[1] = gcry_sexp_cdr_mpi( list, 0 ); assert( data[1] ); + gcry_sexp_release (list); } |