summaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2000-07-25 17:38:12 +0200
committerWerner Koch <wk@gnupg.org>2000-07-25 17:38:12 +0200
commitb872ea2577bb68fc29d126cf79900d88d55ba268 (patch)
tree8464add6c2571724cf174d25b45a7cd05778eed0 /g10
parentSee ChangeLog: Mon Jul 17 16:35:47 CEST 2000 Werner Koch (diff)
downloadgnupg2-b872ea2577bb68fc29d126cf79900d88d55ba268.tar.xz
gnupg2-b872ea2577bb68fc29d126cf79900d88d55ba268.zip
See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch
Diffstat (limited to 'g10')
-rw-r--r--g10/ChangeLog16
-rw-r--r--g10/encode.c18
-rw-r--r--g10/keyedit.c2
-rw-r--r--g10/keygen.c53
-rw-r--r--g10/keylist.c83
-rw-r--r--g10/misc.c34
-rw-r--r--g10/pubkey-enc.c42
-rw-r--r--g10/seckey-cert.c36
-rw-r--r--g10/sig-check.c56
-rw-r--r--g10/sign.c30
10 files changed, 222 insertions, 148 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 6d3aa7cc4..893fed136 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,19 @@
+Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
+
+ * keyedit.c (menu_expire): expire date for primary key can be set again.
+
+ * keylist.c (is_uid_valid): New.
+ (list_keyblock): Print validity information for all user IDs. Note, this
+ has to be done at other places too; for now we have only minimal support.
+
+ * sign.c (pk_sign): Changed to use the new S-Exp interface.
+ * encode.c (pk_encrypt): Ditto.
+ * sig-check.c (pk_verify): Ditto.
+ * seckey-cert.c (pk_check_secret_key): Ditto.
+ * pubkey-enc.c (pk_decrypt): Ditto.
+ * misc.c (pubkey_nbits): Ditto.
+ * keygen.c (key_from_sexp,factors_from_sexp,gen_elg,gen_dsa): Ditto.
+
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
Replaced everything with the code from the STABLE-BRANCH-1-0 and
diff --git a/g10/encode.c b/g10/encode.c
index 6195b533c..e1ef5b2ae 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -54,18 +54,19 @@ pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
/* make a sexp from pkey */
if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 3 ),
- gcry_sexp_new_name_mpi( "p", pkey[0] ),
- gcry_sexp_new_name_mpi( "g", pkey[1] ),
- gcry_sexp_new_name_mpi( "y", pkey[2] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_pkey, NULL,
+ "(public-key(elg(p%m)(g%m)(y%m)))",
+ pkey[0], pkey[1], pkey[2] );
}
else
return GPGERR_PUBKEY_ALGO;
+ if ( rc )
+ BUG ();
+
/* put the data into a simple list */
- s_data = gcry_sexp_new_mpi( data );
+ if ( gcry_sexp_build( &s_data, NULL, "%m", data ) )
+ BUG ();
/* pass it to libgcrypt */
rc = gcry_pk_encrypt( &s_ciph, s_data, s_pkey );
@@ -79,10 +80,13 @@ pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
assert( list );
resarr[0] = gcry_sexp_cdr_mpi( list, 0 );
assert( resarr[0] );
+ gcry_sexp_release ( list );
+
list = gcry_sexp_find_token( s_ciph, "b" , 0 );
assert( list );
resarr[1] = gcry_sexp_cdr_mpi( list, 0 );
assert( resarr[1] );
+ gcry_sexp_release ( list );
}
gcry_sexp_release( s_ciph );
diff --git a/g10/keyedit.c b/g10/keyedit.c
index a64c7e86f..daf4fb41d 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1504,7 +1504,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
else if( node->pkt->pkttype == PKT_USER_ID )
uid = node->pkt->pkt.user_id;
else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE
- && sub_pk != NULL ) {
+ && (mainkey || sub_pk ) ) {
PKT_signature *sig = node->pkt->pkt.signature;
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
&& ( (mainkey && uid && (sig->sig_class&~3) == 0x10)
diff --git a/g10/keygen.c b/g10/keygen.c
index b6c6cc7e3..3b3d95e3b 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -254,7 +254,9 @@ key_from_sexp( GCRY_MPI *array,
list = gcry_sexp_find_token( sexp, topname, 0 );
if( !list )
return GCRYERR_INV_OBJ;
- list = gcry_sexp_cdr( list );
+ l2 = gcry_sexp_cdr( list );
+ gcry_sexp_release ( list );
+ list = l2;
if( !list )
return GCRYERR_NO_OBJ;
@@ -266,17 +268,21 @@ key_from_sexp( GCRY_MPI *array,
gcry_free( array[i] );
array[i] = NULL;
}
+ gcry_sexp_release ( list );
return GCRYERR_NO_OBJ; /* required parameter not found */
}
array[idx] = gcry_sexp_cdr_mpi( l2, GCRYMPI_FMT_USG );
+ gcry_sexp_release ( l2 );
if( !array[idx] ) {
for(i=0; i<idx; i++) {
gcry_free( array[i] );
array[i] = NULL;
}
+ gcry_sexp_release ( list );
return GCRYERR_INV_OBJ; /* required parameter is invalid */
}
}
+ gcry_sexp_release ( list );
return 0;
}
@@ -294,36 +300,45 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp )
list = gcry_sexp_find_token( sexp, "misc-key-info", 0 );
if( !list )
return GCRYERR_INV_OBJ;
- list = gcry_sexp_cdr( list );
+ l2 = gcry_sexp_cdr( list );
+ gcry_sexp_release ( list );
+ list = l2;
if( !list )
return GCRYERR_NO_OBJ;
- list = gcry_sexp_find_token( list, "pm1-factors", 0 );
+ l2 = gcry_sexp_find_token( list, "pm1-factors", 0 );
+ gcry_sexp_release ( list );
+ list = l2;
if( !list )
return GCRYERR_NO_OBJ;
/* count factors */
ctx = NULL;
for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ )
- ;
+ gcry_sexp_release ( l2 );
array = gcry_xcalloc( n, sizeof *array );
- if( !array )
+ if( !array ) {
+ gcry_sexp_release ( list );
return GCRYERR_NO_MEM;
-
- /* retrieve factors (the first enum is to skip the car) */
+ }
+ /* retrieve factors */
ctx = NULL;
- if( gcry_sexp_enum( list, &ctx, 0 ) ) {
+ if( (l2 = gcry_sexp_enum( list, &ctx, 0 )) ) {
+ gcry_sexp_release ( l2 ); /* skip the car */
for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ ) {
array[n] = gcry_sexp_car_mpi( l2, 0 );
+ gcry_sexp_release ( l2 );
if( !array[n] ) {
for(i=0; i < n; i++ )
gcry_mpi_release( array[i] );
gcry_free(array);
+ gcry_sexp_release ( list );
return GCRYERR_INV_OBJ;
}
}
}
+ gcry_sexp_release ( list );
*retarray = array;
return 0;
}
@@ -340,7 +355,6 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
PKT_secret_key *sk;
PKT_public_key *pk;
MPI *factors;
- char buf[100];
GCRY_SEXP s_parms, s_key;
assert( is_ELGAMAL(algo) );
@@ -355,12 +369,12 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
log_info(_("keysize rounded up to %u bits\n"), nbits );
}
- sprintf(buf, "%u", nbits );
- s_parms = SEXP_CONS( SEXP_NEW( "genkey", 0 ),
- SEXP_CONS( SEXP_NEW(algo == GCRY_PK_ELG_E ? "openpgp-elg" :
- algo == GCRY_PK_ELG ? "elg" : "x-oops",0),
- gcry_sexp_new_name_data( "nbits", buf, 0 ) )
- );
+ if ( gcry_sexp_build ( &s_parms, NULL,
+ "(genkey(%s(nbits %d)))",
+ algo == GCRY_PK_ELG_E ? "openpgp-elg" :
+ algo == GCRY_PK_ELG ? "elg" : "x-oops" ,
+ (int)nbits ) )
+ BUG ();
rc = gcry_pk_genkey( &s_key, s_parms );
gcry_sexp_release( s_parms );
@@ -447,7 +461,6 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
PKT_secret_key *sk;
PKT_public_key *pk;
MPI *factors;
- char buf[100];
GCRY_SEXP s_parms, s_key;
if( nbits > 1024 || nbits < 512 ) {
@@ -460,11 +473,9 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
log_info(_("keysize rounded up to %u bits\n"), nbits );
}
- sprintf(buf, "%u", nbits );
- s_parms = SEXP_CONS( SEXP_NEW( "genkey", 0 ),
- SEXP_CONS( SEXP_NEW("dsa",0),
- gcry_sexp_new_name_data( "nbits", buf, 0 ) )
- );
+ if ( gcry_sexp_build ( &s_parms, NULL,
+ "(genkey(dsa(nbits %d)))", (int)nbits ) )
+ BUG ();
rc = gcry_pk_genkey( &s_key, s_parms );
gcry_sexp_release( s_parms );
diff --git a/g10/keylist.c b/g10/keylist.c
index 751a61c9b..4109968c0 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -105,6 +105,83 @@ list_all( int secret )
}
+/****************
+ * Check whether the user ID at NODE is valid; that is it has a
+ * valid self-signature but no later valid revocation.
+ * Caller has to pass the keyID of the primary in mainkey.
+ * Returns: NULL = valid
+ * string with the reason why it is invalid
+ */
+static const char *
+is_uid_valid ( KBNODE keyblock, KBNODE uidnode, u32 *mainkid )
+{
+ KBNODE node;
+ PKT_signature *selfsig = NULL; /* the latest valid self signature */
+
+ /* The key signature verify function can's handle secret keys yet and
+ * becuase we are not sure whether the duplication of user IDs and
+ * self-signatures should be kept on secret keys we are not going to fix
+ * it there. */
+ if ( keyblock->pkt->pkttype == PKT_SECRET_KEY )
+ return NULL;
+
+ assert ( uidnode->pkt->pkttype == PKT_USER_ID
+ || uidnode->pkt->pkttype == PKT_PHOTO_ID );
+
+ /* first find out about the latest valid self-signature */
+ for ( node = uidnode->next; node; node = node->next ) {
+ PKT_signature *sig;
+
+ if ( node->pkt->pkttype == PKT_USER_ID
+ || node->pkt->pkttype == PKT_PHOTO_ID
+ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY )
+ break;
+ if ( node->pkt->pkttype != PKT_SIGNATURE )
+ continue;
+ sig = node->pkt->pkt.signature;
+ if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
+ continue; /* we only care about self-signatures for now */
+
+ if ( (sig->sig_class&~3) == 0x10 ) { /* regular self signature */
+ if ( !check_key_signature( keyblock, node, NULL ) ) {
+ if ( !selfsig )
+ selfsig = sig; /* use the first valid sig */
+ else if ( sig->timestamp > selfsig->timestamp
+ && sig->sig_class >= selfsig->sig_class )
+ selfsig = sig; /* but this one is newer */
+ }
+ }
+ }
+
+ if ( !selfsig )
+ return _("invalid"); /* no valid self signature */
+
+ /* watch out for a newer revocation */
+ for ( node = uidnode->next; node; node = node->next ) {
+ PKT_signature *sig;
+
+ if ( node->pkt->pkttype == PKT_USER_ID
+ || node->pkt->pkttype == PKT_PHOTO_ID
+ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY )
+ break;
+ if ( node->pkt->pkttype != PKT_SIGNATURE )
+ continue;
+ sig = node->pkt->pkt.signature;
+ if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
+ continue; /* we only care about self-signatures for now */
+
+ if ( sig->sig_class == 0x30
+ && sig->timestamp >= selfsig->timestamp ) {
+ if ( !check_key_signature( keyblock, node, NULL ) )
+ return _("revoked");
+ }
+ }
+
+ return NULL; /* UID is valid */
+}
+
static void
list_one( STRLIST names, int secret )
@@ -263,9 +340,13 @@ list_keyblock( KBNODE keyblock, int secret )
node->pkt->pkt.user_id->len, ':' );
putchar(':');
}
- else
+ else {
+ const char *s = is_uid_valid ( keyblock, node, keyid );
+ if ( s )
+ printf ("[%s] ", s );
print_utf8_string( stdout, node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len );
+ }
putchar('\n');
if( !any ) {
diff --git a/g10/misc.c b/g10/misc.c
index e7bd8fac6..44a6f76b1 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -420,40 +420,34 @@ pubkey_get_nenc( int algo )
return n > 0? n : 0;
}
+
unsigned int
pubkey_nbits( int algo, MPI *key )
{
- int nbits;
+ int rc, nbits;
GCRY_SEXP sexp;
-
if( algo == GCRY_PK_DSA ) {
- sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ),
- gcry_sexp_new_name_mpi( "p", key[0] ),
- gcry_sexp_new_name_mpi( "q", key[1] ),
- gcry_sexp_new_name_mpi( "g", key[2] ),
- gcry_sexp_new_name_mpi( "y", key[3] ),
- NULL ));
+ rc = gcry_sexp_build ( &sexp, NULL,
+ "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+ key[0], key[1], key[2], key[3] );
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 3 ),
- gcry_sexp_new_name_mpi( "p", key[0] ),
- gcry_sexp_new_name_mpi( "g", key[1] ),
- gcry_sexp_new_name_mpi( "y", key[2] ),
- NULL ));
+ rc = gcry_sexp_build ( &sexp, NULL,
+ "(public-key(elg(p%m)(g%m)(y%m)))",
+ key[0], key[1], key[2] );
}
else if( algo == GCRY_PK_RSA ) {
- sexp = SEXP_CONS( SEXP_NEW( "public-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ),
- gcry_sexp_new_name_mpi( "n", key[0] ),
- gcry_sexp_new_name_mpi( "e", key[1] ),
- NULL ));
+ rc = gcry_sexp_build ( &sexp, NULL,
+ "(public-key(rsa(n%m)(e%m)))",
+ key[0], key[1] );
}
else
return 0;
+ if ( rc )
+ BUG ();
+
nbits = gcry_pk_get_nbits( sexp );
gcry_sexp_release( sexp );
return nbits;
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 2019d0301..aa848a2cb 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -51,45 +51,36 @@ pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
*result = NULL;
/* make a sexp from skey */
if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 0 ),
- gcry_sexp_new_name_mpi( "p", skey[0] ),
- gcry_sexp_new_name_mpi( "g", skey[1] ),
- gcry_sexp_new_name_mpi( "y", skey[2] ),
- gcry_sexp_new_name_mpi( "x", skey[3] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3] );
}
else if( algo == GCRY_PK_RSA ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ),
- gcry_sexp_new_name_mpi( "n", skey[0] ),
- gcry_sexp_new_name_mpi( "e", skey[1] ),
- gcry_sexp_new_name_mpi( "d", skey[2] ),
- gcry_sexp_new_name_mpi( "p", skey[3] ),
- gcry_sexp_new_name_mpi( "q", skey[4] ),
- gcry_sexp_new_name_mpi( "u", skey[5] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
+ skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] );
}
else
return GPGERR_PUBKEY_ALGO;
+ if ( rc )
+ BUG ();
+
/* put data into a S-Exp s_data */
if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_data = SEXP_CONS( SEXP_NEW( "enc-val", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 0 ),
- gcry_sexp_new_name_mpi( "a", data[0] ),
- gcry_sexp_new_name_mpi( "b", data[1] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_data, NULL,
+ "(enc-val(elg(a%m)(b%m)))", data[0], data[1] );
}
else if( algo == GCRY_PK_RSA ) {
- s_data = SEXP_CONS( SEXP_NEW( "enc-val", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ),
- gcry_sexp_new_name_mpi( "a", data[0] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_data, NULL,
+ "(enc-val(rsa(a%m)))", data[0] );
}
else
BUG();
+ if ( rc )
+ BUG ();
+
rc = gcry_pk_decrypt( &s_plain, s_data, s_skey );
gcry_sexp_release( s_skey );
gcry_sexp_release( s_data);
@@ -97,6 +88,7 @@ pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
return rc;
*result = gcry_sexp_car_mpi( s_plain, 0 );
+ gcry_sexp_release( s_plain );
if( !*result )
return -1; /* oops */
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index ab09b8f4d..1f511c229 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -46,38 +46,26 @@ pk_check_secret_key( int algo, MPI *skey )
/* make a sexp from skey */
if( algo == GCRY_PK_DSA ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "dsa", 0 ),
- gcry_sexp_new_name_mpi( "p", skey[0] ),
- gcry_sexp_new_name_mpi( "q", skey[1] ),
- gcry_sexp_new_name_mpi( "g", skey[2] ),
- gcry_sexp_new_name_mpi( "y", skey[3] ),
- gcry_sexp_new_name_mpi( "x", skey[4] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3], skey[4] );
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 0 ),
- gcry_sexp_new_name_mpi( "p", skey[0] ),
- gcry_sexp_new_name_mpi( "g", skey[1] ),
- gcry_sexp_new_name_mpi( "y", skey[2] ),
- gcry_sexp_new_name_mpi( "x", skey[3] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3] );
}
else if( algo == GCRY_PK_RSA ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 0 ),
- gcry_sexp_new_name_mpi( "n", skey[0] ),
- gcry_sexp_new_name_mpi( "e", skey[1] ),
- gcry_sexp_new_name_mpi( "d", skey[2] ),
- gcry_sexp_new_name_mpi( "p", skey[3] ),
- gcry_sexp_new_name_mpi( "q", skey[4] ),
- gcry_sexp_new_name_mpi( "u", skey[5] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
+ skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] );
}
else
return GPGERR_PUBKEY_ALGO;
+ if ( rc )
+ BUG ();
+
rc = gcry_pk_testkey( s_skey );
gcry_sexp_release( s_skey );
return rc;
diff --git a/g10/sig-check.c b/g10/sig-check.c
index f12cfa6d3..ba392414a 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -61,59 +61,49 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey,
/* make a sexp from pkey */
if( algo == GCRY_PK_DSA ) {
- s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ),
- gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ),
- gcry_sexp_new_name_mpi( "p", pkey[0] ),
- gcry_sexp_new_name_mpi( "q", pkey[1] ),
- gcry_sexp_new_name_mpi( "g", pkey[2] ),
- gcry_sexp_new_name_mpi( "y", pkey[3] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_pkey, NULL,
+ "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+ pkey[0], pkey[1], pkey[2], pkey[3] );
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 3 ),
- gcry_sexp_new_name_mpi( "p", pkey[0] ),
- gcry_sexp_new_name_mpi( "g", pkey[1] ),
- gcry_sexp_new_name_mpi( "y", pkey[2] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_pkey, NULL,
+ "(public-key(dsa(p%m)(g%m)(y%m)))",
+ pkey[0], pkey[1], pkey[2] );
}
else if( algo == GCRY_PK_RSA ) {
- s_pkey = SEXP_CONS( SEXP_NEW( "public-key", 10 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ),
- gcry_sexp_new_name_mpi( "n", pkey[0] ),
- gcry_sexp_new_name_mpi( "e", pkey[1] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_pkey, NULL,
+ "(public-key(rsa(n%m)(e%m)))",
+ pkey[0], pkey[1] );
}
else
return GPGERR_PUBKEY_ALGO;
+ if ( rc )
+ BUG ();
+
/* put hash into a S-Exp s_hash */
- s_hash = gcry_sexp_new_mpi( hash );
+ if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) )
+ BUG ();
/* put data into a S-Exp s_sig */
if( algo == GCRY_PK_DSA ) {
- s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "dsa", 0 ),
- gcry_sexp_new_name_mpi( "r", data[0] ),
- gcry_sexp_new_name_mpi( "s", data[1] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_sig, NULL,
+ "(sig-val(dsa(r%m)(s%m)))", data[0], data[1] );
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 0 ),
- gcry_sexp_new_name_mpi( "r", data[0] ),
- gcry_sexp_new_name_mpi( "s", data[1] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_sig, NULL,
+ "(sig-val(elg(r%m)(s%m)))", data[0], data[1] );
}
else if( algo == GCRY_PK_RSA ) {
- s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ),
- gcry_sexp_new_name_mpi( "s", data[0] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_sig, NULL,
+ "(sig-val(rsa(s%m)))", data[0] );
}
else
BUG();
+ if ( rc )
+ BUG ();
+
rc = gcry_pk_verify( s_sig, s_hash, s_pkey );
gcry_sexp_release( s_sig );
diff --git a/g10/sign.c b/g10/sign.c
index 9d0c203b8..ca469c07c 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -58,29 +58,24 @@ pk_sign( int algo, MPI *data, MPI hash, MPI *skey )
/* make a sexp from skey */
if( algo == GCRY_PK_DSA ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ),
- gcry_sexp_new_name_mpi( "p", skey[0] ),
- gcry_sexp_new_name_mpi( "q", skey[1] ),
- gcry_sexp_new_name_mpi( "g", skey[2] ),
- gcry_sexp_new_name_mpi( "y", skey[3] ),
- gcry_sexp_new_name_mpi( "x", skey[4] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3], skey[4] );
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
- s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ),
- gcry_sexp_vlist( SEXP_NEW( "elg", 3 ),
- gcry_sexp_new_name_mpi( "p", skey[0] ),
- gcry_sexp_new_name_mpi( "g", skey[1] ),
- gcry_sexp_new_name_mpi( "y", skey[2] ),
- gcry_sexp_new_name_mpi( "x", skey[3] ),
- NULL ));
+ rc = gcry_sexp_build ( &s_skey, NULL,
+ "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3] );
}
else
return GPGERR_PUBKEY_ALGO;
+ if ( rc )
+ BUG ();
+
/* put hash into a S-Exp s_hash */
- s_hash = gcry_sexp_new_mpi( hash );
+ if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) )
+ BUG ();
rc = gcry_pk_sign( &s_sig, s_hash, s_skey );
gcry_sexp_release( s_hash );
@@ -93,10 +88,13 @@ pk_sign( int algo, MPI *data, MPI hash, MPI *skey )
assert( list );
data[0] = gcry_sexp_cdr_mpi( list, 0 );
assert( data[0] );
+ gcry_sexp_release (list);
+
list = gcry_sexp_find_token( s_sig, "s" , 0 );
assert( list );
data[1] = gcry_sexp_cdr_mpi( list, 0 );
assert( data[1] );
+ gcry_sexp_release (list);
}