-dce

[oweals/gnunet.git] / src / util / crypto_rsa.c

diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 042af08938e92a4ef4cdafbfcf87d16cd60d2fa2..cb782282ec1f988de0ad585d9ead4d95f68d9302 100644 (file)
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -407,6 +407,7 @@ GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
  *
  * @param buf the buffer where the private key data is stored
  * @param len the length of the data in 'buffer'
+ * @return NULL on error
  */
 struct GNUNET_CRYPTO_RsaPrivateKey *
 GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
@@ -423,8 +424,9 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
   gcry_mpi_t u;
   int rc;
   size_t size;
-  int pos;
+  size_t pos;
   uint16_t enc_len;
+  size_t erroff;
 
   enc_len = ntohs (encoding->len);
   if (len != enc_len)
@@ -530,7 +532,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
 
   if ((NULL != p) && (NULL != q) && (NULL != u))
   {
-    rc = gcry_sexp_build (&res, &size,  /* erroff */
+    rc = gcry_sexp_build (&res, &erroff,
                           "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))",
                           n, e, d, p, q, u);
   }
@@ -538,13 +540,13 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
   {
     if ((NULL != p) && (NULL != q))
     {
-      rc = gcry_sexp_build (&res, &size,        /* erroff */
+      rc = gcry_sexp_build (&res, &erroff,
                             "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))",
                             n, e, d, p, q);
     }
     else
     {
-      rc = gcry_sexp_build (&res, &size,        /* erroff */
+      rc = gcry_sexp_build (&res, &erroff,
                             "(private-key(rsa(n %m)(e %m)(d %m)))", n, e, d);
     }
   }
@@ -561,7 +563,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
   if (0 != rc)
     LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
 #if EXTRA_CHECKS
-  if (gcry_pk_testkey (res))
+  if (0 != (rc = gcry_pk_testkey (res)))
   {
     LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
     return NULL;
@@ -1111,7 +1113,7 @@ GNUNET_CRYPTO_rsa_key_create_stop (struct GNUNET_CRYPTO_RsaKeyGenerationContext
  * @param cfg_name name of the configuration file to use
  */
 void
-GNUNET_CRYPTO_setup_hostkey (const char *cfg_name)
+GNUNET_CRYPTO_rsa_setup_hostkey (const char *cfg_name)
 {
   struct GNUNET_CONFIGURATION_Handle *cfg;
   struct GNUNET_CRYPTO_RsaPrivateKey *pk;
@@ -1234,6 +1236,39 @@ GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key,
 }
 
 
+/**
+ * Convert the data specified in the given purpose argument to an
+ * S-expression suitable for signature operations.
+ *
+ * @param purpose data to convert
+ * @return converted s-expression
+ */
+static gcry_sexp_t
+data_to_pkcs1 (const struct GNUNET_CRYPTO_RsaSignaturePurpose *purpose)
+{
+  struct GNUNET_HashCode hc;
+  size_t bufSize;
+  gcry_sexp_t data;
+
+  GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+#define FORMATSTRING "(4:data(5:flags5:pkcs1)(4:hash6:sha51264:0123456789012345678901234567890123456789012345678901234567890123))"
+  bufSize = strlen (FORMATSTRING) + 1;
+  {
+    char buff[bufSize];
+
+    memcpy (buff, FORMATSTRING, bufSize);
+    memcpy (&buff
+           [bufSize -
+            strlen
+            ("0123456789012345678901234567890123456789012345678901234567890123))")
+            - 1], &hc, sizeof (struct GNUNET_HashCode));
+    GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
+  }
+#undef FORMATSTRING
+  return data;
+}
+
+
 /**
  * Sign a given block.
  *
@@ -1251,22 +1286,8 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
   gcry_sexp_t data;
   size_t ssize;
   gcry_mpi_t rval;
-  struct GNUNET_HashCode hc;
-  char *buff;
-  int bufSize;
 
-  GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
-#define FORMATSTRING "(4:data(5:flags5:pkcs1)(4:hash6:sha51264:0123456789012345678901234567890123456789012345678901234567890123))"
-  bufSize = strlen (FORMATSTRING) + 1;
-  buff = GNUNET_malloc (bufSize);
-  memcpy (buff, FORMATSTRING, bufSize);
-  memcpy (&buff
-          [bufSize -
-           strlen
-           ("0123456789012345678901234567890123456789012345678901234567890123))")
-           - 1], &hc, sizeof (struct GNUNET_HashCode));
-  GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
-  GNUNET_free (buff);
+  data = data_to_pkcs1 (purpose);
   GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp));
   gcry_sexp_release (data);
   GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s"));
@@ -1303,15 +1324,11 @@ GNUNET_CRYPTO_rsa_verify (uint32_t purpose,
   size_t size;
   gcry_mpi_t val;
   gcry_sexp_t psexp;
-  struct GNUNET_HashCode hc;
-  char *buff;
-  int bufSize;
   size_t erroff;
   int rc;
 
   if (purpose != ntohl (validate->purpose))
     return GNUNET_SYSERR;       /* purpose mismatch */
-  GNUNET_CRYPTO_hash (validate, ntohl (validate->size), &hc);
   size = sizeof (struct GNUNET_CRYPTO_RsaSignature);
   GNUNET_assert (0 ==
                  gcry_mpi_scan (&val, GCRYMPI_FMT_USG,
@@ -1320,16 +1337,7 @@ GNUNET_CRYPTO_rsa_verify (uint32_t purpose,
                  gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))",
                                   val));
   gcry_mpi_release (val);
-  bufSize = strlen (FORMATSTRING) + 1;
-  buff = GNUNET_malloc (bufSize);
-  memcpy (buff, FORMATSTRING, bufSize);
-  memcpy (&buff
-          [strlen (FORMATSTRING) -
-           strlen
-           ("0123456789012345678901234567890123456789012345678901234567890123))")],
-          &hc, sizeof (struct GNUNET_HashCode));
-  GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
-  GNUNET_free (buff);
+  data = data_to_pkcs1 (validate);
   if (! (psexp = decode_public_key (publicKey)))
   {
     gcry_sexp_release (data);