size_t len)
{
struct GNUNET_CRYPTO_rsa_PrivateKey *key;
-
key = GNUNET_new (struct GNUNET_CRYPTO_rsa_PrivateKey);
if (0 !=
gcry_sexp_new (&key->sexp,
len,
0))
{
- GNUNET_break_op (0);
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ "Decoded private key is not valid\n");
GNUNET_free (key);
return NULL;
}
- /* FIXME: verify that this is an RSA private key */
+ if (0 != gcry_pk_testkey (key->sexp))
+ {
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ "Decoded private key is not valid\n");
+ GNUNET_CRYPTO_rsa_private_key_free (key);
+ return NULL;
+ }
return key;
}
char *enc;
enc = NULL;
size = GNUNET_CRYPTO_rsa_private_key_encode (priv, &enc);
+ /* Decoding */
+ GNUNET_CRYPTO_rsa_private_key_free (priv);
+ priv = NULL;
+ priv = GNUNET_CRYPTO_rsa_private_key_decode (enc, size);
+ GNUNET_assert (NULL != priv);
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
+ enc, size);
+ GNUNET_assert (NULL == GNUNET_CRYPTO_rsa_private_key_decode (enc, size));
+ (void) fprintf (stderr, "The above warning is expected.\n");
GNUNET_free (enc);
/* try ordinary sig first */