Restore Lenstra protection for gcrypt < 1.6.4

author David Barksdale <amatus.amongus@gmail.com>

Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)

committer David Barksdale <amatus.amongus@gmail.com>

Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)
author David Barksdale <amatus.amongus@gmail.com>
Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)
committer David Barksdale <amatus.amongus@gmail.com>
Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c

index 0e9ed99d002dcead2ed958bd2a83fc8cffb72b67..443d597e4c9fad659182a3d3929111854edc8514 100644 (file)
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -840,12 +840,12 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
      return NULL;
    }
  
+  /* Lenstra protection was first added to libgcrypt 1.6.4
+   * with commit c17f84bd02d7ee93845e92e20f6ddba814961588.
+   */
+#if GCRYPT_VERSION_NUMBER < 0x010604
    /* verify signature (guards against Lenstra's attack with fault injection...) */
-  /* Removed because Lenstra protection was first added to libgcrypt 1.6.4
-   * with commit c17f84bd02d7ee93845e92e20f6ddba814961588.  Do not run with 
-   * an earlier libgcrypt.  Or uncomment if you must.  */
-  /*
-  public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key);
+  struct GNUNET_CRYPTO_RsaPublicKey *public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key);
    if (0 !=
        gcry_pk_verify (result,
                        data,
@@ -858,7 +858,7 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
      return NULL;
    }
    GNUNET_CRYPTO_rsa_public_key_free (public_key);
-  */
+#endif
  
    /* return signature */
    gcry_sexp_release (data);
author	David Barksdale <amatus.amongus@gmail.com>
	Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)
committer	David Barksdale <amatus.amongus@gmail.com>
	Tue, 23 Aug 2016 15:43:38 +0000 (15:43 +0000)