From: Jeff Burdges <burdges@gnunet.org>
Date: Mon, 22 Aug 2016 13:56:30 +0000 (+0000)
Subject: Removed duplicate protection agaisnt Lenstra
X-Git-Tag: initial-import-from-subversion-38251~358
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=03551db989cb4417949a1fe1339d3788aa972bcc;p=oweals%2Fgnunet.git

Removed duplicate protection agaisnt Lenstra

Now libgcrypt 1.6.4, released 8 Sep 2015 , has its own protection
against Lenstra's attack, added wtih commit
 c17f84bd02d7ee93845e92e20f6ddba814961588 dated 31 Aug 2015.

Do not run GNUNet with an earlier libgcrypt now.
---

diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 1ed9a5ce9..c617354c9 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -842,6 +842,10 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
   }
 
   /* verify signature (guards against Lenstra's attack with fault injection...) */
+  /* Removed because Lenstra protection was first added to libgcrypt 1.6.4
+   * with commit c17f84bd02d7ee93845e92e20f6ddba814961588.  Do not run with 
+   * an earlier libgcrypt.  Or uncomment if you must.  */
+  /*
   public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key);
   if (0 !=
       gcry_pk_verify (result,
@@ -855,6 +859,7 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
     return NULL;
   }
   GNUNET_CRYPTO_rsa_public_key_free (public_key);
+  */
 
   /* return signature */
   gcry_sexp_release (data);