From be6c14f2b2b880d72cd77538e98a067241d90f55 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 16 Nov 2019 18:24:47 +0100 Subject: [PATCH] patch up RSA signature format for #5698 --- src/util/crypto_rsa.c | 70 ++++++++++++++++++++++++++++++++++++-- src/util/test_crypto_rsa.c | 9 ++++- 2 files changed, 76 insertions(+), 3 deletions(-) diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index b34f919ec..08bdeb2ca 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -1,6 +1,6 @@ /* This file is part of GNUnet - Copyright (C) 2014,2016 GNUnet e.V. + Copyright (C) 2014,2016,2019 GNUnet e.V. GNUnet is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -32,6 +32,8 @@ #define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-rsa", __VA_ARGS__) +/* Flip for #5968 */ +#define NEW_CRYPTO 0 /** * The private information of an RSA key pair. @@ -333,7 +335,6 @@ struct GNUNET_CRYPTO_RsaPublicKeyHeaderP GNUNET_NETWORK_STRUCT_END -#define NEW_CRYPTO 0 /** * Encode the public key in a format suitable for @@ -1127,6 +1128,39 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig, char **buffer) { +#if NEW_CRYPTO + gcry_mpi_t s; + size_t buf_size; + size_t rsize; + unsigned char *buf; + int ret; + + ret = key_from_sexp (&s, + sig->sexp, + "sig-val", + "s"); + if (0 != ret) + ret = key_from_sexp (&s, + sig->sexp, + "rsa", + "s"); + GNUNET_assert (0 == ret); + gcry_mpi_print (GCRYMPI_FMT_USG, + NULL, + 0, + &buf_size, + s); + buf = GNUNET_malloc (buf_size); + GNUNET_assert (0 == + gcry_mpi_print (GCRYMPI_FMT_USG, + buf, + buf_size, + &rsize, + s)); + GNUNET_assert (rsize == buf_size); + *buffer = (char *) buf; + return buf_size; +#else size_t n; char *b; @@ -1142,6 +1176,7 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct n)); *buffer = b; return n; +#endif } @@ -1158,6 +1193,36 @@ GNUNET_CRYPTO_rsa_signature_decode (const char *buf, size_t len) { struct GNUNET_CRYPTO_RsaSignature *sig; +#if NEW_CRYPTO + gcry_mpi_t s; + gcry_sexp_t data; + + if (0 != + gcry_mpi_scan (&s, + GCRYMPI_FMT_USG, + buf, + len, + NULL)) + { + GNUNET_break_op (0); + return NULL; + } + + if (0 != + gcry_sexp_build (&data, + NULL, + "(sig-val(rsa(s %M)))", + s)) + { + GNUNET_break (0); + gcry_mpi_release (s); + return NULL; + } + gcry_mpi_release (s); + sig = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); + sig->sexp = data; + return sig; +#else int ret; gcry_mpi_t s; @@ -1185,6 +1250,7 @@ GNUNET_CRYPTO_rsa_signature_decode (const char *buf, return NULL; } gcry_mpi_release (s); +#endif return sig; } diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index 5b546f243..277f58ba0 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c @@ -93,15 +93,22 @@ main (int argc, char *buf; size_t buf_size; struct GNUNET_CRYPTO_RsaPublicKey *pub2; + struct GNUNET_CRYPTO_RsaSignature *sig2; buf_size = GNUNET_CRYPTO_rsa_public_key_encode (pub, &buf); pub2 = GNUNET_CRYPTO_rsa_public_key_decode (buf, buf_size); GNUNET_free (buf); + buf_size = GNUNET_CRYPTO_rsa_signature_encode (sig, + &buf); + sig2 = GNUNET_CRYPTO_rsa_signature_decode (buf, + buf_size); + GNUNET_free (buf); GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_rsa_verify (&hash, sig, pub2)); + GNUNET_CRYPTO_rsa_verify (&hash, sig2, pub2)); GNUNET_CRYPTO_rsa_public_key_free (pub2); + GNUNET_CRYPTO_rsa_signature_free (sig2); } /* corrupt our hash and see if the signature is still valid */ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, -- 2.25.1