[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-58-g2b5403c
by Dmitry Eremin-Solenikov
cvs at cvs.gnupg.org
Tue Mar 4 11:20:37 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 2b5403c408dfbd71be24c7635f5fa0b61ab4c9bb (commit)
via ea8d597726305274214224757b32730644e12bd8 (commit)
from 6be3032048ee2466511d2384fcf2d28b856219b2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2b5403c408dfbd71be24c7635f5fa0b61ab4c9bb
Author: Dmitry Eremin-Solenikov <dbaryshkov at gmail.com>
Date: Sun Dec 22 17:13:45 2013 +0400
Add an utility to calculate hashes over a set of files
* tests/gchash.c: New.
--
An utility like rhash that has the ability to calculate different hashes
over a set of files it usefull. Add gchash utility to calculate hashes
supported by libgcrypt.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov at gmail.com>
diff --git a/.gitignore b/.gitignore
index ec7f8bb..8b235f9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -69,6 +69,7 @@ tests/basic
tests/benchmark
tests/fips186-dsa
tests/fipsdrv
+tests/gchash
tests/hmac
tests/keygen
tests/keygrip
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4cf7a44..9f8839a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -51,7 +51,8 @@ standard_ldadd = \
../compat/libcompat.la
EXTRA_PROGRAMS = testapi pkbench
-noinst_PROGRAMS = $(tests_bin) $(tests_bin_last) fipsdrv rsacvt genhashdata
+noinst_PROGRAMS = $(tests_bin) $(tests_bin_last) fipsdrv rsacvt genhashdata \
+ gchash
noinst_HEADERS = t-common.h
EXTRA_DIST = README rsa-16k.key cavs_tests.sh cavs_driver.pl \
diff --git a/tests/gchash.c b/tests/gchash.c
new file mode 100644
index 0000000..7a2aad6
--- /dev/null
+++ b/tests/gchash.c
@@ -0,0 +1,120 @@
+/* gchash.c - Calculate hash values
+ * Copyright (C) 2013 Dmitry Eremin-Solenikov
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#ifdef _GCRYPT_IN_LIBGCRYPT
+# undef _GCRYPT_IN_LIBGCRYPT
+# include "gcrypt.h"
+#else
+# include <gcrypt.h>
+#endif
+
+
+void
+init_gcrypt (void)
+{
+ if (!gcry_check_version (GCRYPT_VERSION)) {
+ fputs ("libgcrypt version mismatch\n", stderr);
+ exit (2);
+ }
+
+ gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
+
+ /* Allocate a pool of 16k secure memory. This make the secure memory
+ * available and also drops privileges where needed. */
+ gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
+
+ gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
+
+ gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
+}
+
+int
+main (int argc, char **argv)
+{
+ gcry_md_hd_t hd;
+ gcry_error_t err;
+ int algo;
+
+ init_gcrypt();
+
+ if (argc < 2 || (argv[1] && !strcmp(argv[1], "--help")))
+ {
+ fprintf (stderr, "Usage: %s <digest> <file>...\n", argv[0]);
+ return 1;
+ }
+
+ algo = gcry_md_map_name (argv[1]);
+ if (algo == GCRY_MD_NONE)
+ {
+ fprintf (stderr, "Unknown algorithm '%s'\n", argv[1]);
+ return 1;
+ }
+
+ err = gcry_md_open(&hd, algo, 0);
+ if (err)
+ {
+ fprintf (stderr, "LibGCrypt error %s/%s\n",
+ gcry_strsource (err),
+ gcry_strerror (err));
+ exit (1);
+ }
+
+ for (argv += 2; *argv; argv++)
+ {
+ FILE *fp;
+ unsigned char buf[1024];
+ size_t size;
+ int i;
+ unsigned char *h;
+ if (!strcmp (*argv, "-"))
+ fp = stdin;
+ else
+ fp = fopen (*argv, "r");
+
+ if (fp == NULL)
+ {
+ perror ("fopen");
+ return 1;
+ }
+
+ while (!feof (fp))
+ {
+ size = fread (buf, 1, sizeof(buf), fp);
+ gcry_md_write (hd, buf, size);
+ }
+
+ h = gcry_md_read(hd, 0);
+
+ for (i = 0; i < gcry_md_get_algo_dlen (algo); i++)
+ printf("%02hhx", h[i]);
+ printf(" %s\n", *argv);
+
+ gcry_md_reset(hd);
+ }
+
+ gcry_md_close(hd);
+ return 0;
+}
commit ea8d597726305274214224757b32730644e12bd8
Author: Dmitry Eremin-Solenikov <dbaryshkov at gmail.com>
Date: Sun Dec 22 17:12:28 2013 +0400
Add a simple (raw) PKCS#1 padding mode
* src/cipher.h (PUBKEY_ENC_PKCS1_RAW): New.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Handle pkcs1-raw
flag.
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi):
Handle s-exp like (data (flags pkcs1-raw) (value xxxxx))
* cipher/rsa-common.c (_gcry_rsa_pkcs1_encode_raw_for_sig):
PKCS#1-encode data with embedded hash OID for signature verification.
* tests/basic.c (check_pubkey_sign): Add tests for s-exps with pkcs1-raw
flag.
--
Allow user to specify (flags pkcs1-raw) to enable pkcs1 padding of raw
value (no hash algorithm is specified). It is up to the user to verify
that the passed value is properly formatted and includes DER-encoded
ASN OID of the used hash function.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov at gmail.com>
diff --git a/cipher/pubkey-internal.h b/cipher/pubkey-internal.h
index 193248c..b8167c7 100644
--- a/cipher/pubkey-internal.h
+++ b/cipher/pubkey-internal.h
@@ -56,6 +56,10 @@ gpg_err_code_t
_gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen,
unsigned int nbits, gcry_mpi_t value);
gpg_err_code_t
+_gcry_rsa_pkcs1_encode_raw_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
+ const unsigned char *value, size_t valuelen);
+
+gpg_err_code_t
_gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
const unsigned char *value, size_t valuelen,
int algo);
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
index 616b499..514f1eb 100644
--- a/cipher/pubkey-util.c
+++ b/cipher/pubkey-util.c
@@ -142,6 +142,16 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list,
rc = GPG_ERR_INV_FLAG;
break;
+ case 9:
+ if (!memcmp (s, "pkcs1-raw", 9) && encoding == PUBKEY_ENC_UNKNOWN)
+ {
+ encoding = PUBKEY_ENC_PKCS1_RAW;
+ flags |= PUBKEY_FLAG_FIXEDLEN;
+ }
+ else if (!igninvflag)
+ rc = GPG_ERR_INV_FLAG;
+ break;
+
case 10:
if (!memcmp (s, "igninvflag", 10))
igninvflag = 1;
@@ -850,6 +860,21 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
ctx->hash_algo);
}
}
+ else if (ctx->encoding == PUBKEY_ENC_PKCS1_RAW && lvalue
+ && (ctx->op == PUBKEY_OP_SIGN || ctx->op == PUBKEY_OP_VERIFY))
+ {
+ const void * value;
+ size_t valuelen;
+
+ if (sexp_length (lvalue) != 2)
+ rc = GPG_ERR_INV_OBJ;
+ else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen))
+ || !valuelen )
+ rc = GPG_ERR_INV_OBJ;
+ else
+ rc = _gcry_rsa_pkcs1_encode_raw_for_sig (ret_mpi, ctx->nbits,
+ value, valuelen);
+ }
else if (ctx->encoding == PUBKEY_ENC_OAEP && lvalue
&& ctx->op == PUBKEY_OP_ENCRYPT)
{
diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c
index 4f5a659..f56e989 100644
--- a/cipher/rsa-common.c
+++ b/cipher/rsa-common.c
@@ -319,6 +319,71 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
return rc;
}
+/* Encode {VALUE,VALUELEN} for an NBITS keys using the pkcs#1 block
+ type 1 padding. On success the result is stored as a new MPI at
+ R_RESULT. On error the value at R_RESULT is undefined.
+
+ We encode the value in this way:
+
+ 0 1 PAD(n bytes) 0 VALUE(valuelen bytes)
+
+ 0 is a marker we unfortunately can't encode because we return an
+ MPI which strips all leading zeroes.
+ 1 is the block type.
+ PAD consists of 0xff bytes.
+ 0 marks the end of the padding.
+
+ (Note that PGP prior to version 2.3 encoded the message digest as:
+ 0 1 MD(16 bytes) 0 PAD(n bytes) 1
+ The MD is always 16 bytes here because it's always MD5. GnuPG
+ does not not support pre-v2.3 signatures, but I'm including this
+ comment so the information is easily found if needed.)
+*/
+gpg_err_code_t
+_gcry_rsa_pkcs1_encode_raw_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
+ const unsigned char *value, size_t valuelen)
+{
+ gcry_err_code_t rc = 0;
+ gcry_error_t err;
+ byte *frame = NULL;
+ size_t nframe = (nbits+7) / 8;
+ int i;
+ size_t n;
+
+ if ( !valuelen || valuelen + 4 > nframe)
+ {
+ /* Can't encode an DLEN byte digest MD into an NFRAME byte
+ frame. */
+ return GPG_ERR_TOO_SHORT;
+ }
+
+ if ( !(frame = xtrymalloc (nframe)) )
+ return gpg_err_code_from_syserror ();
+
+ /* Assemble the pkcs#1 block type 1. */
+ n = 0;
+ frame[n++] = 0;
+ frame[n++] = 1; /* block type */
+ i = nframe - valuelen - 3 ;
+ gcry_assert (i > 1);
+ memset (frame+n, 0xff, i );
+ n += i;
+ frame[n++] = 0;
+ memcpy (frame+n, value, valuelen );
+ n += valuelen;
+ gcry_assert (n == nframe);
+
+ /* Convert it into an MPI. */
+ err = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe);
+ if (err)
+ rc = gcry_err_code (err);
+ else if (DBG_CIPHER)
+ log_mpidump ("PKCS#1 block type 1 encoded data", *r_result);
+ xfree (frame);
+
+ return rc;
+}
+
/* Mask generation function for OAEP. See RFC-3447 B.2.1. */
static gcry_err_code_t
diff --git a/src/cipher.h b/src/cipher.h
index 10bfe0c..26ffddc 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -54,6 +54,7 @@ enum pk_encoding
{
PUBKEY_ENC_RAW,
PUBKEY_ENC_PKCS1,
+ PUBKEY_ENC_PKCS1_RAW,
PUBKEY_ENC_OAEP,
PUBKEY_ENC_PSS,
PUBKEY_ENC_UNKNOWN
diff --git a/tests/basic.c b/tests/basic.c
index 4474a9d..e21e055 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -5155,6 +5155,10 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo)
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
GCRY_PK_RSA,
0 },
+ { "(data\n (flags pkcs1-raw)\n"
+ " (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
+ GCRY_PK_RSA,
+ GPG_ERR_CONFLICT },
{ "(data\n (flags oaep)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
0,
@@ -5187,6 +5191,10 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo)
" (value #11223344556677889900AA#))\n",
GCRY_PK_RSA,
GPG_ERR_CONFLICT },
+ { "(data\n (flags pkcs1-raw)\n"
+ " (value #11223344556677889900AA#))\n",
+ GCRY_PK_RSA,
+ 0 },
{ "(data\n (flags raw foo)\n"
" (value #11223344556677889900AA#))\n",
0,
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
cipher/pubkey-internal.h | 4 ++
cipher/pubkey-util.c | 25 ++++++++++
cipher/rsa-common.c | 65 +++++++++++++++++++++++++
src/cipher.h | 1 +
tests/Makefile.am | 3 +-
tests/basic.c | 8 ++++
tests/gchash.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++
8 files changed, 226 insertions(+), 1 deletion(-)
create mode 100644 tests/gchash.c
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list