[gnutls-dev] Client OpenPGP verification fails

Mario Lenz mario.lenz at gmx.net
Sat Aug 5 18:34:12 CEST 2006

Sorry, I've sent this to the wrong mailing list. Should belong here in

Nikos Mavrogiannopoulos <nmav <at> gnutls.org> writes:

> > But then there's another problem in libextra/gnutls_openpgp.c. Please
> > have a look at _gnutls_openpgp_key_to_gcert:
> >
> > ret = gnutls_openpgp_key_export (cert, GNUTLS_OPENPGP_FMT_RAW, NULL,
> > &der_size);
> >   {
> >     gnutls_assert ();
> >     return ret;
> >   }
> This should be correct since decoding should fail (check that the output 
> pointer is NULL so there is no place to copy the output). That call is 
> there to get the size of the exported key only.

OK, I think now I've got it: You allocate the memory later on. But there's
still a problem: Even with the third parameter set to NULL,
gnutls_openpgp_key_export (in libextra/openpgp/pgp.c) doesn't return
GNUTLS_E_SHORT_MEMORY_BUFFER because cdk_kbnode_write_to_mem (called from
gnutls_openpgp_key_export) returns 0 if you give it a NULL pointer to write to.
(This might be an OpenCDK problem, though.) Could anyone have a look at it,

I just deleted the "if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)" clause, but I'm
running into another problem now. I'll let you know if I found out more.



More information about the Gnutls-devel mailing list