Removed duplicate protection agaisnt Lenstra

Now libgcrypt 1.6.4, released 8 Sep 2015 , has its own protection against Lenstra's attack, added wtih commit c17f84bd02d7ee93845e92e20f6ddba814961588 dated 31 Aug 2015. Do not run GNUNet with an earlier libgcrypt now.
author: Jeff Burdges <burdges@gnunet.org> 2016-08-22 13:56:30 +0000
committer: Jeff Burdges <burdges@gnunet.org> 2016-08-22 13:56:30 +0000
commit: 03551db989cb4417949a1fe1339d3788aa972bcc (patch)
tree: 1424b8491063bddcbf0227807f6a208ef9669f89 /src/util/crypto_rsa.c
parent: fc3c65152a52aab6951b37e7d462aa9627a668a1 (diff)
download: gnunet-03551db989cb4417949a1fe1339d3788aa972bcc.tar.gz
gnunet-03551db989cb4417949a1fe1339d3788aa972bcc.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 1ed9a5ce9..c617354c9 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -842,6 +842,10 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
  }
  /* verify signature (guards against Lenstra's attack with fault injection...) */
+  /* Removed because Lenstra protection was first added to libgcrypt 1.6.4
+   * with commit c17f84bd02d7ee93845e92e20f6ddba814961588.  Do not run with 
+   * an earlier libgcrypt.  Or uncomment if you must.  */
+  /*
  public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key);
  if (0 !=
      gcry_pk_verify (result,
@@ -855,6 +859,7 @@ rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
    return NULL;
  }
  GNUNET_CRYPTO_rsa_public_key_free (public_key);
+  */
  /* return signature */
  gcry_sexp_release (data);
author	Jeff Burdges <burdges@gnunet.org>	2016-08-22 13:56:30 +0000
committer	Jeff Burdges <burdges@gnunet.org>	2016-08-22 13:56:30 +0000
commit	03551db989cb4417949a1fe1339d3788aa972bcc (patch)
tree	1424b8491063bddcbf0227807f6a208ef9669f89 /src/util/crypto_rsa.c
parent	fc3c65152a52aab6951b37e7d462aa9627a668a1 (diff)
download	gnunet-03551db989cb4417949a1fe1339d3788aa972bcc.tar.gz gnunet-03551db989cb4417949a1fe1339d3788aa972bcc.zip