diff options
author | Christian Grothoff <christian@grothoff.org> | 2012-10-17 14:48:06 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2012-10-17 14:48:06 +0000 |
commit | 9b0ff6f40e7cf7992eeace8b38f7db23addcdb3f (patch) | |
tree | 7ed0c8df44f3be7a2d663094df3f8fa17f5a2b49 /src | |
parent | 862743be25c33512dc519e00471a252880288a85 (diff) | |
download | gnunet-9b0ff6f40e7cf7992eeace8b38f7db23addcdb3f.tar.gz gnunet-9b0ff6f40e7cf7992eeace8b38f7db23addcdb3f.zip |
-cleaning up RSA code
Diffstat (limited to 'src')
-rw-r--r-- | src/util/crypto_rsa.c | 112 |
1 files changed, 55 insertions, 57 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index d4b87d3c9..042af0893 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -79,14 +79,15 @@ adjust (unsigned char *buf, size_t size, size_t target) | |||
79 | 79 | ||
80 | 80 | ||
81 | /** | 81 | /** |
82 | * Free memory occupied by hostkey | 82 | * Free memory occupied by RSA private key. |
83 | * @param hostkey pointer to the memory to free | 83 | * |
84 | * @param key pointer to the memory to free | ||
84 | */ | 85 | */ |
85 | void | 86 | void |
86 | GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) | 87 | GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key) |
87 | { | 88 | { |
88 | gcry_sexp_release (hostkey->sexp); | 89 | gcry_sexp_release (key->sexp); |
89 | GNUNET_free (hostkey); | 90 | GNUNET_free (key); |
90 | } | 91 | } |
91 | 92 | ||
92 | 93 | ||
@@ -109,8 +110,7 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | |||
109 | unsigned int i; | 110 | unsigned int i; |
110 | unsigned int idx; | 111 | unsigned int idx; |
111 | 112 | ||
112 | list = gcry_sexp_find_token (sexp, topname, 0); | 113 | if (! (list = gcry_sexp_find_token (sexp, topname, 0))) |
113 | if (! list) | ||
114 | return 1; | 114 | return 1; |
115 | l2 = gcry_sexp_cadr (list); | 115 | l2 = gcry_sexp_cadr (list); |
116 | gcry_sexp_release (list); | 116 | gcry_sexp_release (list); |
@@ -120,8 +120,7 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | |||
120 | idx = 0; | 120 | idx = 0; |
121 | for (s = elems; *s; s++, idx++) | 121 | for (s = elems; *s; s++, idx++) |
122 | { | 122 | { |
123 | l2 = gcry_sexp_find_token (list, s, 1); | 123 | if (! (l2 = gcry_sexp_find_token (list, s, 1))) |
124 | if (! l2) | ||
125 | { | 124 | { |
126 | for (i = 0; i < idx; i++) | 125 | for (i = 0; i < idx; i++) |
127 | { | 126 | { |
@@ -151,6 +150,7 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | |||
151 | 150 | ||
152 | /** | 151 | /** |
153 | * Extract the public key of the host. | 152 | * Extract the public key of the host. |
153 | * | ||
154 | * @param priv the private key | 154 | * @param priv the private key |
155 | * @param pub where to write the public key | 155 | * @param pub where to write the public key |
156 | */ | 156 | */ |
@@ -165,9 +165,9 @@ GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey | |||
165 | int rc; | 165 | int rc; |
166 | 166 | ||
167 | rc = key_from_sexp (skey, priv->sexp, "public-key", "ne"); | 167 | rc = key_from_sexp (skey, priv->sexp, "public-key", "ne"); |
168 | if (rc) | 168 | if (0 != rc) |
169 | rc = key_from_sexp (skey, priv->sexp, "private-key", "ne"); | 169 | rc = key_from_sexp (skey, priv->sexp, "private-key", "ne"); |
170 | if (rc) | 170 | if (0 != rc) |
171 | rc = key_from_sexp (skey, priv->sexp, "rsa", "ne"); | 171 | rc = key_from_sexp (skey, priv->sexp, "rsa", "ne"); |
172 | GNUNET_assert (0 == rc); | 172 | GNUNET_assert (0 == rc); |
173 | pub->len = | 173 | pub->len = |
@@ -259,16 +259,15 @@ GNUNET_CRYPTO_rsa_public_key_from_string (const char *enc, | |||
259 | 259 | ||
260 | 260 | ||
261 | /** | 261 | /** |
262 | * Internal: publicKey => RSA-Key. | 262 | * Convert the given public key from the network format to the |
263 | * S-expression that can be used by libgcrypt. | ||
263 | * | 264 | * |
264 | * Note that the return type is not actually a private | 265 | * @param publicKey public key to decode |
265 | * key but rather an sexpression for the public key! | 266 | * @return NULL on error |
266 | */ | 267 | */ |
267 | static struct GNUNET_CRYPTO_RsaPrivateKey * | 268 | static gcry_sexp_t |
268 | public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | 269 | decode_public_key (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *publicKey) |
269 | *publicKey) | ||
270 | { | 270 | { |
271 | struct GNUNET_CRYPTO_RsaPrivateKey *ret; | ||
272 | gcry_sexp_t result; | 271 | gcry_sexp_t result; |
273 | gcry_mpi_t n; | 272 | gcry_mpi_t n; |
274 | gcry_mpi_t e; | 273 | gcry_mpi_t e; |
@@ -285,17 +284,15 @@ public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | |||
285 | return NULL; | 284 | return NULL; |
286 | } | 285 | } |
287 | size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; | 286 | size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; |
288 | rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG, &publicKey->key[0], size, &size); | 287 | if (0 != (rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG, &publicKey->key[0], size, &size))) |
289 | if (rc) | ||
290 | { | 288 | { |
291 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 289 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
292 | return NULL; | 290 | return NULL; |
293 | } | 291 | } |
294 | size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; | 292 | size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; |
295 | rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG, | 293 | if (0 != (rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG, |
296 | &publicKey->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], | 294 | &publicKey->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], |
297 | size, &size); | 295 | size, &size))) |
298 | if (rc) | ||
299 | { | 296 | { |
300 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 297 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
301 | gcry_mpi_release (n); | 298 | gcry_mpi_release (n); |
@@ -305,20 +302,19 @@ public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | |||
305 | e); | 302 | e); |
306 | gcry_mpi_release (n); | 303 | gcry_mpi_release (n); |
307 | gcry_mpi_release (e); | 304 | gcry_mpi_release (e); |
308 | if (rc) | 305 | if (0 != rc) |
309 | { | 306 | { |
310 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); /* erroff gives more info */ | 307 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); /* erroff gives more info */ |
311 | return NULL; | 308 | return NULL; |
312 | } | 309 | } |
313 | ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); | 310 | return result; |
314 | ret->sexp = result; | ||
315 | return ret; | ||
316 | } | 311 | } |
317 | 312 | ||
318 | 313 | ||
319 | /** | 314 | /** |
320 | * Encode the private key in a format suitable for | 315 | * Encode the private key in a format suitable for |
321 | * storing it into a file. | 316 | * storing it into a file. |
317 | * | ||
322 | * @returns encoding of the private key. | 318 | * @returns encoding of the private key. |
323 | * The first 4 bytes give the size of the array, as usual. | 319 | * The first 4 bytes give the size of the array, as usual. |
324 | */ | 320 | */ |
@@ -357,7 +353,7 @@ GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) | |||
357 | size = sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded); | 353 | size = sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded); |
358 | for (i = 0; i < 6; i++) | 354 | for (i = 0; i < 6; i++) |
359 | { | 355 | { |
360 | if (pkv[i] != NULL) | 356 | if (NULL != pkv[i]) |
361 | { | 357 | { |
362 | GNUNET_assert (0 == | 358 | GNUNET_assert (0 == |
363 | gcry_mpi_aprint (GCRYMPI_FMT_USG, | 359 | gcry_mpi_aprint (GCRYMPI_FMT_USG, |
@@ -419,7 +415,12 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
419 | const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *encoding = | 415 | const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *encoding = |
420 | (const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *) buf; | 416 | (const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *) buf; |
421 | gcry_sexp_t res; | 417 | gcry_sexp_t res; |
422 | gcry_mpi_t n, e, d, p, q, u; | 418 | gcry_mpi_t n; |
419 | gcry_mpi_t e; | ||
420 | gcry_mpi_t d; | ||
421 | gcry_mpi_t p; | ||
422 | gcry_mpi_t q; | ||
423 | gcry_mpi_t u; | ||
423 | int rc; | 424 | int rc; |
424 | size_t size; | 425 | size_t size; |
425 | int pos; | 426 | int pos; |
@@ -435,7 +436,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
435 | &((const unsigned char *) (&encoding[1]))[pos], size, | 436 | &((const unsigned char *) (&encoding[1]))[pos], size, |
436 | &size); | 437 | &size); |
437 | pos += ntohs (encoding->sizen); | 438 | pos += ntohs (encoding->sizen); |
438 | if (rc) | 439 | if (0 != rc) |
439 | { | 440 | { |
440 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 441 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
441 | return NULL; | 442 | return NULL; |
@@ -445,7 +446,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
445 | &((const unsigned char *) (&encoding[1]))[pos], size, | 446 | &((const unsigned char *) (&encoding[1]))[pos], size, |
446 | &size); | 447 | &size); |
447 | pos += ntohs (encoding->sizee); | 448 | pos += ntohs (encoding->sizee); |
448 | if (rc) | 449 | if (0 != rc) |
449 | { | 450 | { |
450 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 451 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
451 | gcry_mpi_release (n); | 452 | gcry_mpi_release (n); |
@@ -456,7 +457,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
456 | &((const unsigned char *) (&encoding[1]))[pos], size, | 457 | &((const unsigned char *) (&encoding[1]))[pos], size, |
457 | &size); | 458 | &size); |
458 | pos += ntohs (encoding->sized); | 459 | pos += ntohs (encoding->sized); |
459 | if (rc) | 460 | if (0 != rc) |
460 | { | 461 | { |
461 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 462 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
462 | gcry_mpi_release (n); | 463 | gcry_mpi_release (n); |
@@ -471,7 +472,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
471 | &((const unsigned char *) (&encoding[1]))[pos], size, | 472 | &((const unsigned char *) (&encoding[1]))[pos], size, |
472 | &size); | 473 | &size); |
473 | pos += ntohs (encoding->sizep); | 474 | pos += ntohs (encoding->sizep); |
474 | if (rc) | 475 | if (0 != rc) |
475 | { | 476 | { |
476 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 477 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
477 | gcry_mpi_release (n); | 478 | gcry_mpi_release (n); |
@@ -489,13 +490,13 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
489 | &((const unsigned char *) (&encoding[1]))[pos], size, | 490 | &((const unsigned char *) (&encoding[1]))[pos], size, |
490 | &size); | 491 | &size); |
491 | pos += ntohs (encoding->sizeq); | 492 | pos += ntohs (encoding->sizeq); |
492 | if (rc) | 493 | if (0 != rc) |
493 | { | 494 | { |
494 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 495 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
495 | gcry_mpi_release (n); | 496 | gcry_mpi_release (n); |
496 | gcry_mpi_release (e); | 497 | gcry_mpi_release (e); |
497 | gcry_mpi_release (d); | 498 | gcry_mpi_release (d); |
498 | if (q != NULL) | 499 | if (NULL != q) |
499 | gcry_mpi_release (q); | 500 | gcry_mpi_release (q); |
500 | return NULL; | 501 | return NULL; |
501 | } | 502 | } |
@@ -511,15 +512,15 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
511 | rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, | 512 | rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, |
512 | &((const unsigned char *) (&encoding[1]))[pos], size, | 513 | &((const unsigned char *) (&encoding[1]))[pos], size, |
513 | &size); | 514 | &size); |
514 | if (rc) | 515 | if (0 != rc) |
515 | { | 516 | { |
516 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 517 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
517 | gcry_mpi_release (n); | 518 | gcry_mpi_release (n); |
518 | gcry_mpi_release (e); | 519 | gcry_mpi_release (e); |
519 | gcry_mpi_release (d); | 520 | gcry_mpi_release (d); |
520 | if (p != NULL) | 521 | if (NULL != p) |
521 | gcry_mpi_release (p); | 522 | gcry_mpi_release (p); |
522 | if (q != NULL) | 523 | if (NULL != q) |
523 | gcry_mpi_release (q); | 524 | gcry_mpi_release (q); |
524 | return NULL; | 525 | return NULL; |
525 | } | 526 | } |
@@ -527,7 +528,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
527 | else | 528 | else |
528 | u = NULL; | 529 | u = NULL; |
529 | 530 | ||
530 | if ((p != NULL) && (q != NULL) && (u != NULL)) | 531 | if ((NULL != p) && (NULL != q) && (NULL != u)) |
531 | { | 532 | { |
532 | rc = gcry_sexp_build (&res, &size, /* erroff */ | 533 | rc = gcry_sexp_build (&res, &size, /* erroff */ |
533 | "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))", | 534 | "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))", |
@@ -535,7 +536,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
535 | } | 536 | } |
536 | else | 537 | else |
537 | { | 538 | { |
538 | if ((p != NULL) && (q != NULL)) | 539 | if ((NULL != p) && (NULL != q)) |
539 | { | 540 | { |
540 | rc = gcry_sexp_build (&res, &size, /* erroff */ | 541 | rc = gcry_sexp_build (&res, &size, /* erroff */ |
541 | "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))", | 542 | "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))", |
@@ -550,14 +551,14 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
550 | gcry_mpi_release (n); | 551 | gcry_mpi_release (n); |
551 | gcry_mpi_release (e); | 552 | gcry_mpi_release (e); |
552 | gcry_mpi_release (d); | 553 | gcry_mpi_release (d); |
553 | if (p != NULL) | 554 | if (NULL != p) |
554 | gcry_mpi_release (p); | 555 | gcry_mpi_release (p); |
555 | if (q != NULL) | 556 | if (NULL != q) |
556 | gcry_mpi_release (q); | 557 | gcry_mpi_release (q); |
557 | if (u != NULL) | 558 | if (NULL != u) |
558 | gcry_mpi_release (u); | 559 | gcry_mpi_release (u); |
559 | 560 | ||
560 | if (rc) | 561 | if (0 != rc) |
561 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); | 562 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); |
562 | #if EXTRA_CHECKS | 563 | #if EXTRA_CHECKS |
563 | if (gcry_pk_testkey (res)) | 564 | if (gcry_pk_testkey (res)) |
@@ -725,7 +726,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
725 | GNUNET_DISK_PERM_USER_WRITE); | 726 | GNUNET_DISK_PERM_USER_WRITE); |
726 | if (NULL == fd) | 727 | if (NULL == fd) |
727 | { | 728 | { |
728 | if (errno == EEXIST) | 729 | if (EEXIST == errno) |
729 | { | 730 | { |
730 | if (GNUNET_YES != GNUNET_DISK_file_test (filename)) | 731 | if (GNUNET_YES != GNUNET_DISK_file_test (filename)) |
731 | { | 732 | { |
@@ -1148,15 +1149,14 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, | |||
1148 | { | 1149 | { |
1149 | gcry_sexp_t result; | 1150 | gcry_sexp_t result; |
1150 | gcry_sexp_t data; | 1151 | gcry_sexp_t data; |
1151 | struct GNUNET_CRYPTO_RsaPrivateKey *pubkey; | 1152 | gcry_sexp_t psexp; |
1152 | gcry_mpi_t val; | 1153 | gcry_mpi_t val; |
1153 | gcry_mpi_t rval; | 1154 | gcry_mpi_t rval; |
1154 | size_t isize; | 1155 | size_t isize; |
1155 | size_t erroff; | 1156 | size_t erroff; |
1156 | 1157 | ||
1157 | GNUNET_assert (size <= sizeof (struct GNUNET_HashCode)); | 1158 | GNUNET_assert (size <= sizeof (struct GNUNET_HashCode)); |
1158 | pubkey = public2PrivateKey (publicKey); | 1159 | if (! (psexp = decode_public_key (publicKey))) |
1159 | if (pubkey == NULL) | ||
1160 | return GNUNET_SYSERR; | 1160 | return GNUNET_SYSERR; |
1161 | isize = size; | 1161 | isize = size; |
1162 | GNUNET_assert (0 == | 1162 | GNUNET_assert (0 == |
@@ -1165,10 +1165,9 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, | |||
1165 | gcry_sexp_build (&data, &erroff, | 1165 | gcry_sexp_build (&data, &erroff, |
1166 | "(data (flags pkcs1)(value %m))", val)); | 1166 | "(data (flags pkcs1)(value %m))", val)); |
1167 | gcry_mpi_release (val); | 1167 | gcry_mpi_release (val); |
1168 | GNUNET_assert (0 == gcry_pk_encrypt (&result, data, pubkey->sexp)); | 1168 | GNUNET_assert (0 == gcry_pk_encrypt (&result, data, psexp)); |
1169 | gcry_sexp_release (data); | 1169 | gcry_sexp_release (data); |
1170 | GNUNET_CRYPTO_rsa_key_free (pubkey); | 1170 | gcry_sexp_release (psexp); |
1171 | |||
1172 | GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "a")); | 1171 | GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "a")); |
1173 | gcry_sexp_release (result); | 1172 | gcry_sexp_release (result); |
1174 | isize = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData); | 1173 | isize = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData); |
@@ -1303,7 +1302,7 @@ GNUNET_CRYPTO_rsa_verify (uint32_t purpose, | |||
1303 | gcry_sexp_t sigdata; | 1302 | gcry_sexp_t sigdata; |
1304 | size_t size; | 1303 | size_t size; |
1305 | gcry_mpi_t val; | 1304 | gcry_mpi_t val; |
1306 | struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; | 1305 | gcry_sexp_t psexp; |
1307 | struct GNUNET_HashCode hc; | 1306 | struct GNUNET_HashCode hc; |
1308 | char *buff; | 1307 | char *buff; |
1309 | int bufSize; | 1308 | int bufSize; |
@@ -1331,15 +1330,14 @@ GNUNET_CRYPTO_rsa_verify (uint32_t purpose, | |||
1331 | &hc, sizeof (struct GNUNET_HashCode)); | 1330 | &hc, sizeof (struct GNUNET_HashCode)); |
1332 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); | 1331 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); |
1333 | GNUNET_free (buff); | 1332 | GNUNET_free (buff); |
1334 | hostkey = public2PrivateKey (publicKey); | 1333 | if (! (psexp = decode_public_key (publicKey))) |
1335 | if (hostkey == NULL) | ||
1336 | { | 1334 | { |
1337 | gcry_sexp_release (data); | 1335 | gcry_sexp_release (data); |
1338 | gcry_sexp_release (sigdata); | 1336 | gcry_sexp_release (sigdata); |
1339 | return GNUNET_SYSERR; | 1337 | return GNUNET_SYSERR; |
1340 | } | 1338 | } |
1341 | rc = gcry_pk_verify (sigdata, data, hostkey->sexp); | 1339 | rc = gcry_pk_verify (sigdata, data, psexp); |
1342 | GNUNET_CRYPTO_rsa_key_free (hostkey); | 1340 | gcry_sexp_release (psexp); |
1343 | gcry_sexp_release (data); | 1341 | gcry_sexp_release (data); |
1344 | gcry_sexp_release (sigdata); | 1342 | gcry_sexp_release (sigdata); |
1345 | if (rc) | 1343 | if (rc) |