[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1
|
From: |
Andreas Metzler |
|
Subject: |
Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1 |
|
Date: |
Sun, 24 Jul 2011 16:36:02 +0200 |
|
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On 2011-07-04 Andreas Metzler <address@hidden> wrote:
> On 2011-07-04 Werner Koch <address@hidden> wrote:
> > I see this in gnutls/lib/pk-libgcrypt.c:_wrap_gcry_pk_decrypt
> > bigint_t res;
> > res = gcry_sexp_nth_mpi (s_plain, 0, 0);
> > gcry_sexp_release (s_plain);
> > This is wrong and worked only because of a bug in Libgcrypt < 1.5.0.
> [...]
> > If you use this function to parse results of a public key function,
> > you most likely want to use `GCRYMPI_FMT_USG'.]
[...]
> > Note that some other code uses gcry_sexp_nth_data and is thus not
> > affected by this bug fix.
[...]
> For 2.12.7 [1] and 2.10.5 [2] this fixes one test failure
> (x509self for 2.12 and x509dn for 2.10) while the other errors remain.
> Sorry I am not more helpful than that, I am not a programmer.
> [2]
> ---------------
> --- gnutls26-2.10.5.orig/lib/pk-libgcrypt.c
> +++ gnutls26-2.10.5/lib/pk-libgcrypt.c
> @@ -202,7 +202,7 @@ _wrap_gcry_pk_decrypt (gnutls_pk_algorit
> goto cleanup;
> }
> - res = gcry_sexp_nth_mpi (s_plain, 0, 0);
> + res = gcry_sexp_nth_mpi (s_plain, 0, GCRYMPI_FMT_USG);
> if (res == NULL)
> {
> gnutls_assert ();
> ---------------
[...]
Hello,
Well, simply replacing all occurences of gcry_sexp_nth_mpi (..., 0) with
gcry_sexp_nth_mpi (..., GCRYMPI_FMT_USG) fixes the testsuite errors of
both gnutls 2.10.5 and 2.12.7. The other occurences of
gcry_sexp_nth_mpi are all similar to this one:
----------------------------
static int
_wrap_gcry_pk_encrypt([...])
[...]
gcry_sexp_t s_ciph = NULL, s_data = NULL, s_pkey = NULL;
[...]
gcry_sexp_t list;
[use gcry_sexp_build to fill s_pkey, s_ciph, s_data ]
/* pass it to libgcrypt */
rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey);
[...]
list = gcry_sexp_find_token (s_ciph, "a", 0);
res = gcry_sexp_nth_mpi (list, 1, 0)
----------------------------
Is changing this to "res = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG);"
the proper fix, or does it just seem to work accidentally?
cu andreas
gnutls-2.10.5+gcrypt1.5.patch
Description: Text Data
gnutls-2.12.7+gcrypt1.5.patch
Description: Text Data
- new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Andreas Metzler, 2011/07/02
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Andreas Metzler, 2011/07/02
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Werner Koch, 2011/07/02
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Andreas Metzler, 2011/07/03
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Werner Koch, 2011/07/04
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Andreas Metzler, 2011/07/04
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1,
Andreas Metzler <=
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Werner Koch, 2011/07/25
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Tomas Mraz, 2011/07/25
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Werner Koch, 2011/07/25
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Tomas Mraz, 2011/07/25
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Werner Koch, 2011/07/25
- Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Nikos Mavrogiannopoulos, 2011/07/25
Re: new testsuite errors with gcrypt 1.5 and gnutls 2.17.1, Andreas Metzler, 2011/07/02