6
6
* GnuPG is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
8
* the Free Software Foundation; either version 3 of the License, or
9
9
* (at your option) any later version.
11
11
* GnuPG is distributed in the hope that it will be useful,
14
14
* GNU General Public License for more details.
16
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
17
* along with this program; if not, see <http://www.gnu.org/licenses/>.
21
20
#include <config.h>
78
/* Special version of do_encode_md to take care of pckcs#1 padding.
79
For TLS-MD5SHA1 we need to do the padding ourself as Libgrypt does
80
not know about this special scheme. Fixme: We should have a
81
pkcs1-only-padding flag for Libgcrypt. */
83
do_encode_raw_pkcs1 (const byte *md, size_t mdlen, unsigned int nbits,
91
nframe = (nbits+7) / 8;
92
if ( !mdlen || mdlen + 8 + 4 > nframe )
94
/* Can't encode this hash into a frame of size NFRAME. */
95
return gpg_error (GPG_ERR_TOO_SHORT);
98
frame = xtrymalloc (nframe);
100
return gpg_error_from_syserror ();
102
/* Assemble the pkcs#1 block type 1. */
105
frame[n++] = 1; /* Block type. */
106
i = nframe - mdlen - 3 ;
107
assert (i >= 8); /* At least 8 bytes of padding. */
108
memset (frame+n, 0xff, i );
111
memcpy (frame+n, md, mdlen );
113
assert (n == nframe);
115
/* Create the S-expression. */
116
rc = gcry_sexp_build (&hash, NULL,
117
"(data (flags raw) (value %b))",
79
127
/* SIGN whatever information we have accumulated in CTRL and return
80
128
the signature S-Expression. */
133
181
gcry_sexp_t s_hash = NULL;
135
/* put the hash into a sexp */
136
rc = do_encode_md (ctrl->digest.value,
137
ctrl->digest.valuelen,
140
ctrl->digest.raw_value);
183
/* Put the hash into a sexp */
184
if (ctrl->digest.algo == GCRY_MD_USER_TLS_MD5SHA1)
185
rc = do_encode_raw_pkcs1 (ctrl->digest.value,
186
ctrl->digest.valuelen,
187
gcry_pk_get_nbits (s_skey),
190
rc = do_encode_md (ctrl->digest.value,
191
ctrl->digest.valuelen,
194
ctrl->digest.raw_value);