[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-29-gee7f87e
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-29-gee7f87e |
|
Date: |
Sun, 26 Aug 2012 19:20:53 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=ee7f87ef596232c7097a48a7cff2fe16b5bc79da
The branch, master has been updated
via ee7f87ef596232c7097a48a7cff2fe16b5bc79da (commit)
via 717cc3098abed39fc188820f2c45b090fe122267 (commit)
via 5a89c629932e80ad2332ab44b8c15786508d29f9 (commit)
via 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170 (commit)
via 19c9b16e562a00b8aa9bcc4e39599ad41a049b2d (commit)
from efadaaf31d58d1264797ac77c70a710569fe8f01 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ee7f87ef596232c7097a48a7cff2fe16b5bc79da
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 26 21:18:53 2012 +0200
Revert "Use _gnutls_dsa_q_to_hash() only for warning reasons."
This reverts commit 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170.
commit 717cc3098abed39fc188820f2c45b090fe122267
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 26 21:18:35 2012 +0200
fix DSA and ECDSA signing in smart cards.
commit 5a89c629932e80ad2332ab44b8c15786508d29f9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 26 21:16:57 2012 +0200
null terminate the certificate being print
commit 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 26 20:04:47 2012 +0200
Use _gnutls_dsa_q_to_hash() only for warning reasons.
commit 19c9b16e562a00b8aa9bcc4e39599ad41a049b2d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Aug 26 01:11:10 2012 +0200
documented fix
-----------------------------------------------------------------------
Summary of changes:
NEWS | 6 +++++-
lib/pkcs11_privkey.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
src/common.c | 3 ++-
3 files changed, 55 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index 1955e8f..2707899 100644
--- a/NEWS
+++ b/NEWS
@@ -4,13 +4,17 @@ See the end for copying conditions.
* Version 3.1.1 (unreleased)
+** certtool: Changes in password handling of certtool.
+Ask password when required and only if the '--password' option is not
+given. If the '--password' option is given during key generation then
+assume the PKCS #8 file format, instead of ignoring the password.
+
** tpmtool: No longer asks for key password in registered keys.
** API and ABI modifications:
gnutls_sign_algorithm_get: Added
gnutls_sign_get_hash_algorithm: Added
gnutls_sign_get_pk_algorithm: Added
-GNUTLS_PK_RSA_HASH_ONLY: Added
* Version 3.1.0 (released 2012-08-15)
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index 5adee3c..43e3877 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -26,6 +26,7 @@
#include <gnutls_datum.h>
#include <pkcs11_int.h>
#include <gnutls_sig.h>
+#include <gnutls_pk.h>
#include <p11-kit/uri.h>
struct gnutls_pkcs11_privkey_st
@@ -146,6 +147,23 @@ gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t
pkey,
} \
} while (0);
+
+static int read_rs(bigint_t *r, bigint_t *s, uint8_t *data, size_t data_size)
+{
+unsigned int dhalf = data_size/2;
+
+ if (_gnutls_mpi_scan_nz (r, data, dhalf) != 0)
+ return gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+
+ if (_gnutls_mpi_scan_nz (s, &data[dhalf], dhalf) != 0)
+ {
+ _gnutls_mpi_release(r);
+ return gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+ }
+
+ return 0;
+}
+
/*-
* _gnutls_pkcs11_privkey_sign_hash:
* @key: Holds the key
@@ -220,6 +238,36 @@ _gnutls_pkcs11_privkey_sign_hash (gnutls_pkcs11_privkey_t
key,
}
signature->size = siglen;
+
+ if (key->pk_algorithm == GNUTLS_PK_EC || key->pk_algorithm == GNUTLS_PK_DSA)
+ {
+ bigint_t r,s;
+
+ if (siglen % 2 != 0)
+ {
+ gnutls_assert();
+ ret = GNUTLS_E_PK_SIGN_FAILED;
+ goto cleanup;
+ }
+
+ ret = read_rs(&r, &s, signature->data, signature->size);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ gnutls_free(signature->data);
+ ret = _gnutls_encode_ber_rs (signature, r, s);
+ _gnutls_mpi_release(&r);
+ _gnutls_mpi_release(&s);
+
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+ }
ret = 0;
diff --git a/src/common.c b/src/common.c
index 3928491..1b881a8 100644
--- a/src/common.c
+++ b/src/common.c
@@ -161,7 +161,7 @@ print_x509_info (gnutls_session_t session, int flag, int
print_cert)
&size);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
{
- p = malloc (size);
+ p = malloc (size+1);
if (!p)
{
fprintf (stderr, "gnutls_malloc\n");
@@ -179,6 +179,7 @@ print_x509_info (gnutls_session_t session, int flag, int
print_cert)
return;
}
+ p[size] = 0;
fputs ("\n", stdout);
fputs (p, stdout);
fputs ("\n", stdout);
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-29-gee7f87e,
Nikos Mavrogiannopoulos <=