Using libgcrypt on large files
gcrypt at kaervek.net
Wed Feb 23 22:41:20 CET 2005
I am thinking about using libgcrypt to sign files, which I will deploy
during an update phase to customers. With the signature I want to check
the integrity (of course :)).
Even though I would not use quite large files at the beginning, I am not
sure if this will always be true.
Right now I use the following code to get the signature:
rc = gcry_sexp_build (&sign_parms, &errof,
"(data (flags) (value \"%s\"))\n", data);
rc = gcry_pk_sign (&sig, sign_parms, skey);
(Found that code on the net).
I am not sure about 2 things here.
1) I want to sign binary data, to use the code above, I would have to
escape/remove nulls, otherwise gcry_sexp_build will fail. Is there any
other function I could use instead? Performance wise this looks a little
bit suspicous to me.
2) What can I do if the file is really large and will not fit into
memory? My approach will obviously fail, as I need everything in
'data' :(. Is there a way to hash a file in little portions, so I can
read in buffers and update my signatures in a loop?
Thanks for you help
More information about the Gcrypt-devel