LibGcrypt verify Help required

Presanna Raman presannar at ami.com
Wed Feb 20 23:57:39 CET 2008


Thankx Adam for the suggestion. Unfortunately, I will have to use G-Crypt lib. I did look at how openCdk verifies a signature. It is the same that I have followed. I have a detached Armored Signature, the Armored Public Key and the binary file which was used to generate the detached signature. On going thru the RFC 4880 I gather that the 2 mpi's part of the signature packet contain the hashed data. I use this to construct the sexpression equivalent for the signature. Similarly, I use the 4 mpi's of the public key to construct the public key s-expression. What I am not sure is how do I generate the sexpression of the data? Should I encode the data using some hashing algorithm and then generate the sexpression for verification? Or am I missing something. The RFC specifies that the preferred encoding in OpenPGP is PKCS#1. But using PKCS1 as the flag in constructing the sexpression I get back Error status GPG_ERR_CONFLICT. Any help will be appreciated.

On a side Note, In the function gcry_mpi_set_opaque() the a->sign is set as nbit with no check made to make sure if the value is signed. Is this correct?

With Regards,

Presanna Raman.

> -----Original Message-----
> From:	alangley at gmail.com [SMTP:alangley at gmail.com] On Behalf Of Adam Langley
> Sent:	Tuesday, February 19, 2008 11:46 PM
> To:	Presanna Raman
> Cc:	gcrypt-devel at gnupg.org
> Subject:	Re: LibGcrypt verify Help required
> 
> On Feb 19, 2008 8:42 PM, Adam Langley <agl at imperialviolet.org> wrote:
> > Possibly opencdk is the library that you want for this.
> 
> Oh, and please note that opencdk appears to be *GPL* licensed, not
> LGPL. That may affect your plans.
> 
> 
> AGL
> 
> -- 
> Adam Langley agl at imperialviolet.org http://www.imperialviolet.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080220/e08a8907/attachment.htm>


More information about the Gcrypt-devel mailing list