behavior of gcrypt depending on input data: "conflicting use"

Werner Koch wk at gnupg.org
Tue Jan 20 09:38:43 CET 2009


Hi,

Instead of:

  error = gcry_mpi_scan (&mpival, GCRYMPI_FMT_USG,
                         digest, hash_len, &nscanned );
  assert ( error == 0 );
  printf ( "nscanned: %lu\n", nscanned );

  rc = gcry_sexp_build ( sign_parms, &errof,
                         "(data (flags pkcs1) (hash %s %m))",
                         HASH_NAME, mpival );
  assert ( rc == 0 );
  gcry_mpi_release ( mpival );

you should better do:

  rc = gcry_sexp_build (sign_parms, NULL,
                        "(data (flags pkcs1)(hash %s %b))",
                        HASH_NAME, (int)hash_len, digest);


I have not looked at the actual problem with %m.  If you want to figure
that out, you need to check the MPI and the resulting S-expression, for
example by inserting

 gcry_mpi_dump (mpival); putc (.'\n', stderr);
 gcry_sexp_dump (*sign_parms)



Shalom-Salam,

   Werner



p.s.  In general it is better to insert the actual code into the message
so that it is possible to answer even without an online connection.

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gcrypt-devel mailing list