behavior of gcrypt depending on input data: "conflicting use"

Werner Koch wk at
Tue Jan 20 09:38:43 CET 2009


Instead of:

  error = gcry_mpi_scan (&mpival, GCRYMPI_FMT_USG,
                         digest, hash_len, &nscanned );
  assert ( error == 0 );
  printf ( "nscanned: %lu\n", nscanned );

  rc = gcry_sexp_build ( sign_parms, &errof,
                         "(data (flags pkcs1) (hash %s %m))",
                         HASH_NAME, mpival );
  assert ( rc == 0 );
  gcry_mpi_release ( mpival );

you should better do:

  rc = gcry_sexp_build (sign_parms, NULL,
                        "(data (flags pkcs1)(hash %s %b))",
                        HASH_NAME, (int)hash_len, digest);

I have not looked at the actual problem with %m.  If you want to figure
that out, you need to check the MPI and the resulting S-expression, for
example by inserting

 gcry_mpi_dump (mpival); putc (.'\n', stderr);
 gcry_sexp_dump (*sign_parms)



p.s.  In general it is better to insert the actual code into the message
so that it is possible to answer even without an online connection.

Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gcrypt-devel mailing list