Question on gcry_pk_sign and flags

Dmitry Eremin-Solenikov dbaryshkov at
Wed Jan 8 00:35:03 CET 2014


I'm seeking an advice on the following problem:

Currently GOST signatures are triggered by a flag
'gost' passed alongside the data. Essentially setting
(flags gost) enforces the 'raw' encoding. I cannot pass
(flags raw gost), it would be a conflict detected by 'raw'
flag handling.

This scheme works if I try to sign the data with sexp like:
'(data(flags gost)(value #000000...#))'. The problem comes
with sexp like '(data(flags gost)(hash stribog256 #000000#))'.
Function  _gcry_pk_util_data_to_mpi() contains additional
requirements for handling ecoding=raw + lhash data:

  else if (ctx->encoding == PUBKEY_ENC_RAW && lhash
           && ((parsed_flags & PUBKEY_FLAG_RAW_FLAG)
               || (parsed_flags & PUBKEY_FLAG_RFC6979)))

This check fails in my case and thus I end up with
GPG_ERR_CONFLICT return code.

What would be the best way to solve this problem:

1) Add (|| parsed_flags & PUBKEY_FLAG_GOST) to the check?
2) Add implicit PUBKEY_FLAG_RAW_FLAG if the gost flag is given?
3) Anything else?

With best wishes

More information about the Gcrypt-devel mailing list