[Help-gnutls] Client OpenPGP verification fails (update)

Mario Lenz mario.lenz at gmx.net
Tue Jul 25 19:56:48 CEST 2006


Hi!

> Are you sure? I didn't test it but it seems that the first call to 
> cdk_kbnode_write_to_mem() does the work...

(I'm talking about 1.4.1 here. I think I'll have some time next week to
have a look at 1.5.0.)

Well, the function gnutls_openpgp_key_export looks like this:

/* call cdk_kbnode_write_to_mem() and handle return value */

if (format == GNUTLS_OPENPGP_FMT_BASE64)
  {
    /* code */
  }

return 0;

I inserted "printf("gnutls_openpgp_key_export format ==
GNUTLS_OPENPGP_FMT_BASE64\n");" at the beginning of the if block and
"printf("gnutls_openpgp_key_export format != GNUTLS_OPENPGP_FMT_BASE64
\n");" just befor the return and I can see that the if isn't processed.

OK, this might be correct and there's nothing to do when the format
isn't GNUTLS_OPENPGP_FMT_BASE64. You should know better than me :-)

But then there's another problem in libextra/gnutls_openpgp.c. Please
have a look at _gnutls_openpgp_key_to_gcert:

ret = gnutls_openpgp_key_export (cert, GNUTLS_OPENPGP_FMT_RAW, NULL,
&der_size);
if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
  {
    gnutls_assert ();
    return ret;
  }

The function always dies, except when there's a specific error.


cu

   Mario






More information about the Gnutls-help mailing list