[Help-gnutls] Client OpenPGP verification fails (update)
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Jul 25 20:17:37 CEST 2006
On Tue 25 Jul 2006 19:56, Mario Lenz wrote:
> Hi!
>
> > Are you sure? I didn't test it but it seems that the first call to
> > cdk_kbnode_write_to_mem() does the work...
>
> (I'm talking about 1.4.1 here. I think I'll have some time next week
> to have a look at 1.5.0.)
I think the openpgp part is the same since 1.0.x. Hasn't really changed.
> Well, the function gnutls_openpgp_key_export looks like this:
>
> /* call cdk_kbnode_write_to_mem() and handle return value */
This should be doing the convertion to raw encoding. Then
it proceeds if only if conversion to base64 is needed.
> But then there's another problem in libextra/gnutls_openpgp.c. Please
> have a look at _gnutls_openpgp_key_to_gcert:
>
> ret = gnutls_openpgp_key_export (cert, GNUTLS_OPENPGP_FMT_RAW, NULL,
> &der_size);
> if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
> {
> gnutls_assert ();
> return ret;
> }
This should be correct since decoding should fail (check that the output
pointer is NULL so there is no place to copy the output). That call is
there to get the size of the exported key only.
> The function always dies, except when there's a specific error.
You're not really supposed to call this function directly! :)
But anyway did you notice failures in this function?
regards,
Nikos
More information about the Gnutls-help
mailing list