[gnutls-help] openpgp and gnutls_privkey_import_openpgp

Fri May 31 10:44:31 CEST 2013

On Thu, May 30, 2013 at 3:16 PM, Petr Vanek <petr at yarpen.cz> wrote:
> hi all,
> what is proper use of gnutls_privkey_import_openpgp, please?
> I have a playground application to examine gnutls as a potential backend
> for new Qore language module and I'm getting crashes in nettle when I
> try to decrypt data.

It seems that you triggered a bug on deinitialization of parameters.
The attached patch should fix the crash, but will not make your use
case work. The crash happens prior to error reporting because for some
reason no keys could be extracted from the openpgp key you specified
(what kind of key was that?).

> Is there any public implementation of this functionality I can look into? Any hints?

In general I'd suggest to prefer the X.509 functionality than the
openpgp one which is often behind in terms of functionality and
testing.

regards,
Nikos
-------------- next part --------------

diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c
index 7a04b76..1984005 100644
--- a/lib/gnutls_pk.c
+++ b/lib/gnutls_pk.c
@@ -220,7 +220,8 @@ gnutls_pk_params_clear (gnutls_pk_params_st * p)
   unsigned int i;
   for (i = 0; i < p->params_nr; i++)
     {
-      _gnutls_mpi_clear (p->params[i]);
+      if (p->params[i] != NULL) 
+        _gnutls_mpi_clear (p->params[i]);
     }
 }
 
