summaryrefslogtreecommitdiff
path: root/cipher
diff options
context:
space:
mode:
Diffstat (limited to 'cipher')
-rw-r--r--cipher/cipher.c144
-rw-r--r--cipher/dsa-common.c96
-rw-r--r--cipher/dsa.c310
-rw-r--r--cipher/ecc-common.h2
-rw-r--r--cipher/ecc-curves.c90
-rw-r--r--cipher/ecc-ecdsa.c29
-rw-r--r--cipher/ecc-eddsa.c64
-rw-r--r--cipher/ecc-gost.c17
-rw-r--r--cipher/ecc-misc.c48
-rw-r--r--cipher/ecc.c360
-rw-r--r--cipher/elgamal.c238
-rw-r--r--cipher/hmac-tests.c2
-rw-r--r--cipher/kdf.c62
-rw-r--r--cipher/mac-cmac.c2
-rw-r--r--cipher/mac-gmac.c2
-rw-r--r--cipher/mac-hmac.c20
-rw-r--r--cipher/mac.c104
-rw-r--r--cipher/md.c132
-rw-r--r--cipher/primegen.c215
-rw-r--r--cipher/pubkey-util.c162
-rw-r--r--cipher/pubkey.c149
-rw-r--r--cipher/rsa-common.c74
-rw-r--r--cipher/rsa.c450
23 files changed, 1357 insertions, 1415 deletions
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 516f44ba..f7f5a46b 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -197,7 +197,7 @@ search_oid (const char *oid, gcry_cipher_oid_spec_t *oid_spec)
not known. It is valid to pass NULL for STRING which results in a
return value of 0. */
int
-gcry_cipher_map_name (const char *string)
+_gcry_cipher_map_name (const char *string)
{
gcry_cipher_spec_t *spec;
@@ -225,7 +225,7 @@ gcry_cipher_map_name (const char *string)
with that OID or 0 if no mode is known. Passing NULL for string
yields a return value of 0. */
int
-gcry_cipher_mode_from_oid (const char *string)
+_gcry_cipher_mode_from_oid (const char *string)
{
gcry_cipher_spec_t *spec;
gcry_cipher_oid_spec_t oid_spec;
@@ -246,7 +246,7 @@ gcry_cipher_mode_from_oid (const char *string)
used by Libgcrypt. A "?" is returned for an unknown algorithm.
NULL is never returned. */
const char *
-gcry_cipher_algo_name (int algorithm)
+_gcry_cipher_algo_name (int algorithm)
{
gcry_cipher_spec_t *spec;
@@ -340,21 +340,21 @@ cipher_get_blocksize (int algorithm)
Values for these flags may be combined using OR.
*/
-gcry_error_t
-gcry_cipher_open (gcry_cipher_hd_t *handle,
- int algo, int mode, unsigned int flags)
+gcry_err_code_t
+_gcry_cipher_open (gcry_cipher_hd_t *handle,
+ int algo, int mode, unsigned int flags)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
gcry_cipher_hd_t h = NULL;
if (mode >= GCRY_CIPHER_MODE_INTERNAL)
- err = GPG_ERR_INV_CIPHER_MODE;
+ rc = GPG_ERR_INV_CIPHER_MODE;
else
- err = _gcry_cipher_open_internal (&h, algo, mode, flags);
+ rc = _gcry_cipher_open_internal (&h, algo, mode, flags);
- *handle = err ? NULL : h;
+ *handle = rc ? NULL : h;
- return gcry_error (err);
+ return rc;
}
@@ -545,7 +545,7 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
/* Release all resources associated with the cipher handle H. H may be
NULL in which case this is a no-operation. */
void
-gcry_cipher_close (gcry_cipher_hd_t h)
+_gcry_cipher_close (gcry_cipher_hd_t h)
{
size_t off;
@@ -574,13 +574,13 @@ gcry_cipher_close (gcry_cipher_hd_t h)
/* Set the key to be used for the encryption context C to KEY with
length KEYLEN. The length should match the required length. */
-static gcry_error_t
+static gcry_err_code_t
cipher_setkey (gcry_cipher_hd_t c, byte *key, size_t keylen)
{
- gcry_err_code_t ret;
+ gcry_err_code_t rc;
- ret = c->spec->setkey (&c->context.c, key, keylen);
- if (!ret)
+ rc = c->spec->setkey (&c->context.c, key, keylen);
+ if (!rc)
{
/* Duplicate initial context. */
memcpy ((void *) ((char *) &c->context.c + c->spec->contextsize),
@@ -605,7 +605,7 @@ cipher_setkey (gcry_cipher_hd_t c, byte *key, size_t keylen)
else
c->marks.key = 0;
- return gcry_error (ret);
+ return rc;
}
@@ -830,11 +830,11 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
* Encrypt IN and write it to OUT. If IN is NULL, in-place encryption has
* been requested.
*/
-gcry_error_t
-gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
- const void *in, size_t inlen)
+gcry_err_code_t
+_gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
+ const void *in, size_t inlen)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
if (!in) /* Caller requested in-place encryption. */
{
@@ -842,14 +842,14 @@ gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
inlen = outsize;
}
- err = cipher_encrypt (h, out, outsize, in, inlen);
+ rc = cipher_encrypt (h, out, outsize, in, inlen);
/* Failsafe: Make sure that the plaintext will never make it into
OUT if the encryption returned an error. */
- if (err && out)
+ if (rc && out)
memset (out, 0x42, outsize);
- return gcry_error (err);
+ return rc;
}
@@ -934,21 +934,17 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
}
-gcry_error_t
-gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
- const void *in, size_t inlen)
+gcry_err_code_t
+_gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
+ const void *in, size_t inlen)
{
- gcry_err_code_t err;
-
if (!in) /* Caller requested in-place encryption. */
{
in = out;
inlen = outsize;
}
- err = cipher_decrypt (h, out, outsize, in, inlen);
-
- return gcry_error (err);
+ return cipher_decrypt (h, out, outsize, in, inlen);
}
@@ -971,17 +967,17 @@ cipher_sync (gcry_cipher_hd_t c)
}
-gcry_error_t
+gcry_err_code_t
_gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen)
{
return cipher_setkey (hd, (void*)key, keylen);
}
-gcry_error_t
+gcry_err_code_t
_gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen)
{
- gcry_err_code_t rc = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
switch (hd->mode)
{
@@ -993,13 +989,13 @@ _gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen)
rc = cipher_setiv (hd, iv, ivlen);
break;
}
- return gpg_error (rc);
+ return rc;
}
/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
block size length, or (NULL,0) to set the CTR to the all-zero
block. */
-gpg_error_t
+gpg_err_code_t
_gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen)
{
if (ctr && ctrlen == hd->spec->blocksize)
@@ -1013,11 +1009,13 @@ _gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen)
hd->unused = 0;
}
else
- return gpg_error (GPG_ERR_INV_ARG);
+ return GPG_ERR_INV_ARG;
+
return 0;
}
-gcry_error_t
+
+gcry_err_code_t
_gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
size_t abuflen)
{
@@ -1043,10 +1041,11 @@ _gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
break;
}
- return gpg_error (rc);
+ return rc;
}
-gcry_error_t
+
+gcry_err_code_t
_gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, size_t taglen)
{
gcry_err_code_t rc;
@@ -1071,10 +1070,11 @@ _gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, size_t taglen)
break;
}
- return gpg_error (rc);
+ return rc;
}
-gcry_error_t
+
+gcry_err_code_t
_gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen)
{
gcry_err_code_t rc;
@@ -1099,14 +1099,14 @@ _gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen)
break;
}
- return gpg_error (rc);
+ return rc;
}
-gcry_error_t
-gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
+gcry_err_code_t
+_gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
{
- gcry_err_code_t rc = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
switch (cmd)
{
@@ -1206,7 +1206,7 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
rc = GPG_ERR_INV_OP;
}
- return gcry_error (rc);
+ return rc;
}
@@ -1218,10 +1218,10 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
The function always returns GPG_ERR_INV_OP.
*/
-gcry_error_t
-gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
+gcry_err_code_t
+_gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
(void)h;
(void)buffer;
@@ -1230,10 +1230,10 @@ gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
switch (cmd)
{
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
/* Return information about the given cipher algorithm ALGO.
@@ -1260,17 +1260,17 @@ gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
and thereby detecting whether a error occurred or not (i.e. while
checking the block size)
*/
-gcry_error_t
-gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
+gcry_err_code_t
+_gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
unsigned int ui;
switch (what)
{
case GCRYCTL_GET_KEYLEN:
if (buffer || (! nbytes))
- err = GPG_ERR_CIPHER_ALGO;
+ rc = GPG_ERR_CIPHER_ALGO;
else
{
ui = cipher_get_keylen (algo);
@@ -1278,37 +1278,39 @@ gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
*nbytes = (size_t) ui / 8;
else
/* The only reason for an error is an invalid algo. */
- err = GPG_ERR_CIPHER_ALGO;
+ rc = GPG_ERR_CIPHER_ALGO;
}
break;
case GCRYCTL_GET_BLKLEN:
if (buffer || (! nbytes))
- err = GPG_ERR_CIPHER_ALGO;
+ rc = GPG_ERR_CIPHER_ALGO;
else
{
ui = cipher_get_blocksize (algo);
if ((ui > 0) && (ui < 10000))
*nbytes = ui;
else
- /* The only reason is an invalid algo or a strange
- blocksize. */
- err = GPG_ERR_CIPHER_ALGO;
+ {
+ /* The only reason is an invalid algo or a strange
+ blocksize. */
+ rc = GPG_ERR_CIPHER_ALGO;
+ }
}
break;
case GCRYCTL_TEST_ALGO:
if (buffer || nbytes)
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
- err = check_cipher_algo (algo);
+ rc = check_cipher_algo (algo);
break;
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
@@ -1321,15 +1323,16 @@ gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
gcry_cipher_algo_info because it allows for proper type
checking. */
size_t
-gcry_cipher_get_algo_keylen (int algo)
+_gcry_cipher_get_algo_keylen (int algo)
{
size_t n;
- if (gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL, &n))
+ if (_gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL, &n))
n = 0;
return n;
}
+
/* This functions returns the blocklength of the algorithm ALGO
counted in octets. On error 0 is returned.
@@ -1337,15 +1340,16 @@ gcry_cipher_get_algo_keylen (int algo)
gcry_cipher_algo_info because it allows for proper type
checking. */
size_t
-gcry_cipher_get_algo_blklen (int algo)
+_gcry_cipher_get_algo_blklen (int algo)
{
size_t n;
- if (gcry_cipher_algo_info( algo, GCRYCTL_GET_BLKLEN, NULL, &n))
+ if (_gcry_cipher_algo_info( algo, GCRYCTL_GET_BLKLEN, NULL, &n))
n = 0;
return n;
}
+
/* Explicitly initialize this module. */
gcry_err_code_t
_gcry_cipher_init (void)
diff --git a/cipher/dsa-common.c b/cipher/dsa-common.c
index c5386b75..da29dd32 100644
--- a/cipher/dsa-common.c
+++ b/cipher/dsa-common.c
@@ -54,7 +54,7 @@ _gcry_dsa_gen_k (gcry_mpi_t q, int security_level)
if ( !rndbuf || nbits < 32 )
{
gcry_free (rndbuf);
- rndbuf = gcry_random_bytes_secure (nbytes, security_level);
+ rndbuf = _gcry_random_bytes_secure (nbytes, security_level);
}
else
{ /* Change only some of the higher bits. We could improve
@@ -62,7 +62,7 @@ _gcry_dsa_gen_k (gcry_mpi_t q, int security_level)
to get_random_bytes() and use these extra bytes here.
However the required management code is more complex and
thus we better use this simple method. */
- char *pp = gcry_random_bytes_secure (4, security_level);
+ char *pp = _gcry_random_bytes_secure (4, security_level);
memcpy (rndbuf, pp, 4);
gcry_free (pp);
}
@@ -112,8 +112,7 @@ int2octets (unsigned char **r_frame, gcry_mpi_t value, size_t nbytes)
size_t nframe, noff, n;
unsigned char *frame;
- rc = gpg_err_code (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0,
- &nframe, value));
+ rc = _gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &nframe, value);
if (rc)
return rc;
if (nframe > nbytes)
@@ -127,8 +126,7 @@ int2octets (unsigned char **r_frame, gcry_mpi_t value, size_t nbytes)
if (noff)
memset (frame, 0, noff);
nframe += noff;
- rc = gpg_err_code (gcry_mpi_print (GCRYMPI_FMT_USG, frame+noff, nframe-noff,
- NULL, value));
+ rc = _gcry_mpi_print (GCRYMPI_FMT_USG, frame+noff, nframe-noff, NULL, value);
if (rc)
{
gcry_free (frame);
@@ -152,12 +150,11 @@ bits2octets (unsigned char **r_frame,
gcry_mpi_t z1;
/* z1 = bits2int (b) */
- rc = gpg_err_code (gcry_mpi_scan (&z1, GCRYMPI_FMT_USG,
- bits, (nbits+7)/8, NULL));
+ rc = _gcry_mpi_scan (&z1, GCRYMPI_FMT_USG, bits, (nbits+7)/8, NULL);
if (rc)
return rc;
if (nbits > qbits)
- gcry_mpi_rshift (z1, z1, nbits - qbits);
+ mpi_rshift (z1, z1, nbits - qbits);
/* z2 - z1 mod q */
if (mpi_cmp (z1, q) >= 0)
@@ -199,7 +196,7 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
if (!qbits || !h1 || !hlen)
return GPG_ERR_EINVAL;
- if (gcry_md_get_algo_dlen (halgo) != hlen)
+ if (_gcry_md_get_algo_dlen (halgo) != hlen)
return GPG_ERR_DIGEST_ALGO;
/* Step b: V = 0x01 0x01 0x01 ... 0x01 */
@@ -229,44 +226,43 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
goto leave;
/* Create a handle to compute the HMACs. */
- rc = gpg_err_code (gcry_md_open (&hd, halgo,
- (GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC)));
+ rc = _gcry_md_open (&hd, halgo, (GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC));
if (rc)
goto leave;
/* Step d: K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- gcry_md_write (hd, "", 1);
- gcry_md_write (hd, x_buf, (qbits+7)/8);
- gcry_md_write (hd, h1_buf, (qbits+7)/8);
- memcpy (K, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ _gcry_md_write (hd, "", 1);
+ _gcry_md_write (hd, x_buf, (qbits+7)/8);
+ _gcry_md_write (hd, h1_buf, (qbits+7)/8);
+ memcpy (K, _gcry_md_read (hd, 0), hlen);
/* Step e: V = HMAC_K(V) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- memcpy (V, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ memcpy (V, _gcry_md_read (hd, 0), hlen);
/* Step f: K = HMAC_K(V || 0x01 || int2octets(x) || bits2octets(h1) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- gcry_md_write (hd, "\x01", 1);
- gcry_md_write (hd, x_buf, (qbits+7)/8);
- gcry_md_write (hd, h1_buf, (qbits+7)/8);
- memcpy (K, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ _gcry_md_write (hd, "\x01", 1);
+ _gcry_md_write (hd, x_buf, (qbits+7)/8);
+ _gcry_md_write (hd, h1_buf, (qbits+7)/8);
+ memcpy (K, _gcry_md_read (hd, 0), hlen);
/* Step g: V = HMAC_K(V) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- memcpy (V, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ memcpy (V, _gcry_md_read (hd, 0), hlen);
/* Step h. */
t = gcry_malloc ((qbits+7)/8+hlen);
@@ -280,11 +276,11 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
for (tbits = 0; tbits < qbits;)
{
/* V = HMAC_K(V) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- memcpy (V, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ memcpy (V, _gcry_md_read (hd, 0), hlen);
/* T = T || V */
memcpy (t+(tbits+7)/8, V, hlen);
@@ -294,29 +290,29 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
/* k = bits2int (T) */
mpi_free (k);
k = NULL;
- rc = gpg_err_code (gcry_mpi_scan (&k, GCRYMPI_FMT_USG, t, (tbits+7)/8, NULL));
+ rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, t, (tbits+7)/8, NULL);
if (rc)
goto leave;
if (tbits > qbits)
- gcry_mpi_rshift (k, k, tbits - qbits);
+ mpi_rshift (k, k, tbits - qbits);
/* Check: k < q and k > 1 */
if (!(mpi_cmp (k, dsa_q) < 0 && mpi_cmp_ui (k, 0) > 0))
{
/* K = HMAC_K(V || 0x00) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- gcry_md_write (hd, "", 1);
- memcpy (K, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ _gcry_md_write (hd, "", 1);
+ memcpy (K, _gcry_md_read (hd, 0), hlen);
/* V = HMAC_K(V) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- memcpy (V, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ memcpy (V, _gcry_md_read (hd, 0), hlen);
goto again;
}
@@ -330,19 +326,19 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
extraloops--;
/* K = HMAC_K(V || 0x00) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- gcry_md_write (hd, "", 1);
- memcpy (K, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ _gcry_md_write (hd, "", 1);
+ memcpy (K, _gcry_md_read (hd, 0), hlen);
/* V = HMAC_K(V) */
- rc = gpg_err_code (gcry_md_setkey (hd, K, hlen));
+ rc = _gcry_md_setkey (hd, K, hlen);
if (rc)
goto leave;
- gcry_md_write (hd, V, hlen);
- memcpy (V, gcry_md_read (hd, 0), hlen);
+ _gcry_md_write (hd, V, hlen);
+ memcpy (V, _gcry_md_read (hd, 0), hlen);
goto again;
}
@@ -351,7 +347,7 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
leave:
gcry_free (t);
- gcry_md_close (hd);
+ _gcry_md_close (hd);
gcry_free (h1_buf);
gcry_free (x_buf);
gcry_free (K);
diff --git a/cipher/dsa.c b/cipher/dsa.c
index 45ad97a6..d5ff5ba7 100644
--- a/cipher/dsa.c
+++ b/cipher/dsa.c
@@ -148,9 +148,9 @@ test_keys (DSA_secret_key *sk, unsigned int qbits)
{
int result = -1; /* Default to failure. */
DSA_public_key pk;
- gcry_mpi_t data = gcry_mpi_new (qbits);
- gcry_mpi_t sig_a = gcry_mpi_new (qbits);
- gcry_mpi_t sig_b = gcry_mpi_new (qbits);
+ gcry_mpi_t data = mpi_new (qbits);
+ gcry_mpi_t sig_a = mpi_new (qbits);
+ gcry_mpi_t sig_b = mpi_new (qbits);
/* Put the relevant parameters into a public key structure. */
pk.p = sk->p;
@@ -159,7 +159,7 @@ test_keys (DSA_secret_key *sk, unsigned int qbits)
pk.y = sk->y;
/* Create a random plaintext. */
- gcry_mpi_randomize (data, qbits, GCRY_WEAK_RANDOM);
+ _gcry_mpi_randomize (data, qbits, GCRY_WEAK_RANDOM);
/* Sign DATA using the secret key. */
sign (sig_a, sig_b, data, sk, 0, 0);
@@ -169,16 +169,16 @@ test_keys (DSA_secret_key *sk, unsigned int qbits)
goto leave; /* Signature does not match. */
/* Modify the data and check that the signing fails. */
- gcry_mpi_add_ui (data, data, 1);
+ mpi_add_ui (data, data, 1);
if ( verify (sig_a, sig_b, data, &pk) )
goto leave; /* Signature matches but should not. */
result = 0; /* The test succeeded. */
leave:
- gcry_mpi_release (sig_b);
- gcry_mpi_release (sig_a);
- gcry_mpi_release (data);
+ _gcry_mpi_release (sig_b);
+ _gcry_mpi_release (sig_a);
+ _gcry_mpi_release (data);
return result;
}
@@ -263,7 +263,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
{
mpi_add_ui (h, h, 1);
/* g = h^e mod p */
- gcry_mpi_powm (g, h, e, p);
+ mpi_powm (g, h, e, p);
}
while (!mpi_cmp_ui (g, 1)); /* Continue until g != 1. */
}
@@ -291,10 +291,10 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
if( DBG_CIPHER )
progress('.');
if( !rndbuf )
- rndbuf = gcry_random_bytes_secure ((qbits+7)/8, random_level);
+ rndbuf = _gcry_random_bytes_secure ((qbits+7)/8, random_level);
else
{ /* Change only some of the higher bits (= 2 bytes)*/
- char *r = gcry_random_bytes_secure (2, random_level);
+ char *r = _gcry_random_bytes_secure (2, random_level);
memcpy(rndbuf, r, 2 );
gcry_free(r);
}
@@ -309,7 +309,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
/* y = g^x mod p */
y = mpi_alloc( mpi_get_nlimbs(p) );
- gcry_mpi_powm( y, g, x, p );
+ mpi_powm (y, g, x, p);
if( DBG_CIPHER )
{
@@ -331,11 +331,11 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
/* Now we can test our keys (this should never fail!). */
if ( test_keys (sk, qbits) )
{
- gcry_mpi_release (sk->p); sk->p = NULL;
- gcry_mpi_release (sk->q); sk->q = NULL;
- gcry_mpi_release (sk->g); sk->g = NULL;
- gcry_mpi_release (sk->y); sk->y = NULL;
- gcry_mpi_release (sk->x); sk->x = NULL;
+ _gcry_mpi_release (sk->p); sk->p = NULL;
+ _gcry_mpi_release (sk->q); sk->q = NULL;
+ _gcry_mpi_release (sk->g); sk->g = NULL;
+ _gcry_mpi_release (sk->y); sk->y = NULL;
+ _gcry_mpi_release (sk->x); sk->x = NULL;
fips_signal_error ("self-test after key generation failed");
return GPG_ERR_SELFTEST_FAILED;
}
@@ -418,9 +418,9 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
/* Get an initial seed value. */
if (deriveparms)
{
- initial_seed.sexp = gcry_sexp_find_token (deriveparms, "seed", 0);
+ initial_seed.sexp = sexp_find_token (deriveparms, "seed", 0);
if (initial_seed.sexp)
- initial_seed.seed = gcry_sexp_nth_data (initial_seed.sexp, 1,
+ initial_seed.seed = sexp_nth_data (initial_seed.sexp, 1,
&initial_seed.seedlen);
}
@@ -439,7 +439,7 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
/* &prime_q, &prime_p, */
/* r_counter, */
/* r_seed, r_seedlen, NULL); */
- gcry_sexp_release (initial_seed.sexp);
+ sexp_release (initial_seed.sexp);
if (ec)
goto leave;
@@ -461,19 +461,19 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
/* Select a random number x with: 0 < x < q */
- value_x = gcry_mpi_snew (qbits);
+ value_x = mpi_snew (qbits);
do
{
if( DBG_CIPHER )
progress('.');
- gcry_mpi_randomize (value_x, qbits, GCRY_VERY_STRONG_RANDOM);
+ _gcry_mpi_randomize (value_x, qbits, GCRY_VERY_STRONG_RANDOM);
mpi_clear_highbit (value_x, qbits+1);
}
while (!(mpi_cmp_ui (value_x, 0) > 0 && mpi_cmp (value_x, prime_q) < 0));
/* y = g^x mod p */
value_y = mpi_alloc_like (prime_p);
- gcry_mpi_powm (value_y, value_g, value_x, prime_p);
+ mpi_powm (value_y, value_g, value_x, prime_p);
if (DBG_CIPHER)
{
@@ -495,22 +495,22 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
*r_h = value_h; value_h = NULL;
leave:
- gcry_mpi_release (prime_p);
- gcry_mpi_release (prime_q);
- gcry_mpi_release (value_g);
- gcry_mpi_release (value_y);
- gcry_mpi_release (value_x);
- gcry_mpi_release (value_h);
- gcry_mpi_release (value_e);
+ _gcry_mpi_release (prime_p);
+ _gcry_mpi_release (prime_q);
+ _gcry_mpi_release (value_g);
+ _gcry_mpi_release (value_y);
+ _gcry_mpi_release (value_x);
+ _gcry_mpi_release (value_h);
+ _gcry_mpi_release (value_e);
/* As a last step test this keys (this should never fail of course). */
if (!ec && test_keys (sk, qbits) )
{
- gcry_mpi_release (sk->p); sk->p = NULL;
- gcry_mpi_release (sk->q); sk->q = NULL;
- gcry_mpi_release (sk->g); sk->g = NULL;
- gcry_mpi_release (sk->y); sk->y = NULL;
- gcry_mpi_release (sk->x); sk->x = NULL;
+ _gcry_mpi_release (sk->p); sk->p = NULL;
+ _gcry_mpi_release (sk->q); sk->q = NULL;
+ _gcry_mpi_release (sk->g); sk->g = NULL;
+ _gcry_mpi_release (sk->y); sk->y = NULL;
+ _gcry_mpi_release (sk->x); sk->x = NULL;
fips_signal_error ("self-test after key generation failed");
ec = GPG_ERR_SELFTEST_FAILED;
}
@@ -520,7 +520,7 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
*r_counter = 0;
gcry_free (*r_seed); *r_seed = NULL;
*r_seedlen = 0;
- gcry_mpi_release (*r_h); *r_h = NULL;
+ _gcry_mpi_release (*r_h); *r_h = NULL;
}
return ec;
@@ -538,7 +538,7 @@ check_secret_key( DSA_secret_key *sk )
int rc;
gcry_mpi_t y = mpi_alloc( mpi_get_nlimbs(sk->y) );
- gcry_mpi_powm( y, sk->g, sk->x, sk->p );
+ mpi_powm( y, sk->g, sk->x, sk->p );
rc = !mpi_cmp( y, sk->y );
mpi_free( y );
return rc;
@@ -575,13 +575,12 @@ sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input, DSA_secret_key *skey,
/* Convert the INPUT into an MPI. */
if (mpi_is_opaque (input))
{
- abuf = gcry_mpi_get_opaque (input, &abits);
- rc = gpg_err_code (gcry_mpi_scan (&hash, GCRYMPI_FMT_USG,
- abuf, (abits+7)/8, NULL));
+ abuf = mpi_get_opaque (input, &abits);
+ rc = _gcry_mpi_scan (&hash, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
if (rc)
return rc;
if (abits > qbits)
- gcry_mpi_rshift (hash, hash, abits - qbits);
+ mpi_rshift (hash, hash, abits - qbits);
}
else
hash = input;
@@ -599,7 +598,7 @@ sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input, DSA_secret_key *skey,
goto leave;
}
- abuf = gcry_mpi_get_opaque (input, &abits);
+ abuf = mpi_get_opaque (input, &abits);
rc = _gcry_dsa_gen_rfc6979_k (&k, skey->q, skey->x,
abuf, (abits+7)/8, hashalgo, extraloops);
if (rc)
@@ -612,7 +611,7 @@ sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input, DSA_secret_key *skey,
}
/* r = (a^k mod p) mod q */
- gcry_mpi_powm( r, skey->g, k, skey->p );
+ mpi_powm( r, skey->g, k, skey->p );
mpi_fdiv_r( r, r, skey->q );
/* kinv = k^(-1) mod q */
@@ -722,71 +721,71 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
return rc;
/* Parse the optional flags list. */
- l1 = gcry_sexp_find_token (genparms, "flags", 0);
+ l1 = sexp_find_token (genparms, "flags", 0);
if (l1)
{
rc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
- gcry_sexp_release (l1);
+ sexp_release (l1);
if (rc)
return rc;\
}
/* Parse the optional qbits element. */
- l1 = gcry_sexp_find_token (genparms, "qbits", 0);
+ l1 = sexp_find_token (genparms, "qbits", 0);
if (l1)
{
char buf[50];
const char *s;
size_t n;
- s = gcry_sexp_nth_data (l1, 1, &n);
+ s = sexp_nth_data (l1, 1, &n);
if (!s || n >= DIM (buf) - 1 )
{
- gcry_sexp_release (l1);
+ sexp_release (l1);
return GPG_ERR_INV_OBJ; /* No value or value too large. */
}
memcpy (buf, s, n);
buf[n] = 0;
qbits = (unsigned int)strtoul (buf, NULL, 0);
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
/* Parse the optional transient-key flag. */
if (!(flags & PUBKEY_FLAG_TRANSIENT_KEY))
{
- l1 = gcry_sexp_find_token (genparms, "transient-key", 0);
+ l1 = sexp_find_token (genparms, "transient-key", 0);
if (l1)
{
flags |= PUBKEY_FLAG_TRANSIENT_KEY;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
}
/* Get the optional derive parameters. */
- deriveparms = gcry_sexp_find_token (genparms, "derive-parms", 0);
+ deriveparms = sexp_find_token (genparms, "derive-parms", 0);
/* Parse the optional "use-fips186" flags. */
if (!(flags & PUBKEY_FLAG_USE_FIPS186))
{
- l1 = gcry_sexp_find_token (genparms, "use-fips186", 0);
+ l1 = sexp_find_token (genparms, "use-fips186", 0);
if (l1)
{
flags |= PUBKEY_FLAG_USE_FIPS186;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
}
if (!(flags & PUBKEY_FLAG_USE_FIPS186_2))
{
- l1 = gcry_sexp_find_token (genparms, "use-fips186-2", 0);
+ l1 = sexp_find_token (genparms, "use-fips186-2", 0);
if (l1)
{
flags |= PUBKEY_FLAG_USE_FIPS186_2;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
}
/* Check whether domain parameters are given. */
- domainsexp = gcry_sexp_find_token (genparms, "domain", 0);
+ domainsexp = sexp_find_token (genparms, "domain", 0);
if (domainsexp)
{
/* DERIVEPARMS can't be used together with domain parameters.
@@ -794,30 +793,30 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
are derived from the domain parameters. */
if (deriveparms || qbits || nbits)
{
- gcry_sexp_release (domainsexp);
- gcry_sexp_release (deriveparms);
+ sexp_release (domainsexp);
+ sexp_release (deriveparms);
return GPG_ERR_INV_VALUE;
}
/* Put all domain parameters into the domain object. */
- l1 = gcry_sexp_find_token (domainsexp, "p", 0);
- domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (domainsexp, "q", 0);
- domain.q = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (domainsexp, "g", 0);
- domain.g = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
- gcry_sexp_release (domainsexp);
+ l1 = sexp_find_token (domainsexp, "p", 0);
+ domain.p = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
+ l1 = sexp_find_token (domainsexp, "q", 0);
+ domain.q = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
+ l1 = sexp_find_token (domainsexp, "g", 0);
+ domain.g = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
+ sexp_release (domainsexp);
/* Check that all domain parameters are available. */
if (!domain.p || !domain.q || !domain.g)
{
- gcry_mpi_release (domain.p);
- gcry_mpi_release (domain.q);
- gcry_mpi_release (domain.g);
- gcry_sexp_release (deriveparms);
+ _gcry_mpi_release (domain.p);
+ _gcry_mpi_release (domain.q);
+ _gcry_mpi_release (domain.g);
+ sexp_release (deriveparms);
return GPG_ERR_MISSING_VALUE;
}
@@ -844,11 +843,11 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
{
/* Format the seed-values unless domain parameters are used
for which a H_VALUE of NULL is an indication. */
- rc = gcry_sexp_build (&seedinfo, NULL,
- "(seed-values(counter %d)(seed %b)(h %m))",
- counter, (int)seedlen, seed, h_value);
+ rc = sexp_build (&seedinfo, NULL,
+ "(seed-values(counter %d)(seed %b)(h %m))",
+ counter, (int)seedlen, seed, h_value);
gcry_free (seed);
- gcry_mpi_release (h_value);
+ _gcry_mpi_release (h_value);
}
}
else
@@ -904,7 +903,7 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
arg_list[i++] = factors + j;
arg_list[i] = NULL;
- rc = gcry_sexp_build_array (&misc_info, NULL, format, arg_list);
+ rc = sexp_build_array (&misc_info, NULL, format, arg_list);
}
}
@@ -913,31 +912,31 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
}
if (!rc)
- rc = gcry_sexp_build (r_skey, NULL,
- "(key-data"
- " (public-key"
- " (dsa(p%m)(q%m)(g%m)(y%m)))"
- " (private-key"
- " (dsa(p%m)(q%m)(g%m)(y%m)(x%m)))"
- " %S)",
- sk.p, sk.q, sk.g, sk.y,
- sk.p, sk.q, sk.g, sk.y, sk.x,
- misc_info);
-
-
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
-
- gcry_mpi_release (domain.p);
- gcry_mpi_release (domain.q);
- gcry_mpi_release (domain.g);
-
- gcry_sexp_release (seedinfo);
- gcry_sexp_release (misc_info);
- gcry_sexp_release (deriveparms);
+ rc = sexp_build (r_skey, NULL,
+ "(key-data"
+ " (public-key"
+ " (dsa(p%m)(q%m)(g%m)(y%m)))"
+ " (private-key"
+ " (dsa(p%m)(q%m)(g%m)(y%m)(x%m)))"
+ " %S)",
+ sk.p, sk.q, sk.g, sk.y,
+ sk.p, sk.q, sk.g, sk.y, sk.x,
+ misc_info);
+
+
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
+
+ _gcry_mpi_release (domain.p);
+ _gcry_mpi_release (domain.q);
+ _gcry_mpi_release (domain.g);
+
+ sexp_release (seedinfo);
+ sexp_release (misc_info);
+ sexp_release (deriveparms);
if (factors)
{
gcry_mpi_t *mp;
@@ -966,11 +965,11 @@ dsa_check_secret_key (gcry_sexp_t keyparms)
rc = GPG_ERR_BAD_SECKEY;
leave:
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
if (DBG_CIPHER)
log_debug ("dsa_testkey => %s\n", gpg_strerror (rc));
return rc;
@@ -1012,8 +1011,8 @@ dsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_mpidump ("dsa_sign x", sk.x);
}
- sig_r = gcry_mpi_new (0);
- sig_s = gcry_mpi_new (0);
+ sig_r = mpi_new (0);
+ sig_s = mpi_new (0);
rc = sign (sig_r, sig_s, data, &sk, ctx.flags, ctx.hash_algo);
if (rc)
goto leave;
@@ -1022,17 +1021,17 @@ dsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_mpidump ("dsa_sign sig_r", sig_r);
log_mpidump ("dsa_sign sig_s", sig_s);
}
- rc = gcry_sexp_build (r_sig, NULL, "(sig-val(dsa(r%M)(s%M)))", sig_r, sig_s);
+ rc = sexp_build (r_sig, NULL, "(sig-val(dsa(r%M)(s%M)))", sig_r, sig_s);
leave:
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
- gcry_mpi_release (data);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
+ _gcry_mpi_release (data);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("dsa_sign => %s\n", gpg_strerror (rc));
@@ -1096,17 +1095,16 @@ dsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
qbits = mpi_get_nbits (pk.q);
- abuf = gcry_mpi_get_opaque (data, &abits);
- rc = gpg_err_code (gcry_mpi_scan (&a, GCRYMPI_FMT_USG,
- abuf, (abits+7)/8, NULL));
+ abuf = mpi_get_opaque (data, &abits);
+ rc = _gcry_mpi_scan (&a, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
if (!rc)
{
if (abits > qbits)
- gcry_mpi_rshift (a, a, abits - qbits);
+ mpi_rshift (a, a, abits - qbits);
if (!verify (sig_r, sig_s, a, &pk))
rc = GPG_ERR_BAD_SIGNATURE;
- gcry_mpi_release (a);
+ _gcry_mpi_release (a);
}
}
else
@@ -1116,14 +1114,14 @@ dsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
}
leave:
- gcry_mpi_release (pk.p);
- gcry_mpi_release (pk.q);
- gcry_mpi_release (pk.g);
- gcry_mpi_release (pk.y);
- gcry_mpi_release (data);
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (pk.p);
+ _gcry_mpi_release (pk.q);
+ _gcry_mpi_release (pk.g);
+ _gcry_mpi_release (pk.y);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("dsa_verify => %s\n", rc?gpg_strerror (rc):"Good");
@@ -1150,14 +1148,14 @@ dsa_get_nbits (gcry_sexp_t parms)
gcry_mpi_t p;
unsigned int nbits;
- l1 = gcry_sexp_find_token (parms, "p", 1);
+ l1 = sexp_find_token (parms, "p", 1);
if (!l1)
return 0; /* Parameter P not found. */
- p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
+ p = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
nbits = p? mpi_get_nbits (p) : 0;
- gcry_mpi_release (p);
+ _gcry_mpi_release (p);
return nbits;
}
@@ -1183,30 +1181,29 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
gcry_sexp_t data_bad = NULL;
gcry_sexp_t sig = NULL;
- err = gcry_sexp_sscan (&data, NULL,
- sample_data, strlen (sample_data));
+ err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data));
if (!err)
- err = gcry_sexp_sscan (&data_bad, NULL,
- sample_data_bad, strlen (sample_data_bad));
+ err = sexp_sscan (&data_bad, NULL,
+ sample_data_bad, strlen (sample_data_bad));
if (err)
{
errtxt = "converting data failed";
goto leave;
}
- err = gcry_pk_sign (&sig, data, skey);
+ err = _gcry_pk_sign (&sig, data, skey);
if (err)
{
errtxt = "signing failed";
goto leave;
}
- err = gcry_pk_verify (sig, data, pkey);
+ err = _gcry_pk_verify (sig, data, pkey);
if (err)
{
errtxt = "verify failed";
goto leave;
}
- err = gcry_pk_verify (sig, data_bad, pkey);
+ err = _gcry_pk_verify (sig, data_bad, pkey);
if (gcry_err_code (err) != GPG_ERR_BAD_SIGNATURE)
{
errtxt = "bad signature not detected";
@@ -1215,9 +1212,9 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
leave:
- gcry_sexp_release (sig);
- gcry_sexp_release (data_bad);
- gcry_sexp_release (data);
+ sexp_release (sig);
+ sexp_release (data_bad);
+ sexp_release (data);
return errtxt;
}
@@ -1233,22 +1230,21 @@ selftests_dsa (selftest_report_func_t report)
/* Convert the S-expressions into the internal representation. */
what = "convert";
- err = gcry_sexp_sscan (&skey, NULL,
- sample_secret_key, strlen (sample_secret_key));
+ err = sexp_sscan (&skey, NULL, sample_secret_key, strlen (sample_secret_key));
if (!err)
- err = gcry_sexp_sscan (&pkey, NULL,
- sample_public_key, strlen (sample_public_key));
+ err = sexp_sscan (&pkey, NULL,
+ sample_public_key, strlen (sample_public_key));
if (err)
{
- errtxt = gcry_strerror (err);
+ errtxt = _gcry_strerror (err);
goto failed;
}
what = "key consistency";
- err = gcry_pk_testkey (skey);
+ err = _gcry_pk_testkey (skey);
if (err)
{
- errtxt = gcry_strerror (err);
+ errtxt = _gcry_strerror (err);
goto failed;
}
@@ -1257,13 +1253,13 @@ selftests_dsa (selftest_report_func_t report)
if (errtxt)
goto failed;
- gcry_sexp_release (pkey);
- gcry_sexp_release (skey);
+ sexp_release (pkey);
+ sexp_release (skey);
return 0; /* Succeeded. */
failed:
- gcry_sexp_release (pkey);
- gcry_sexp_release (skey);
+ sexp_release (pkey);
+ sexp_release (skey);
if (report)
report ("pubkey", GCRY_PK_DSA, what, errtxt);
return GPG_ERR_SELFTEST_FAILED;
diff --git a/cipher/ecc-common.h b/cipher/ecc-common.h
index 74adaece..1ee1d39d 100644
--- a/cipher/ecc-common.h
+++ b/cipher/ecc-common.h
@@ -89,7 +89,7 @@ elliptic_curve_t _gcry_ecc_curve_copy (elliptic_curve_t E);
const char *_gcry_ecc_model2str (enum gcry_mpi_ec_models model);
const char *_gcry_ecc_dialect2str (enum ecc_dialects dialect);
gcry_mpi_t _gcry_ecc_ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p);
-gcry_error_t _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value);
+gcry_err_code_t _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value);
mpi_point_t _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec,
mpi_point_t G, gcry_mpi_t d);
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index f7c1c6db..5c418d9a 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -310,7 +310,7 @@ point_copy (gcry_mpi_point_t point)
if (point)
{
- newpoint = gcry_mpi_point_new (0);
+ newpoint = mpi_point_new (0);
point_set (newpoint, point);
}
else
@@ -323,12 +323,12 @@ point_copy (gcry_mpi_point_t point)
static gcry_mpi_t
scanval (const char *string)
{
- gpg_error_t err;
+ gpg_err_code_t rc;
gcry_mpi_t val;
- err = gcry_mpi_scan (&val, GCRYMPI_FMT_HEX, string, 0, NULL);
- if (err)
- log_fatal ("scanning ECC parameter failed: %s\n", gpg_strerror (err));
+ rc = _gcry_mpi_scan (&val, GCRYMPI_FMT_HEX, string, 0, NULL);
+ if (rc)
+ log_fatal ("scanning ECC parameter failed: %s\n", gpg_strerror (rc));
return val;
}
@@ -524,9 +524,9 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits)
/*
* Extract the curve parameters..
*/
- rc = gpg_err_code (_gcry_sexp_extract_param (keyparms, NULL, "-pabgn",
- &E.p, &E.a, &E.b, &mpi_g, &E.n,
- NULL));
+ rc = gpg_err_code (sexp_extract_param (keyparms, NULL, "-pabgn",
+ &E.p, &E.a, &E.b, &mpi_g, &E.n,
+ NULL));
if (rc == GPG_ERR_NO_OBJ)
{
/* This might be the second use case of checking whether a
@@ -534,12 +534,12 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits)
gcry_sexp_t l1;
char *name;
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (!l1)
goto leave; /* No curve name parameter. */
- name = _gcry_sexp_nth_string (l1, 1);
- gcry_sexp_release (l1);
+ name = sexp_nth_string (l1, 1);
+ sexp_release (l1);
if (!name)
goto leave; /* Name missing or out of core. */
@@ -602,13 +602,13 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits)
}
leave:
- gcry_mpi_release (tmp);
- gcry_mpi_release (E.p);
- gcry_mpi_release (E.a);
- gcry_mpi_release (E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (tmp);
+ _gcry_mpi_release (E.p);
+ _gcry_mpi_release (E.a);
+ _gcry_mpi_release (E.b);
+ _gcry_mpi_release (mpi_g);
_gcry_mpi_point_free_parts (&E.G);
- gcry_mpi_release (E.n);
+ _gcry_mpi_release (E.n);
return result;
}
@@ -620,11 +620,11 @@ mpi_from_keyparam (gcry_mpi_t *r_a, gcry_sexp_t keyparam, const char *name)
gcry_err_code_t ec = 0;
gcry_sexp_t l1;
- l1 = gcry_sexp_find_token (keyparam, name, 0);
+ l1 = sexp_find_token (keyparam, name, 0);
if (l1)
{
- *r_a = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
+ *r_a = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
if (!*r_a)
ec = GPG_ERR_INV_OBJ;
}
@@ -644,17 +644,17 @@ point_from_keyparam (gcry_mpi_point_t *r_a,
gcry_sexp_t l1;
gcry_mpi_point_t point;
- l1 = gcry_sexp_find_token (keyparam, name, 0);
+ l1 = sexp_find_token (keyparam, name, 0);
if (l1)
{
gcry_mpi_t a;
- a = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_OPAQUE);
- gcry_sexp_release (l1);
+ a = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_OPAQUE);
+ sexp_release (l1);
if (!a)
return GPG_ERR_INV_OBJ;
- point = gcry_mpi_point_new (0);
+ point = mpi_point_new (0);
if (ec && ec->dialect == ECC_DIALECT_ED25519)
rc = _gcry_ecc_eddsa_decodepoint (a, ec, point, NULL, NULL);
else
@@ -662,7 +662,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a,
mpi_free (a);
if (rc)
{
- gcry_mpi_point_release (point);
+ mpi_point_release (point);
return rc;
}
}
@@ -703,7 +703,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a,
if (!z)
z = mpi_set_ui (NULL, 1);
if (x && y)
- point = gcry_mpi_point_snatch_set (NULL, x, y, z);
+ point = mpi_point_snatch_set (NULL, x, y, z);
else
{
mpi_free (x);
@@ -750,18 +750,18 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
if (keyparam)
{
/* Parse an optional flags list. */
- l1 = gcry_sexp_find_token (keyparam, "flags", 0);
+ l1 = sexp_find_token (keyparam, "flags", 0);
if (l1)
{
errc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
- gcry_sexp_release (l1);
+ sexp_release (l1);
l1 = NULL;
if (errc)
goto leave;
}
/* Check whether a curve name was given. */
- l1 = gcry_sexp_find_token (keyparam, "curve", 5);
+ l1 = sexp_find_token (keyparam, "curve", 5);
/* If we don't have a curve name or if override parameters have
explicitly been requested, parse them. */
@@ -798,8 +798,8 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
if (l1)
{
- name = _gcry_sexp_nth_string (l1, 1);
- gcry_sexp_release (l1);
+ name = sexp_nth_string (l1, 1);
+ sexp_release (l1);
if (!name)
{
errc = GPG_ERR_INV_OBJ; /* Name missing or out of core. */
@@ -845,7 +845,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
}
if (!G)
{
- G = gcry_mpi_point_snatch_set (NULL, E->G.x, E->G.y, E->G.z);
+ G = mpi_point_snatch_set (NULL, E->G.x, E->G.y, E->G.z);
E->G.x = NULL;
E->G.y = NULL;
E->G.z = NULL;
@@ -913,13 +913,13 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
}
leave:
- gcry_ctx_release (ctx);
+ _gcry_ctx_release (ctx);
mpi_free (p);
mpi_free (a);
mpi_free (b);
- gcry_mpi_point_release (G);
+ _gcry_mpi_point_release (G);
mpi_free (n);
- gcry_mpi_point_release (Q);
+ _gcry_mpi_point_release (Q);
mpi_free (d);
return errc;
}
@@ -976,13 +976,13 @@ _gcry_ecc_get_param_sexp (const char *name)
if (_gcry_ecc_get_param (name, pkey))
return NULL;
- if (gcry_sexp_build (&result, NULL,
- "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)))",
- pkey[0], pkey[1], pkey[2], pkey[3], pkey[4]))
+ if (sexp_build (&result, NULL,
+ "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)))",
+ pkey[0], pkey[1], pkey[2], pkey[3], pkey[4]))
result = NULL;
for (i=0; pkey[i]; i++)
- gcry_mpi_release (pkey[i]);
+ _gcry_mpi_release (pkey[i]);
return result;
}
@@ -1045,7 +1045,7 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy)
if (!_gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL,
&encpk, &encpklen))
- return gcry_mpi_set_opaque (NULL, encpk, encpklen*8);
+ return mpi_set_opaque (NULL, encpk, encpklen*8);
}
}
@@ -1108,7 +1108,7 @@ _gcry_ecc_set_mpi (const char *name, gcry_mpi_t newvalue, mpi_ec_t ec)
if (newvalue)
{
if (!ec->Q)
- ec->Q = gcry_mpi_point_new (0);
+ ec->Q = mpi_point_new (0);
if (ec->dialect == ECC_DIALECT_ED25519)
rc = _gcry_ecc_eddsa_decodepoint (newvalue, ec, ec->Q, NULL, NULL);
else
@@ -1116,7 +1116,7 @@ _gcry_ecc_set_mpi (const char *name, gcry_mpi_t newvalue, mpi_ec_t ec)
}
if (rc || !newvalue)
{
- gcry_mpi_point_release (ec->Q);
+ _gcry_mpi_point_release (ec->Q);
ec->Q = NULL;
}
/* Note: We assume that Q matches d and thus do not reset d. */
@@ -1129,7 +1129,7 @@ _gcry_ecc_set_mpi (const char *name, gcry_mpi_t newvalue, mpi_ec_t ec)
{
/* We need to reset the public key because it may not
anymore match. */
- gcry_mpi_point_release (ec->Q);
+ _gcry_mpi_point_release (ec->Q);
ec->Q = NULL;
}
}
@@ -1146,12 +1146,12 @@ _gcry_ecc_set_point (const char *name, gcry_mpi_point_t newvalue, mpi_ec_t ec)
{
if (!strcmp (name, "g"))
{
- gcry_mpi_point_release (ec->G);
+ _gcry_mpi_point_release (ec->G);
ec->G = point_copy (newvalue);
}
else if (!strcmp (name, "q"))
{
- gcry_mpi_point_release (ec->Q);
+ _gcry_mpi_point_release (ec->Q);
ec->Q = point_copy (newvalue);
}
else
diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
index 7663623d..b4bbe2cc 100644
--- a/cipher/ecc-ecdsa.c
+++ b/cipher/ecc-ecdsa.c
@@ -42,7 +42,7 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
gcry_mpi_t r, gcry_mpi_t s,
int flags, int hashalgo)
{
- gpg_err_code_t err = 0;
+ gpg_err_code_t rc = 0;
int extraloops = 0;
gcry_mpi_t k, dr, sum, k_1, x;
mpi_point_struct I;
@@ -59,13 +59,12 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
/* Convert the INPUT into an MPI if needed. */
if (mpi_is_opaque (input))
{
- abuf = gcry_mpi_get_opaque (input, &abits);
- err = gpg_err_code (gcry_mpi_scan (&hash, GCRYMPI_FMT_USG,
- abuf, (abits+7)/8, NULL));
- if (err)
- return err;
+ abuf = mpi_get_opaque (input, &abits);
+ rc = _gcry_mpi_scan (&hash, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
+ if (rc)
+ return rc;
if (abits > qbits)
- gcry_mpi_rshift (hash, hash, abits - qbits);
+ mpi_rshift (hash, hash, abits - qbits);
}
else
hash = input;
@@ -98,15 +97,15 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
used as h1 from 3.2.a. */
if (!mpi_is_opaque (input))
{
- err = GPG_ERR_CONFLICT;
+ rc = GPG_ERR_CONFLICT;
goto leave;
}
- abuf = gcry_mpi_get_opaque (input, &abits);
- err = _gcry_dsa_gen_rfc6979_k (&k, skey->E.n, skey->d,
- abuf, (abits+7)/8,
- hashalgo, extraloops);
- if (err)
+ abuf = mpi_get_opaque (input, &abits);
+ rc = _gcry_dsa_gen_rfc6979_k (&k, skey->E.n, skey->d,
+ abuf, (abits+7)/8,
+ hashalgo, extraloops);
+ if (rc)
goto leave;
extraloops++;
}
@@ -118,7 +117,7 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
{
if (DBG_CIPHER)
log_debug ("ecc sign: Failed to get affine coordinates\n");
- err = GPG_ERR_BAD_SIGNATURE;
+ rc = GPG_ERR_BAD_SIGNATURE;
goto leave;
}
mpi_mod (r, x, skey->E.n); /* r = x mod n */
@@ -150,7 +149,7 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
if (hash != input)
mpi_free (hash);
- return err;
+ return rc;
}
diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index 29145f82..12cdea0c 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -50,12 +50,12 @@ reverse_buffer (unsigned char *buffer, unsigned int length)
static gcry_mpi_t
scanval (const char *string)
{
- gpg_error_t err;
+ gpg_err_code_t rc;
gcry_mpi_t val;
- err = gcry_mpi_scan (&val, GCRYMPI_FMT_HEX, string, 0, NULL);
- if (err)
- log_fatal ("scanning ECC parameter failed: %s\n", gpg_strerror (err));
+ rc = _gcry_mpi_scan (&val, GCRYMPI_FMT_HEX, string, 0, NULL);
+ if (rc)
+ log_fatal ("scanning ECC parameter failed: %s\n", gpg_strerror (rc));
return val;
}
@@ -150,7 +150,7 @@ _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, unsigned int nbits)
if (!mpi_is_opaque (value))
return GPG_ERR_INV_OBJ;
- buf = gcry_mpi_get_opaque (value, &rawmpilen);
+ buf = mpi_get_opaque (value, &rawmpilen);
if (!buf)
return GPG_ERR_INV_OBJ;
rawmpilen = (rawmpilen + 7)/8;
@@ -159,12 +159,12 @@ _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, unsigned int nbits)
uncompressed format. In this case extract y and compress. */
if (rawmpilen > 1 && buf[0] == 0x04 && (rawmpilen%2))
{
- rc = gcry_mpi_scan (&x, GCRYMPI_FMT_STD,
- buf+1, (rawmpilen-1)/2, NULL);
+ rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD,
+ buf+1, (rawmpilen-1)/2, NULL);
if (rc)
return rc;
- rc = gcry_mpi_scan (&y, GCRYMPI_FMT_STD,
- buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL);
+ rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD,
+ buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL);
if (rc)
{
mpi_free (x);
@@ -177,7 +177,7 @@ _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, unsigned int nbits)
if (rc)
return rc;
- gcry_mpi_set_opaque (value, enc, 8*enclen);
+ mpi_set_opaque (value, enc, 8*enclen);
}
return 0;
@@ -233,7 +233,7 @@ _gcry_ecc_eddsa_recover_x (gcry_mpi_t x, gcry_mpi_t y, int sign, mpi_ec_t ec)
mpi_mulm (t, x, x, ec->p);
mpi_mulm (t, t, v, ec->p);
/* -t == u ? x = x * sqrt(-1) */
- gcry_mpi_neg (t, t);
+ mpi_neg (t, t);
if (!mpi_cmp (t, u))
{
static gcry_mpi_t m1; /* Fixme: this is not thread-safe. */
@@ -245,7 +245,7 @@ _gcry_ecc_eddsa_recover_x (gcry_mpi_t x, gcry_mpi_t y, int sign, mpi_ec_t ec)
mpi_mulm (t, x, x, ec->p);
mpi_mulm (t, t, v, ec->p);
/* -t == u ? x = x * sqrt(-1) */
- gcry_mpi_neg (t, t);
+ mpi_neg (t, t);
if (!mpi_cmp (t, u))
rc = GPG_ERR_INV_OBJ;
}
@@ -282,7 +282,7 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result,
{
const unsigned char *buf;
- buf = gcry_mpi_get_opaque (pk, &rawmpilen);
+ buf = mpi_get_opaque (pk, &rawmpilen);
if (!buf)
return GPG_ERR_INV_OBJ;
rawmpilen = (rawmpilen + 7)/8;
@@ -295,12 +295,12 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result,
{
gcry_mpi_t x, y;
- rc = gcry_mpi_scan (&x, GCRYMPI_FMT_STD,
- buf+1, (rawmpilen-1)/2, NULL);
+ rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD,
+ buf+1, (rawmpilen-1)/2, NULL);
if (rc)
return rc;
- rc = gcry_mpi_scan (&y, GCRYMPI_FMT_STD,
- buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL);
+ rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD,
+ buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL);
if (rc)
{
mpi_free (x);
@@ -397,7 +397,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
goto leave;
}
dlen = b;
- dbuf = gcry_random_bytes_secure (dlen, random_level);
+ dbuf = _gcry_random_bytes_secure (dlen, random_level);
/* Compute the A value. */
hvec[0].data = dbuf;
@@ -433,9 +433,9 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
leave:
point_free (&Q);
- gcry_mpi_release (a);
- gcry_mpi_release (x);
- gcry_mpi_release (y);
+ _gcry_mpi_release (a);
+ _gcry_mpi_release (x);
+ _gcry_mpi_release (y);
gcry_free (hash_d);
return rc;
}
@@ -554,7 +554,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
}
/* Compute R. */
- mbuf = gcry_mpi_get_opaque (input, &tmp);
+ mbuf = mpi_get_opaque (input, &tmp);
mlen = (tmp +7)/8;
if (DBG_CIPHER)
log_printhex (" m", mbuf, mlen);
@@ -597,7 +597,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
goto leave;
/* No more need for RAWMPI thus we now transfer it to R_R. */
- gcry_mpi_set_opaque (r_r, rawmpi, rawmpilen*8);
+ mpi_set_opaque (r_r, rawmpi, rawmpilen*8);
rawmpi = NULL;
reverse_buffer (digest, 64);
@@ -611,16 +611,16 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
goto leave;
if (DBG_CIPHER)
log_printhex (" e_s", rawmpi, rawmpilen);
- gcry_mpi_set_opaque (s, rawmpi, rawmpilen*8);
+ mpi_set_opaque (s, rawmpi, rawmpilen*8);
rawmpi = NULL;
rc = 0;
leave:
- gcry_mpi_release (a);
- gcry_mpi_release (x);
- gcry_mpi_release (y);
- gcry_mpi_release (r);
+ _gcry_mpi_release (a);
+ _gcry_mpi_release (x);
+ _gcry_mpi_release (y);
+ _gcry_mpi_release (r);
gcry_free (digest);
_gcry_mpi_ec_free (ctx);
point_free (&I);
@@ -691,11 +691,11 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey,
}
/* Convert the other input parameters. */
- mbuf = gcry_mpi_get_opaque (input, &tmp);
+ mbuf = mpi_get_opaque (input, &tmp);
mlen = (tmp +7)/8;
if (DBG_CIPHER)
log_printhex (" m", mbuf, mlen);
- rbuf = gcry_mpi_get_opaque (r_in, &tmp);
+ rbuf = mpi_get_opaque (r_in, &tmp);
rlen = (tmp +7)/8;
if (DBG_CIPHER)
log_printhex (" r", rbuf, rlen);
@@ -763,8 +763,8 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey,
gcry_free (encpk);
gcry_free (tbuf);
_gcry_mpi_ec_free (ctx);
- gcry_mpi_release (s);
- gcry_mpi_release (h);
+ _gcry_mpi_release (s);
+ _gcry_mpi_release (h);
point_free (&Ia);
point_free (&Ib);
point_free (&Q);
diff --git a/cipher/ecc-gost.c b/cipher/ecc-gost.c
index ce3e921a..a34fa084 100644
--- a/cipher/ecc-gost.c
+++ b/cipher/ecc-gost.c
@@ -41,7 +41,7 @@ gpg_err_code_t
_gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
gcry_mpi_t r, gcry_mpi_t s)
{
- gpg_err_code_t err = 0;
+ gpg_err_code_t rc = 0;
gcry_mpi_t k, dr, sum, ke, x, e;
mpi_point_struct I;
gcry_mpi_t hash;
@@ -57,13 +57,12 @@ _gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
/* Convert the INPUT into an MPI if needed. */
if (mpi_is_opaque (input))
{
- abuf = gcry_mpi_get_opaque (input, &abits);
- err = gpg_err_code (gcry_mpi_scan (&hash, GCRYMPI_FMT_USG,
- abuf, (abits+7)/8, NULL));
- if (err)
- return err;
+ abuf = mpi_get_opaque (input, &abits);
+ rc = _gcry_mpi_scan (&hash, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
+ if (rc)
+ return rc;
if (abits > qbits)
- gcry_mpi_rshift (hash, hash, abits - qbits);
+ mpi_rshift (hash, hash, abits - qbits);
}
else
hash = input;
@@ -100,7 +99,7 @@ _gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
{
if (DBG_CIPHER)
log_debug ("ecc sign: Failed to get affine coordinates\n");
- err = GPG_ERR_BAD_SIGNATURE;
+ rc = GPG_ERR_BAD_SIGNATURE;
goto leave;
}
mpi_mod (r, x, skey->E.n); /* r = x mod n */
@@ -131,7 +130,7 @@ _gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
if (hash != input)
mpi_free (hash);
- return err;
+ return rc;
}
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 1633d32d..26c9e8d9 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -104,7 +104,7 @@ _gcry_ecc_dialect2str (enum ecc_dialects dialect)
gcry_mpi_t
_gcry_ecc_ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p)
{
- gpg_error_t err;
+ gpg_err_code_t rc;
int pbytes = (mpi_get_nbits (p)+7)/8;
size_t n;
unsigned char *buf, *ptr;
@@ -113,27 +113,27 @@ _gcry_ecc_ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p)
buf = gcry_xmalloc ( 1 + 2*pbytes );
*buf = 04; /* Uncompressed point. */
ptr = buf+1;
- err = gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, x);
- if (err)
- log_fatal ("mpi_print failed: %s\n", gpg_strerror (err));
+ rc = _gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, x);
+ if (rc)
+ log_fatal ("mpi_print failed: %s\n", gpg_strerror (rc));
if (n < pbytes)
{
memmove (ptr+(pbytes-n), ptr, n);
memset (ptr, 0, (pbytes-n));
}
ptr += pbytes;
- err = gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, y);
- if (err)
- log_fatal ("mpi_print failed: %s\n", gpg_strerror (err));
+ rc = _gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, y);
+ if (rc)
+ log_fatal ("mpi_print failed: %s\n", gpg_strerror (rc));
if (n < pbytes)
{
memmove (ptr+(pbytes-n), ptr, n);
memset (ptr, 0, (pbytes-n));
}
- err = gcry_mpi_scan (&result, GCRYMPI_FMT_USG, buf, 1+2*pbytes, NULL);
- if (err)
- log_fatal ("mpi_scan failed: %s\n", gpg_strerror (err));
+ rc = _gcry_mpi_scan (&result, GCRYMPI_FMT_USG, buf, 1+2*pbytes, NULL);
+ if (rc)
+ log_fatal ("mpi_scan failed: %s\n", gpg_strerror (rc));
gcry_free (buf);
return result;
@@ -163,10 +163,10 @@ _gcry_mpi_ec_ec2os (gcry_mpi_point_t point, mpi_ec_t ectx)
/* RESULT must have been initialized and is set on success to the
point given by VALUE. */
-gcry_error_t
+gcry_err_code_t
_gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value)
{
- gcry_error_t err;
+ gcry_err_code_t rc;
size_t n;
const unsigned char *buf;
unsigned char *buf_memory;
@@ -176,7 +176,7 @@ _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value)
{
unsigned int nbits;
- buf = gcry_mpi_get_opaque (value, &nbits);
+ buf = mpi_get_opaque (value, &nbits);
if (!buf)
return GPG_ERR_INV_OBJ;
n = (nbits + 7)/8;
@@ -186,11 +186,11 @@ _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value)
{
n = (mpi_get_nbits (value)+7)/8;
buf_memory= gcry_xmalloc (n);
- err = gcry_mpi_print (GCRYMPI_FMT_USG, buf_memory, n, &n, value);
- if (err)
+ rc = _gcry_mpi_print (GCRYMPI_FMT_USG, buf_memory, n, &n, value);
+ if (rc)
{
gcry_free (buf_memory);
- return err;
+ return rc;
}
buf = buf_memory;
}
@@ -211,18 +211,18 @@ _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value)
return GPG_ERR_INV_OBJ;
}
n = (n-1)/2;
- err = gcry_mpi_scan (&x, GCRYMPI_FMT_USG, buf+1, n, NULL);
- if (err)
+ rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_USG, buf+1, n, NULL);
+ if (rc)
{
gcry_free (buf_memory);
- return err;
+ return rc;
}
- err = gcry_mpi_scan (&y, GCRYMPI_FMT_USG, buf+1+n, n, NULL);
+ rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_USG, buf+1+n, n, NULL);
gcry_free (buf_memory);
- if (err)
+ if (rc)
{
mpi_free (x);
- return err;
+ return rc;
}
mpi_set (result->x, x);
@@ -316,7 +316,7 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec,
/* And finally the public key. */
if (!Q)
- Q = gcry_mpi_point_new (0);
+ Q = mpi_point_new (0);
if (Q)
_gcry_mpi_ec_mul_point (Q, a, G, ec);
mpi_free (a);
@@ -324,7 +324,7 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec,
else
{
if (!Q)
- Q = gcry_mpi_point_new (0);
+ Q = mpi_point_new (0);
if (Q)
_gcry_mpi_ec_mul_point (Q, d, G, ec);
}
diff --git a/cipher/ecc.c b/cipher/ecc.c
index bda2a86e..a7de2543 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -122,7 +122,7 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
char *rndbuf;
sk->d = mpi_snew (256);
- rndbuf = gcry_random_bytes_secure (32, random_level);
+ rndbuf = _gcry_random_bytes_secure (32, random_level);
rndbuf[0] &= 0x7f; /* Clear bit 255. */
rndbuf[0] |= 0x40; /* Set bit 254. */
rndbuf[31] &= 0xf8; /* Clear bits 2..0 so that d mod 8 == 0 */
@@ -181,11 +181,10 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
the smallest one */
mpi_sub (sk->d, E->n, sk->d); /* d = order - d */
if (E->model == MPI_EC_WEIERSTRASS)
- gcry_mpi_point_snatch_set (&sk->Q, x, negative,
+ mpi_point_snatch_set (&sk->Q, x, negative,
mpi_alloc_set_ui (1));
else
- gcry_mpi_point_snatch_set (&sk->Q, negative, y,
- mpi_alloc_set_ui (1));
+ mpi_point_snatch_set (&sk->Q, negative, y, mpi_alloc_set_ui (1));
if (DBG_CIPHER)
log_debug ("ecgen converted Q to a compliant point\n");
@@ -244,7 +243,7 @@ test_keys (ECC_secret_key *sk, unsigned int nbits)
point_init (&pk.Q);
point_set (&pk.Q, &sk->Q);
- gcry_mpi_randomize (test, nbits, GCRY_WEAK_RANDOM);
+ _gcry_mpi_randomize (test, nbits, GCRY_WEAK_RANDOM);
if (_gcry_ecc_ecdsa_sign (test, sk, r, s, 0, 0) )
log_fatal ("ECDSA operation: sign failed\n");
@@ -413,31 +412,31 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
return rc;
/* Parse the optional "curve" parameter. */
- l1 = gcry_sexp_find_token (genparms, "curve", 0);
+ l1 = sexp_find_token (genparms, "curve", 0);
if (l1)
{
curve_name = _gcry_sexp_nth_string (l1, 1);
- gcry_sexp_release (l1);
+ sexp_release (l1);
if (!curve_name)
return GPG_ERR_INV_OBJ; /* No curve name or value too large. */
}
/* Parse the optional flags list. */
- l1 = gcry_sexp_find_token (genparms, "flags", 0);
+ l1 = sexp_find_token (genparms, "flags", 0);
if (l1)
{
rc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
- gcry_sexp_release (l1);
+ sexp_release (l1);
if (rc)
goto leave;
}
/* Parse the deprecated optional transient-key flag. */
- l1 = gcry_sexp_find_token (genparms, "transient-key", 0);
+ l1 = sexp_find_token (genparms, "transient-key", 0);
if (l1)
{
flags |= PUBKEY_FLAG_TRANSIENT_KEY;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
/* NBITS is required if no curve name has been given. */
@@ -492,7 +491,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
if (rc)
return rc;
public = mpi_new (0);
- gcry_mpi_set_opaque (public, encpk, encpklen*8);
+ mpi_set_opaque (public, encpk, encpklen*8);
encpk = NULL;
}
else
@@ -504,14 +503,14 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
secret = sk.d; sk.d = NULL;
if (E.name)
{
- rc = gcry_sexp_build (&curve_info, NULL, "(curve %s)", E.name);
+ rc = sexp_build (&curve_info, NULL, "(curve %s)", E.name);
if (rc)
goto leave;
}
if ((flags & PUBKEY_FLAG_PARAM) || (flags & PUBKEY_FLAG_EDDSA))
{
- rc = gcry_sexp_build
+ rc = sexp_build
(&curve_flags, NULL,
((flags & PUBKEY_FLAG_PARAM) && (flags & PUBKEY_FLAG_EDDSA))?
"(flags param eddsa)" :
@@ -523,29 +522,29 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
}
if ((flags & PUBKEY_FLAG_PARAM) && E.name)
- rc = gcry_sexp_build (r_skey, NULL,
- "(key-data"
- " (public-key"
- " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))"
- " (private-key"
- " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))"
- " )",
- curve_info, curve_flags,
- sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public,
- curve_info, curve_flags,
- sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret);
+ rc = sexp_build (r_skey, NULL,
+ "(key-data"
+ " (public-key"
+ " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))"
+ " (private-key"
+ " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))"
+ " )",
+ curve_info, curve_flags,
+ sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public,
+ curve_info, curve_flags,
+ sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret);
else
- rc = gcry_sexp_build (r_skey, NULL,
- "(key-data"
- " (public-key"
- " (ecc%S%S(q%m)))"
- " (private-key"
- " (ecc%S%S(q%m)(d%m)))"
- " )",
- curve_info, curve_flags,
- public,
- curve_info, curve_flags,
- public, secret);
+ rc = sexp_build (r_skey, NULL,
+ "(key-data"
+ " (public-key"
+ " (ecc%S%S(q%m)))"
+ " (private-key"
+ " (ecc%S%S(q%m)(d%m)))"
+ " )",
+ curve_info, curve_flags,
+ public,
+ curve_info, curve_flags,
+ public, secret);
if (rc)
goto leave;
@@ -575,8 +574,8 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
mpi_free (x);
mpi_free (y);
_gcry_mpi_ec_free (ctx);
- gcry_sexp_release (curve_flags);
- gcry_sexp_release (curve_info);
+ sexp_release (curve_flags);
+ sexp_release (curve_info);
return rc;
}
@@ -596,7 +595,7 @@ ecc_check_secret_key (gcry_sexp_t keyparms)
memset (&sk, 0, sizeof sk);
/* Look for flags. */
- l1 = gcry_sexp_find_token (keyparms, "flags", 0);
+ l1 = sexp_find_token (keyparms, "flags", 0);
if (l1)
{
rc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
@@ -606,21 +605,21 @@ ecc_check_secret_key (gcry_sexp_t keyparms)
/* Extract the parameters. */
if ((flags & PUBKEY_FLAG_PARAM))
- rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
- &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
- &mpi_q, &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
+ &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
+ &mpi_q, &sk.d, NULL);
else
- rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d",
- &mpi_q, &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "/q?+d",
+ &mpi_q, &sk.d, NULL);
if (rc)
goto leave;
/* Add missing parameters using the optional curve parameter. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_update_curve_param (curvename,
@@ -697,17 +696,17 @@ ecc_check_secret_key (gcry_sexp_t keyparms)
leave:
_gcry_mpi_ec_free (ec);
- gcry_mpi_release (sk.E.p);
- gcry_mpi_release (sk.E.a);
- gcry_mpi_release (sk.E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (sk.E.p);
+ _gcry_mpi_release (sk.E.a);
+ _gcry_mpi_release (sk.E.b);
+ _gcry_mpi_release (mpi_g);
point_free (&sk.E.G);
- gcry_mpi_release (sk.E.n);
- gcry_mpi_release (mpi_q);
+ _gcry_mpi_release (sk.E.n);
+ _gcry_mpi_release (mpi_q);
point_free (&sk.Q);
- gcry_mpi_release (sk.d);
+ _gcry_mpi_release (sk.d);
gcry_free (curvename);
- gcry_sexp_release (l1);
+ sexp_release (l1);
if (DBG_CIPHER)
log_debug ("ecc_testkey => %s\n", gpg_strerror (rc));
return rc;
@@ -743,12 +742,12 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
* Extract the key.
*/
if ((ctx.flags & PUBKEY_FLAG_PARAM))
- rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
- &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
- &mpi_q, &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
+ &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
+ &mpi_q, &sk.d, NULL);
else
- rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d",
- &mpi_q, &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "/q?+d",
+ &mpi_q, &sk.d, NULL);
if (rc)
goto leave;
if (mpi_g)
@@ -759,11 +758,11 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
goto leave;
}
/* Add missing parameters using the optional curve parameter. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_fill_in_curve (0, curvename, &sk.E, NULL);
@@ -806,48 +805,48 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
- sig_r = gcry_mpi_new (0);
- sig_s = gcry_mpi_new (0);
+ sig_r = mpi_new (0);
+ sig_s = mpi_new (0);
if ((ctx.flags & PUBKEY_FLAG_EDDSA))
{
/* EdDSA requires the public key. */
rc = _gcry_ecc_eddsa_sign (data, &sk, sig_r, sig_s, ctx.hash_algo, mpi_q);
if (!rc)
- rc = gcry_sexp_build (r_sig, NULL,
- "(sig-val(eddsa(r%M)(s%M)))", sig_r, sig_s);
+ rc = sexp_build (r_sig, NULL,
+ "(sig-val(eddsa(r%M)(s%M)))", sig_r, sig_s);
}
else if ((ctx.flags & PUBKEY_FLAG_GOST))
{
rc = _gcry_ecc_gost_sign (data, &sk, sig_r, sig_s);
if (!rc)
- rc = gcry_sexp_build (r_sig, NULL,
- "(sig-val(gost(r%M)(s%M)))", sig_r, sig_s);
+ rc = sexp_build (r_sig, NULL,
+ "(sig-val(gost(r%M)(s%M)))", sig_r, sig_s);
}
else
{
rc = _gcry_ecc_ecdsa_sign (data, &sk, sig_r, sig_s,
ctx.flags, ctx.hash_algo);
if (!rc)
- rc = gcry_sexp_build (r_sig, NULL,
- "(sig-val(ecdsa(r%M)(s%M)))", sig_r, sig_s);
+ rc = sexp_build (r_sig, NULL,
+ "(sig-val(ecdsa(r%M)(s%M)))", sig_r, sig_s);
}
leave:
- gcry_mpi_release (sk.E.p);
- gcry_mpi_release (sk.E.a);
- gcry_mpi_release (sk.E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (sk.E.p);
+ _gcry_mpi_release (sk.E.a);
+ _gcry_mpi_release (sk.E.b);
+ _gcry_mpi_release (mpi_g);
point_free (&sk.E.G);
- gcry_mpi_release (sk.E.n);
- gcry_mpi_release (mpi_q);
+ _gcry_mpi_release (sk.E.n);
+ _gcry_mpi_release (mpi_q);
point_free (&sk.Q);
- gcry_mpi_release (sk.d);
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
+ _gcry_mpi_release (sk.d);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
gcry_free (curvename);
- gcry_mpi_release (data);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (data);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("ecc_sign => %s\n", gpg_strerror (rc));
@@ -887,9 +886,8 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
rc = _gcry_pk_util_preparse_sigval (s_sig, ecc_names, &l1, &sigflags);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL,
- (sigflags & PUBKEY_FLAG_EDDSA)? "/rs":"rs",
- &sig_r, &sig_s, NULL);
+ rc = sexp_extract_param (l1, NULL, (sigflags & PUBKEY_FLAG_EDDSA)? "/rs":"rs",
+ &sig_r, &sig_s, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -908,12 +906,12 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
* Extract the key.
*/
if ((ctx.flags & PUBKEY_FLAG_PARAM))
- rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q",
- &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n,
- &mpi_q, NULL);
+ rc = sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q",
+ &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n,
+ &mpi_q, NULL);
else
- rc = _gcry_sexp_extract_param (s_keyparms, NULL, "/q",
- &mpi_q, NULL);
+ rc = sexp_extract_param (s_keyparms, NULL, "/q",
+ &mpi_q, NULL);
if (rc)
goto leave;
if (mpi_g)
@@ -924,11 +922,11 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
goto leave;
}
/* Add missing parameters using the optional curve parameter. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (s_keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (s_keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_fill_in_curve (0, curvename, &pk.E, NULL);
@@ -1017,16 +1015,15 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
qbits = mpi_get_nbits (pk.E.n);
- abuf = gcry_mpi_get_opaque (data, &abits);
- rc = gpg_err_code (gcry_mpi_scan (&a, GCRYMPI_FMT_USG,
- abuf, (abits+7)/8, NULL));
+ abuf = mpi_get_opaque (data, &abits);
+ rc = _gcry_mpi_scan (&a, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
if (!rc)
{
if (abits > qbits)
- gcry_mpi_rshift (a, a, abits - qbits);
+ mpi_rshift (a, a, abits - qbits);
rc = _gcry_ecc_ecdsa_verify (a, &pk, sig_r, sig_s);
- gcry_mpi_release (a);
+ _gcry_mpi_release (a);
}
}
else
@@ -1034,19 +1031,19 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
}
leave:
- gcry_mpi_release (pk.E.p);
- gcry_mpi_release (pk.E.a);
- gcry_mpi_release (pk.E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (pk.E.p);
+ _gcry_mpi_release (pk.E.a);
+ _gcry_mpi_release (pk.E.b);
+ _gcry_mpi_release (mpi_g);
point_free (&pk.E.G);
- gcry_mpi_release (pk.E.n);
- gcry_mpi_release (mpi_q);
+ _gcry_mpi_release (pk.E.n);
+ _gcry_mpi_release (mpi_q);
point_free (&pk.Q);
- gcry_mpi_release (data);
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
gcry_free (curvename);
- gcry_sexp_release (l1);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("ecc_verify => %s\n", rc?gpg_strerror (rc):"Good");
@@ -1119,9 +1116,9 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
/*
* Extract the key.
*/
- rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+q",
- &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n,
- &mpi_q, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+q",
+ &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n,
+ &mpi_q, NULL);
if (rc)
goto leave;
if (mpi_g)
@@ -1132,11 +1129,11 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
goto leave;
}
/* Add missing parameters using the optional curve parameter. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_fill_in_curve (0, curvename, &pk.E, NULL);
@@ -1214,21 +1211,20 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
point_free (&R);
}
- rc = gcry_sexp_build (r_ciph, NULL, "(enc-val(ecdh(s%m)(e%m)))",
- mpi_s, mpi_e);
+ rc = sexp_build (r_ciph, NULL, "(enc-val(ecdh(s%m)(e%m)))", mpi_s, mpi_e);
leave:
- gcry_mpi_release (pk.E.p);
- gcry_mpi_release (pk.E.a);
- gcry_mpi_release (pk.E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (pk.E.p);
+ _gcry_mpi_release (pk.E.a);
+ _gcry_mpi_release (pk.E.b);
+ _gcry_mpi_release (mpi_g);
point_free (&pk.E.G);
- gcry_mpi_release (pk.E.n);
- gcry_mpi_release (mpi_q);
+ _gcry_mpi_release (pk.E.n);
+ _gcry_mpi_release (mpi_q);
point_free (&pk.Q);
- gcry_mpi_release (data);
- gcry_mpi_release (mpi_s);
- gcry_mpi_release (mpi_e);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (mpi_s);
+ _gcry_mpi_release (mpi_e);
gcry_free (curvename);
_gcry_mpi_ec_free (ec);
_gcry_pk_util_free_encoding_ctx (&ctx);
@@ -1273,7 +1269,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_pk_util_preparse_encval (s_data, ecc_names, &l1, &ctx);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL, "e", &data_e, NULL);
+ rc = sexp_extract_param (l1, NULL, "e", &data_e, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -1287,9 +1283,9 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
/*
* Extract the key.
*/
- rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+d",
- &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
- &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+d",
+ &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
+ &sk.d, NULL);
if (rc)
goto leave;
if (mpi_g)
@@ -1300,11 +1296,11 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
goto leave;
}
/* Add missing parameters using the optional curve parameter. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_fill_in_curve (0, curvename, &sk.E, NULL);
@@ -1378,22 +1374,22 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_printmpi ("ecc_decrypt res", r);
if (!rc)
- rc = gcry_sexp_build (r_plain, NULL, "(value %m)", r);
+ rc = sexp_build (r_plain, NULL, "(value %m)", r);
leave:
point_free (&R);
point_free (&kG);
- gcry_mpi_release (r);
- gcry_mpi_release (sk.E.p);
- gcry_mpi_release (sk.E.a);
- gcry_mpi_release (sk.E.b);
- gcry_mpi_release (mpi_g);
+ _gcry_mpi_release (r);
+ _gcry_mpi_release (sk.E.p);
+ _gcry_mpi_release (sk.E.a);
+ _gcry_mpi_release (sk.E.b);
+ _gcry_mpi_release (mpi_g);
point_free (&sk.E.G);
- gcry_mpi_release (sk.E.n);
- gcry_mpi_release (sk.d);
- gcry_mpi_release (data_e);
- gcry_free (curvename);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (sk.E.n);
+ _gcry_mpi_release (sk.d);
+ _gcry_mpi_release (data_e);
+ _gcry_free (curvename);
+ sexp_release (l1);
_gcry_mpi_ec_free (ec);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
@@ -1425,15 +1421,15 @@ ecc_get_nbits (gcry_sexp_t parms)
unsigned int nbits = 0;
char *curve;
- l1 = gcry_sexp_find_token (parms, "p", 1);
+ l1 = sexp_find_token (parms, "p", 1);
if (!l1)
{ /* Parameter P not found - check whether we have "curve". */
- l1 = gcry_sexp_find_token (parms, "curve", 5);
+ l1 = sexp_find_token (parms, "curve", 5);
if (!l1)
return 0; /* Neither P nor CURVE found. */
- curve = _gcry_sexp_nth_string (l1, 1);
- gcry_sexp_release (l1);
+ curve = sexp_nth_string (l1, 1);
+ sexp_release (l1);
if (!curve)
return 0; /* No curve name given (or out of core). */
@@ -1443,12 +1439,12 @@ ecc_get_nbits (gcry_sexp_t parms)
}
else
{
- p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
+ p = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
if (p)
{
nbits = mpi_get_nbits (p);
- gcry_mpi_release (p);
+ _gcry_mpi_release (p);
}
}
return nbits;
@@ -1476,7 +1472,7 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms)
/* Look for flags. */
- l1 = gcry_sexp_find_token (keyparms, "flags", 0);
+ l1 = sexp_find_token (keyparms, "flags", 0);
if (l1)
{
rc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
@@ -1488,35 +1484,35 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms)
if ((flags & PUBKEY_FLAG_PARAM))
{
if ((flags & PUBKEY_FLAG_EDDSA))
- rc = _gcry_sexp_extract_param (keyparms, NULL, "p?a?b?g?n?/q",
- &values[0], &values[1], &values[2],
- &values[3], &values[4], &values[5],
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?/q",
+ &values[0], &values[1], &values[2],
+ &values[3], &values[4], &values[5],
+ NULL);
else
- rc = _gcry_sexp_extract_param (keyparms, NULL, "p?a?b?g?n?q",
- &values[0], &values[1], &values[2],
- &values[3], &values[4], &values[5],
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?q",
+ &values[0], &values[1], &values[2],
+ &values[3], &values[4], &values[5],
+ NULL);
}
else
{
if ((flags & PUBKEY_FLAG_EDDSA))
- rc = _gcry_sexp_extract_param (keyparms, NULL, "/q",
- &values[5], NULL);
+ rc = sexp_extract_param (keyparms, NULL, "/q",
+ &values[5], NULL);
else
- rc = _gcry_sexp_extract_param (keyparms, NULL, "q",
- &values[5], NULL);
+ rc = sexp_extract_param (keyparms, NULL, "q",
+ &values[5], NULL);
}
if (rc)
goto leave;
/* Check whether a curve parameter is available and use that to fill
in missing values. */
- gcry_sexp_release (l1);
- l1 = gcry_sexp_find_token (keyparms, "curve", 5);
+ sexp_release (l1);
+ l1 = sexp_find_token (keyparms, "curve", 5);
if (l1)
{
- curvename = gcry_sexp_nth_string (l1, 1);
+ curvename = sexp_nth_string (l1, 1);
if (curvename)
{
rc = _gcry_ecc_update_curve_param (curvename,
@@ -1577,12 +1573,12 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms)
const unsigned char *raw;
unsigned int n;
- raw = gcry_mpi_get_opaque (values[idx], &n);
+ raw = mpi_get_opaque (values[idx], &n);
n = (n + 7)/8;
snprintf (buf, sizeof buf, "(1:%c%u:", names[idx], n);
- gcry_md_write (md, buf, strlen (buf));
- gcry_md_write (md, raw, n);
- gcry_md_write (md, ")", 1);
+ _gcry_md_write (md, buf, strlen (buf));
+ _gcry_md_write (md, raw, n);
+ _gcry_md_write (md, ")", 1);
}
else
{
@@ -1596,16 +1592,16 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms)
goto leave;
}
snprintf (buf, sizeof buf, "(1:%c%u:", names[idx], rawmpilen);
- gcry_md_write (md, buf, strlen (buf));
- gcry_md_write (md, rawmpi, rawmpilen);
- gcry_md_write (md, ")", 1);
+ _gcry_md_write (md, buf, strlen (buf));
+ _gcry_md_write (md, rawmpi, rawmpilen);
+ _gcry_md_write (md, ")", 1);
gcry_free (rawmpi);
}
}
leave:
gcry_free (curvename);
- gcry_sexp_release (l1);
+ sexp_release (l1);
for (idx = 0; idx < N_COMPONENTS; idx++)
_gcry_mpi_release (values[idx]);
@@ -1661,7 +1657,7 @@ _gcry_pk_ecc_get_sexp (gcry_sexp_t *r_sexp, int mode, mpi_ec_t ec)
&encpk, &encpklen);
if (rc)
goto leave;
- mpi_Q = gcry_mpi_set_opaque (NULL, encpk, encpklen*8);
+ mpi_Q = mpi_set_opaque (NULL, encpk, encpklen*8);
encpk = NULL;
}
else
@@ -1680,18 +1676,16 @@ _gcry_pk_ecc_get_sexp (gcry_sexp_t *r_sexp, int mode, mpi_ec_t ec)
if (ec->d && (!mode || mode == GCRY_PK_GET_SECKEY))
{
/* Let's return a private key. */
- rc = gcry_sexp_build
- (r_sexp, NULL,
- "(private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))",
- ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q, ec->d);
+ rc = sexp_build (r_sexp, NULL,
+ "(private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))",
+ ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q, ec->d);
}
else if (ec->Q)
{
/* Let's return a public key. */
- rc = gcry_sexp_build
- (r_sexp, NULL,
- "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))",
- ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q);
+ rc = sexp_build (r_sexp, NULL,
+ "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))",
+ ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q);
}
else
rc = GPG_ERR_BAD_CRYPT_CTX;
diff --git a/cipher/elgamal.c b/cipher/elgamal.c
index 432ba6fd..beef8e4e 100644
--- a/cipher/elgamal.c
+++ b/cipher/elgamal.c
@@ -141,17 +141,17 @@ static int
test_keys ( ELG_secret_key *sk, unsigned int nbits, int nodie )
{
ELG_public_key pk;
- gcry_mpi_t test = gcry_mpi_new ( 0 );
- gcry_mpi_t out1_a = gcry_mpi_new ( nbits );
- gcry_mpi_t out1_b = gcry_mpi_new ( nbits );
- gcry_mpi_t out2 = gcry_mpi_new ( nbits );
+ gcry_mpi_t test = mpi_new ( 0 );
+ gcry_mpi_t out1_a = mpi_new ( nbits );
+ gcry_mpi_t out1_b = mpi_new ( nbits );
+ gcry_mpi_t out2 = mpi_new ( nbits );
int failed = 0;
pk.p = sk->p;
pk.g = sk->g;
pk.y = sk->y;
- gcry_mpi_randomize ( test, nbits, GCRY_WEAK_RANDOM );
+ _gcry_mpi_randomize ( test, nbits, GCRY_WEAK_RANDOM );
do_encrypt ( out1_a, out1_b, test, &pk );
decrypt ( out2, out1_a, out1_b, sk );
@@ -162,10 +162,10 @@ test_keys ( ELG_secret_key *sk, unsigned int nbits, int nodie )
if ( !verify( out1_a, out1_b, test, &pk ) )
failed |= 2;
- gcry_mpi_release ( test );
- gcry_mpi_release ( out1_a );
- gcry_mpi_release ( out1_b );
- gcry_mpi_release ( out2 );
+ _gcry_mpi_release ( test );
+ _gcry_mpi_release ( out1_a );
+ _gcry_mpi_release ( out1_b );
+ _gcry_mpi_release ( out2 );
if (failed && !nodie)
log_fatal ("Elgamal test key for %s %s failed\n",
@@ -217,7 +217,7 @@ gen_k( gcry_mpi_t p, int small_k )
if( !rndbuf || nbits < 32 )
{
gcry_free(rndbuf);
- rndbuf = gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM );
+ rndbuf = _gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM );
}
else
{
@@ -226,7 +226,7 @@ gen_k( gcry_mpi_t p, int small_k )
to get_random_bytes() and use this the here maybe it is
easier to do this directly in random.c Anyway, it is
highly inlikely that we will ever reach this code. */
- char *pp = gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM );
+ char *pp = _gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM );
memcpy( rndbuf, pp, 4 );
gcry_free(pp);
}
@@ -246,7 +246,7 @@ gen_k( gcry_mpi_t p, int small_k )
progress('-');
break; /* no */
}
- if (gcry_mpi_gcd( temp, k, p_1 ))
+ if (mpi_gcd( temp, k, p_1 ))
goto found; /* okay, k is relative prime to (p-1) */
mpi_add_ui( k, k, 1 );
if( DBG_CIPHER )
@@ -280,7 +280,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
unsigned int xbits;
byte *rndbuf;
- p_min1 = gcry_mpi_new ( nbits );
+ p_min1 = mpi_new ( nbits );
qbits = wiener_map( nbits );
if( qbits & 1 ) /* better have a even one */
qbits++;
@@ -303,7 +303,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
xbits = qbits * 3 / 2;
if( xbits >= nbits )
BUG();
- x = gcry_mpi_snew ( xbits );
+ x = mpi_snew ( xbits );
if( DBG_CIPHER )
log_debug("choosing a random x of size %u\n", xbits );
rndbuf = NULL;
@@ -316,21 +316,20 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
if( xbits < 16 ) /* should never happen ... */
{
gcry_free(rndbuf);
- rndbuf = gcry_random_bytes_secure( (xbits+7)/8,
- GCRY_VERY_STRONG_RANDOM );
+ rndbuf = _gcry_random_bytes_secure ((xbits+7)/8,
+ GCRY_VERY_STRONG_RANDOM);
}
else
{
- char *r = gcry_random_bytes_secure( 2,
- GCRY_VERY_STRONG_RANDOM );
+ char *r = _gcry_random_bytes_secure (2, GCRY_VERY_STRONG_RANDOM);
memcpy(rndbuf, r, 2 );
gcry_free(r);
}
}
else
{
- rndbuf = gcry_random_bytes_secure( (xbits+7)/8,
- GCRY_VERY_STRONG_RANDOM );
+ rndbuf = _gcry_random_bytes_secure ((xbits+7)/8,
+ GCRY_VERY_STRONG_RANDOM );
}
_gcry_mpi_set_buffer( x, rndbuf, (xbits+7)/8, 0 );
mpi_clear_highbit( x, xbits+1 );
@@ -338,8 +337,8 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) );
gcry_free(rndbuf);
- y = gcry_mpi_new (nbits);
- gcry_mpi_powm( y, g, x, p );
+ y = mpi_new (nbits);
+ mpi_powm( y, g, x, p );
if( DBG_CIPHER )
{
@@ -356,7 +355,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
sk->y = y;
sk->x = x;
- gcry_mpi_release ( p_min1 );
+ _gcry_mpi_release ( p_min1 );
/* Now we can test our keys (this should never fail!) */
test_keys ( sk, nbits - 64, 0 );
@@ -391,7 +390,7 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x,
if ( xbits < 64 || xbits >= nbits )
return GPG_ERR_INV_VALUE;
- p_min1 = gcry_mpi_new ( nbits );
+ p_min1 = mpi_new ( nbits );
qbits = wiener_map ( nbits );
if ( (qbits & 1) ) /* Better have an even one. */
qbits++;
@@ -403,14 +402,14 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x,
log_debug ("using a supplied x of size %u", xbits );
if ( !(mpi_cmp_ui ( x, 0 ) > 0 && mpi_cmp ( x, p_min1 ) <0 ) )
{
- gcry_mpi_release ( p_min1 );
- gcry_mpi_release ( p );
- gcry_mpi_release ( g );
+ _gcry_mpi_release ( p_min1 );
+ _gcry_mpi_release ( p );
+ _gcry_mpi_release ( g );
return GPG_ERR_INV_VALUE;
}
- y = gcry_mpi_new (nbits);
- gcry_mpi_powm ( y, g, x, p );
+ y = mpi_new (nbits);
+ mpi_powm ( y, g, x, p );
if ( DBG_CIPHER )
{
@@ -425,17 +424,17 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x,
sk->p = p;
sk->g = g;
sk->y = y;
- sk->x = gcry_mpi_copy (x);
+ sk->x = mpi_copy (x);
- gcry_mpi_release ( p_min1 );
+ _gcry_mpi_release ( p_min1 );
/* Now we can test our keys. */
if ( test_keys ( sk, nbits - 64, 1 ) )
{
- gcry_mpi_release ( sk->p ); sk->p = NULL;
- gcry_mpi_release ( sk->g ); sk->g = NULL;
- gcry_mpi_release ( sk->y ); sk->y = NULL;
- gcry_mpi_release ( sk->x ); sk->x = NULL;
+ _gcry_mpi_release ( sk->p ); sk->p = NULL;
+ _gcry_mpi_release ( sk->g ); sk->g = NULL;
+ _gcry_mpi_release ( sk->y ); sk->y = NULL;
+ _gcry_mpi_release ( sk->x ); sk->x = NULL;
return GPG_ERR_BAD_SECKEY;
}
@@ -453,7 +452,7 @@ check_secret_key( ELG_secret_key *sk )
int rc;
gcry_mpi_t y = mpi_alloc( mpi_get_nlimbs(sk->y) );
- gcry_mpi_powm( y, sk->g, sk->x, sk->p );
+ mpi_powm (y, sk->g, sk->x, sk->p);
rc = !mpi_cmp( y, sk->y );
mpi_free( y );
return rc;
@@ -471,14 +470,15 @@ do_encrypt(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey )
*/
k = gen_k( pkey->p, 1 );
- gcry_mpi_powm( a, pkey->g, k, pkey->p );
+ mpi_powm (a, pkey->g, k, pkey->p);
+
/* b = (y^k * input) mod p
* = ((y^k mod p) * (input mod p)) mod p
* and because input is < p
* = ((y^k mod p) * input) mod p
*/
- gcry_mpi_powm( b, pkey->y, k, pkey->p );
- gcry_mpi_mulm( b, b, input, pkey->p );
+ mpi_powm (b, pkey->y, k, pkey->p);
+ mpi_mulm (b, b, input, pkey->p);
#if 0
if( DBG_CIPHER )
{
@@ -502,7 +502,7 @@ decrypt(gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey )
gcry_mpi_t t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) );
/* output = b/(a^x) mod p */
- gcry_mpi_powm( t1, a, skey->x, skey->p );
+ mpi_powm( t1, a, skey->x, skey->p );
mpi_invm( t1, t1, skey->p );
mpi_mulm( output, b, t1, skey->p );
#if 0
@@ -539,7 +539,7 @@ sign(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_secret_key *skey )
*/
mpi_sub_ui(p_1, p_1, 1);
k = gen_k( skey->p, 0 /* no small K ! */ );
- gcry_mpi_powm( a, skey->g, k, skey->p );
+ mpi_powm( a, skey->g, k, skey->p );
mpi_mul(t, skey->x, a );
mpi_subm(t, input, t, p_1 );
mpi_invm(inv, k, p_1 );
@@ -643,11 +643,11 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
return rc;
/* Parse the optional xvalue element. */
- l1 = gcry_sexp_find_token (genparms, "xvalue", 0);
+ l1 = sexp_find_token (genparms, "xvalue", 0);
if (l1)
{
- xvalue = gcry_sexp_nth_mpi (l1, 1, 0);
- gcry_sexp_release (l1);
+ xvalue = sexp_nth_mpi (l1, 1, 0);
+ sexp_release (l1);
if (!xvalue)
return GPG_ERR_BAD_MPI;
}
@@ -693,30 +693,30 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
arg_list[nfac] = factors + nfac;
}
p = stpcpy (p, "))");
- rc = gcry_sexp_build_array (&misc_info, NULL, buffer, arg_list);
+ rc = sexp_build_array (&misc_info, NULL, buffer, arg_list);
gcry_free (arg_list);
gcry_free (buffer);
if (rc)
goto leave;
}
- rc = gcry_sexp_build (r_skey, NULL,
- "(key-data"
- " (public-key"
- " (elg(p%m)(g%m)(y%m)))"
- " (private-key"
- " (elg(p%m)(g%m)(y%m)(x%m)))"
- " %S)",
- sk.p, sk.g, sk.y,
- sk.p, sk.g, sk.y, sk.x,
- misc_info);
+ rc = sexp_build (r_skey, NULL,
+ "(key-data"
+ " (public-key"
+ " (elg(p%m)(g%m)(y%m)))"
+ " (private-key"
+ " (elg(p%m)(g%m)(y%m)(x%m)))"
+ " %S)",
+ sk.p, sk.g, sk.y,
+ sk.p, sk.g, sk.y, sk.x,
+ misc_info);
leave:
mpi_free (sk.p);
mpi_free (sk.g);
mpi_free (sk.y);
mpi_free (sk.x);
- gcry_sexp_release (misc_info);
+ sexp_release (misc_info);
if (factors)
{
gcry_mpi_t *mp;
@@ -735,9 +735,9 @@ elg_check_secret_key (gcry_sexp_t keyparms)
gcry_err_code_t rc;
ELG_secret_key sk = {NULL, NULL, NULL, NULL};
- rc = _gcry_sexp_extract_param (keyparms, NULL, "pgyx",
- &sk.p, &sk.g, &sk.y, &sk.x,
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "pgyx",
+ &sk.p, &sk.g, &sk.y, &sk.x,
+ NULL);
if (rc)
goto leave;
@@ -745,10 +745,10 @@ elg_check_secret_key (gcry_sexp_t keyparms)
rc = GPG_ERR_BAD_SECKEY;
leave:
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
if (DBG_CIPHER)
log_debug ("elg_testkey => %s\n", gpg_strerror (rc));
return rc;
@@ -781,8 +781,8 @@ elg_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "pgy",
- &pk.p, &pk.g, &pk.y, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "pgy",
+ &pk.p, &pk.g, &pk.y, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -793,18 +793,18 @@ elg_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Do Elgamal computation and build result. */
- mpi_a = gcry_mpi_new (0);
- mpi_b = gcry_mpi_new (0);
+ mpi_a = mpi_new (0);
+ mpi_b = mpi_new (0);
do_encrypt (mpi_a, mpi_b, data, &pk);
- rc = gcry_sexp_build (r_ciph, NULL, "(enc-val(elg(a%m)(b%m)))", mpi_a, mpi_b);
+ rc = sexp_build (r_ciph, NULL, "(enc-val(elg(a%m)(b%m)))", mpi_a, mpi_b);
leave:
- gcry_mpi_release (mpi_a);
- gcry_mpi_release (mpi_b);
- gcry_mpi_release (pk.p);
- gcry_mpi_release (pk.g);
- gcry_mpi_release (pk.y);
- gcry_mpi_release (data);
+ _gcry_mpi_release (mpi_a);
+ _gcry_mpi_release (mpi_b);
+ _gcry_mpi_release (pk.p);
+ _gcry_mpi_release (pk.g);
+ _gcry_mpi_release (pk.y);
+ _gcry_mpi_release (data);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("elg_encrypt => %s\n", gpg_strerror (rc));
@@ -832,7 +832,7 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_pk_util_preparse_encval (s_data, elg_names, &l1, &ctx);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL, "ab", &data_a, &data_b, NULL);
+ rc = sexp_extract_param (l1, NULL, "ab", &data_a, &data_b, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -847,9 +847,9 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "pgyx",
- &sk.p, &sk.g, &sk.y, &sk.x,
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "pgyx",
+ &sk.p, &sk.g, &sk.y, &sk.x,
+ NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -861,7 +861,7 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_printmpi ("elg_decrypt x", sk.x);
}
- plain = gcry_mpi_snew (ctx.nbits);
+ plain = mpi_snew (ctx.nbits);
decrypt (plain, data_a, data_b, &sk);
if (DBG_CIPHER)
log_printmpi ("elg_decrypt res", plain);
@@ -873,8 +873,7 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_rsa_pkcs1_decode_for_enc (&unpad, &unpadlen, ctx.nbits, plain);
mpi_free (plain); plain = NULL;
if (!rc)
- rc = gcry_sexp_build (r_plain, NULL, "(value %b)",
- (int)unpadlen, unpad);
+ rc = sexp_build (r_plain, NULL, "(value %b)", (int)unpadlen, unpad);
break;
case PUBKEY_ENC_OAEP:
@@ -883,31 +882,30 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
ctx.label, ctx.labellen);
mpi_free (plain); plain = NULL;
if (!rc)
- rc = gcry_sexp_build (r_plain, NULL, "(value %b)",
- (int)unpadlen, unpad);
+ rc = sexp_build (r_plain, NULL, "(value %b)", (int)unpadlen, unpad);
break;
default:
/* Raw format. For backward compatibility we need to assume a
signed mpi by using the sexp format string "%m". */
- rc = gcry_sexp_build (r_plain, NULL,
- (ctx.flags & PUBKEY_FLAG_LEGACYRESULT)
- ? "%m" : "(value %m)",
- plain);
+ rc = sexp_build (r_plain, NULL,
+ (ctx.flags & PUBKEY_FLAG_LEGACYRESULT)
+ ? "%m" : "(value %m)",
+ plain);
break;
}
leave:
gcry_free (unpad);
- gcry_mpi_release (plain);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
- gcry_mpi_release (data_a);
- gcry_mpi_release (data_b);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (plain);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
+ _gcry_mpi_release (data_a);
+ _gcry_mpi_release (data_b);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("elg_decrypt => %s\n", gpg_strerror (rc));
@@ -941,8 +939,8 @@ elg_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "pgyx",
- &sk.p, &sk.g, &sk.y, &sk.x, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "pgyx",
+ &sk.p, &sk.g, &sk.y, &sk.x, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -954,24 +952,24 @@ elg_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_mpidump ("elg_sign x", sk.x);
}
- sig_r = gcry_mpi_new (0);
- sig_s = gcry_mpi_new (0);
+ sig_r = mpi_new (0);
+ sig_s = mpi_new (0);
sign (sig_r, sig_s, data, &sk);
if (DBG_CIPHER)
{
log_mpidump ("elg_sign sig_r", sig_r);
log_mpidump ("elg_sign sig_s", sig_s);
}
- rc = gcry_sexp_build (r_sig, NULL, "(sig-val(elg(r%M)(s%M)))", sig_r, sig_s);
+ rc = sexp_build (r_sig, NULL, "(sig-val(elg(r%M)(s%M)))", sig_r, sig_s);
leave:
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.g);
- gcry_mpi_release (sk.y);
- gcry_mpi_release (sk.x);
- gcry_mpi_release (data);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.g);
+ _gcry_mpi_release (sk.y);
+ _gcry_mpi_release (sk.x);
+ _gcry_mpi_release (data);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("elg_sign => %s\n", gpg_strerror (rc));
@@ -1009,7 +1007,7 @@ elg_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
rc = _gcry_pk_util_preparse_sigval (s_sig, elg_names, &l1, NULL);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL, "rs", &sig_r, &sig_s, NULL);
+ rc = sexp_extract_param (l1, NULL, "rs", &sig_r, &sig_s, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -1019,7 +1017,7 @@ elg_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (s_keyparms, NULL, "pgy",
+ rc = sexp_extract_param (s_keyparms, NULL, "pgy",
&pk.p, &pk.g, &pk.y, NULL);
if (rc)
goto leave;
@@ -1035,13 +1033,13 @@ elg_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
rc = GPG_ERR_BAD_SIGNATURE;
leave:
- gcry_mpi_release (pk.p);
- gcry_mpi_release (pk.g);
- gcry_mpi_release (pk.y);
- gcry_mpi_release (data);
- gcry_mpi_release (sig_r);
- gcry_mpi_release (sig_s);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (pk.p);
+ _gcry_mpi_release (pk.g);
+ _gcry_mpi_release (pk.y);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (sig_r);
+ _gcry_mpi_release (sig_s);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("elg_verify => %s\n", rc?gpg_strerror (rc):"Good");
@@ -1067,14 +1065,14 @@ elg_get_nbits (gcry_sexp_t parms)
gcry_mpi_t p;
unsigned int nbits;
- l1 = gcry_sexp_find_token (parms, "p", 1);
+ l1 = sexp_find_token (parms, "p", 1);
if (!l1)
return 0; /* Parameter P not found. */
- p= gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
+ p= sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
nbits = p? mpi_get_nbits (p) : 0;
- gcry_mpi_release (p);
+ _gcry_mpi_release (p);
return nbits;
}
diff --git a/cipher/hmac-tests.c b/cipher/hmac-tests.c
index a32ece75..7c27342c 100644
--- a/cipher/hmac-tests.c
+++ b/cipher/hmac-tests.c
@@ -718,7 +718,7 @@ _gcry_hmac_selftest (int algo, int extended, selftest_report_func_t report)
{
gcry_err_code_t ec = 0;
- if (!gcry_md_test_algo (algo))
+ if (!_gcry_md_test_algo (algo))
{
ec = run_selftests (algo, extended, report);
}
diff --git a/cipher/kdf.c b/cipher/kdf.c
index da63574f..542752ec 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -55,8 +55,7 @@ openpgp_s2k (const void *passphrase, size_t passphraselen,
secmode = gcry_is_secure (passphrase) || gcry_is_secure (keybuffer);
- ec = gpg_err_code (gcry_md_open (&md, hashalgo,
- secmode? GCRY_MD_FLAG_SECURE : 0));
+ ec = _gcry_md_open (&md, hashalgo, secmode? GCRY_MD_FLAG_SECURE : 0);
if (ec)
return ec;
@@ -64,9 +63,9 @@ openpgp_s2k (const void *passphrase, size_t passphraselen,
{
if (pass)
{
- gcry_md_reset (md);
+ _gcry_md_reset (md);
for (i=0; i < pass; i++) /* Preset the hash context. */
- gcry_md_putc (md, 0);
+ _gcry_md_putc (md, 0);
}
if (algo == GCRY_KDF_SALTED_S2K || algo == GCRY_KDF_ITERSALTED_S2K)
@@ -83,30 +82,30 @@ openpgp_s2k (const void *passphrase, size_t passphraselen,
while (count > len2)
{
- gcry_md_write (md, salt, saltlen);
- gcry_md_write (md, passphrase, passphraselen);
+ _gcry_md_write (md, salt, saltlen);
+ _gcry_md_write (md, passphrase, passphraselen);
count -= len2;
}
if (count < saltlen)
- gcry_md_write (md, salt, count);
+ _gcry_md_write (md, salt, count);
else
{
- gcry_md_write (md, salt, saltlen);
+ _gcry_md_write (md, salt, saltlen);
count -= saltlen;
- gcry_md_write (md, passphrase, count);
+ _gcry_md_write (md, passphrase, count);
}
}
else
- gcry_md_write (md, passphrase, passphraselen);
+ _gcry_md_write (md, passphrase, passphraselen);
- gcry_md_final (md);
- i = gcry_md_get_algo_dlen (hashalgo);
+ _gcry_md_final (md);
+ i = _gcry_md_get_algo_dlen (hashalgo);
if (i > keysize - used)
i = keysize - used;
- memcpy (key+used, gcry_md_read (md, hashalgo), i);
+ memcpy (key+used, _gcry_md_read (md, hashalgo), i);
used += i;
}
- gcry_md_close (md);
+ _gcry_md_close (md);
return 0;
}
@@ -146,7 +145,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
if (!salt || !iterations || !dklen)
return GPG_ERR_INV_VALUE;
- hlen = gcry_md_get_algo_dlen (hashalgo);
+ hlen = _gcry_md_get_algo_dlen (hashalgo);
if (!hlen)
return GPG_ERR_DIGEST_ALGO;
@@ -168,9 +167,8 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
tbuf = sbuf + saltlen + 4;
ubuf = tbuf + hlen;
- ec = gpg_err_code (gcry_md_open (&md, hashalgo,
- (GCRY_MD_FLAG_HMAC
- | (secmode?GCRY_MD_FLAG_SECURE:0))));
+ ec = _gcry_md_open (&md, hashalgo, (GCRY_MD_FLAG_HMAC
+ | (secmode?GCRY_MD_FLAG_SECURE:0)));
if (ec)
{
gcry_free (sbuf);
@@ -183,10 +181,10 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
{
for (iter = 0; iter < iterations; iter++)
{
- ec = gpg_err_code (gcry_md_setkey (md, passphrase, passphraselen));
+ ec = _gcry_md_setkey (md, passphrase, passphraselen);
if (ec)
{
- gcry_md_close (md);
+ _gcry_md_close (md);
gcry_free (sbuf);
return ec;
}
@@ -196,14 +194,14 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
sbuf[saltlen + 1] = (lidx >> 16);
sbuf[saltlen + 2] = (lidx >> 8);
sbuf[saltlen + 3] = lidx;
- gcry_md_write (md, sbuf, saltlen + 4);
- memcpy (ubuf, gcry_md_read (md, 0), hlen);
+ _gcry_md_write (md, sbuf, saltlen + 4);
+ memcpy (ubuf, _gcry_md_read (md, 0), hlen);
memcpy (tbuf, ubuf, hlen);
}
else /* Compute U_(2..c): */
{
- gcry_md_write (md, ubuf, hlen);
- memcpy (ubuf, gcry_md_read (md, 0), hlen);
+ _gcry_md_write (md, ubuf, hlen);
+ memcpy (ubuf, _gcry_md_read (md, 0), hlen);
for (i=0; i < hlen; i++)
tbuf[i] ^= ubuf[i];
}
@@ -217,7 +215,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
}
}
- gcry_md_close (md);
+ _gcry_md_close (md);
gcry_free (sbuf);
return 0;
}
@@ -234,12 +232,12 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
is a salt as needed by most KDF algorithms. ITERATIONS is a
positive integer parameter to most KDFs. 0 is returned on success,
or an error code on failure. */
-gpg_error_t
-gcry_kdf_derive (const void *passphrase, size_t passphraselen,
- int algo, int subalgo,
- const void *salt, size_t saltlen,
- unsigned long iterations,
- size_t keysize, void *keybuffer)
+gpg_err_code_t
+_gcry_kdf_derive (const void *passphrase, size_t passphraselen,
+ int algo, int subalgo,
+ const void *salt, size_t saltlen,
+ unsigned long iterations,
+ size_t keysize, void *keybuffer)
{
gpg_err_code_t ec;
@@ -296,5 +294,5 @@ gcry_kdf_derive (const void *passphrase, size_t passphraselen,
}
leave:
- return gpg_error (ec);
+ return ec;
}
diff --git a/cipher/mac-cmac.c b/cipher/mac-cmac.c
index fddce394..69a2f174 100644
--- a/cipher/mac-cmac.c
+++ b/cipher/mac-cmac.c
@@ -103,7 +103,7 @@ cmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen)
static gcry_err_code_t
cmac_reset (gcry_mac_hd_t h)
{
- return gcry_cipher_reset (h->u.cmac.ctx);
+ return _gcry_cipher_reset (h->u.cmac.ctx);
}
diff --git a/cipher/mac-gmac.c b/cipher/mac-gmac.c
index e040bfee..18d56b5c 100644
--- a/cipher/mac-gmac.c
+++ b/cipher/mac-gmac.c
@@ -97,7 +97,7 @@ gmac_setiv (gcry_mac_hd_t h, const unsigned char *iv, size_t ivlen)
static gcry_err_code_t
gmac_reset (gcry_mac_hd_t h)
{
- return gcry_cipher_reset (h->u.gmac.ctx);
+ return _gcry_cipher_reset (h->u.gmac.ctx);
}
diff --git a/cipher/mac-hmac.c b/cipher/mac-hmac.c
index 46b21b15..15c613d5 100644
--- a/cipher/mac-hmac.c
+++ b/cipher/mac-hmac.c
@@ -79,7 +79,7 @@ hmac_open (gcry_mac_hd_t h)
flags = GCRY_MD_FLAG_HMAC;
flags |= (secure ? GCRY_MD_FLAG_SECURE : 0);
- err = gcry_md_open (&hd, md_algo, flags);
+ err = _gcry_md_open (&hd, md_algo, flags);
if (err)
return err;
@@ -92,7 +92,7 @@ hmac_open (gcry_mac_hd_t h)
static void
hmac_close (gcry_mac_hd_t h)
{
- gcry_md_close (h->u.hmac.md_ctx);
+ _gcry_md_close (h->u.hmac.md_ctx);
h->u.hmac.md_ctx = NULL;
}
@@ -100,14 +100,14 @@ hmac_close (gcry_mac_hd_t h)
static gcry_err_code_t
hmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen)
{
- return gcry_md_setkey (h->u.hmac.md_ctx, key, keylen);
+ return _gcry_md_setkey (h->u.hmac.md_ctx, key, keylen);
}
static gcry_err_code_t
hmac_reset (gcry_mac_hd_t h)
{
- gcry_md_reset (h->u.hmac.md_ctx);
+ _gcry_md_reset (h->u.hmac.md_ctx);
return 0;
}
@@ -115,7 +115,7 @@ hmac_reset (gcry_mac_hd_t h)
static gcry_err_code_t
hmac_write (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
{
- gcry_md_write (h->u.hmac.md_ctx, buf, buflen);
+ _gcry_md_write (h->u.hmac.md_ctx, buf, buflen);
return 0;
}
@@ -126,8 +126,8 @@ hmac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t * outlen)
unsigned int dlen;
const unsigned char *digest;
- dlen = gcry_md_get_algo_dlen (h->u.hmac.md_algo);
- digest = gcry_md_read (h->u.hmac.md_ctx, h->u.hmac.md_algo);
+ dlen = _gcry_md_get_algo_dlen (h->u.hmac.md_algo);
+ digest = _gcry_md_read (h->u.hmac.md_ctx, h->u.hmac.md_algo);
if (*outlen <= dlen)
buf_cpy (outbuf, digest, *outlen);
@@ -147,8 +147,8 @@ hmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
unsigned int dlen;
const unsigned char *digest;
- dlen = gcry_md_get_algo_dlen (h->u.hmac.md_algo);
- digest = gcry_md_read (h->u.hmac.md_ctx, h->u.hmac.md_algo);
+ dlen = _gcry_md_get_algo_dlen (h->u.hmac.md_algo);
+ digest = _gcry_md_read (h->u.hmac.md_ctx, h->u.hmac.md_algo);
if (buflen > dlen)
return GPG_ERR_INV_LENGTH;
@@ -160,7 +160,7 @@ hmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
static unsigned int
hmac_get_maclen (int algo)
{
- return gcry_md_get_algo_dlen (map_mac_algo_to_md (algo));
+ return _gcry_md_get_algo_dlen (map_mac_algo_to_md (algo));
}
diff --git a/cipher/mac.c b/cipher/mac.c
index 5ac87291..71d59538 100644
--- a/cipher/mac.c
+++ b/cipher/mac.c
@@ -140,7 +140,7 @@ spec_from_name (const char *name)
* Map a string to the mac algo
*/
int
-gcry_mac_map_name (const char *string)
+_gcry_mac_map_name (const char *string)
{
gcry_mac_spec_t *spec;
@@ -163,7 +163,7 @@ gcry_mac_map_name (const char *string)
* is valid.
*/
const char *
-gcry_mac_algo_name (int algorithm)
+_gcry_mac_algo_name (int algorithm)
{
gcry_mac_spec_t *spec;
@@ -310,87 +310,67 @@ mac_verify (gcry_mac_hd_t hd, const void *buf, size_t buflen)
/* Create a MAC object for algorithm ALGO. FLAGS may be
given as an bitwise OR of the gcry_mac_flags values.
H is guaranteed to be a valid handle or NULL on error. */
-gcry_error_t
-gcry_mac_open (gcry_mac_hd_t * h, int algo, unsigned int flags,
- gcry_ctx_t ctx)
+gpg_err_code_t
+_gcry_mac_open (gcry_mac_hd_t * h, int algo, unsigned int flags,
+ gcry_ctx_t ctx)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
gcry_mac_hd_t hd = NULL;
if ((flags & ~GCRY_MAC_FLAG_SECURE))
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
- err = mac_open (&hd, algo, !!(flags & GCRY_MAC_FLAG_SECURE), ctx);
+ rc = mac_open (&hd, algo, !!(flags & GCRY_MAC_FLAG_SECURE), ctx);
- *h = err ? NULL : hd;
- return gpg_error (err);
+ *h = rc ? NULL : hd;
+ return rc;
}
void
-gcry_mac_close (gcry_mac_hd_t hd)
+_gcry_mac_close (gcry_mac_hd_t hd)
{
mac_close (hd);
}
-gcry_error_t
-gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen)
+gcry_err_code_t
+_gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen)
{
- gcry_error_t err;
-
- err = mac_setkey (hd, key, keylen);
-
- return gpg_error (err);
+ return mac_setkey (hd, key, keylen);
}
-gcry_error_t
-gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, size_t ivlen)
+gcry_err_code_t
+_gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, size_t ivlen)
{
- gcry_error_t err;
-
- err = mac_setiv (hd, iv, ivlen);
-
- return gpg_error (err);
+ return mac_setiv (hd, iv, ivlen);
}
-gcry_error_t
-gcry_mac_write (gcry_mac_hd_t hd, const void *inbuf, size_t inlen)
+gcry_err_code_t
+_gcry_mac_write (gcry_mac_hd_t hd, const void *inbuf, size_t inlen)
{
- gcry_err_code_t err;
-
- err = mac_write (hd, inbuf, inlen);
-
- return gpg_error (err);
+ return mac_write (hd, inbuf, inlen);
}
-gcry_error_t
-gcry_mac_read (gcry_mac_hd_t hd, void *outbuf, size_t * outlen)
+gcry_err_code_t
+_gcry_mac_read (gcry_mac_hd_t hd, void *outbuf, size_t * outlen)
{
- gcry_error_t err;
-
- err = mac_read (hd, outbuf, outlen);
-
- return gpg_error (err);
+ return mac_read (hd, outbuf, outlen);
}
-gcry_error_t
-gcry_mac_verify (gcry_mac_hd_t hd, const void *buf, size_t buflen)
+gcry_err_code_t
+_gcry_mac_verify (gcry_mac_hd_t hd, const void *buf, size_t buflen)
{
- gcry_err_code_t err;
-
- err = mac_verify (hd, buf, buflen);
-
- return gpg_error (err);
+ return mac_verify (hd, buf, buflen);
}
unsigned int
-gcry_mac_get_algo_maclen (int algo)
+_gcry_mac_get_algo_maclen (int algo)
{
gcry_mac_spec_t *spec;
@@ -403,7 +383,7 @@ gcry_mac_get_algo_maclen (int algo)
unsigned int
-gcry_mac_get_algo_keylen (int algo)
+_gcry_mac_get_algo_keylen (int algo)
{
gcry_mac_spec_t *spec;
@@ -415,10 +395,10 @@ gcry_mac_get_algo_keylen (int algo)
}
-gcry_error_t
-gcry_mac_ctl (gcry_mac_hd_t hd, int cmd, void *buffer, size_t buflen)
+gcry_err_code_t
+_gcry_mac_ctl (gcry_mac_hd_t hd, int cmd, void *buffer, size_t buflen)
{
- gcry_err_code_t rc = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc;
/* Currently not used. */
(void) hd;
@@ -433,7 +413,7 @@ gcry_mac_ctl (gcry_mac_hd_t hd, int cmd, void *buffer, size_t buflen)
default:
rc = GPG_ERR_INV_OP;
}
- return gcry_error (rc);
+ return rc;
}
@@ -449,37 +429,37 @@ gcry_mac_ctl (gcry_mac_hd_t hd, int cmd, void *buffer, size_t buflen)
and thereby detecting whether a error occurred or not (i.e. while
checking the block size)
*/
-gcry_error_t
-gcry_mac_algo_info (int algo, int what, void *buffer, size_t * nbytes)
+gcry_err_code_t
+_gcry_mac_algo_info (int algo, int what, void *buffer, size_t * nbytes)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
unsigned int ui;
switch (what)
{
case GCRYCTL_GET_KEYLEN:
if (buffer || (!nbytes))
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
{
- ui = gcry_mac_get_algo_keylen (algo);
+ ui = _gcry_mac_get_algo_keylen (algo);
if (ui > 0)
*nbytes = (size_t) ui;
else
/* The only reason for an error is an invalid algo. */
- err = GPG_ERR_MAC_ALGO;
+ rc = GPG_ERR_MAC_ALGO;
}
break;
case GCRYCTL_TEST_ALGO:
if (buffer || nbytes)
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
- err = check_mac_algo (algo);
+ rc = check_mac_algo (algo);
break;
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
diff --git a/cipher/md.c b/cipher/md.c
index 65dadd1c..4be86277 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -211,7 +211,7 @@ search_oid (const char *oid, gcry_md_oid_spec_t *oid_spec)
* Map a string to the digest algo
*/
int
-gcry_md_map_name (const char *string)
+_gcry_md_map_name (const char *string)
{
gcry_md_spec_t *spec;
@@ -241,7 +241,7 @@ gcry_md_map_name (const char *string)
* is valid.
*/
const char *
-gcry_md_algo_name (int algorithm)
+_gcry_md_algo_name (int algorithm)
{
gcry_md_spec_t *spec;
@@ -366,22 +366,22 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac)
given as 0 if the algorithms to be used are later set using
gcry_md_enable. H is guaranteed to be a valid handle or NULL on
error. */
-gcry_error_t
-gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
+gcry_err_code_t
+_gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
gcry_md_hd_t hd;
if ((flags & ~(GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC)))
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
{
- err = md_open (&hd, algo, (flags & GCRY_MD_FLAG_SECURE),
- (flags & GCRY_MD_FLAG_HMAC));
+ rc = md_open (&hd, algo, (flags & GCRY_MD_FLAG_SECURE),
+ (flags & GCRY_MD_FLAG_HMAC));
}
- *h = err? NULL : hd;
- return gcry_error (err);
+ *h = rc? NULL : hd;
+ return rc;
}
@@ -447,10 +447,10 @@ md_enable (gcry_md_hd_t hd, int algorithm)
}
-gcry_error_t
-gcry_md_enable (gcry_md_hd_t hd, int algorithm)
+gcry_err_code_t
+_gcry_md_enable (gcry_md_hd_t hd, int algorithm)
{
- return gcry_error (md_enable (hd, algorithm));
+ return md_enable (hd, algorithm);
}
@@ -538,15 +538,15 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
}
-gcry_error_t
-gcry_md_copy (gcry_md_hd_t *handle, gcry_md_hd_t hd)
+gcry_err_code_t
+_gcry_md_copy (gcry_md_hd_t *handle, gcry_md_hd_t hd)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
- err = md_copy (hd, handle);
- if (err)
+ rc = md_copy (hd, handle);
+ if (rc)
*handle = NULL;
- return gcry_error (err);
+ return rc;
}
@@ -555,7 +555,7 @@ gcry_md_copy (gcry_md_hd_t *handle, gcry_md_hd_t hd)
* instead of a md_close(); md_open().
*/
void
-gcry_md_reset (gcry_md_hd_t a)
+_gcry_md_reset (gcry_md_hd_t a)
{
GcryDigestEntry *r;
@@ -601,7 +601,7 @@ md_close (gcry_md_hd_t a)
void
-gcry_md_close (gcry_md_hd_t hd)
+_gcry_md_close (gcry_md_hd_t hd)
{
/* Note: We allow this even in fips non operational mode. */
md_close (hd);
@@ -632,7 +632,7 @@ md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen)
void
-gcry_md_write (gcry_md_hd_t hd, const void *inbuf, size_t inlen)
+_gcry_md_write (gcry_md_hd_t hd, const void *inbuf, size_t inlen)
{
md_write (hd, inbuf, inlen);
}
@@ -693,7 +693,7 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen)
helpkey = gcry_malloc_secure (md_digest_length (algo));
if (!helpkey)
return gpg_err_code_from_errno (errno);
- gcry_md_hash_buffer (algo, helpkey, key, keylen);
+ _gcry_md_hash_buffer (algo, helpkey, key, keylen);
key = helpkey;
keylen = md_digest_length (algo);
gcry_assert ( keylen <= hd->ctx->macpads_Bsize );
@@ -715,8 +715,8 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen)
}
-gcry_error_t
-gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen)
+gcry_err_code_t
+_gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen)
{
gcry_err_code_t rc = 0;
@@ -736,12 +736,12 @@ gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen)
default:
rc = GPG_ERR_INV_OP;
}
- return gcry_error (rc);
+ return rc;
}
-gcry_error_t
-gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
+gcry_err_code_t
+_gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
{
gcry_err_code_t rc;
@@ -750,11 +750,11 @@ gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
else
{
rc = prepare_macpads (hd, key, keylen);
- if (! rc)
- gcry_md_reset (hd);
+ if (!rc)
+ _gcry_md_reset (hd);
}
- return gcry_error (rc);
+ return rc;
}
@@ -762,7 +762,7 @@ gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
file for the context HD. IF suffix is NULL, the file is closed and
debugging is stopped. */
void
-gcry_md_debug (gcry_md_hd_t hd, const char *suffix)
+_gcry_md_debug (gcry_md_hd_t hd, const char *suffix)
{
if (suffix)
md_start_debug (hd, suffix);
@@ -806,12 +806,12 @@ md_read( gcry_md_hd_t a, int algo )
* the hash.
*/
byte *
-gcry_md_read (gcry_md_hd_t hd, int algo)
+_gcry_md_read (gcry_md_hd_t hd, int algo)
{
/* This function is expected to always return a digest, thus we
can't return an error which we actually should do in
non-operational state. */
- gcry_md_ctl (hd, GCRYCTL_FINALIZE, NULL, 0);
+ _gcry_md_ctl (hd, GCRYCTL_FINALIZE, NULL, 0);
return md_read (hd, algo);
}
@@ -820,7 +820,7 @@ gcry_md_read (gcry_md_hd_t hd, int algo)
* Read out an intermediate digest. Not yet functional.
*/
gcry_err_code_t
-gcry_md_get (gcry_md_hd_t hd, int algo, byte *buffer, int buflen)
+_gcry_md_get (gcry_md_hd_t hd, int algo, byte *buffer, int buflen)
{
(void)hd;
(void)algo;
@@ -840,8 +840,8 @@ gcry_md_get (gcry_md_hd_t hd, int algo, byte *buffer, int buflen)
* hash. No error is returned, the function will abort on an invalid
* algo. DISABLED_ALGOS are ignored here. */
void
-gcry_md_hash_buffer (int algo, void *digest,
- const void *buffer, size_t length)
+_gcry_md_hash_buffer (int algo, void *digest,
+ const void *buffer, size_t length)
{
if (algo == GCRY_MD_SHA1)
_gcry_sha1_hash_buffer (digest, buffer, length);
@@ -892,8 +892,8 @@ gcry_md_hash_buffer (int algo, void *digest,
DIGEST which must have been provided by the caller with an
appropriate length. */
gpg_err_code_t
-gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
- const gcry_buffer_t *iov, int iovcnt)
+_gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
+ const gcry_buffer_t *iov, int iovcnt)
{
int hmac;
@@ -932,9 +932,9 @@ gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
if (hmac)
{
- rc = gcry_err_code
- (gcry_md_setkey (h, (const char*)iov[0].data + iov[0].off,
- iov[0].len));
+ rc = _gcry_md_setkey (h,
+ (const char*)iov[0].data + iov[0].off,
+ iov[0].len);
if (rc)
{
md_close (h);
@@ -968,7 +968,7 @@ md_get_algo (gcry_md_hd_t a)
int
-gcry_md_get_algo (gcry_md_hd_t hd)
+_gcry_md_get_algo (gcry_md_hd_t hd)
{
return md_get_algo (hd);
}
@@ -992,7 +992,7 @@ md_digest_length (int algorithm)
* This function will return 0 in case of errors.
*/
unsigned int
-gcry_md_get_algo_dlen (int algorithm)
+_gcry_md_get_algo_dlen (int algorithm)
{
return md_digest_length (algorithm);
}
@@ -1040,25 +1040,25 @@ md_asn_oid (int algorithm, size_t *asnlen, size_t *mdlen)
* and thereby detecting whether a error occurred or not (i.e. while checking
* the block size)
*/
-gcry_error_t
-gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
+gcry_err_code_t
+_gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
{
- gcry_err_code_t err;
+ gcry_err_code_t rc;
switch (what)
{
case GCRYCTL_TEST_ALGO:
if (buffer || nbytes)
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
- err = check_digest_algo (algo);
+ rc = check_digest_algo (algo);
break;
case GCRYCTL_GET_ASNOID:
/* We need to check that the algo is available because
md_asn_oid would otherwise raise an assertion. */
- err = check_digest_algo (algo);
- if (!err)
+ rc = check_digest_algo (algo);
+ if (!rc)
{
const char unsigned *asn;
size_t asnlen;
@@ -1074,25 +1074,25 @@ gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
else
{
if (buffer)
- err = GPG_ERR_TOO_SHORT;
+ rc = GPG_ERR_TOO_SHORT;
else
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
}
}
break;
case GCRYCTL_SELFTEST:
/* Helper function for the regression tests. */
- err = gpg_err_code (_gcry_md_selftest (algo, nbytes? (int)*nbytes : 0,
+ rc = gpg_err_code (_gcry_md_selftest (algo, nbytes? (int)*nbytes : 0,
NULL));
break;
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
break;
}
- return gcry_error (err);
+ return rc;
}
@@ -1151,10 +1151,10 @@ md_stop_debug( gcry_md_hd_t md )
* Returns 1 if the algo is enabled for that handle.
* The algo must be passed as the address of an int.
*/
-gcry_error_t
-gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
+gcry_err_code_t
+_gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
{
- gcry_err_code_t err = 0;
+ gcry_err_code_t rc = 0;
switch (cmd)
{
@@ -1168,7 +1168,7 @@ gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
int algo;
if ( !buffer || (nbytes && (*nbytes != sizeof (int))))
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
{
algo = *(int*)buffer;
@@ -1186,10 +1186,10 @@ gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
}
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
@@ -1202,11 +1202,11 @@ _gcry_md_init (void)
int
-gcry_md_is_secure (gcry_md_hd_t a)
+_gcry_md_is_secure (gcry_md_hd_t a)
{
size_t value;
- if (gcry_md_info (a, GCRYCTL_IS_SECURE, NULL, &value))
+ if (_gcry_md_info (a, GCRYCTL_IS_SECURE, NULL, &value))
value = 1; /* It seems to be better to assume secure memory on
error. */
return value;
@@ -1214,12 +1214,12 @@ gcry_md_is_secure (gcry_md_hd_t a)
int
-gcry_md_is_enabled (gcry_md_hd_t a, int algo)
+_gcry_md_is_enabled (gcry_md_hd_t a, int algo)
{
size_t value;
value = sizeof algo;
- if (gcry_md_info (a, GCRYCTL_IS_ALGO_ENABLED, &algo, &value))
+ if (_gcry_md_info (a, GCRYCTL_IS_ALGO_ENABLED, &algo, &value))
value = 0;
return value;
}
diff --git a/cipher/primegen.c b/cipher/primegen.c
index 94e8599c..8694c314 100644
--- a/cipher/primegen.c
+++ b/cipher/primegen.c
@@ -179,7 +179,7 @@ save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel)
{
if (i >= n/3*2)
{
- gcry_mpi_release (item2->prime);
+ _gcry_mpi_release (item2->prime);
item2->prime = NULL;
if (!item)
item = item2;
@@ -192,7 +192,7 @@ save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel)
if (!item)
{
/* Out of memory. Silently giving up. */
- gcry_mpi_release (prime);
+ _gcry_mpi_release (prime);
return;
}
item->next = primepool;
@@ -376,7 +376,7 @@ prime_generate_internal (int need_q_factor,
pbits, req_qbits, qbits, fbits, n);
/* Allocate an integer to old the new prime. */
- prime = gcry_mpi_new (pbits);
+ prime = mpi_new (pbits);
/* Generate first prime factor. */
q = gen_prime (qbits, is_secret, randomlevel, NULL, NULL);
@@ -614,7 +614,7 @@ prime_generate_internal (int need_q_factor,
if (all_factors)
{
i = 0;
- factors_new[i++] = gcry_mpi_set_ui (NULL, 2);
+ factors_new[i++] = mpi_set_ui (NULL, 2);
factors_new[i++] = mpi_copy (q);
if (need_q_factor)
factors_new[i++] = mpi_copy (q_factor);
@@ -663,7 +663,7 @@ prime_generate_internal (int need_q_factor,
mpi_fdiv_q (tmp, pmin1, factors[i]);
/* No mpi_pow(), but it is okay to use this with mod
prime. */
- gcry_mpi_powm (b, g, tmp, prime);
+ mpi_powm (b, g, tmp, prime);
if (! mpi_cmp_ui (b, 1))
break;
}
@@ -776,7 +776,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
/* Make nbits fit into gcry_mpi_t implementation. */
val_2 = mpi_alloc_set_ui( 2 );
val_3 = mpi_alloc_set_ui( 3);
- prime = secret? gcry_mpi_snew ( nbits ): gcry_mpi_new ( nbits );
+ prime = secret? mpi_snew (nbits): mpi_new (nbits);
result = mpi_alloc_like( prime );
pminus1= mpi_alloc_like( prime );
ptest = mpi_alloc_like( prime );
@@ -786,7 +786,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
int dotcount=0;
/* generate a random number */
- gcry_mpi_randomize( prime, nbits, randomlevel );
+ _gcry_mpi_randomize( prime, nbits, randomlevel );
/* Set high order bit to 1, set low order bit to 1. If we are
generating a secret prime we are most probably doing that
@@ -821,7 +821,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
/* Do a fast Fermat test now. */
count2++;
mpi_sub_ui( pminus1, ptest, 1);
- gcry_mpi_powm( result, val_2, pminus1, ptest );
+ mpi_powm( result, val_2, pminus1, ptest );
if ( !mpi_cmp_ui( result, 1 ) )
{
/* Not composite, perform stronger tests */
@@ -887,7 +887,7 @@ check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds,
gcry_mpi_t result = mpi_alloc_like( prime );
gcry_mpi_t pminus1 = mpi_alloc_like( prime );
mpi_sub_ui( pminus1, prime, 1);
- gcry_mpi_powm( result, val_2, pminus1, prime );
+ mpi_powm( result, val_2, pminus1, prime );
mpi_free( pminus1 );
if ( mpi_cmp_ui( result, 1 ) )
{
@@ -949,7 +949,7 @@ is_prime (gcry_mpi_t n, int steps, unsigned int *count)
}
else
{
- gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM );
+ _gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM );
/* Make sure that the number is smaller than the prime and
keep the randomness of the high bit. */
@@ -964,12 +964,12 @@ is_prime (gcry_mpi_t n, int steps, unsigned int *count)
}
gcry_assert (mpi_cmp (x, nminus1) < 0 && mpi_cmp_ui (x, 1) > 0);
}
- gcry_mpi_powm ( y, x, q, n);
+ mpi_powm ( y, x, q, n);
if ( mpi_cmp_ui(y, 1) && mpi_cmp( y, nminus1 ) )
{
for ( j=1; j < k && mpi_cmp( y, nminus1 ); j++ )
{
- gcry_mpi_powm(y, y, a2, n);
+ mpi_powm(y, y, a2, n);
if( !mpi_cmp_ui( y, 1 ) )
goto leave; /* Not a prime. */
}
@@ -1121,67 +1121,66 @@ m_out_of_n ( char *array, int m, int n )
non-zero, allocate a new, NULL-terminated array holding the prime
factors and store it in FACTORS. FLAGS might be used to influence
the prime number generation process. */
-gcry_error_t
-gcry_prime_generate (gcry_mpi_t *prime, unsigned int prime_bits,
- unsigned int factor_bits, gcry_mpi_t **factors,
- gcry_prime_check_func_t cb_func, void *cb_arg,
- gcry_random_level_t random_level,
- unsigned int flags)
+gcry_err_code_t
+_gcry_prime_generate (gcry_mpi_t *prime, unsigned int prime_bits,
+ unsigned int factor_bits, gcry_mpi_t **factors,
+ gcry_prime_check_func_t cb_func, void *cb_arg,
+ gcry_random_level_t random_level,
+ unsigned int flags)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
gcry_mpi_t *factors_generated = NULL;
gcry_mpi_t prime_generated = NULL;
unsigned int mode = 0;
if (!prime)
- return gpg_error (GPG_ERR_INV_ARG);
+ return GPG_ERR_INV_ARG;
*prime = NULL;
if (flags & GCRY_PRIME_FLAG_SPECIAL_FACTOR)
mode = 1;
/* Generate. */
- err = prime_generate_internal ((mode==1), &prime_generated, prime_bits,
- factor_bits, NULL,
- factors? &factors_generated : NULL,
- random_level, flags, 1,
- cb_func, cb_arg);
+ rc = prime_generate_internal ((mode==1), &prime_generated, prime_bits,
+ factor_bits, NULL,
+ factors? &factors_generated : NULL,
+ random_level, flags, 1,
+ cb_func, cb_arg);
- if (! err)
- if (cb_func)
- {
- /* Additional check. */
- if ( !cb_func (cb_arg, GCRY_PRIME_CHECK_AT_FINISH, prime_generated))
- {
- /* Failed, deallocate resources. */
- unsigned int i;
+ if (!rc && cb_func)
+ {
+ /* Additional check. */
+ if ( !cb_func (cb_arg, GCRY_PRIME_CHECK_AT_FINISH, prime_generated))
+ {
+ /* Failed, deallocate resources. */
+ unsigned int i;
- mpi_free (prime_generated);
- if (factors)
- {
- for (i = 0; factors_generated[i]; i++)
- mpi_free (factors_generated[i]);
- gcry_free (factors_generated);
- }
- err = GPG_ERR_GENERAL;
- }
- }
+ mpi_free (prime_generated);
+ if (factors)
+ {
+ for (i = 0; factors_generated[i]; i++)
+ mpi_free (factors_generated[i]);
+ gcry_free (factors_generated);
+ }
+ rc = GPG_ERR_GENERAL;
+ }
+ }
- if (! err)
+ if (!rc)
{
if (factors)
*factors = factors_generated;
*prime = prime_generated;
}
- return gcry_error (err);
+ return rc;
}
/* Check whether the number X is prime. */
-gcry_error_t
-gcry_prime_check (gcry_mpi_t x, unsigned int flags)
+gcry_err_code_t
+_gcry_prime_check (gcry_mpi_t x, unsigned int flags)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
gcry_mpi_t val_2 = mpi_alloc_set_ui (2); /* Used by the Fermat test. */
(void)flags;
@@ -1189,37 +1188,37 @@ gcry_prime_check (gcry_mpi_t x, unsigned int flags)
/* We use 64 rounds because the prime we are going to test is not
guaranteed to be a random one. */
if (! check_prime (x, val_2, 64, NULL, NULL))
- err = GPG_ERR_NO_PRIME;
+ rc = GPG_ERR_NO_PRIME;
mpi_free (val_2);
- return gcry_error (err);
+ return rc;
}
/* Find a generator for PRIME where the factorization of (prime-1) is
in the NULL terminated array FACTORS. Return the generator as a
newly allocated MPI in R_G. If START_G is not NULL, use this as s
atart for the search. Returns 0 on success.*/
-gcry_error_t
-gcry_prime_group_generator (gcry_mpi_t *r_g,
- gcry_mpi_t prime, gcry_mpi_t *factors,
- gcry_mpi_t start_g)
+gcry_err_code_t
+_gcry_prime_group_generator (gcry_mpi_t *r_g,
+ gcry_mpi_t prime, gcry_mpi_t *factors,
+ gcry_mpi_t start_g)
{
- gcry_mpi_t tmp = gcry_mpi_new (0);
- gcry_mpi_t b = gcry_mpi_new (0);
- gcry_mpi_t pmin1 = gcry_mpi_new (0);
- gcry_mpi_t g = start_g? gcry_mpi_copy (start_g) : gcry_mpi_set_ui (NULL, 3);
+ gcry_mpi_t tmp = mpi_new (0);
+ gcry_mpi_t b = mpi_new (0);
+ gcry_mpi_t pmin1 = mpi_new (0);
+ gcry_mpi_t g = start_g? mpi_copy (start_g) : mpi_set_ui (NULL, 3);
int first = 1;
int i, n;
if (!factors || !r_g || !prime)
- return gpg_error (GPG_ERR_INV_ARG);
+ return GPG_ERR_INV_ARG;
*r_g = NULL;
for (n=0; factors[n]; n++)
;
if (n < 2)
- return gpg_error (GPG_ERR_INV_ARG);
+ return GPG_ERR_INV_ARG;
/* Extra sanity check - usually disabled. */
/* mpi_set (tmp, factors[0]); */
@@ -1229,13 +1228,13 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
/* if (mpi_cmp (prime, tmp)) */
/* return gpg_error (GPG_ERR_INV_ARG); */
- gcry_mpi_sub_ui (pmin1, prime, 1);
+ mpi_sub_ui (pmin1, prime, 1);
do
{
if (first)
first = 0;
else
- gcry_mpi_add_ui (g, g, 1);
+ mpi_add_ui (g, g, 1);
if (DBG_CIPHER)
log_printmpi ("checking g", g);
@@ -1245,7 +1244,7 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
for (i = 0; i < n; i++)
{
mpi_fdiv_q (tmp, pmin1, factors[i]);
- gcry_mpi_powm (b, g, tmp, prime);
+ mpi_powm (b, g, tmp, prime);
if (! mpi_cmp_ui (b, 1))
break;
}
@@ -1254,9 +1253,9 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
}
while (i < n);
- gcry_mpi_release (tmp);
- gcry_mpi_release (b);
- gcry_mpi_release (pmin1);
+ _gcry_mpi_release (tmp);
+ _gcry_mpi_release (b);
+ _gcry_mpi_release (pmin1);
*r_g = g;
return 0;
@@ -1264,7 +1263,7 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
/* Convenience function to release the factors array. */
void
-gcry_prime_release_factors (gcry_mpi_t *factors)
+_gcry_prime_release_factors (gcry_mpi_t *factors)
{
if (factors)
{
@@ -1285,7 +1284,7 @@ find_x931_prime (const gcry_mpi_t pfirst)
gcry_mpi_t val_2 = mpi_alloc_set_ui (2);
gcry_mpi_t prime;
- prime = gcry_mpi_copy (pfirst);
+ prime = mpi_copy (pfirst);
/* If P is even add 1. */
mpi_set_bit (prime, 0);
@@ -1389,7 +1388,7 @@ _gcry_derive_x931_prime (const gcry_mpi_t xp,
mpi_sub_ui (yp0, yp0, 1); /* Ditto. */
for (;;)
{
- gcdres = gcry_mpi_gcd (gcdtmp, e, yp0);
+ gcdres = mpi_gcd (gcdtmp, e, yp0);
mpi_add_ui (yp0, yp0, 1);
if (!gcdres)
progress ('/'); /* gcd (e, yp0-1) != 1 */
@@ -1468,8 +1467,8 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
val_2 = mpi_alloc_set_ui (2);
value_n = (pbits - 1) / qbits;
value_b = (pbits - 1) - value_n * qbits;
- value_w = gcry_mpi_new (pbits);
- value_x = gcry_mpi_new (pbits);
+ value_w = mpi_new (pbits);
+ value_x = mpi_new (pbits);
restart:
/* Generate Q. */
@@ -1479,7 +1478,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
if (!seed)
{
seedlen = sizeof seed_help_buffer;
- gcry_create_nonce (seed_help_buffer, seedlen);
+ _gcry_create_nonce (seed_help_buffer, seedlen);
seed = seed_help_buffer;
}
@@ -1491,15 +1490,15 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
if (seed_plus[i])
break;
}
- gcry_md_hash_buffer (GCRY_MD_SHA1, value_u, seed, seedlen);
- gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
+ _gcry_md_hash_buffer (GCRY_MD_SHA1, value_u, seed, seedlen);
+ _gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
for (i=0; i < sizeof value_u; i++)
value_u[i] ^= digest[i];
/* Step 3: Form q from U */
- gcry_mpi_release (prime_q); prime_q = NULL;
- ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
- value_u, sizeof value_u, NULL));
+ _gcry_mpi_release (prime_q); prime_q = NULL;
+ ec = _gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
+ value_u, sizeof value_u, NULL);
if (ec)
goto leave;
mpi_set_highbit (prime_q, qbits-1 );
@@ -1518,7 +1517,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
counter = 0;
/* Generate P. */
- prime_p = gcry_mpi_new (pbits);
+ prime_p = mpi_new (pbits);
for (;;)
{
/* Step 7: For k = 0,...n let
@@ -1544,11 +1543,11 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
if (seed_plus[i])
break;
}
- gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
+ _gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
- gcry_mpi_release (tmpval); tmpval = NULL;
- ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
- digest, sizeof digest, NULL));
+ _gcry_mpi_release (tmpval); tmpval = NULL;
+ ec = _gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
+ digest, sizeof digest, NULL);
if (ec)
goto leave;
if (value_k == value_n)
@@ -1610,13 +1609,13 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
leave:
- gcry_mpi_release (tmpval);
- gcry_mpi_release (value_x);
- gcry_mpi_release (value_w);
- gcry_mpi_release (prime_p);
- gcry_mpi_release (prime_q);
+ _gcry_mpi_release (tmpval);
+ _gcry_mpi_release (value_x);
+ _gcry_mpi_release (value_w);
+ _gcry_mpi_release (prime_p);
+ _gcry_mpi_release (prime_q);
gcry_free (seed_plus);
- gcry_mpi_release (val_2);
+ _gcry_mpi_release (val_2);
return ec;
}
@@ -1681,11 +1680,11 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
return GPG_ERR_INV_KEYLEN;
/* Also check that the hash algorithm is available. */
- ec = gpg_err_code (gcry_md_test_algo (hashalgo));
+ ec = _gcry_md_test_algo (hashalgo);
if (ec)
return ec;
gcry_assert (qbits/8 <= sizeof digest);
- gcry_assert (gcry_md_get_algo_dlen (hashalgo) == qbits/8);
+ gcry_assert (_gcry_md_get_algo_dlen (hashalgo) == qbits/8);
/* Step 2: Check seedlen. */
@@ -1704,8 +1703,8 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
goto leave;
}
val_2 = mpi_alloc_set_ui (2);
- value_w = gcry_mpi_new (pbits);
- value_x = gcry_mpi_new (pbits);
+ value_w = mpi_new (pbits);
+ value_x = mpi_new (pbits);
/* Step 3: n = \lceil L / outlen \rceil - 1 */
value_n = (pbits + qbits - 1) / qbits - 1;
@@ -1721,12 +1720,12 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
{
seedlen = qbits/8;
gcry_assert (seedlen <= sizeof seed_help_buffer);
- gcry_create_nonce (seed_help_buffer, seedlen);
+ _gcry_create_nonce (seed_help_buffer, seedlen);
seed = seed_help_buffer;
}
/* Step 6: U = hash(seed) */
- gcry_md_hash_buffer (hashalgo, value_u, seed, seedlen);
+ _gcry_md_hash_buffer (hashalgo, value_u, seed, seedlen);
/* Step 7: q = 2^{N-1} + U + 1 - (U mod 2) */
if ( !(value_u[qbits/8-1] & 0x01) )
@@ -1738,9 +1737,9 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
break;
}
}
- gcry_mpi_release (prime_q); prime_q = NULL;
- ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
- value_u, sizeof value_u, NULL));
+ _gcry_mpi_release (prime_q); prime_q = NULL;
+ ec = _gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
+ value_u, sizeof value_u, NULL);
if (ec)
goto leave;
mpi_set_highbit (prime_q, qbits-1 );
@@ -1761,7 +1760,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
counter = 0;
/* Generate P. */
- prime_p = gcry_mpi_new (pbits);
+ prime_p = mpi_new (pbits);
for (;;)
{
/* Step 11.1: For j = 0,...n let
@@ -1785,11 +1784,11 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
if (seed_plus[i])
break;
}
- gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
+ _gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
- gcry_mpi_release (tmpval); tmpval = NULL;
- ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
- digest, sizeof digest, NULL));
+ _gcry_mpi_release (tmpval); tmpval = NULL;
+ ec = _gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
+ digest, sizeof digest, NULL);
if (ec)
goto leave;
if (value_j == value_n)
@@ -1853,12 +1852,12 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
*r_hashalgo = hashalgo;
leave:
- gcry_mpi_release (tmpval);
- gcry_mpi_release (value_x);
- gcry_mpi_release (value_w);
- gcry_mpi_release (prime_p);
- gcry_mpi_release (prime_q);
+ _gcry_mpi_release (tmpval);
+ _gcry_mpi_release (value_x);
+ _gcry_mpi_release (value_w);
+ _gcry_mpi_release (prime_p);
+ _gcry_mpi_release (prime_q);
gcry_free (seed_plus);
- gcry_mpi_release (val_2);
+ _gcry_mpi_release (val_2);
return ec;
}
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
index 3e0b5ef2..7f3fd824 100644
--- a/cipher/pubkey-util.c
+++ b/cipher/pubkey-util.c
@@ -62,9 +62,9 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list,
int flags = 0;
int igninvflag = 0;
- for (i=list?gcry_sexp_length (list)-1:0; i > 0; i--)
+ for (i = list ? sexp_length (list)-1 : 0; i > 0; i--)
{
- s = gcry_sexp_nth_data (list, i, &n);
+ s = sexp_nth_data (list, i, &n);
if (!s)
continue; /* Not a data element. */
@@ -225,7 +225,7 @@ get_hash_algo (const char *s, size_t n)
{
memcpy (tmpname, s, n);
tmpname[n] = 0;
- algo = gcry_md_map_name (tmpname);
+ algo = _gcry_md_map_name (tmpname);
gcry_free (tmpname);
}
}
@@ -259,21 +259,21 @@ _gcry_pk_util_get_nbits (gcry_sexp_t list, unsigned int *r_nbits)
*r_nbits = 0;
- list = gcry_sexp_find_token (list, "nbits", 0);
+ list = sexp_find_token (list, "nbits", 0);
if (!list)
return 0; /* No NBITS found. */
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s || n >= DIM (buf) - 1 )
{
/* NBITS given without a cdr. */
- gcry_sexp_release (list);
+ sexp_release (list);
return GPG_ERR_INV_OBJ;
}
memcpy (buf, s, n);
buf[n] = 0;
*r_nbits = (unsigned int)strtoul (buf, NULL, 0);
- gcry_sexp_release (list);
+ sexp_release (list);
return 0;
}
@@ -306,24 +306,24 @@ _gcry_pk_util_get_rsa_use_e (gcry_sexp_t list, unsigned long *r_e)
*r_e = 0;
- list = gcry_sexp_find_token (list, "rsa-use-e", 0);
+ list = sexp_find_token (list, "rsa-use-e", 0);
if (!list)
{
*r_e = 65537; /* Not given, use the value generated by old versions. */
return 0;
}
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s || n >= DIM (buf) - 1 )
{
/* No value or value too large. */
- gcry_sexp_release (list);
+ sexp_release (list);
return GPG_ERR_INV_OBJ;
}
memcpy (buf, s, n);
buf[n] = 0;
*r_e = strtoul (buf, NULL, 0);
- gcry_sexp_release (list);
+ sexp_release (list);
return 0;
}
@@ -350,20 +350,20 @@ _gcry_pk_util_preparse_sigval (gcry_sexp_t s_sig, const char **algo_names,
*r_eccflags = 0;
/* Extract the signature value. */
- l1 = gcry_sexp_find_token (s_sig, "sig-val", 0);
+ l1 = sexp_find_token (s_sig, "sig-val", 0);
if (!l1)
{
rc = GPG_ERR_INV_OBJ; /* Does not contain a signature value object. */
goto leave;
}
- l2 = gcry_sexp_nth (l1, 1);
+ l2 = sexp_nth (l1, 1);
if (!l2)
{
rc = GPG_ERR_NO_OBJ; /* No cadr for the sig object. */
goto leave;
}
- name = _gcry_sexp_nth_string (l2, 0);
+ name = sexp_nth_string (l2, 0);
if (!name)
{
rc = GPG_ERR_INV_OBJ; /* Invalid structure of object. */
@@ -374,15 +374,15 @@ _gcry_pk_util_preparse_sigval (gcry_sexp_t s_sig, const char **algo_names,
/* Skip a "flags" parameter and look again for the algorithm
name. This is not used but here just for the sake of
consistent S-expressions we need to handle it. */
- gcry_sexp_release (l2);
- l2 = gcry_sexp_nth (l1, 2);
+ sexp_release (l2);
+ l2 = sexp_nth (l1, 2);
if (!l2)
{
rc = GPG_ERR_INV_OBJ;
goto leave;
}
gcry_free (name);
- name = _gcry_sexp_nth_string (l2, 0);
+ name = sexp_nth_string (l2, 0);
if (!name)
{
rc = GPG_ERR_INV_OBJ; /* Invalid structure of object. */
@@ -412,8 +412,8 @@ _gcry_pk_util_preparse_sigval (gcry_sexp_t s_sig, const char **algo_names,
leave:
gcry_free (name);
- gcry_sexp_release (l2);
- gcry_sexp_release (l1);
+ sexp_release (l2);
+ sexp_release (l1);
return rc;
}
@@ -453,14 +453,14 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
*r_parms = NULL;
/* Check that the first element is valid. */
- l1 = gcry_sexp_find_token (sexp, "enc-val" , 0);
+ l1 = sexp_find_token (sexp, "enc-val" , 0);
if (!l1)
{
rc = GPG_ERR_INV_OBJ; /* Does not contain an encrypted value object. */
goto leave;
}
- l2 = gcry_sexp_nth (l1, 1);
+ l2 = sexp_nth (l1, 1);
if (!l2)
{
rc = GPG_ERR_NO_OBJ; /* No cadr for the data object. */
@@ -468,7 +468,7 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
}
/* Extract identifier of sublist. */
- name = _gcry_sexp_nth_string (l2, 0);
+ name = sexp_nth_string (l2, 0);
if (!name)
{
rc = GPG_ERR_INV_OBJ; /* Invalid structure of object. */
@@ -493,11 +493,11 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
if (ctx->encoding == PUBKEY_ENC_OAEP)
{
/* Get HASH-ALGO. */
- gcry_sexp_release (l2);
- l2 = gcry_sexp_find_token (l1, "hash-algo", 0);
+ sexp_release (l2);
+ l2 = sexp_find_token (l1, "hash-algo", 0);
if (l2)
{
- s = gcry_sexp_nth_data (l2, 1, &n);
+ s = sexp_nth_data (l2, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else
@@ -511,11 +511,11 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
}
/* Get LABEL. */
- gcry_sexp_release (l2);
- l2 = gcry_sexp_find_token (l1, "label", 0);
+ sexp_release (l2);
+ l2 = sexp_find_token (l1, "label", 0);
if (l2)
{
- s = gcry_sexp_nth_data (l2, 1, &n);
+ s = sexp_nth_data (l2, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else if (n > 0)
@@ -535,9 +535,9 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
}
/* Get the next which has the actual data - skip HASH-ALGO and LABEL. */
- for (i = 2; (gcry_sexp_release (l2), l2 = gcry_sexp_nth (l1, i)); i++)
+ for (i = 2; (sexp_release (l2), l2 = sexp_nth (l1, i)); i++)
{
- s = gcry_sexp_nth_data (l2, 0, &n);
+ s = sexp_nth_data (l2, 0, &n);
if (!(n == 9 && !memcmp (s, "hash-algo", 9))
&& !(n == 5 && !memcmp (s, "label", 5))
&& !(n == 15 && !memcmp (s, "random-override", 15)))
@@ -551,7 +551,7 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
/* Extract sublist identifier. */
gcry_free (name);
- name = _gcry_sexp_nth_string (l2, 0);
+ name = sexp_nth_string (l2, 0);
if (!name)
{
rc = GPG_ERR_INV_OBJ; /* Invalid structure of object. */
@@ -577,8 +577,8 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names,
leave:
gcry_free (name);
- gcry_sexp_release (l2);
- gcry_sexp_release (l1);
+ sexp_release (l2);
+ sexp_release (l1);
return rc;
}
@@ -650,22 +650,22 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
int parsed_flags = 0;
*ret_mpi = NULL;
- ldata = gcry_sexp_find_token (input, "data", 0);
+ ldata = sexp_find_token (input, "data", 0);
if (!ldata)
{ /* assume old style */
- *ret_mpi = gcry_sexp_nth_mpi (input, 0, 0);
+ *ret_mpi = sexp_nth_mpi (input, 0, 0);
return *ret_mpi ? GPG_ERR_NO_ERROR : GPG_ERR_INV_OBJ;
}
/* See whether there is a flags list. */
{
- gcry_sexp_t lflags = gcry_sexp_find_token (ldata, "flags", 0);
+ gcry_sexp_t lflags = sexp_find_token (ldata, "flags", 0);
if (lflags)
{
if (_gcry_pk_util_parse_flaglist (lflags,
&parsed_flags, &ctx->encoding))
unknown_flag = 1;
- gcry_sexp_release (lflags);
+ sexp_release (lflags);
}
}
@@ -673,8 +673,8 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
ctx->encoding = PUBKEY_ENC_RAW; /* default to raw */
/* Get HASH or MPI */
- lhash = gcry_sexp_find_token (ldata, "hash", 0);
- lvalue = lhash? NULL : gcry_sexp_find_token (ldata, "value", 0);
+ lhash = sexp_find_token (ldata, "hash", 0);
+ lvalue = lhash? NULL : sexp_find_token (ldata, "value", 0);
if (!(!lhash ^ !lvalue))
rc = GPG_ERR_INV_OBJ; /* none or both given */
@@ -694,10 +694,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
goto leave;
}
/* Get HASH-ALGO. */
- list = gcry_sexp_find_token (ldata, "hash-algo", 0);
+ list = sexp_find_token (ldata, "hash-algo", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else
@@ -706,7 +706,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
if (!ctx->hash_algo)
rc = GPG_ERR_DIGEST_ALGO;
}
- gcry_sexp_release (list);
+ sexp_release (list);
}
else
rc = GPG_ERR_INV_OBJ;
@@ -714,7 +714,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
goto leave;
/* Get VALUE. */
- value = gcry_sexp_nth_buffer (lvalue, 1, &valuelen);
+ value = sexp_nth_buffer (lvalue, 1, &valuelen);
if (!value)
{
/* We assume that a zero length message is meant by
@@ -734,7 +734,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
goto leave;
/* Note that mpi_set_opaque takes ownership of VALUE. */
- *ret_mpi = gcry_mpi_set_opaque (NULL, value, valuelen*8);
+ *ret_mpi = mpi_set_opaque (NULL, value, valuelen*8);
}
else if (ctx->encoding == PUBKEY_ENC_RAW && lhash
&& ((parsed_flags & PUBKEY_FLAG_RAW_FLAG)
@@ -744,9 +744,9 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
used for DSA. For better backward error compatibility we
allow this only if either the rfc6979 flag has been given or
the raw flags was explicitly given. */
- if (gcry_sexp_length (lhash) != 3)
+ if (sexp_length (lhash) != 3)
rc = GPG_ERR_INV_OBJ;
- else if ( !(s=gcry_sexp_nth_data (lhash, 1, &n)) || !n )
+ else if ( !(s=sexp_nth_data (lhash, 1, &n)) || !n )
rc = GPG_ERR_INV_OBJ;
else
{
@@ -756,7 +756,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
ctx->hash_algo = get_hash_algo (s, n);
if (!ctx->hash_algo)
rc = GPG_ERR_DIGEST_ALGO;
- else if (!(value=gcry_sexp_nth_buffer (lhash, 2, &valuelen)))
+ else if (!(value=sexp_nth_buffer (lhash, 2, &valuelen)))
rc = GPG_ERR_INV_OBJ;
else if ((valuelen * 8) < valuelen)
{
@@ -764,7 +764,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
rc = GPG_ERR_TOO_LARGE;
}
else
- *ret_mpi = gcry_mpi_set_opaque (NULL, value, valuelen*8);
+ *ret_mpi = mpi_set_opaque (NULL, value, valuelen*8);
}
}
else if (ctx->encoding == PUBKEY_ENC_RAW && lvalue)
@@ -778,7 +778,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
}
/* Get the value */
- *ret_mpi = gcry_sexp_nth_mpi (lvalue, 1, GCRYMPI_FMT_USG);
+ *ret_mpi = sexp_nth_mpi (lvalue, 1, GCRYMPI_FMT_USG);
if (!*ret_mpi)
rc = GPG_ERR_INV_OBJ;
}
@@ -791,15 +791,15 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
void *random_override = NULL;
size_t random_override_len = 0;
- if ( !(value=gcry_sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
+ if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
rc = GPG_ERR_INV_OBJ;
else
{
/* Get optional RANDOM-OVERRIDE. */
- list = gcry_sexp_find_token (ldata, "random-override", 0);
+ list = sexp_find_token (ldata, "random-override", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else if (n > 0)
@@ -813,7 +813,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
random_override_len = n;
}
}
- gcry_sexp_release (list);
+ sexp_release (list);
if (rc)
goto leave;
}
@@ -828,9 +828,9 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
else if (ctx->encoding == PUBKEY_ENC_PKCS1 && lhash
&& (ctx->op == PUBKEY_OP_SIGN || ctx->op == PUBKEY_OP_VERIFY))
{
- if (gcry_sexp_length (lhash) != 3)
+ if (sexp_length (lhash) != 3)
rc = GPG_ERR_INV_OBJ;
- else if ( !(s=gcry_sexp_nth_data (lhash, 1, &n)) || !n )
+ else if ( !(s=sexp_nth_data (lhash, 1, &n)) || !n )
rc = GPG_ERR_INV_OBJ;
else
{
@@ -841,7 +841,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
if (!ctx->hash_algo)
rc = GPG_ERR_DIGEST_ALGO;
- else if ( !(value=gcry_sexp_nth_data (lhash, 2, &valuelen))
+ else if ( !(value=sexp_nth_data (lhash, 2, &valuelen))
|| !valuelen )
rc = GPG_ERR_INV_OBJ;
else
@@ -856,7 +856,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
const void * value;
size_t valuelen;
- if ( !(value=gcry_sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
+ if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
rc = GPG_ERR_INV_OBJ;
else
{
@@ -865,10 +865,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
size_t random_override_len = 0;
/* Get HASH-ALGO. */
- list = gcry_sexp_find_token (ldata, "hash-algo", 0);
+ list = sexp_find_token (ldata, "hash-algo", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else
@@ -877,16 +877,16 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
if (!ctx->hash_algo)
rc = GPG_ERR_DIGEST_ALGO;
}
- gcry_sexp_release (list);
+ sexp_release (list);
if (rc)
goto leave;
}
/* Get LABEL. */
- list = gcry_sexp_find_token (ldata, "label", 0);
+ list = sexp_find_token (ldata, "label", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else if (n > 0)
@@ -900,15 +900,15 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
ctx->labellen = n;
}
}
- gcry_sexp_release (list);
+ sexp_release (list);
if (rc)
goto leave;
}
/* Get optional RANDOM-OVERRIDE. */
- list = gcry_sexp_find_token (ldata, "random-override", 0);
+ list = sexp_find_token (ldata, "random-override", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else if (n > 0)
@@ -922,7 +922,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
random_override_len = n;
}
}
- gcry_sexp_release (list);
+ sexp_release (list);
if (rc)
goto leave;
}
@@ -938,9 +938,9 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
else if (ctx->encoding == PUBKEY_ENC_PSS && lhash
&& ctx->op == PUBKEY_OP_SIGN)
{
- if (gcry_sexp_length (lhash) != 3)
+ if (sexp_length (lhash) != 3)
rc = GPG_ERR_INV_OBJ;
- else if ( !(s=gcry_sexp_nth_data (lhash, 1, &n)) || !n )
+ else if ( !(s=sexp_nth_data (lhash, 1, &n)) || !n )
rc = GPG_ERR_INV_OBJ;
else
{
@@ -953,7 +953,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
if (!ctx->hash_algo)
rc = GPG_ERR_DIGEST_ALGO;
- else if ( !(value=gcry_sexp_nth_data (lhash, 2, &valuelen))
+ else if ( !(value=sexp_nth_data (lhash, 2, &valuelen))
|| !valuelen )
rc = GPG_ERR_INV_OBJ;
else
@@ -961,24 +961,24 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
gcry_sexp_t list;
/* Get SALT-LENGTH. */
- list = gcry_sexp_find_token (ldata, "salt-length", 0);
+ list = sexp_find_token (ldata, "salt-length", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
{
rc = GPG_ERR_NO_OBJ;
goto leave;
}
ctx->saltlen = (unsigned int)strtoul (s, NULL, 10);
- gcry_sexp_release (list);
+ sexp_release (list);
}
/* Get optional RANDOM-OVERRIDE. */
- list = gcry_sexp_find_token (ldata, "random-override", 0);
+ list = sexp_find_token (ldata, "random-override", 0);
if (list)
{
- s = gcry_sexp_nth_data (list, 1, &n);
+ s = sexp_nth_data (list, 1, &n);
if (!s)
rc = GPG_ERR_NO_OBJ;
else if (n > 0)
@@ -992,7 +992,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
random_override_len = n;
}
}
- gcry_sexp_release (list);
+ sexp_release (list);
if (rc)
goto leave;
}
@@ -1010,9 +1010,9 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
else if (ctx->encoding == PUBKEY_ENC_PSS && lhash
&& ctx->op == PUBKEY_OP_VERIFY)
{
- if (gcry_sexp_length (lhash) != 3)
+ if (sexp_length (lhash) != 3)
rc = GPG_ERR_INV_OBJ;
- else if ( !(s=gcry_sexp_nth_data (lhash, 1, &n)) || !n )
+ else if ( !(s=sexp_nth_data (lhash, 1, &n)) || !n )
rc = GPG_ERR_INV_OBJ;
else
{
@@ -1022,7 +1022,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
rc = GPG_ERR_DIGEST_ALGO;
else
{
- *ret_mpi = gcry_sexp_nth_mpi (lhash, 2, GCRYMPI_FMT_USG);
+ *ret_mpi = sexp_nth_mpi (lhash, 2, GCRYMPI_FMT_USG);
if (!*ret_mpi)
rc = GPG_ERR_INV_OBJ;
ctx->verify_cmp = pss_verify_cmp;
@@ -1034,9 +1034,9 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
rc = GPG_ERR_CONFLICT;
leave:
- gcry_sexp_release (ldata);
- gcry_sexp_release (lhash);
- gcry_sexp_release (lvalue);
+ sexp_release (ldata);
+ sexp_release (lhash);
+ sexp_release (lvalue);
if (!rc)
ctx->flags = parsed_flags;
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index c1d8bbc6..e89fa950 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -137,34 +137,33 @@ spec_from_sexp (gcry_sexp_t sexp, int want_private,
public key but a private key was supplied, we allow the use of
the private key anyway. The rationale for this is that the
private key is a superset of the public key. */
- list = gcry_sexp_find_token (sexp,
- want_private? "private-key":"public-key", 0);
+ list = sexp_find_token (sexp, want_private? "private-key":"public-key", 0);
if (!list && !want_private)
- list = gcry_sexp_find_token (sexp, "private-key", 0);
+ list = sexp_find_token (sexp, "private-key", 0);
if (!list)
return GPG_ERR_INV_OBJ; /* Does not contain a key object. */
- l2 = gcry_sexp_cadr (list);
- gcry_sexp_release (list);
+ l2 = sexp_cadr (list);
+ sexp_release (list);
list = l2;
- name = _gcry_sexp_nth_string (list, 0);
+ name = sexp_nth_string (list, 0);
if (!name)
{
- gcry_sexp_release ( list );
+ sexp_release ( list );
return GPG_ERR_INV_OBJ; /* Invalid structure of object. */
}
spec = spec_from_name (name);
gcry_free (name);
if (!spec)
{
- gcry_sexp_release (list);
+ sexp_release (list);
return GPG_ERR_PUBKEY_ALGO; /* Unknown algorithm. */
}
*r_spec = spec;
if (r_parms)
*r_parms = list;
else
- gcry_sexp_release (list);
+ sexp_release (list);
return 0;
}
@@ -187,7 +186,7 @@ disable_pubkey_algo (int algo)
* Map a string to the pubkey algo
*/
int
-gcry_pk_map_name (const char *string)
+_gcry_pk_map_name (const char *string)
{
gcry_pk_spec_t *spec;
@@ -206,7 +205,7 @@ gcry_pk_map_name (const char *string)
a string representation of the algorithm name. For unknown
algorithm IDs this functions returns "?". */
const char *
-gcry_pk_algo_name (int algo)
+_gcry_pk_algo_name (int algo)
{
gcry_pk_spec_t *spec;
@@ -312,8 +311,8 @@ pubkey_get_nenc (int algo)
))
*/
-gcry_error_t
-gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
+gcry_err_code_t
+_gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
{
gcry_err_code_t rc;
gcry_pk_spec_t *spec;
@@ -331,8 +330,8 @@ gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (keyparms);
- return gcry_error (rc);
+ sexp_release (keyparms);
+ return rc;
}
@@ -364,8 +363,8 @@ gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
With pkcs1 or oaep decoding enabled the returned value is a
verbatim octet string.
*/
-gcry_error_t
-gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey)
+gcry_err_code_t
+_gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey)
{
gcry_err_code_t rc;
gcry_pk_spec_t *spec;
@@ -383,8 +382,8 @@ gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (keyparms);
- return gcry_error (rc);
+ sexp_release (keyparms);
+ return rc;
}
@@ -417,8 +416,8 @@ gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey)
Note that (hash algo) in R_SIG is not used.
*/
-gcry_error_t
-gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
+gcry_err_code_t
+_gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
{
gcry_err_code_t rc;
gcry_pk_spec_t *spec;
@@ -436,8 +435,8 @@ gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (keyparms);
- return gcry_error (rc);
+ sexp_release (keyparms);
+ return rc;
}
@@ -448,8 +447,8 @@ gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
hashvalue data. Public key has to be a standard public key given
as an S-Exp, sig is a S-Exp as returned from gcry_pk_sign and data
must be an S-Exp like the one in sign too. */
-gcry_error_t
-gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
+gcry_err_code_t
+_gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
{
gcry_err_code_t rc;
gcry_pk_spec_t *spec;
@@ -465,8 +464,8 @@ gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (keyparms);
- return gcry_error (rc);
+ sexp_release (keyparms);
+ return rc;
}
@@ -479,8 +478,8 @@ gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
Returns: 0 or an errorcode.
NOTE: We currently support only secret key checking. */
-gcry_error_t
-gcry_pk_testkey (gcry_sexp_t s_key)
+gcry_err_code_t
+_gcry_pk_testkey (gcry_sexp_t s_key)
{
gcry_err_code_t rc;
gcry_pk_spec_t *spec;
@@ -496,8 +495,8 @@ gcry_pk_testkey (gcry_sexp_t s_key)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (keyparms);
- return gcry_error (rc);
+ sexp_release (keyparms);
+ return rc;
}
@@ -534,8 +533,8 @@ gcry_pk_testkey (gcry_sexp_t s_key)
(pm1-factors n1 n2 ... nn)
))
*/
-gcry_error_t
-gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
+gcry_err_code_t
+_gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
{
gcry_pk_spec_t *spec = NULL;
gcry_sexp_t list = NULL;
@@ -545,15 +544,15 @@ gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
*r_key = NULL;
- list = gcry_sexp_find_token (s_parms, "genkey", 0);
+ list = sexp_find_token (s_parms, "genkey", 0);
if (!list)
{
rc = GPG_ERR_INV_OBJ; /* Does not contain genkey data. */
goto leave;
}
- l2 = gcry_sexp_cadr (list);
- gcry_sexp_release (list);
+ l2 = sexp_cadr (list);
+ sexp_release (list);
list = l2;
l2 = NULL;
if (! list)
@@ -584,11 +583,11 @@ gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
rc = GPG_ERR_NOT_IMPLEMENTED;
leave:
- gcry_sexp_release (list);
+ sexp_release (list);
gcry_free (name);
- gcry_sexp_release (l2);
+ sexp_release (l2);
- return gcry_error (rc);
+ return rc;
}
@@ -598,7 +597,7 @@ gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
Hmmm: Should we have really this function or is it better to have a
more general function to retrieve different properties of the key? */
unsigned int
-gcry_pk_get_nbits (gcry_sexp_t key)
+_gcry_pk_get_nbits (gcry_sexp_t key)
{
gcry_pk_spec_t *spec;
gcry_sexp_t parms;
@@ -614,7 +613,7 @@ gcry_pk_get_nbits (gcry_sexp_t key)
return 0; /* Error - 0 is a suitable indication for that. */
nbits = spec->get_nbits (parms);
- gcry_sexp_release (parms);
+ sexp_release (parms);
return nbits;
}
@@ -627,7 +626,7 @@ gcry_pk_get_nbits (gcry_sexp_t key)
NULL is returned to indicate an error which is most likely an
unknown algorithm. The function accepts public or secret keys. */
unsigned char *
-gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
+_gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
{
gcry_sexp_t list = NULL;
gcry_sexp_t l2 = NULL;
@@ -640,18 +639,18 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
int okay = 0;
/* Check that the first element is valid. */
- list = gcry_sexp_find_token (key, "public-key", 0);
+ list = sexp_find_token (key, "public-key", 0);
if (! list)
- list = gcry_sexp_find_token (key, "private-key", 0);
+ list = sexp_find_token (key, "private-key", 0);
if (! list)
- list = gcry_sexp_find_token (key, "protected-private-key", 0);
+ list = sexp_find_token (key, "protected-private-key", 0);
if (! list)
- list = gcry_sexp_find_token (key, "shadowed-private-key", 0);
+ list = sexp_find_token (key, "shadowed-private-key", 0);
if (! list)
return NULL; /* No public- or private-key object. */
- l2 = gcry_sexp_cadr (list);
- gcry_sexp_release (list);
+ l2 = sexp_cadr (list);
+ sexp_release (list);
list = l2;
l2 = NULL;
@@ -667,7 +666,7 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
if (!elems)
goto fail; /* No grip parameter. */
- if (gcry_md_open (&md, GCRY_MD_SHA1, 0))
+ if (_gcry_md_open (&md, GCRY_MD_SHA1, 0))
goto fail;
if (spec->comp_keygrip)
@@ -685,19 +684,19 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
size_t datalen;
char buf[30];
- l2 = gcry_sexp_find_token (list, s, 1);
+ l2 = sexp_find_token (list, s, 1);
if (! l2)
goto fail;
- data = gcry_sexp_nth_data (l2, 1, &datalen);
+ data = sexp_nth_data (l2, 1, &datalen);
if (! data)
goto fail;
snprintf (buf, sizeof buf, "(1:%c%u:", *s, (unsigned int)datalen);
- gcry_md_write (md, buf, strlen (buf));
- gcry_md_write (md, data, datalen);
- gcry_sexp_release (l2);
+ _gcry_md_write (md, buf, strlen (buf));
+ _gcry_md_write (md, data, datalen);
+ sexp_release (l2);
l2 = NULL;
- gcry_md_write (md, ")", 1);
+ _gcry_md_write (md, ")", 1);
}
}
@@ -708,21 +707,21 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
goto fail;
}
- memcpy (array, gcry_md_read (md, GCRY_MD_SHA1), 20);
+ memcpy (array, _gcry_md_read (md, GCRY_MD_SHA1), 20);
okay = 1;
fail:
gcry_free (name);
- gcry_sexp_release (l2);
- gcry_md_close (md);
- gcry_sexp_release (list);
+ sexp_release (l2);
+ _gcry_md_close (md);
+ sexp_release (list);
return okay? array : NULL;
}
const char *
-gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits)
+_gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits)
{
const char *result = NULL;
gcry_pk_spec_t *spec;
@@ -748,14 +747,14 @@ gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits)
if (spec->get_curve)
result = spec->get_curve (keyparms, iterator, r_nbits);
- gcry_sexp_release (keyparms);
+ sexp_release (keyparms);
return result;
}
gcry_sexp_t
-gcry_pk_get_param (int algo, const char *name)
+_gcry_pk_get_param (int algo, const char *name)
{
gcry_sexp_t result = NULL;
gcry_pk_spec_t *spec = NULL;
@@ -776,10 +775,10 @@ gcry_pk_get_param (int algo, const char *name)
-gcry_error_t
-gcry_pk_ctl (int cmd, void *buffer, size_t buflen)
+gcry_err_code_t
+_gcry_pk_ctl (int cmd, void *buffer, size_t buflen)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
switch (cmd)
{
@@ -787,16 +786,16 @@ gcry_pk_ctl (int cmd, void *buffer, size_t buflen)
/* This one expects a buffer pointing to an integer with the
algo number. */
if ((! buffer) || (buflen != sizeof (int)))
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else
disable_pubkey_algo (*((int *) buffer));
break;
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
@@ -821,10 +820,10 @@ gcry_pk_ctl (int cmd, void *buffer, size_t buflen)
the return value. The caller will in all cases consult the value
and thereby detecting whether a error occurred or not (i.e. while
checking the block size) */
-gcry_error_t
-gcry_pk_algo_info (int algorithm, int what, void *buffer, size_t *nbytes)
+gcry_err_code_t
+_gcry_pk_algo_info (int algorithm, int what, void *buffer, size_t *nbytes)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
+ gcry_err_code_t rc = 0;
switch (what)
{
@@ -832,9 +831,9 @@ gcry_pk_algo_info (int algorithm, int what, void *buffer, size_t *nbytes)
{
int use = nbytes ? *nbytes : 0;
if (buffer)
- err = GPG_ERR_INV_ARG;
+ rc = GPG_ERR_INV_ARG;
else if (check_pubkey_algo (algorithm, use))
- err = GPG_ERR_PUBKEY_ALGO;
+ rc = GPG_ERR_PUBKEY_ALGO;
break;
}
@@ -877,10 +876,10 @@ gcry_pk_algo_info (int algorithm, int what, void *buffer, size_t *nbytes)
}
default:
- err = GPG_ERR_INV_OP;
+ rc = GPG_ERR_INV_OP;
}
- return gcry_error (err);
+ return rc;
}
diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c
index b1b212fd..65b007f1 100644
--- a/cipher/rsa-common.c
+++ b/cipher/rsa-common.c
@@ -73,7 +73,6 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits,
size_t random_override_len)
{
gcry_err_code_t rc = 0;
- gcry_error_t err;
unsigned char *frame = NULL;
size_t nframe = (nbits+7) / 8;
int i;
@@ -116,7 +115,7 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits,
}
else
{
- p = gcry_random_bytes_secure (i, GCRY_STRONG_RANDOM);
+ p = _gcry_random_bytes_secure (i, GCRY_STRONG_RANDOM);
/* Replace zero bytes by new values. */
for (;;)
{
@@ -133,7 +132,7 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits,
break; /* Okay: no (more) zero bytes. */
k += k/128 + 3; /* Better get some more. */
- pp = gcry_random_bytes_secure (k, GCRY_STRONG_RANDOM);
+ pp = _gcry_random_bytes_secure (k, GCRY_STRONG_RANDOM);
for (j=0; j < i && k; )
{
if (!p[j])
@@ -153,10 +152,8 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits,
n += valuelen;
gcry_assert (n == nframe);
- err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe);
- if (err)
- rc = gcry_err_code (err);
- else if (DBG_CIPHER)
+ rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe);
+ if (!rc &&DBG_CIPHER)
log_mpidump ("PKCS#1 block type 2 encoded data", *r_result);
gcry_free (frame);
@@ -182,7 +179,7 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen,
if ( !(frame = gcry_malloc_secure (nframe)))
return gpg_err_code_from_syserror ();
- err = gcry_mpi_print (GCRYMPI_FMT_USG, frame, nframe, &n, value);
+ err = _gcry_mpi_print (GCRYMPI_FMT_USG, frame, nframe, &n, value);
if (err)
{
gcry_free (frame);
@@ -265,7 +262,6 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
int algo)
{
gcry_err_code_t rc = 0;
- gcry_error_t err;
byte asn[100];
byte *frame = NULL;
size_t nframe = (nbits+7) / 8;
@@ -274,9 +270,9 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
size_t asnlen, dlen;
asnlen = DIM(asn);
- dlen = gcry_md_get_algo_dlen (algo);
+ dlen = _gcry_md_get_algo_dlen (algo);
- if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
+ if (_gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
{
/* We don't have yet all of the above algorithms. */
return GPG_ERR_NOT_IMPLEMENTED;
@@ -315,10 +311,8 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
gcry_assert (n == nframe);
/* Convert it into an MPI. */
- err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe);
- if (err)
- rc = gcry_err_code (err);
- else if (DBG_CIPHER)
+ rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe);
+ if (!rc && DBG_CIPHER)
log_mpidump ("PKCS#1 block type 1 encoded data", *r_result);
gcry_free (frame);
@@ -336,11 +330,11 @@ mgf1 (unsigned char *output, size_t outlen, unsigned char *seed, size_t seedlen,
gcry_md_hd_t hd;
gcry_error_t err;
- err = gcry_md_open (&hd, algo, 0);
+ err = _gcry_md_open (&hd, algo, 0);
if (err)
- return gpg_err_code (err);
+ return err;
- dlen = gcry_md_get_algo_dlen (algo);
+ dlen = _gcry_md_get_algo_dlen (algo);
/* We skip step 1 which would be assert(OUTLEN <= 2^32). The loop
in step 3 is merged with step 4 by concatenating no more octets
@@ -353,7 +347,7 @@ mgf1 (unsigned char *output, size_t outlen, unsigned char *seed, size_t seedlen,
unsigned char c[4], *digest;
if (idx)
- gcry_md_reset (hd);
+ _gcry_md_reset (hd);
c[0] = (idx >> 24) & 0xFF;
c[1] = (idx >> 16) & 0xFF;
@@ -361,16 +355,16 @@ mgf1 (unsigned char *output, size_t outlen, unsigned char *seed, size_t seedlen,
c[3] = idx & 0xFF;
idx++;
- gcry_md_write (hd, seed, seedlen);
- gcry_md_write (hd, c, 4);
- digest = gcry_md_read (hd, 0);
+ _gcry_md_write (hd, seed, seedlen);
+ _gcry_md_write (hd, c, 4);
+ digest = _gcry_md_read (hd, 0);
n = (outlen - nbytes < dlen)? (outlen - nbytes) : dlen;
memcpy (output+nbytes, digest, n);
nbytes += n;
}
- gcry_md_close (hd);
+ _gcry_md_close (hd);
return GPG_ERR_NO_ERROR;
}
@@ -413,7 +407,6 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
const void *random_override, size_t random_override_len)
{
gcry_err_code_t rc = 0;
- gcry_error_t err;
unsigned char *frame = NULL;
size_t nframe = (nbits+7) / 8;
unsigned char *p;
@@ -429,7 +422,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
labellen = 0;
}
- hlen = gcry_md_get_algo_dlen (algo);
+ hlen = _gcry_md_get_algo_dlen (algo);
/* We skip step 1a which would be to check that LABELLEN is not
greater than 2^61-1. See rfc-3447 7.1.1. */
@@ -449,7 +442,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
/* Step 2a: Compute the hash of the label. We store it in the frame
where later the maskedDB will commence. */
- gcry_md_hash_buffer (algo, frame + 1 + hlen, label, labellen);
+ _gcry_md_hash_buffer (algo, frame + 1 + hlen, label, labellen);
/* Step 2b: Set octet string to zero. */
/* This has already been done while allocating FRAME. */
@@ -471,7 +464,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
memcpy (frame + 1, random_override, hlen);
}
else
- gcry_randomize (frame + 1, hlen, GCRY_STRONG_RANDOM);
+ _gcry_randomize (frame + 1, hlen, GCRY_STRONG_RANDOM);
/* Step 2e and 2f: Create maskedDB. */
{
@@ -523,10 +516,8 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
/* This has already been done by using in-place operations. */
/* Convert the stuff into an MPI as expected by the caller. */
- err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, nframe, NULL);
- if (err)
- rc = gcry_err_code (err);
- else if (DBG_CIPHER)
+ rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, nframe, NULL);
+ if (!rc && DBG_CIPHER)
log_mpidump ("OAEP encoded data", *r_result);
gcry_free (frame);
@@ -574,13 +565,13 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen,
}
/* Get the length of the digest. */
- hlen = gcry_md_get_algo_dlen (algo);
+ hlen = _gcry_md_get_algo_dlen (algo);
/* Hash the label right away. */
lhash = gcry_malloc (hlen);
if (!lhash)
return gpg_err_code_from_syserror ();
- gcry_md_hash_buffer (algo, lhash, label, labellen);
+ _gcry_md_hash_buffer (algo, lhash, label, labellen);
/* Turn the MPI into an octet string. If the octet string is
shorter than the key we pad it to the left with zeroes. This may
@@ -725,7 +716,6 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
const void *random_override, size_t random_override_len)
{
gcry_err_code_t rc = 0;
- gcry_error_t err;
size_t hlen; /* Length of the hash digest. */
unsigned char *em = NULL; /* Encoded message. */
size_t emlen = (nbits+7)/8; /* Length in bytes of EM. */
@@ -741,7 +731,7 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
/* This code is implemented as described by rfc-3447 9.1.1. */
/* Get the length of the digest. */
- hlen = gcry_md_get_algo_dlen (algo);
+ hlen = _gcry_md_get_algo_dlen (algo);
gcry_assert (hlen); /* We expect a valid ALGO here. */
/* Allocate a help buffer and setup some pointers. */
@@ -794,12 +784,12 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
memcpy (salt, random_override, saltlen);
}
else
- gcry_randomize (salt, saltlen, GCRY_STRONG_RANDOM);
+ _gcry_randomize (salt, saltlen, GCRY_STRONG_RANDOM);
}
/* Step 5 and 6: M' = Hash(Padding1 || mHash || salt). */
memset (buf, 0, 8); /* Padding. */
- gcry_md_hash_buffer (algo, h, buf, 8 + hlen + saltlen);
+ _gcry_md_hash_buffer (algo, h, buf, 8 + hlen + saltlen);
/* Step 7 and 8: DB = PS || 0x01 || salt. */
/* Note that we use EM to store DB and later Xor in-place. */
@@ -822,10 +812,8 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
em[emlen-1] = 0xbc;
/* Convert EM into an MPI. */
- err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, em, emlen, NULL);
- if (err)
- rc = gcry_err_code (err);
- else if (DBG_CIPHER)
+ rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, em, emlen, NULL);
+ if (!rc && DBG_CIPHER)
log_mpidump ("PSS encoded data", *r_result);
leave:
@@ -869,7 +857,7 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, gcry_mpi_t encoded,
/* This code is implemented as described by rfc-3447 9.1.2. */
/* Get the length of the digest. */
- hlen = gcry_md_get_algo_dlen (algo);
+ hlen = _gcry_md_get_algo_dlen (algo);
gcry_assert (hlen); /* We expect a valid ALGO here. */
/* Allocate a help buffer and setup some pointers.
@@ -965,7 +953,7 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, gcry_mpi_t encoded,
memcpy (buf+8+hlen, salt, saltlen);
/* Step 13: H' = Hash(M'). */
- gcry_md_hash_buffer (algo, buf, buf, 8 + hlen + saltlen);
+ _gcry_md_hash_buffer (algo, buf, buf, 8 + hlen + saltlen);
/* Step 14: Check H == H'. */
rc = memcmp (h, buf, hlen) ? GPG_ERR_BAD_SIGNATURE : GPG_ERR_NO_ERROR;
diff --git a/cipher/rsa.c b/cipher/rsa.c
index fed52a1f..a40edaa6 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -107,56 +107,56 @@ test_keys (RSA_secret_key *sk, unsigned int nbits)
{
int result = -1; /* Default to failure. */
RSA_public_key pk;
- gcry_mpi_t plaintext = gcry_mpi_new (nbits);
- gcry_mpi_t ciphertext = gcry_mpi_new (nbits);
- gcry_mpi_t decr_plaintext = gcry_mpi_new (nbits);
- gcry_mpi_t signature = gcry_mpi_new (nbits);
+ gcry_mpi_t plaintext = mpi_new (nbits);
+ gcry_mpi_t ciphertext = mpi_new (nbits);
+ gcry_mpi_t decr_plaintext = mpi_new (nbits);
+ gcry_mpi_t signature = mpi_new (nbits);
/* Put the relevant parameters into a public key structure. */
pk.n = sk->n;
pk.e = sk->e;
/* Create a random plaintext. */
- gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
+ _gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
/* Encrypt using the public key. */
public (ciphertext, plaintext, &pk);
/* Check that the cipher text does not match the plaintext. */
- if (!gcry_mpi_cmp (ciphertext, plaintext))
+ if (!mpi_cmp (ciphertext, plaintext))
goto leave; /* Ciphertext is identical to the plaintext. */
/* Decrypt using the secret key. */
secret (decr_plaintext, ciphertext, sk);
/* Check that the decrypted plaintext matches the original plaintext. */
- if (gcry_mpi_cmp (decr_plaintext, plaintext))
+ if (mpi_cmp (decr_plaintext, plaintext))
goto leave; /* Plaintext does not match. */
/* Create another random plaintext as data for signature checking. */
- gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
+ _gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
/* Use the RSA secret function to create a signature of the plaintext. */
secret (signature, plaintext, sk);
/* Use the RSA public function to verify this signature. */
public (decr_plaintext, signature, &pk);
- if (gcry_mpi_cmp (decr_plaintext, plaintext))
+ if (mpi_cmp (decr_plaintext, plaintext))
goto leave; /* Signature does not match. */
/* Modify the signature and check that the signing fails. */
- gcry_mpi_add_ui (signature, signature, 1);
+ mpi_add_ui (signature, signature, 1);
public (decr_plaintext, signature, &pk);
- if (!gcry_mpi_cmp (decr_plaintext, plaintext))
+ if (!mpi_cmp (decr_plaintext, plaintext))
goto leave; /* Signature matches but should not. */
result = 0; /* All tests succeeded. */
leave:
- gcry_mpi_release (signature);
- gcry_mpi_release (decr_plaintext);
- gcry_mpi_release (ciphertext);
- gcry_mpi_release (plaintext);
+ _gcry_mpi_release (signature);
+ _gcry_mpi_release (decr_plaintext);
+ _gcry_mpi_release (ciphertext);
+ _gcry_mpi_release (plaintext);
return result;
}
@@ -172,8 +172,8 @@ check_exponent (void *arg, gcry_mpi_t a)
mpi_sub_ui (a, a, 1);
tmp = _gcry_mpi_alloc_like (a);
- result = !gcry_mpi_gcd(tmp, e, a); /* GCD is not 1. */
- gcry_mpi_release (tmp);
+ result = !mpi_gcd(tmp, e, a); /* GCD is not 1. */
+ _gcry_mpi_release (tmp);
mpi_add_ui (a, a, 1);
return result;
}
@@ -239,16 +239,16 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
mpi_set_ui (e, use_e);
}
- n = gcry_mpi_new (nbits);
+ n = mpi_new (nbits);
p = q = NULL;
do
{
/* select two (very secret) primes */
if (p)
- gcry_mpi_release (p);
+ _gcry_mpi_release (p);
if (q)
- gcry_mpi_release (q);
+ _gcry_mpi_release (q);
if (use_e)
{ /* Do an extra test to ensure that the given exponent is
suitable. */
@@ -272,16 +272,16 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
/* calculate Euler totient: phi = (p-1)(q-1) */
t1 = mpi_alloc_secure( mpi_get_nlimbs(p) );
t2 = mpi_alloc_secure( mpi_get_nlimbs(p) );
- phi = gcry_mpi_snew ( nbits );
- g = gcry_mpi_snew ( nbits );
- f = gcry_mpi_snew ( nbits );
+ phi = mpi_snew ( nbits );
+ g = mpi_snew ( nbits );
+ f = mpi_snew ( nbits );
mpi_sub_ui( t1, p, 1 );
mpi_sub_ui( t2, q, 1 );
mpi_mul( phi, t1, t2 );
- gcry_mpi_gcd(g, t1, t2);
+ mpi_gcd (g, t1, t2);
mpi_fdiv_q(f, phi, g);
- while (!gcry_mpi_gcd(t1, e, phi)) /* (while gcd is not 1) */
+ while (!mpi_gcd(t1, e, phi)) /* (while gcd is not 1) */
{
if (use_e)
BUG (); /* The prime generator already made sure that we
@@ -290,10 +290,10 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
}
/* calculate the secret key d = e^1 mod phi */
- d = gcry_mpi_snew ( nbits );
- mpi_invm(d, e, f );
+ d = mpi_snew ( nbits );
+ mpi_invm (d, e, f );
/* calculate the inverse of p and q (used for chinese remainder theorem)*/
- u = gcry_mpi_snew ( nbits );
+ u = mpi_snew ( nbits );
mpi_invm(u, p, q );
if( DBG_CIPHER )
@@ -309,11 +309,11 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
log_mpidump(" u= ", u );
}
- gcry_mpi_release (t1);
- gcry_mpi_release (t2);
- gcry_mpi_release (phi);
- gcry_mpi_release (f);
- gcry_mpi_release (g);
+ _gcry_mpi_release (t1);
+ _gcry_mpi_release (t2);
+ _gcry_mpi_release (phi);
+ _gcry_mpi_release (f);
+ _gcry_mpi_release (g);
sk->n = n;
sk->e = e;
@@ -325,12 +325,12 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
/* Now we can test our keys. */
if (test_keys (sk, nbits - 64))
{
- gcry_mpi_release (sk->n); sk->n = NULL;
- gcry_mpi_release (sk->e); sk->e = NULL;
- gcry_mpi_release (sk->p); sk->p = NULL;
- gcry_mpi_release (sk->q); sk->q = NULL;
- gcry_mpi_release (sk->d); sk->d = NULL;
- gcry_mpi_release (sk->u); sk->u = NULL;
+ _gcry_mpi_release (sk->n); sk->n = NULL;
+ _gcry_mpi_release (sk->e); sk->e = NULL;
+ _gcry_mpi_release (sk->p); sk->p = NULL;
+ _gcry_mpi_release (sk->q); sk->q = NULL;
+ _gcry_mpi_release (sk->d); sk->d = NULL;
+ _gcry_mpi_release (sk->u); sk->u = NULL;
fips_signal_error ("self-test after key generation failed");
return GPG_ERR_SELFTEST_FAILED;
}
@@ -345,8 +345,8 @@ gen_x931_parm_xp (unsigned int nbits)
{
gcry_mpi_t xp;
- xp = gcry_mpi_snew (nbits);
- gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM);
+ xp = mpi_snew (nbits);
+ _gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM);
/* The requirement for Xp is:
@@ -369,8 +369,8 @@ gen_x931_parm_xi (void)
{
gcry_mpi_t xi;
- xi = gcry_mpi_snew (101);
- gcry_mpi_randomize (xi, 101, GCRY_VERY_STRONG_RANDOM);
+ xi = mpi_snew (101);
+ _gcry_mpi_randomize (xi, 101, GCRY_VERY_STRONG_RANDOM);
mpi_set_highbit (xi, 100);
gcry_assert ( mpi_get_nbits (xi) == 101 );
@@ -436,15 +436,15 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
/* Not given: Generate them. */
xp = gen_x931_parm_xp (nbits/2);
/* Make sure that |xp - xq| > 2^{nbits - 100} holds. */
- tmpval = gcry_mpi_snew (nbits/2);
+ tmpval = mpi_snew (nbits/2);
do
{
- gcry_mpi_release (xq);
+ _gcry_mpi_release (xq);
xq = gen_x931_parm_xp (nbits/2);
mpi_sub (tmpval, xp, xq);
}
while (mpi_get_nbits (tmpval) <= (nbits/2 - 100));
- gcry_mpi_release (tmpval);
+ _gcry_mpi_release (tmpval);
xp1 = gen_x931_parm_xi ();
xp2 = gen_x931_parm_xi ();
@@ -479,12 +479,11 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
for (idx=0; tbl[idx].name; idx++)
{
- oneparm = gcry_sexp_find_token (deriveparms, tbl[idx].name, 0);
+ oneparm = sexp_find_token (deriveparms, tbl[idx].name, 0);
if (oneparm)
{
- *tbl[idx].value = gcry_sexp_nth_mpi (oneparm, 1,
- GCRYMPI_FMT_USG);
- gcry_sexp_release (oneparm);
+ *tbl[idx].value = sexp_nth_mpi (oneparm, 1, GCRYMPI_FMT_USG);
+ sexp_release (oneparm);
}
}
for (idx=0; tbl[idx].name; idx++)
@@ -494,7 +493,7 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
{
/* At least one parameter is missing. */
for (idx=0; tbl[idx].name; idx++)
- gcry_mpi_release (*tbl[idx].value);
+ _gcry_mpi_release (*tbl[idx].value);
return GPG_ERR_MISSING_VALUE;
}
}
@@ -504,17 +503,17 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
/* Find two prime numbers. */
p = _gcry_derive_x931_prime (xp, xp1, xp2, e, NULL, NULL);
q = _gcry_derive_x931_prime (xq, xq1, xq2, e, NULL, NULL);
- gcry_mpi_release (xp); xp = NULL;
- gcry_mpi_release (xp1); xp1 = NULL;
- gcry_mpi_release (xp2); xp2 = NULL;
- gcry_mpi_release (xq); xq = NULL;
- gcry_mpi_release (xq1); xq1 = NULL;
- gcry_mpi_release (xq2); xq2 = NULL;
+ _gcry_mpi_release (xp); xp = NULL;
+ _gcry_mpi_release (xp1); xp1 = NULL;
+ _gcry_mpi_release (xp2); xp2 = NULL;
+ _gcry_mpi_release (xq); xq = NULL;
+ _gcry_mpi_release (xq1); xq1 = NULL;
+ _gcry_mpi_release (xq2); xq2 = NULL;
if (!p || !q)
{
- gcry_mpi_release (p);
- gcry_mpi_release (q);
- gcry_mpi_release (e);
+ _gcry_mpi_release (p);
+ _gcry_mpi_release (q);
+ _gcry_mpi_release (e);
return GPG_ERR_NO_PRIME;
}
}
@@ -527,26 +526,26 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
mpi_swap (p, q);
*swapped = 1;
}
- n = gcry_mpi_new (nbits);
+ n = mpi_new (nbits);
mpi_mul (n, p, q);
/* Compute the Euler totient: phi = (p-1)(q-1) */
- pm1 = gcry_mpi_snew (nbits/2);
- qm1 = gcry_mpi_snew (nbits/2);
- phi = gcry_mpi_snew (nbits);
+ pm1 = mpi_snew (nbits/2);
+ qm1 = mpi_snew (nbits/2);
+ phi = mpi_snew (nbits);
mpi_sub_ui (pm1, p, 1);
mpi_sub_ui (qm1, q, 1);
mpi_mul (phi, pm1, qm1);
- g = gcry_mpi_snew (nbits);
- gcry_assert (gcry_mpi_gcd (g, e, phi));
+ g = mpi_snew (nbits);
+ gcry_assert (mpi_gcd (g, e, phi));
/* Compute: f = lcm(p-1,q-1) = phi / gcd(p-1,q-1) */
- gcry_mpi_gcd (g, pm1, qm1);
+ mpi_gcd (g, pm1, qm1);
f = pm1; pm1 = NULL;
- gcry_mpi_release (qm1); qm1 = NULL;
+ _gcry_mpi_release (qm1); qm1 = NULL;
mpi_fdiv_q (f, phi, g);
- gcry_mpi_release (phi); phi = NULL;
+ _gcry_mpi_release (phi); phi = NULL;
d = g; g = NULL;
/* Compute the secret key: d = e^{-1} mod lcm(p-1,q-1) */
mpi_invm (d, e, f);
@@ -578,12 +577,12 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
/* Now we can test our keys. */
if (test_keys (sk, nbits - 64))
{
- gcry_mpi_release (sk->n); sk->n = NULL;
- gcry_mpi_release (sk->e); sk->e = NULL;
- gcry_mpi_release (sk->p); sk->p = NULL;
- gcry_mpi_release (sk->q); sk->q = NULL;
- gcry_mpi_release (sk->d); sk->d = NULL;
- gcry_mpi_release (sk->u); sk->u = NULL;
+ _gcry_mpi_release (sk->n); sk->n = NULL;
+ _gcry_mpi_release (sk->e); sk->e = NULL;
+ _gcry_mpi_release (sk->p); sk->p = NULL;
+ _gcry_mpi_release (sk->q); sk->q = NULL;
+ _gcry_mpi_release (sk->d); sk->d = NULL;
+ _gcry_mpi_release (sk->u); sk->u = NULL;
fips_signal_error ("self-test after key generation failed");
return GPG_ERR_SELFTEST_FAILED;
}
@@ -775,25 +774,25 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
return ec;
/* Parse the optional flags list. */
- l1 = gcry_sexp_find_token (genparms, "flags", 0);
+ l1 = sexp_find_token (genparms, "flags", 0);
if (l1)
{
ec = _gcry_pk_util_parse_flaglist (l1, &flags, NULL);
- gcry_sexp_release (l1);
+ sexp_release (l1);
if (ec)
return ec;
}
deriveparms = (genparms?
- gcry_sexp_find_token (genparms, "derive-parms", 0) : NULL);
+ sexp_find_token (genparms, "derive-parms", 0) : NULL);
if (!deriveparms)
{
/* Parse the optional "use-x931" flag. */
- l1 = gcry_sexp_find_token (genparms, "use-x931", 0);
+ l1 = sexp_find_token (genparms, "use-x931", 0);
if (l1)
{
flags |= PUBKEY_FLAG_USE_X931;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
}
@@ -801,20 +800,20 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
{
int swapped;
ec = generate_x931 (&sk, nbits, evalue, deriveparms, &swapped);
- gcry_sexp_release (deriveparms);
+ sexp_release (deriveparms);
if (!ec && swapped)
- ec = gcry_sexp_new (&swap_info, "(misc-key-info(p-q-swapped))", 0, 1);
+ ec = sexp_new (&swap_info, "(misc-key-info(p-q-swapped))", 0, 1);
}
else
{
/* Parse the optional "transient-key" flag. */
if (!(flags & PUBKEY_FLAG_TRANSIENT_KEY))
{
- l1 = gcry_sexp_find_token (genparms, "transient-key", 0);
+ l1 = sexp_find_token (genparms, "transient-key", 0);
if (l1)
{
flags |= PUBKEY_FLAG_TRANSIENT_KEY;
- gcry_sexp_release (l1);
+ sexp_release (l1);
}
}
/* Generate. */
@@ -824,16 +823,16 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
if (!ec)
{
- ec = gcry_sexp_build (r_skey, NULL,
- "(key-data"
- " (public-key"
- " (rsa(n%m)(e%m)))"
- " (private-key"
- " (rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))"
- " %S)",
- sk.n, sk.e,
- sk.n, sk.e, sk.d, sk.p, sk.q, sk.u,
- swap_info);
+ ec = sexp_build (r_skey, NULL,
+ "(key-data"
+ " (public-key"
+ " (rsa(n%m)(e%m)))"
+ " (private-key"
+ " (rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))"
+ " %S)",
+ sk.n, sk.e,
+ sk.n, sk.e, sk.d, sk.p, sk.q, sk.u,
+ swap_info);
}
mpi_free (sk.n);
@@ -842,7 +841,7 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
mpi_free (sk.q);
mpi_free (sk.d);
mpi_free (sk.u);
- gcry_sexp_release (swap_info);
+ sexp_release (swap_info);
return ec;
}
@@ -855,9 +854,9 @@ rsa_check_secret_key (gcry_sexp_t keyparms)
RSA_secret_key sk = {NULL, NULL, NULL, NULL, NULL, NULL};
/* To check the key we need the optional parameters. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "nedpqu",
- &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "nedpqu",
+ &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
+ NULL);
if (rc)
goto leave;
@@ -865,12 +864,12 @@ rsa_check_secret_key (gcry_sexp_t keyparms)
rc = GPG_ERR_BAD_SECKEY;
leave:
- gcry_mpi_release (sk.n);
- gcry_mpi_release (sk.e);
- gcry_mpi_release (sk.d);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.u);
+ _gcry_mpi_release (sk.n);
+ _gcry_mpi_release (sk.e);
+ _gcry_mpi_release (sk.d);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.u);
if (DBG_CIPHER)
log_debug ("rsa_testkey => %s\n", gpg_strerror (rc));
return rc;
@@ -902,7 +901,7 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "ne", &pk.n, &pk.e, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "ne", &pk.n, &pk.e, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -912,7 +911,7 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Do RSA computation and build result. */
- ciph = gcry_mpi_new (0);
+ ciph = mpi_new (0);
public (ciph, data, &pk);
if (DBG_CIPHER)
log_mpidump ("rsa_encrypt res", ciph);
@@ -926,19 +925,18 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_mpi_to_octet_string (&em, NULL, ciph, emlen);
if (!rc)
{
- rc = gcry_sexp_build (r_ciph, NULL,
- "(enc-val(rsa(a%b)))", (int)emlen, em);
+ rc = sexp_build (r_ciph, NULL, "(enc-val(rsa(a%b)))", (int)emlen, em);
gcry_free (em);
}
}
else
- rc = gcry_sexp_build (r_ciph, NULL, "(enc-val(rsa(a%m)))", ciph);
+ rc = sexp_build (r_ciph, NULL, "(enc-val(rsa(a%m)))", ciph);
leave:
- gcry_mpi_release (ciph);
- gcry_mpi_release (pk.n);
- gcry_mpi_release (pk.e);
- gcry_mpi_release (data);
+ _gcry_mpi_release (ciph);
+ _gcry_mpi_release (pk.n);
+ _gcry_mpi_release (pk.e);
+ _gcry_mpi_release (data);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("rsa_encrypt => %s\n", gpg_strerror (rc));
@@ -969,7 +967,7 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_pk_util_preparse_encval (s_data, rsa_names, &l1, &ctx);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL, "a", &data, NULL);
+ rc = sexp_extract_param (l1, NULL, "a", &data, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -981,9 +979,9 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "nedp?q?u?",
- &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "nedp?q?u?",
+ &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
+ NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -999,7 +997,7 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
}
- plain = gcry_mpi_snew (ctx.nbits);
+ plain = mpi_snew (ctx.nbits);
/* We use blinding by default to mitigate timing attacks which can
be practically mounted over the network as shown by Brumley and
@@ -1011,13 +1009,13 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
random number needs to be only unpredictable, thus we employ
the gcry_create_nonce function by using GCRY_WEAK_RANDOM with
gcry_mpi_randomize. */
- r = gcry_mpi_snew (ctx.nbits);
- ri = gcry_mpi_snew (ctx.nbits);
- bldata = gcry_mpi_snew (ctx.nbits);
+ r = mpi_snew (ctx.nbits);
+ ri = mpi_snew (ctx.nbits);
+ bldata = mpi_snew (ctx.nbits);
- gcry_mpi_randomize (r, ctx.nbits, GCRY_WEAK_RANDOM);
- gcry_mpi_mod (r, r, sk.n);
- if (!gcry_mpi_invm (ri, r, sk.n))
+ _gcry_mpi_randomize (r, ctx.nbits, GCRY_WEAK_RANDOM);
+ mpi_mod (r, r, sk.n);
+ if (!mpi_invm (ri, r, sk.n))
{
rc = GPG_ERR_INTERNAL;
goto leave;
@@ -1026,20 +1024,20 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
/* Do blinding. We calculate: y = (x * r^e) mod n, where r is
the random number, e is the public exponent, x is the
non-blinded data and n is the RSA modulus. */
- gcry_mpi_powm (bldata, r, sk.e, sk.n);
- gcry_mpi_mulm (bldata, bldata, data, sk.n);
+ mpi_powm (bldata, r, sk.e, sk.n);
+ mpi_mulm (bldata, bldata, data, sk.n);
/* Perform decryption. */
secret (plain, bldata, &sk);
- gcry_mpi_release (bldata); bldata = NULL;
+ _gcry_mpi_release (bldata); bldata = NULL;
/* Undo blinding. Here we calculate: y = (x * r^-1) mod n,
where x is the blinded decrypted data, ri is the modular
multiplicative inverse of r and n is the RSA modulus. */
- gcry_mpi_mulm (plain, plain, ri, sk.n);
+ mpi_mulm (plain, plain, ri, sk.n);
- gcry_mpi_release (r); r = NULL;
- gcry_mpi_release (ri); ri = NULL;
+ _gcry_mpi_release (r); r = NULL;
+ _gcry_mpi_release (ri); ri = NULL;
}
else
secret (plain, data, &sk);
@@ -1055,8 +1053,7 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
mpi_free (plain);
plain = NULL;
if (!rc)
- rc = gcry_sexp_build (r_plain, NULL,
- "(value %b)", (int)unpadlen, unpad);
+ rc = sexp_build (r_plain, NULL, "(value %b)", (int)unpadlen, unpad);
break;
case PUBKEY_ENC_OAEP:
@@ -1066,33 +1063,32 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
mpi_free (plain);
plain = NULL;
if (!rc)
- rc = gcry_sexp_build (r_plain, NULL,
- "(value %b)", (int)unpadlen, unpad);
+ rc = sexp_build (r_plain, NULL, "(value %b)", (int)unpadlen, unpad);
break;
default:
/* Raw format. For backward compatibility we need to assume a
signed mpi by using the sexp format string "%m". */
- rc = gcry_sexp_build (r_plain, NULL,
- (ctx.flags & PUBKEY_FLAG_LEGACYRESULT)
- ? "%m":"(value %m)", plain);
+ rc = sexp_build (r_plain, NULL,
+ (ctx.flags & PUBKEY_FLAG_LEGACYRESULT)
+ ? "%m":"(value %m)", plain);
break;
}
leave:
gcry_free (unpad);
- gcry_mpi_release (plain);
- gcry_mpi_release (sk.n);
- gcry_mpi_release (sk.e);
- gcry_mpi_release (sk.d);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.u);
- gcry_mpi_release (data);
- gcry_mpi_release (r);
- gcry_mpi_release (ri);
- gcry_mpi_release (bldata);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (plain);
+ _gcry_mpi_release (sk.n);
+ _gcry_mpi_release (sk.e);
+ _gcry_mpi_release (sk.d);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.u);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (r);
+ _gcry_mpi_release (ri);
+ _gcry_mpi_release (bldata);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("rsa_decrypt => %s\n", gpg_strerror (rc));
@@ -1125,9 +1121,9 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "nedp?q?u?",
- &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
- NULL);
+ rc = sexp_extract_param (keyparms, NULL, "nedp?q?u?",
+ &sk.n, &sk.e, &sk.d, &sk.p, &sk.q, &sk.u,
+ NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -1144,7 +1140,7 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Do RSA computation and build the result. */
- sig = gcry_mpi_new (0);
+ sig = mpi_new (0);
secret (sig, data, &sk);
if (DBG_CIPHER)
log_printmpi ("rsa_sign res", sig);
@@ -1158,24 +1154,23 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_mpi_to_octet_string (&em, NULL, sig, emlen);
if (!rc)
{
- rc = gcry_sexp_build (r_sig, NULL,
- "(sig-val(rsa(s%b)))", (int)emlen, em);
+ rc = sexp_build (r_sig, NULL, "(sig-val(rsa(s%b)))", (int)emlen, em);
gcry_free (em);
}
}
else
- rc = gcry_sexp_build (r_sig, NULL, "(sig-val(rsa(s%M)))", sig);
+ rc = sexp_build (r_sig, NULL, "(sig-val(rsa(s%M)))", sig);
leave:
- gcry_mpi_release (sig);
- gcry_mpi_release (sk.n);
- gcry_mpi_release (sk.e);
- gcry_mpi_release (sk.d);
- gcry_mpi_release (sk.p);
- gcry_mpi_release (sk.q);
- gcry_mpi_release (sk.u);
- gcry_mpi_release (data);
+ _gcry_mpi_release (sig);
+ _gcry_mpi_release (sk.n);
+ _gcry_mpi_release (sk.e);
+ _gcry_mpi_release (sk.d);
+ _gcry_mpi_release (sk.p);
+ _gcry_mpi_release (sk.q);
+ _gcry_mpi_release (sk.u);
+ _gcry_mpi_release (data);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("rsa_sign => %s\n", gpg_strerror (rc));
@@ -1213,14 +1208,14 @@ rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = _gcry_pk_util_preparse_sigval (s_sig, rsa_names, &l1, NULL);
if (rc)
goto leave;
- rc = _gcry_sexp_extract_param (l1, NULL, "s", &sig, NULL);
+ rc = sexp_extract_param (l1, NULL, "s", &sig, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
log_printmpi ("rsa_verify sig", sig);
/* Extract the key. */
- rc = _gcry_sexp_extract_param (keyparms, NULL, "ne", &pk.n, &pk.e, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "ne", &pk.n, &pk.e, NULL);
if (rc)
goto leave;
if (DBG_CIPHER)
@@ -1230,7 +1225,7 @@ rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
}
/* Do RSA computation and compare. */
- result = gcry_mpi_new (0);
+ result = mpi_new (0);
public (result, sig, &pk);
if (DBG_CIPHER)
log_printmpi ("rsa_verify cmp", result);
@@ -1240,12 +1235,12 @@ rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
rc = mpi_cmp (result, data) ? GPG_ERR_BAD_SIGNATURE : 0;
leave:
- gcry_mpi_release (result);
- gcry_mpi_release (pk.n);
- gcry_mpi_release (pk.e);
- gcry_mpi_release (data);
- gcry_mpi_release (sig);
- gcry_sexp_release (l1);
+ _gcry_mpi_release (result);
+ _gcry_mpi_release (pk.n);
+ _gcry_mpi_release (pk.e);
+ _gcry_mpi_release (data);
+ _gcry_mpi_release (sig);
+ sexp_release (l1);
_gcry_pk_util_free_encoding_ctx (&ctx);
if (DBG_CIPHER)
log_debug ("rsa_verify => %s\n", rc?gpg_strerror (rc):"Good");
@@ -1271,14 +1266,14 @@ rsa_get_nbits (gcry_sexp_t parms)
gcry_mpi_t n;
unsigned int nbits;
- l1 = gcry_sexp_find_token (parms, "n", 1);
+ l1 = sexp_find_token (parms, "n", 1);
if (!l1)
return 0; /* Parameter N not found. */
- n = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l1);
+ n = sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+ sexp_release (l1);
nbits = n? mpi_get_nbits (n) : 0;
- gcry_mpi_release (n);
+ _gcry_mpi_release (n);
return nbits;
}
@@ -1303,19 +1298,19 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparam)
const char *data;
size_t datalen;
- l1 = gcry_sexp_find_token (keyparam, "n", 1);
+ l1 = sexp_find_token (keyparam, "n", 1);
if (!l1)
return GPG_ERR_NO_OBJ;
- data = gcry_sexp_nth_data (l1, 1, &datalen);
+ data = sexp_nth_data (l1, 1, &datalen);
if (!data)
{
- gcry_sexp_release (l1);
+ sexp_release (l1);
return GPG_ERR_NO_OBJ;
}
- gcry_md_write (md, data, datalen);
- gcry_sexp_release (l1);
+ _gcry_md_write (md, data, datalen);
+ sexp_release (l1);
return 0;
}
@@ -1343,30 +1338,29 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
gcry_sexp_t data_bad = NULL;
gcry_sexp_t sig = NULL;
- err = gcry_sexp_sscan (&data, NULL,
- sample_data, strlen (sample_data));
+ err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data));
if (!err)
- err = gcry_sexp_sscan (&data_bad, NULL,
- sample_data_bad, strlen (sample_data_bad));
+ err = sexp_sscan (&data_bad, NULL,
+ sample_data_bad, strlen (sample_data_bad));
if (err)
{
errtxt = "converting data failed";
goto leave;
}
- err = gcry_pk_sign (&sig, data, skey);
+ err = _gcry_pk_sign (&sig, data, skey);
if (err)
{
errtxt = "signing failed";
goto leave;
}
- err = gcry_pk_verify (sig, data, pkey);
+ err = _gcry_pk_verify (sig, data, pkey);
if (err)
{
errtxt = "verify failed";
goto leave;
}
- err = gcry_pk_verify (sig, data_bad, pkey);
+ err = _gcry_pk_verify (sig, data_bad, pkey);
if (gcry_err_code (err) != GPG_ERR_BAD_SIGNATURE)
{
errtxt = "bad signature not detected";
@@ -1375,9 +1369,9 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
leave:
- gcry_sexp_release (sig);
- gcry_sexp_release (data_bad);
- gcry_sexp_release (data);
+ sexp_release (sig);
+ sexp_release (data_bad);
+ sexp_release (data);
return errtxt;
}
@@ -1397,19 +1391,19 @@ extract_a_from_sexp (gcry_sexp_t encr_data)
gcry_sexp_t l1, l2, l3;
gcry_mpi_t a_value;
- l1 = gcry_sexp_find_token (encr_data, "enc-val", 0);
+ l1 = sexp_find_token (encr_data, "enc-val", 0);
if (!l1)
return NULL;
- l2 = gcry_sexp_find_token (l1, "rsa", 0);
- gcry_sexp_release (l1);
+ l2 = sexp_find_token (l1, "rsa", 0);
+ sexp_release (l1);
if (!l2)
return NULL;
- l3 = gcry_sexp_find_token (l2, "a", 0);
- gcry_sexp_release (l2);
+ l3 = sexp_find_token (l2, "a", 0);
+ sexp_release (l2);
if (!l3)
return NULL;
- a_value = gcry_sexp_nth_mpi (l3, 1, 0);
- gcry_sexp_release (l3);
+ a_value = sexp_nth_mpi (l3, 1, 0);
+ sexp_release (l3);
return a_value;
}
@@ -1430,12 +1424,11 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
gcry_sexp_t tmplist = NULL;
/* Create plaintext. The plaintext is actually a big integer number. */
- plaintext = gcry_mpi_new (nbits);
- gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
+ plaintext = mpi_new (nbits);
+ _gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
/* Put the plaintext into an S-expression. */
- err = gcry_sexp_build (&plain, NULL,
- "(data (flags raw) (value %m))", plaintext);
+ err = sexp_build (&plain, NULL, "(data (flags raw) (value %m))", plaintext);
if (err)
{
errtxt = "converting data failed";
@@ -1443,7 +1436,7 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
}
/* Encrypt. */
- err = gcry_pk_encrypt (&encr, plain, pkey);
+ err = _gcry_pk_encrypt (&encr, plain, pkey);
if (err)
{
errtxt = "encrypt failed";
@@ -1451,7 +1444,7 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
}
/* Extraxt the ciphertext from the returned S-expression. */
- /*gcry_sexp_dump (encr);*/
+ /*sexp_dump (encr);*/
ciphertext = extract_a_from_sexp (encr);
if (!ciphertext)
{
@@ -1462,14 +1455,14 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
/* Check that the ciphertext does no match the plaintext. */
/* _gcry_log_printmpi ("plaintext", plaintext); */
/* _gcry_log_printmpi ("ciphertxt", ciphertext); */
- if (!gcry_mpi_cmp (plaintext, ciphertext))
+ if (!mpi_cmp (plaintext, ciphertext))
{
errtxt = "ciphertext matches plaintext";
goto leave;
}
/* Decrypt. */
- err = gcry_pk_decrypt (&decr, encr, skey);
+ err = _gcry_pk_decrypt (&decr, encr, skey);
if (err)
{
errtxt = "decrypt failed";
@@ -1482,11 +1475,11 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
gcry_pk_encrypt directly to gcry_pk_decrypt, such a flag value
won't be there as of today. To be prepared for future changes we
take care of it anyway. */
- tmplist = gcry_sexp_find_token (decr, "value", 0);
+ tmplist = sexp_find_token (decr, "value", 0);
if (tmplist)
- decr_plaintext = gcry_sexp_nth_mpi (tmplist, 1, GCRYMPI_FMT_USG);
+ decr_plaintext = sexp_nth_mpi (tmplist, 1, GCRYMPI_FMT_USG);
else
- decr_plaintext = gcry_sexp_nth_mpi (decr, 0, GCRYMPI_FMT_USG);
+ decr_plaintext = sexp_nth_mpi (decr, 0, GCRYMPI_FMT_USG);
if (!decr_plaintext)
{
errtxt = "decrypt returned no plaintext";
@@ -1494,20 +1487,20 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
}
/* Check that the decrypted plaintext matches the original plaintext. */
- if (gcry_mpi_cmp (plaintext, decr_plaintext))
+ if (mpi_cmp (plaintext, decr_plaintext))
{
errtxt = "mismatch";
goto leave;
}
leave:
- gcry_sexp_release (tmplist);
- gcry_mpi_release (decr_plaintext);
- gcry_sexp_release (decr);
- gcry_mpi_release (ciphertext);
- gcry_sexp_release (encr);
- gcry_sexp_release (plain);
- gcry_mpi_release (plaintext);
+ sexp_release (tmplist);
+ _gcry_mpi_release (decr_plaintext);
+ sexp_release (decr);
+ _gcry_mpi_release (ciphertext);
+ sexp_release (encr);
+ sexp_release (plain);
+ _gcry_mpi_release (plaintext);
return errtxt;
}
@@ -1523,22 +1516,21 @@ selftests_rsa (selftest_report_func_t report)
/* Convert the S-expressions into the internal representation. */
what = "convert";
- err = gcry_sexp_sscan (&skey, NULL,
- sample_secret_key, strlen (sample_secret_key));
+ err = sexp_sscan (&skey, NULL, sample_secret_key, strlen (sample_secret_key));
if (!err)
- err = gcry_sexp_sscan (&pkey, NULL,
- sample_public_key, strlen (sample_public_key));
+ err = sexp_sscan (&pkey, NULL,
+ sample_public_key, strlen (sample_public_key));
if (err)
{
- errtxt = gcry_strerror (err);
+ errtxt = _gcry_strerror (err);
goto failed;
}
what = "key consistency";
- err = gcry_pk_testkey (skey);
+ err = _gcry_pk_testkey (skey);
if (err)
{
- errtxt = gcry_strerror (err);
+ errtxt = _gcry_strerror (err);
goto failed;
}
@@ -1552,13 +1544,13 @@ selftests_rsa (selftest_report_func_t report)
if (errtxt)
goto failed;
- gcry_sexp_release (pkey);
- gcry_sexp_release (skey);
+ sexp_release (pkey);
+ sexp_release (skey);
return 0; /* Succeeded. */
failed:
- gcry_sexp_release (pkey);
- gcry_sexp_release (skey);
+ sexp_release (pkey);
+ sexp_release (skey);
if (report)
report ("pubkey", GCRY_PK_RSA, what, errtxt);
return GPG_ERR_SELFTEST_FAILED;
View Lorry Controller Status