Mailing List Archive

On Thu Jun 13 2002; 15:52, Rüdiger Sonderfeld wrote:

> but I don't know! The gcry_pk_encrypt function don't accept unsigned char*
> (only GCRY_SEXP).
>
> What to do?

You can see an example how to do this in gnupg-1.1.2 g10/encode.c
I'll try to give you a basic example:

code snippets:
if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
rc = gcry_sexp_build ( &s_pkey, NULL,
"(public-key(elg(p%m)(g%m)(y%m)))",
pkey[0], pkey[1], pkey[2] );
}
/* put the data into a simple list */
if ( gcry_sexp_build( &s_data, NULL, "%m", data ) )
BUG ();

/* pass it to libgcrypt */
rc = gcry_pk_encrypt( &s_ciph, s_data, s_pkey );
gcry_sexp_release( s_data );
gcry_sexp_release( s_pkey );

/* extract the MPI values */
GCRY_SEXP list = gcry_sexp_find_token( s_ciph, "a" , 0 );
assert( list );
resarr[0] = gcry_sexp_nth_mpi( list, 1, 0 );
assert( resarr[0] );
gcry_sexp_release ( list );

list = gcry_sexp_find_token( s_ciph, "b" , 0 );
assert( list );
resarr[1] = gcry_sexp_nth_mpi( list, 1, 0 );
assert( resarr[1] );
gcry_sexp_release ( list );

I know it seems to be a little complicated but when you work some
time with it, it's pretty easy ;-).


Timo

Am Donnerstag, 13. Juni 2002 16:19 schrieben Sie:
> if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
> rc = gcry_sexp_build ( &s_pkey, NULL,
> "(public-key(elg(p%m)(g%m)(y%m)))",
> pkey[0], pkey[1], pkey[2] );
> }

But what means this? what ist pkey?

I'm using RSA what so I have to change?

rc = gcry_sexp_build ( &s_pkey, NULL,
"(public-key(rsa(p%m)(g%m)(y%m)))",
pkey[0], pkey[1], pkey[2] );

??

On Sun Jun 16 2002; 16:48, Rüdiger Sonderfeld wrote:

> > if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
> > rc = gcry_sexp_build ( &s_pkey, NULL,
> > "(public-key(elg(p%m)(g%m)(y%m)))",
> > pkey[0], pkey[1], pkey[2] );
> > }
>
> But what means this? what ist pkey?

pkey is the MPI array (GCRY_MPI). It has the same order that is
required by the gcrypt public scheme (for RSA n, e).


> rc = gcry_sexp_build ( &s_pkey, NULL,
> "(public-key(rsa(p%m)(g%m)(y%m)))",
> pkey[0], pkey[1], pkey[2] );

No.

For RSA you've to use this:

gcry_sexp_build( &s_pkey, NULL, "(public-key(rsa(n%m)(e%m)))",
pkey[0] /* n */, pkey[1] /* e */ );


Timo

Am Sonntag, 16. Juni 2002 17:22 schrieben Sie:
> pkey is the MPI array (GCRY_MPI).

?? Oh I don't understand the MPI stuff :(

Okay I try it again. I have created key with this function

typedef GCRY_SEXP pkkey;

int crypto_rsagenkey(pkkey *key,int bits)
{
int ret;
GCRY_SEXP parms;
gcry_sexp_build( &parms, NULL, "(genkey(rsa(nbits %d)))", bits);
ret=gcry_pk_genkey( key,parms );
gcry_sexp_release( parms );
return ret;
}

now there should be a public and a private key at the adress of key. Now I
wont to crypt something ("hello, world!" for example) now I have to split the
GCRY_SEXP variable into the public and the private key (am I right?)
is the MPI array the result of this?

On Sat Jun 22 2002; 16:38, Rüdiger Sonderfeld wrote:

> gcry_sexp_build( &parms, NULL, "(genkey(rsa(nbits %d)))", bits);
> ret=gcry_pk_genkey( key,parms );
> gcry_sexp_release( parms );
> return ret;

> now there should be a public and a private key at the adress of key.

Right.

Okay, let me try with another code snippet from GnuPG 1.1.2a. I
would recommend you download this version because it contains a
lot of code how to convert the libgcrypt sexp expressions into
GCRY_MPI (GcryMPI) structs.

keygen.c:
rc = key_from_sexp( your_pkey_struct, key, "public-key", "ne" );

Sorry that it is so much code but otherwise it's difficult to read it.

--
key_from_sexp( GCRY_MPI *array,
GCRY_SEXP sexp, const char *topname, const char *elems )
{
GCRY_SEXP list, l2;
const char *s;
int i, idx;

list = gcry_sexp_find_token( sexp, topname, 0 );
if( !list )
return GCRYERR_INV_OBJ;
l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
if( !list )
return GCRYERR_NO_OBJ;
idx = 0;
for(s=elems; *s; s++, idx++ ) {
l2 = gcry_sexp_find_token( list, s, 1 );
if( !l2 ) {
for(i=0; i<idx; i++) {
gcry_free( array[i] );
array[i] = NULL;
}
gcry_sexp_release ( list );
return GCRYERR_NO_OBJ; /* required parameter not found */
}
array[idx] = gcry_sexp_nth_mpi( l2, 1, GCRYMPI_FMT_USG );
gcry_sexp_release ( l2 );
if( !array[idx] ) {
for(i=0; i<idx; i++) {
gcry_free( array[i] );
array[i] = NULL;
}
gcry_sexp_release ( list );
return GCRYERR_INV_OBJ; /* required parameter is invalid */
}
gcry_sexp_release ( list );

return 0;
}
--

Hope this helps.


Timo

Am Samstag, 22. Juni 2002 17:17 schrieben Sie:
> Okay, let me try with another code snippet from GnuPG 1.1.2a.

I downloaded it and now I'm reading the source

(that's a lot of source *g*)

> I would recommend you download this version because it contains a
> lot of code how to convert the libgcrypt sexp expressions into
> GCRY_MPI (GcryMPI) structs.
>
> keygen.c:
> rc = key_from_sexp( your_pkey_struct, key, "public-key", "ne" );
>
> Sorry that it is so much code but otherwise it's difficult to read it.

Okay now I thing I understand it.

I have a Public and a Private Key in a GCRYP_SEXP struct and I have to
transform it into a array of 3 MPI structs with the key_from_sexp function.
(what is the difference to the sexp_to_key function from cipher/pubkey.c?)

But now I have the problem howto convert the data from (unsigned) char * into
MPI structures and back?

On Tue Jun 25 2002; 22:41, Rüdiger Sonderfeld wrote:

> But now I have the problem howto convert the data from (unsigned) char *
> into MPI structures and back?

What's wrong with gcry_mpi_scan and gcry_mpi_print?


Timo