Mailing List Archive

Zen,

I wrote the following today; you might find it useful, and it seems to
work. (I've jumped on the excuse to have folks on the list look it
over and tell me how to do things differently.) I'm intentionally
using a very short key. There's also a newer, nicer interface in CVS;
I chose to avoid it and use the existing stuff.

#include <gcrypt.h>
#include <stdlib.h>
#include <stdio.h>
#include <assert.h>

int main (int argc, char **argv) {
static const char message[] = "hello";
GcrySexp gen_parms, sign_parms, keypair, pubkey, skey, sig;
size_t errof=0;
int rc;

gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
/* shortest key I could find */
rc = gcry_sexp_build (&gen_parms, &errof, "(genkey (rsa (nbits
3:256)))");
assert(rc == 0);
rc = gcry_pk_genkey(&keypair, gen_parms);
assert(rc == 0);

skey = gcry_sexp_find_token(keypair, "private-key", 0);
pubkey = gcry_sexp_find_token(keypair, "public-key", 0);
assert(skey != NULL);
assert(pubkey != NULL);

rc = gcry_sexp_build (&sign_parms, &errof,
"(data (flags) (value \"%s\"))\n", message);
assert(rc == 0);

rc = gcry_pk_sign (&sig, sign_parms, skey);
assert(rc == 0);
gcry_sexp_dump(sig);

rc = gcry_pk_verify (sig, sign_parms, pubkey);
if(rc != 0) {
printf("verify returns error %d: %s\n", rc, gcry_strerror(rc));
}

exit(EXIT_SUCCESS);
}


On Tuesday, July 22, 2003, at 08:19 PM, $BM{??(B wrote:

> Hi,how to use libgcrypt library?
>
> I have already install it in /usr/local/bin directory on a Linux OS.I
> want to use signature and signature verify function to integrate into
> my network-security programm.But i find not a complete example using
> signature.
>
> In /src/basic.c,it can correctly compile and run it.But when i change
> plaintext,its output is error.how to modify it ,then i use it in my
> programm?
>
> And ,i think basic.c is not very good for using,for its interface is
> complicated for user's programm.As far as i am concerned, i hope
> libgcrypt library can provide a lot of complete function such as
> signature(,,), signatureverify(,,). So,i can easily intergrate it into
> my programm.
>
> Do you know where have the complete example using libgcrypt?
>
> Thanks in advance!
> Zen
>
>
>
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Neil Spring <nspring@cs.washington.edu> writes:

> There's also a newer, nicer interface in CVS; I chose to avoid it
> and use the existing stuff.

I'm just curious - why?

While having a quick look at your example code, I noticed that you use
an `int' variable for error values, although `gcry_error_t' is a
better choice.

Btw, in CVS there's also tests/pubkey.c, which shows how to use
gcry_pk_{encrypt,decrypt}.

moritz
--
((gpg-key-id . "6F984199")
(email . "moritz@duesseldorf.ccc.de")
(webpage . "http://duesseldorf.ccc.de/~moritz/"))

On Wednesday, Jul 23, 2003, at 11:03 US/Pacific, Moritz Schulte wrote:
> Neil Spring <nspring@cs.washington.edu> writes:
>> There's also a newer, nicer interface in CVS; I chose to avoid it
>> and use the existing stuff.
>
> I'm just curious - why?

No particularly insightful reason; first, the _pk_ functions are
available today in 1.1.12, so I can build my code on my Debian and OS X
systems without reconfiguring. Second, they seemed better documented
-- indeed, tests/pubkey.c was useful, though it did not include a
sign/verify test. Third, and least important, the manual's
introduction of the _ac_ functions read like they were for wimps who
couldn't be bothered to learn s-expressions, so my ego took over <grin>.

That said, if 1.1.13 were released yesterday and ac.c signed plaintext
(check_run has an unused variable "s" that looks like it is for this
purpose), I probably would have trusted that _ac_ was easier and made a
different choice.

-neil


>
> While having a quick look at your example code, I noticed that you use
> an `int' variable for error values, although `gcry_error_t' is a
> better choice.
>
> Btw, in CVS there's also tests/pubkey.c, which shows how to use
> gcry_pk_{encrypt,decrypt}.
>
> moritz
> --
> ((gpg-key-id . "6F984199")
> (email . "moritz@duesseldorf.ccc.de")
> (webpage . "http://duesseldorf.ccc.de/~moritz/"))
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Neil,
Thanks for your help again. Your programe is very useful, and it can work well.

I have a question when i want to use it out of libgcrypte library. I named it sig_neil.c temporarily. It can be compiled, my compile command : 'gcc sig_neil.c -g -O2 -Wall -o sig_neil -L/usr/local/lib -lgcrypt -lnsl ', but its runing message: 'error while loading shared libraries: libgcrypt.so.1: cannot open shared object file: No such file or directory.'

In /usr/local/lib and ./ directory, there has libgcrypt.so.1 file ,which is a link file.

Whether my compile command is incorrect? What it should be?

By the way,in the inner of libgcrypte library, i modified original Makefile, then 'make',
run './sig_neil',its runing result is correct, but its output has:

not enough random bytes available (need 268 bytes)
please do some other work to give the OS a chance to collect more entropy
[open]
[data="sig-val"]
[open]
[data="rsa"]
[open]
[data="s"]
[data="\x12\xbf\x04\xe85\x8d\x8a0u|\xf1\xa3I=H\x95hS\x9bR\xd8\xd3r\x9a\x1e=\xa1%\xa7\xe1\xb4L"]
[close]
[close]
[close]

What's it mean? Can i look it over?

I am a beginner in the filed of encrpytion techniques, so i am very sorry for my questions may be very childish. I wish they will not waste your too much time.

Thanks for your help.

Best regards,
Zen.

Zen,

I don't know what operating system you're using. And I don't know how
to solve your linking problem; perhaps it is solved by running "ldd
./sig_neil" and if it doesn't find libgcrypt, setting the
LD_LIBRARY_PATH environment variable to /usr/local/bin.

And what you copy in your message is the expected output of the dinky
test program -- the s-expression that includes the signature dumped to
the screen. It is not useful output, just enough to demonstrate that a
signature was constructed. You'll have to figure out how to use that
value, presumably using the gcry_mpi_* functions to extract it in a
convenient form, in whatever data you sign. Using the gcry_sexp_dump()
function to print all of them out helps to understand how data flows
through the program.

If you are a beginner with encryption, a few posts ago mentioned the
handbook of applied cryptography at (
http://www.cacr.math.uwaterloo.ca/hac/ ). Of course, gcrypt still lets
novices (including me) write insecure systems, so knowing what you're
doing and why is important.

good luck,
-neil


On Thursday, Jul 24, 2003, at 21:04 US/Pacific, Zen wrote:

> Neil,
> Thanks for your help again. Your programe is very useful, and it can
> work well.
>
> I have a question when i want to use it out of libgcrypte library. I
> named it sig_neil.c temporarily. It can be compiled, my compile
> command : 'gcc sig_neil.c -g -O2 -Wall -o sig_neil -L/usr/local/lib
> -lgcrypt -lnsl ', but its runing message: 'error while loading shared
> libraries: libgcrypt.so.1: cannot open shared object file: No such
> file or directory.'
>
> In /usr/local/lib and ./ directory, there has libgcrypt.so.1 file
> ,which is a link file.
>
> Whether my compile command is incorrect? What it should be?
>
> By the way,in the inner of libgcrypte library, i modified original
> Makefile, then 'make',
> run './sig_neil',its runing result is correct, but its output has:
>
> not enough random bytes available (need 268 bytes)
> please do some other work to give the OS a chance to collect more
> entropy
> [open]
> [data="sig-val"]
> [open]
> [data="rsa"]
> [open]
> [data="s"]
>
> [data="\x12\xbf\x04\xe85\x8d\x8a0u|\xf1\xa3I=H\x95hS\x9bR\xd8\xd3r\x9a\
> x1e=\xa1%\xa7\xe1\xb4L"]
> [close]
> [close]
> [close]
>
> What's it mean? Can i look it over?
>
> I am a beginner in the filed of encrpytion techniques, so i am very
> sorry for my questions may be very childish. I wish they will not
> waste your too much time.
>
> Thanks for your help.
>
> Best regards,
> Zen.
>
>
>
>

Neil,

Thanks for your help.

My OS is linux.The linking proble is still not solved.I will try again.

Thanks for your advice. I have read <applied cryptography(chinese edition)>, and have put forwad a new method for multicast source authentication using encrpytion techniques in my master degree thesis. But i still can't understand libgcrypt well.Perhaps it is too complited for me.

I have just looked your homepage and photo,cool!

Best regards,
Zen.

Zen,

On Tuesday, Jul 22, 2003, at 20:34 US/Pacific, Neil Spring wrote:
> I wrote the following today; you might find it useful, and it seems to
> work.

Sigh. The previous example doesn't work. Although it generated
something I thought was a signature, and did so without errors from
gcrypt, it would verify any string as matching the signature.
gcry_pk_sign and _verify were probably not meant to take a data value
as a quoted string.

The following is an apparently functioning version, with the same
caveats as before -- it may not be the proper series of function calls
to sign a chunk of plaintext, but it seems to work. The main
difference lies in make_sign_parameters().

I also can't seem to use as small a key as I'd like -- anything smaller
than 512 bits causes a GCRYERR_TOO_SHORT. Suggestions for making
smaller signatures with smaller keys would be appreciated --
performance and compactness are much more important to me than
preventing forgeries.

-neil

#include <gcrypt.h>
#include <stdlib.h>
#include <stdio.h>
#include <assert.h>

/* either seems to work */
// #define HASH_TYPE GCRY_MD_SHA1
// #define HASH_NAME "sha1"
#define HASH_TYPE GCRY_MD_MD5
#define HASH_NAME "md5"

void make_sign_parameters(GcrySexp *sign_parms, const char *plain) {
size_t errof=0;
int rc;
size_t hash_len = gcry_md_get_algo_dlen(HASH_TYPE);
unsigned char *digest;
GcryMPI mpival;

digest = malloc(hash_len);
gcry_md_hash_buffer(HASH_TYPE, digest, plain, strlen(plain));
gcry_mpi_scan(&mpival, GCRYMPI_FMT_USG, digest, &hash_len);
rc = gcry_sexp_build (sign_parms, &errof,
"(data (flags pkcs1) (hash %s %m))",
HASH_NAME, mpival);
assert(rc == 0);
gcry_mpi_release(mpival);
free(digest);
}

int main (int argc, char **argv) {
static const char message[] = "hello world";
GcrySexp gen_parms, sign_parms, keypair, pubkey, skey, sig, other;
size_t errof=0;
int rc; /* should be gcry_error_t in gcrypt > 1.1.12 */

gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
rc = gcry_sexp_build (&gen_parms, &errof, "(genkey (rsa (nbits
3:512)))");
assert(rc == 0);
rc = gcry_pk_genkey(&keypair, gen_parms);
assert(rc == 0);

skey = gcry_sexp_find_token(keypair, "private-key", 0);
pubkey = gcry_sexp_find_token(keypair, "public-key", 0);
assert(skey != NULL);
assert(pubkey != NULL);

make_sign_parameters(&sign_parms, message);

/* doesn't seem to do what I meant it to:
rc = gcry_sexp_build (&sign_parms, &errof,
"(data (flags raw) (value \"%s\"))\n", message);
*/

rc = gcry_pk_sign (&sig, sign_parms, skey);
if(rc != 0) {
printf("sign returns error %d: %s\n", rc, gcry_strerror(rc));
exit(EXIT_FAILURE);
}
fprintf(stderr, " the s-expression containing the signature is:\n");
gcry_sexp_dump(sig);

make_sign_parameters(&sign_parms, message);
rc = gcry_pk_verify (sig, sign_parms, pubkey);
if(rc != 0) {
printf("verify returns error %d: %s\n", rc, gcry_strerror(rc));
}

/* now make sure it doesn't verify an arbitrary string */
make_sign_parameters(&other, "eat my shorts, man");
rc = gcry_pk_verify (sig, other, pubkey);
if(rc == 0) {
printf("verify verified the wrong thing.\n");
}

exit(EXIT_SUCCESS);
}

On Sun, 27 Jul 2003 02:40:06 -0700, Neil Spring said:

> I also can't seem to use as small a key as I'd like -- anything smaller than 512 bits causes a GCRYERR_TOO_SHORT. Suggestions for making smaller signatures with smaller keys would be appreciated --

PKCS#1 adds internal padding. For tehre security reasons there is a
minimum requirement how short this can be. So when signing large data
with a short key, pkcs#1 can't be applied and thus the function must
fail.

--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org