diff options
Diffstat (limited to 'src/gcrypt/signatures.c')
| -rw-r--r-- | src/gcrypt/signatures.c | 279 |
1 files changed, 71 insertions, 208 deletions
diff --git a/src/gcrypt/signatures.c b/src/gcrypt/signatures.c index 1d3f77a4..4dc65eec 100644 --- a/src/gcrypt/signatures.c +++ b/src/gcrypt/signatures.c @@ -1,11 +1,19 @@ -/** - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). + * * * This is free software; see Copyright file in the source * distribution for preciese wording. * * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. */ +/** + * SECTION:signatures + * @Short_description: Signatures implementation for GCrypt. + * @Stability: Private + * + */ + #include "globals.h" #include <string.h> @@ -260,22 +268,15 @@ xmlSecGCryptPkSignatureInitialize(xmlSecTransformPtr transform) { #endif /* XMLSEC_NO_RSA */ if(1) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_TRANSFORM, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInvalidTransfromError(transform) return(-1); } /* create digest ctx */ err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */ if(err != GPG_ERR_NO_ERROR) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "gcry_md_open", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_md_open", err, + xmlSecTransformGetName(transform)); return(-1); } @@ -327,11 +328,8 @@ xmlSecGCryptPkSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { ctx->key_data = xmlSecKeyDataDuplicate(key_data); if(ctx->key_data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecKeyDataDuplicate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeyDataDuplicate", + xmlSecTransformGetName(transform)); return(-1); } @@ -386,11 +384,7 @@ xmlSecGCryptPkSignatureVerify(xmlSecTransformPtr transform, ret = ctx->verify(ctx->digest, ctx->key_data, ctx->dgst, ctx->dgstSize, data, dataSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "ctx->verify", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("ctx->verify", xmlSecTransformGetName(transform)); return(-1); } @@ -398,11 +392,9 @@ xmlSecGCryptPkSignatureVerify(xmlSecTransformPtr transform, if(ret == 1) { transform->status = xmlSecTransformStatusOk; } else { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "ctx->verify", - XMLSEC_ERRORS_R_DATA_NOT_MATCH, - "signature do not match"); + xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH, + xmlSecTransformGetName(transform), + "ctx->verify: signature does not verify"); transform->status = xmlSecTransformStatusFail; } @@ -451,11 +443,9 @@ xmlSecGCryptPkSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferRemoveHead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", inSize); + xmlSecInternalError2("xmlSecBufferRemoveHead", + xmlSecTransformGetName(transform), + "size=%d", inSize); return(-1); } } @@ -468,11 +458,8 @@ xmlSecGCryptPkSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra gcry_md_final(ctx->digestCtx); buf = gcry_md_read(ctx->digestCtx, ctx->digest); if(buf == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "gcry_md_read", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_md_read", GPG_ERR_NO_ERROR, + xmlSecTransformGetName(transform)); return(-1); } @@ -486,11 +473,8 @@ xmlSecGCryptPkSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra if(transform->operation == xmlSecTransformOperationSign) { ret = ctx->sign(ctx->digest, ctx->key_data, ctx->dgst, ctx->dgstSize, out); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "ctx->sign", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("ctx->sign", + xmlSecTransformGetName(transform)); return(-1); } } @@ -504,11 +488,7 @@ xmlSecGCryptPkSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_STATUS, - "status=%d", transform->status); + xmlSecInvalidTransfromStatusError(transform); return(-1); } @@ -537,11 +517,7 @@ xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out, xmlSecSize min_size) { written = 0; err = gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &written, a); if((err != GPG_ERR_NO_ERROR) || (written == 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_print", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_print", err, NULL); return(-1); } @@ -553,11 +529,8 @@ xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out, xmlSecSize min_size) { /* allocate space */ ret = xmlSecBufferSetMaxSize(out, outSize + written + 1); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetMaxSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", (int)(outSize + written + 1)); + xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, + "size=%d", (int)(outSize + written + 1)); return(-1); } xmlSecAssert2(xmlSecBufferGetMaxSize(out) > outSize, -1); @@ -579,23 +552,15 @@ xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out, xmlSecSize min_size) { xmlSecBufferGetMaxSize(out) - outSize, &written, a); if((err != GPG_ERR_NO_ERROR) || (written == 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_print", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_print", err, NULL); return(-1); } /* reset size */ ret = xmlSecBufferSetSize(out, outSize + written); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", - (int)(outSize + written)); + xmlSecInternalError2("xmlSecBufferSetSize", NULL, + "size=%d", (int)(outSize + written)); return(-1); } @@ -654,11 +619,7 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, /* get the current digest, can't use "hash" :( */ err = gcry_mpi_scan(&m_hash, GCRYMPI_FMT_USG, dgst, dgstSize, NULL); if((err != GPG_ERR_NO_ERROR) || (m_hash == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_scan(hash)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_scan(hash)", err, NULL); goto done; } @@ -666,33 +627,22 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, "(data (flags raw)(value %m))", m_hash); if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(data)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(data)", err, NULL); goto done; } /* create signature */ err = gcry_pk_sign(&s_sig, s_data, xmlSecGCryptKeyDataDsaGetPrivateKey(key_data)); if(err != GPG_ERR_NO_ERROR) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_pk_sign", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_pk_sign", err, NULL); goto done; } /* find signature value */ s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0); if(s_tmp == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(sig-val)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(sig-val)", + GPG_ERR_NO_ERROR, NULL); goto done; } gcry_sexp_release(s_sig); @@ -700,11 +650,8 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, s_tmp = gcry_sexp_find_token(s_sig, "dsa", 0); if(s_tmp == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(rsa)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(dsa)", + GPG_ERR_NO_ERROR, NULL); goto done; } gcry_sexp_release(s_sig); @@ -713,63 +660,43 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, /* r */ s_r = gcry_sexp_find_token(s_sig, "r", 0); if(s_r == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(r)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(r)", + GPG_ERR_NO_ERROR, NULL); goto done; } m_r = gcry_sexp_nth_mpi(s_r, 1, GCRYMPI_FMT_USG); if(m_r == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_nth_mpi(r)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_nth_mpi(r)", + GPG_ERR_NO_ERROR, NULL); goto done; } /* s */ s_s = gcry_sexp_find_token(s_sig, "s", 0); if(s_s == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(s)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(s)", + GPG_ERR_NO_ERROR, NULL); goto done; } m_s = gcry_sexp_nth_mpi(s_s, 1, GCRYMPI_FMT_USG); if(m_s == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_nth_mpi(s)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_nth_mpi(s)", + GPG_ERR_NO_ERROR, NULL); goto done; } /* write out: r + s */ ret = xmlSecGCryptAppendMpi(m_r, out, 20); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppendMpi", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecGCryptAppendMpi", NULL); goto done; } xmlSecAssert2(xmlSecBufferGetSize(out) == 20, -1); ret = xmlSecGCryptAppendMpi(m_s, out, 20); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppendMpi", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecGCryptAppendMpi", NULL); goto done; } xmlSecAssert2(xmlSecBufferGetSize(out) == (20 + 20), -1); @@ -826,11 +753,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, /* get the current digest, can't use "hash" :( */ err = gcry_mpi_scan(&m_hash, GCRYMPI_FMT_USG, dgst, dgstSize, NULL); if((err != GPG_ERR_NO_ERROR) || (m_hash == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_scan(hash)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_scan(hash)", err, NULL); goto done; } @@ -838,31 +761,19 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, "(data (flags raw)(value %m))", m_hash); if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(data)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(data)", err, NULL); goto done; } /* get the existing signature */ err = gcry_mpi_scan(&m_sig_r, GCRYMPI_FMT_USG, data, 20, NULL); if((err != GPG_ERR_NO_ERROR) || (m_sig_r == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_scan(r)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_scan(r)", err, NULL); goto done; } err = gcry_mpi_scan(&m_sig_s, GCRYMPI_FMT_USG, data + 20, 20, NULL); if((err != GPG_ERR_NO_ERROR) || (m_sig_s == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_scan(s)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_scan(s)", err, NULL); goto done; } @@ -870,11 +781,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, "(sig-val(dsa(r %m)(s %m)))", m_sig_r, m_sig_s); if((err != GPG_ERR_NO_ERROR) || (s_sig == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(sig-val)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(sig-val)", err, NULL); goto done; } @@ -885,11 +792,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data, } else if(err == GPG_ERR_BAD_SIGNATURE) { res = 0; /* bad signature */ } else { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_pk_verify", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_pk_verify", err, NULL); goto done; } @@ -1020,33 +923,22 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data, gcry_md_algo_name(digest), (int)dgstSize, dgst); if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(data)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(data)", err, NULL); goto done; } /* create signature */ err = gcry_pk_sign(&s_sig, s_data, xmlSecGCryptKeyDataRsaGetPrivateKey(key_data)); if(err != GPG_ERR_NO_ERROR) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_pk_sign", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_pk_sign", err, NULL); goto done; } /* find signature value */ s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0); if(s_tmp == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(sig-val)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(sig-val)", + GPG_ERR_NO_ERROR, NULL); goto done; } gcry_sexp_release(s_sig); @@ -1054,11 +946,8 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data, s_tmp = gcry_sexp_find_token(s_sig, "rsa", 0); if(s_tmp == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(rsa)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(rsa)", + GPG_ERR_NO_ERROR, NULL); goto done; } gcry_sexp_release(s_sig); @@ -1066,11 +955,8 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data, s_tmp = gcry_sexp_find_token(s_sig, "s", 0); if(s_tmp == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_find_token(s)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_find_token(s)", + GPG_ERR_NO_ERROR, NULL); goto done; } gcry_sexp_release(s_sig); @@ -1078,22 +964,15 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data, m_sig = gcry_sexp_nth_mpi(s_sig, 1, GCRYMPI_FMT_USG); if(m_sig == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_nth_mpi(1)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError("gcry_sexp_nth_mpi(1)", + GPG_ERR_NO_ERROR, NULL); goto done; } /* write out */ ret = xmlSecGCryptAppendMpi(m_sig, out, 0); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppendMpi", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecGCryptAppendMpi", NULL); goto done; } @@ -1138,22 +1017,14 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data, gcry_md_algo_name(digest), (int)dgstSize, dgst); if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(data)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(data)", err, NULL); goto done; } /* get the existing signature */ err = gcry_mpi_scan(&m_sig, GCRYMPI_FMT_USG, data, dataSize, NULL); if((err != GPG_ERR_NO_ERROR) || (m_sig == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_mpi_scan", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_mpi_scan", err, NULL); goto done; } @@ -1161,11 +1032,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data, "(sig-val(rsa(s %m)))", m_sig); if((err != GPG_ERR_NO_ERROR) || (s_sig == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_sexp_build(sig-val)", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_sexp_build(sig-val)", err, NULL); goto done; } @@ -1176,11 +1043,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data, } else if(err == GPG_ERR_BAD_SIGNATURE) { res = 0; /* bad signature */ } else { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_pk_verify", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GCRYPT_REPORT_ERROR(err)); + xmlSecGCryptError("gcry_pk_verify", err, NULL); goto done; } |