1 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
2 --- a/src/pkg/crypto/openpgp/packet/private_key.go Tue Dec 27 09:49:19 2011 -0500
3 +++ b/src/pkg/crypto/openpgp/packet/private_key.go Sat Dec 31 02:32:45 2011 +0100
7 s2k func(out, in []byte)
8 - PrivateKey interface{} // An *rsa.PrivateKey.
9 + PrivateKey interface{} // An *rsa.PrivateKey or *dsa.PrivateKey.
17 +func NewDSAPrivateKey(currentTime time.Time, priv *dsa.PrivateKey, isSubkey bool) *PrivateKey {
18 + pk := new(PrivateKey)
19 + pk.PublicKey = *NewDSAPublicKey(currentTime, &priv.PublicKey, isSubkey)
20 + pk.PrivateKey = priv
24 func (pk *PrivateKey) parse(r io.Reader) (err error) {
25 err = (&pk.PublicKey).parse(r)
28 switch priv := pk.PrivateKey.(type) {
30 err = serializeRSAPrivateKey(privateKeyBuf, priv)
31 + case *dsa.PrivateKey:
32 + err = serializeDSAPrivateKey(privateKeyBuf, priv)
34 err = error_.InvalidArgumentError("non-RSA private key")
37 return writeBig(w, priv.Precomputed.Qinv)
40 +func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
41 + return writeBig(w, priv.X)
44 // Decrypt decrypts an encrypted private key using a passphrase.
45 func (pk *PrivateKey) Decrypt(passphrase []byte) error {
47 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
48 --- a/src/pkg/crypto/openpgp/packet/public_key.go Tue Dec 27 09:49:19 2011 -0500
49 +++ b/src/pkg/crypto/openpgp/packet/public_key.go Sat Dec 31 02:32:45 2011 +0100
54 +// NewDSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
55 +func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey, isSubkey bool) *PublicKey {
57 + CreationTime: creationTime,
58 + PubKeyAlgo: PubKeyAlgoDSA,
67 + pk.setFingerPrintAndKeyId()
71 func (pk *PublicKey) parse(r io.Reader) (err error) {
72 // RFC 4880, section 5.5.2
77 dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
78 - if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
79 + // Hash truncation according to FIPS 186-3 section 4.6
80 + // Assuming Q.BitLen() is a multiple of 8
82 + k := dsaPublicKey.Q.BitLen() / 8
86 + if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
87 return error_.SignatureError("DSA verification failure")