1 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/signature.go
2 --- a/src/pkg/crypto/openpgp/packet/signature.go Tue Dec 27 09:49:19 2011 -0500
3 +++ b/src/pkg/crypto/openpgp/packet/signature.go Sat Dec 31 02:32:41 2011 +0100
6 creationTimeSubpacket signatureSubpacketType = 2
7 signatureExpirationSubpacket signatureSubpacketType = 3
8 - keyExpirySubpacket signatureSubpacketType = 9
9 + keyExpirationSubpacket signatureSubpacketType = 9
10 prefSymmetricAlgosSubpacket signatureSubpacketType = 11
11 issuerSubpacket signatureSubpacketType = 16
12 prefHashAlgosSubpacket signatureSubpacketType = 21
16 t := binary.BigEndian.Uint32(subpacket)
18 - sig.CreationTime = time.Time{}
20 - sig.CreationTime = time.Unix(int64(t), 0)
22 + sig.CreationTime = time.Unix(int64(t), 0)
23 case signatureExpirationSubpacket:
24 // Signature expiration time, section 5.2.3.10
28 sig.SigLifetimeSecs = new(uint32)
29 *sig.SigLifetimeSecs = binary.BigEndian.Uint32(subpacket)
30 - case keyExpirySubpacket:
31 + case keyExpirationSubpacket:
32 // Key expiration time, section 5.2.3.6
36 sig.RSASignature.bytes, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
37 sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
39 - r, s, err := dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest)
40 + dsaPrivateKey := priv.PrivateKey.(*dsa.PrivateKey)
41 + // Hash truncation according to FIPS 186-3 section 4.6
42 + // Assuming Q.BitLen() is a multiple of 8
44 + k := dsaPrivateKey.Q.BitLen() / 8
48 + r, s, err := dsa.Sign(rand.Reader, dsaPrivateKey, digest[:n])
50 sig.DSASigR.bytes = r.Bytes()
51 sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
53 subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, false, keyId})
56 + if sig.SigLifetimeSecs != nil && *sig.SigLifetimeSecs != 0 {
57 + sigLifetime := make([]byte, 4)
58 + binary.BigEndian.PutUint32(sigLifetime, *sig.SigLifetimeSecs)
59 + // signature expiration is marked as critical
60 + subpackets = append(subpackets, outputSubpacket{true, signatureExpirationSubpacket, true, sigLifetime})
63 + // The following subpackets may only appear in self-signatures
65 + if sig.KeyLifetimeSecs != nil && *sig.KeyLifetimeSecs != 0 {
66 + keyLifetime := make([]byte, 4)
67 + binary.BigEndian.PutUint32(keyLifetime, *sig.KeyLifetimeSecs)
69 + // key expiration is marked as critical
70 + subpackets = append(subpackets, outputSubpacket{true, keyExpirationSubpacket, true, keyLifetime})
73 + if sig.IsPrimaryId != nil && *sig.IsPrimaryId {
74 + subpackets = append(subpackets, outputSubpacket{true, primaryUserIdSubpacket, false, []byte{1}})
77 + // []byte slices of preferred algorithms are not copied
79 + if len(sig.PreferredSymmetric) > 0 {
80 + subpackets = append(subpackets, outputSubpacket{true, prefSymmetricAlgosSubpacket, false, sig.PreferredSymmetric})
83 + if len(sig.PreferredHash) > 0 {
84 + subpackets = append(subpackets, outputSubpacket{true, prefHashAlgosSubpacket, false, sig.PreferredHash})
87 + if len(sig.PreferredCompression) > 0 {
88 + subpackets = append(subpackets, outputSubpacket{true, prefCompressionSubpacket, false, sig.PreferredCompression})
91 + // The Key Flags subpacket may only appear in self-signatures or certification signatures
95 + if sig.FlagCertify {
101 + if sig.FlagEncryptCommunications {
104 + if sig.FlagEncryptStorage {
107 + subpackets = append(subpackets, outputSubpacket{true, keyFlagsSubpacket, false, []byte{flags}})