+++ /dev/null
-diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
---- a/src/pkg/crypto/openpgp/packet/private_key.go Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/private_key.go Sat Dec 31 02:32:45 2011 +0100
-@@ -28,7 +28,7 @@
- encryptedData []byte
- cipher CipherFunction
- s2k func(out, in []byte)
-- PrivateKey interface{} // An *rsa.PrivateKey.
-+ PrivateKey interface{} // An *rsa.PrivateKey or *dsa.PrivateKey.
- sha1Checksum bool
- iv []byte
- }
-@@ -40,6 +40,13 @@
- return pk
- }
-
-+func NewDSAPrivateKey(currentTime time.Time, priv *dsa.PrivateKey, isSubkey bool) *PrivateKey {
-+ pk := new(PrivateKey)
-+ pk.PublicKey = *NewDSAPublicKey(currentTime, &priv.PublicKey, isSubkey)
-+ pk.PrivateKey = priv
-+ return pk
-+}
-+
- func (pk *PrivateKey) parse(r io.Reader) (err error) {
- err = (&pk.PublicKey).parse(r)
- if err != nil {
-@@ -121,6 +128,8 @@
- switch priv := pk.PrivateKey.(type) {
- case *rsa.PrivateKey:
- err = serializeRSAPrivateKey(privateKeyBuf, priv)
-+ case *dsa.PrivateKey:
-+ err = serializeDSAPrivateKey(privateKeyBuf, priv)
- default:
- err = error_.InvalidArgumentError("non-RSA private key")
- }
-@@ -172,6 +181,10 @@
- return writeBig(w, priv.Precomputed.Qinv)
- }
-
-+func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
-+ return writeBig(w, priv.X)
-+}
-+
- // Decrypt decrypts an encrypted private key using a passphrase.
- func (pk *PrivateKey) Decrypt(passphrase []byte) error {
- if !pk.Encrypted {
-diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
---- a/src/pkg/crypto/openpgp/packet/public_key.go Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/public_key.go Sat Dec 31 02:32:45 2011 +0100
-@@ -53,6 +53,23 @@
- return pk
- }
-
-+// NewDSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
-+func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey, isSubkey bool) *PublicKey {
-+ pk := &PublicKey{
-+ CreationTime: creationTime,
-+ PubKeyAlgo: PubKeyAlgoDSA,
-+ PublicKey: pub,
-+ IsSubkey: isSubkey,
-+ p: fromBig(pub.P),
-+ q: fromBig(pub.Q),
-+ g: fromBig(pub.G),
-+ y: fromBig(pub.Y),
-+ }
-+
-+ pk.setFingerPrintAndKeyId()
-+ return pk
-+}
-+
- func (pk *PublicKey) parse(r io.Reader) (err error) {
- // RFC 4880, section 5.5.2
- var buf [6]byte
-@@ -291,7 +308,14 @@
- return nil
- case PubKeyAlgoDSA:
- dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
-- if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
-+ // Hash truncation according to FIPS 186-3 section 4.6
-+ // Assuming Q.BitLen() is a multiple of 8
-+ n := len(hashBytes)
-+ k := dsaPublicKey.Q.BitLen() / 8
-+ if n > k {
-+ n = k
-+ }
-+ if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
- return error_.SignatureError("DSA verification failure")
- }
- return nil