diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
--- a/src/pkg/crypto/openpgp/packet/private_key.go Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/private_key.go Fri Dec 30 22:57:08 2011 +0100
++++ b/src/pkg/crypto/openpgp/packet/private_key.go Sat Dec 31 02:23:50 2011 +0100
@@ -28,7 +28,7 @@
encryptedData []byte
cipher CipherFunction
if !pk.Encrypted {
diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
--- a/src/pkg/crypto/openpgp/packet/public_key.go Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/public_key.go Fri Dec 30 22:57:08 2011 +0100
++++ b/src/pkg/crypto/openpgp/packet/public_key.go Sat Dec 31 02:23:50 2011 +0100
@@ -53,6 +53,23 @@
return pk
}
func (pk *PublicKey) parse(r io.Reader) (err error) {
// RFC 4880, section 5.5.2
var buf [6]byte
+@@ -291,7 +308,13 @@
+ return nil
+ case PubKeyAlgoDSA:
+ dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
+- if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
++ // hash truncation according to FIPS 186-3 section 4.6
++ n := len(hashBytes)
++ k := (dsaPublicKey.Q.BitLen() + 7) / 8
++ if n > k {
++ n = k
++ }
++ if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
+ return error_.SignatureError("DSA verification failure")
+ }
+ return nil