X-Git-Url: http://nsz.repo.hu/git/?a=blobdiff_plain;f=patches%2Fdsa.diff;h=7ab461ba8c5a142ba2bf542aabeea5e75466884d;hb=b3d68837ff6b385e8f3cc24fb581f28fa8f4cca6;hp=1970704488ec320966233358f499eb4cc2f0eb2b;hpb=f1ab5079added604c2d1f8a043a75613755e3dec;p=epoint diff --git a/patches/dsa.diff b/patches/dsa.diff index 1970704..7ab461b 100644 --- a/patches/dsa.diff +++ b/patches/dsa.diff @@ -1,6 +1,6 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go --- a/src/pkg/crypto/openpgp/packet/private_key.go Tue Dec 27 09:49:19 2011 -0500 -+++ b/src/pkg/crypto/openpgp/packet/private_key.go Fri Dec 30 22:57:08 2011 +0100 ++++ b/src/pkg/crypto/openpgp/packet/private_key.go Sat Dec 31 02:32:45 2011 +0100 @@ -28,7 +28,7 @@ encryptedData []byte cipher CipherFunction @@ -46,7 +46,7 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go if !pk.Encrypted { diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go --- a/src/pkg/crypto/openpgp/packet/public_key.go Tue Dec 27 09:49:19 2011 -0500 -+++ b/src/pkg/crypto/openpgp/packet/public_key.go Fri Dec 30 22:57:08 2011 +0100 ++++ b/src/pkg/crypto/openpgp/packet/public_key.go Sat Dec 31 02:32:45 2011 +0100 @@ -53,6 +53,23 @@ return pk } @@ -71,3 +71,19 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go func (pk *PublicKey) parse(r io.Reader) (err error) { // RFC 4880, section 5.5.2 var buf [6]byte +@@ -291,7 +308,14 @@ + return nil + case PubKeyAlgoDSA: + dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey) +- if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) { ++ // Hash truncation according to FIPS 186-3 section 4.6 ++ // Assuming Q.BitLen() is a multiple of 8 ++ n := len(hashBytes) ++ k := dsaPublicKey.Q.BitLen() / 8 ++ if n > k { ++ n = k ++ } ++ if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) { + return error_.SignatureError("DSA verification failure") + } + return nil