From 93ce1337a3d9df70a0e93aef3c1ac16fb047bb0a Mon Sep 17 00:00:00 2001
From: nsz <nsz@port70.net>
Date: Sat, 31 Dec 2011 02:25:28 +0100
Subject: [PATCH] fix dsa patches: truncate hash

---
 patches/dsa.diff              | 19 +++++++++++++++++--
 patches/sig.diff              | 20 ++++++++++++++++++--
 pkg/document/document_test.go | 12 ++++++------
 3 files changed, 41 insertions(+), 10 deletions(-)

diff --git a/patches/dsa.diff b/patches/dsa.diff
index 1970704..575aee7 100644
--- a/patches/dsa.diff
+++ b/patches/dsa.diff
@@ -1,6 +1,6 @@
 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
 --- a/src/pkg/crypto/openpgp/packet/private_key.go	Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/private_key.go	Fri Dec 30 22:57:08 2011 +0100
++++ b/src/pkg/crypto/openpgp/packet/private_key.go	Sat Dec 31 02:23:50 2011 +0100
 @@ -28,7 +28,7 @@
  	encryptedData []byte
  	cipher        CipherFunction
@@ -46,7 +46,7 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
  	if !pk.Encrypted {
 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
 --- a/src/pkg/crypto/openpgp/packet/public_key.go	Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/public_key.go	Fri Dec 30 22:57:08 2011 +0100
++++ b/src/pkg/crypto/openpgp/packet/public_key.go	Sat Dec 31 02:23:50 2011 +0100
 @@ -53,6 +53,23 @@
  	return pk
  }
@@ -71,3 +71,18 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
  func (pk *PublicKey) parse(r io.Reader) (err error) {
  	// RFC 4880, section 5.5.2
  	var buf [6]byte
+@@ -291,7 +308,13 @@
+ 		return nil
+ 	case PubKeyAlgoDSA:
+ 		dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
+-		if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
++		// hash truncation according to FIPS 186-3 section 4.6
++		n := len(hashBytes)
++		k := (dsaPublicKey.Q.BitLen() + 7) / 8
++		if n > k {
++			n = k
++		}
++		if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
+ 			return error_.SignatureError("DSA verification failure")
+ 		}
+ 		return nil
diff --git a/patches/sig.diff b/patches/sig.diff
index d3c49b5..7d00a73 100644
--- a/patches/sig.diff
+++ b/patches/sig.diff
@@ -1,6 +1,6 @@
 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/signature.go
 --- a/src/pkg/crypto/openpgp/packet/signature.go	Tue Dec 27 09:49:19 2011 -0500
-+++ b/src/pkg/crypto/openpgp/packet/signature.go	Fri Dec 30 22:56:55 2011 +0100
++++ b/src/pkg/crypto/openpgp/packet/signature.go	Sat Dec 31 02:23:37 2011 +0100
 @@ -164,7 +164,7 @@
  const (
  	creationTimeSubpacket        signatureSubpacketType = 2
@@ -32,7 +32,23 @@ diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/signature.go
  		// Key expiration time, section 5.2.3.6
  		if !isHashed {
  			return
-@@ -556,5 +552,59 @@
+@@ -443,7 +439,14 @@
+ 		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
+ 		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
+ 	case PubKeyAlgoDSA:
+-		r, s, err := dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest)
++		dsaPrivateKey := priv.PrivateKey.(*dsa.PrivateKey)
++		// hash truncation according to FIPS 186-3 section 4.6
++		n := len(digest)
++		k := (dsaPrivateKey.Q.BitLen() + 7) / 8
++		if n > k {
++			n = k
++		}
++		r, s, err := dsa.Sign(rand.Reader, dsaPrivateKey, digest[:n])
+ 		if err == nil {
+ 			sig.DSASigR.bytes = r.Bytes()
+ 			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
+@@ -556,5 +559,59 @@
  		subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, false, keyId})
  	}
  
diff --git a/pkg/document/document_test.go b/pkg/document/document_test.go
index b738afe..93b0584 100644
--- a/pkg/document/document_test.go
+++ b/pkg/document/document_test.go
@@ -277,9 +277,9 @@ rBCAor4/6GOiSwi9Q4J+VK+tpyQzcE6jwS5Q5b0IwTDGihQC/CDaec/g3pMcQUNI
 kvYNWYPxdtLjEzk/HMo/3Mg6u/jK006CPqZRcx/m3B5R7gYb5D9PyF/tJsrht4nD
 eDuCAT00kHKYMElgwSzXg03cFcC5AEMf6U7MsrX1JLwY5Dq12gAAoOX6RPKzHB+1
 U7YCHnNg0H1dkf9eCuzNBklzc3VlcsJMBBMRCAAWBQIAAAAACRCRl3ps/DHg6wIZ
-AQIbAwAAIroAoDlcu9nMLGBLDu+2btwnZmcmI1YfAKB3eDLwVZgPuUxagy+FWheJ
-3A8FXQ==
-=fYUf
+AQIbAwAAIroAoBn5gA6TmLKXU9ASu+ENhV0UxowzAKA9Y/4CiQzAeCDcKIcWCg7W
+3r6Jow==
+=NVdT
 -----END PGP PRIVATE KEY BLOCK-----
 `)
 
@@ -294,8 +294,8 @@ rBCAor4/6GOiSwi9Q4J+VK+tpyQzcE6jwS5Q5b0IwTDGihQC/CDaec/g3pMcQUNI
 0ysQBACFl7Go0A5UqlnmwRmsLfvAEBM2+tsIoBlBDEwcgd+nJZzCQpAqO/OpSqHk
 Yx4imGcdknfPLkMmN+Kz9j4o0T+LZuYyblhuj2t1M9lf0Is/Go0Drf/7oc2KpHAo
 nfKu7fkM5nfZWFsgE9TxOz8SQa2RuuhpbkpB2k0Vg2TbqTpFeM0GSXNzdWVywkwE
-ExEIABYFAgAAAAAJEKqJF6U/VQ52AhkBAhsDAADIMwCgNbdkttOHpGZVWdYN56A8
-5ICdzZAAoI9mhDD3u0maGsAEa+1CvWQMgzUy
-=NEom
+ExEIABYFAgAAAAAJEKqJF6U/VQ52AhkBAhsDAADIMwCgt/kmhRwmlzcnc1S3Qlfo
+BD0PBa8AoG5Vm9U4gzWQM/BzVxDToJPB1ZHf
+=MNqN
 -----END PGP PUBLIC KEY BLOCK-----
 `)
-- 
2.20.1