projects / epoint / blob
? search:


7ab461ba8c5a142ba2bf542aabeea5e75466884d
[epoint] / patches / dsa.diff
1 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/private_key.go
2 --- a/src/pkg/crypto/openpgp/packet/private_key.go      Tue Dec 27 09:49:19 2011 -0500
3 +++ b/src/pkg/crypto/openpgp/packet/private_key.go      Sat Dec 31 02:32:45 2011 +0100
4 @@ -28,7 +28,7 @@
5         encryptedData []byte
6         cipher        CipherFunction
7         s2k           func(out, in []byte)
8 -       PrivateKey    interface{} // An *rsa.PrivateKey.
9 +       PrivateKey    interface{} // An *rsa.PrivateKey or *dsa.PrivateKey.
10         sha1Checksum  bool
11         iv            []byte
12  }
13 @@ -40,6 +40,13 @@
14         return pk
15  }
16  
17 +func NewDSAPrivateKey(currentTime time.Time, priv *dsa.PrivateKey, isSubkey bool) *PrivateKey {
18 +       pk := new(PrivateKey)
19 +       pk.PublicKey = *NewDSAPublicKey(currentTime, &priv.PublicKey, isSubkey)
20 +       pk.PrivateKey = priv
21 +       return pk
22 +}
23 +
24  func (pk *PrivateKey) parse(r io.Reader) (err error) {
25         err = (&pk.PublicKey).parse(r)
26         if err != nil {
27 @@ -121,6 +128,8 @@
28         switch priv := pk.PrivateKey.(type) {
29         case *rsa.PrivateKey:
30                 err = serializeRSAPrivateKey(privateKeyBuf, priv)
31 +       case *dsa.PrivateKey:
32 +               err = serializeDSAPrivateKey(privateKeyBuf, priv)
33         default:
34                 err = error_.InvalidArgumentError("non-RSA private key")
35         }
36 @@ -172,6 +181,10 @@
37         return writeBig(w, priv.Precomputed.Qinv)
38  }
39  
40 +func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
41 +       return writeBig(w, priv.X)
42 +}
43 +
44  // Decrypt decrypts an encrypted private key using a passphrase.
45  func (pk *PrivateKey) Decrypt(passphrase []byte) error {
46         if !pk.Encrypted {
47 diff -r 7ec969250bfc src/pkg/crypto/openpgp/packet/public_key.go
48 --- a/src/pkg/crypto/openpgp/packet/public_key.go       Tue Dec 27 09:49:19 2011 -0500
49 +++ b/src/pkg/crypto/openpgp/packet/public_key.go       Sat Dec 31 02:32:45 2011 +0100
50 @@ -53,6 +53,23 @@
51         return pk
52  }
53  
54 +// NewDSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
55 +func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey, isSubkey bool) *PublicKey {
56 +       pk := &PublicKey{
57 +               CreationTime: creationTime,
58 +               PubKeyAlgo:   PubKeyAlgoDSA,
59 +               PublicKey:    pub,
60 +               IsSubkey:     isSubkey,
61 +               p:            fromBig(pub.P),
62 +               q:            fromBig(pub.Q),
63 +               g:            fromBig(pub.G),
64 +               y:            fromBig(pub.Y),
65 +       }
66 +
67 +       pk.setFingerPrintAndKeyId()
68 +       return pk
69 +}
70 +
71  func (pk *PublicKey) parse(r io.Reader) (err error) {
72         // RFC 4880, section 5.5.2
73         var buf [6]byte
74 @@ -291,7 +308,14 @@
75                 return nil
76         case PubKeyAlgoDSA:
77                 dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
78 -               if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
79 +               // Hash truncation according to FIPS 186-3 section 4.6
80 +               // Assuming Q.BitLen() is a multiple of 8
81 +               n := len(hashBytes)
82 +               k := dsaPublicKey.Q.BitLen() / 8
83 +               if n > k {
84 +                       n = k
85 +               }
86 +               if !dsa.Verify(dsaPublicKey, hashBytes[:n], new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
87                         return error_.SignatureError("DSA verification failure")
88                 }
89                 return nil
epoint