From 7b24f7e99810d7db465585e18725e21e5e84c09e Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Wed, 13 Apr 2022 13:26:11 +0900 Subject: [PATCH] Check v5 signature correctly. Signed-off-by: NIIBE Yutaka --- g10/parse-packet.c | 6 ++++++ g10/sig-check.c | 13 ++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/g10/parse-packet.c b/g10/parse-packet.c index c9bf57587..c61d14325 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -2417,6 +2417,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, (ulong) sig->keyid[0], (ulong) sig->keyid[1], sig->version, (ulong) sig->timestamp, md5_len, sig->sig_class, sig->digest_algo, sig->digest_start[0], sig->digest_start[1]); + if (sig->version == 5) + { + es_fprintf (listfp, "\tv5salt "); + es_write_hexstring (listfp, sig->v5_salt, 16, 0, NULL); + es_fputs ("\n", listfp); + } if (is_v4or5) { parse_sig_subpkt (sig, 1, SIGSUBPKT_LIST_HASHED, NULL); diff --git a/g10/sig-check.c b/g10/sig-check.c index eb6c9669d..9978cba60 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -574,10 +574,18 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig, if (sig->hashed) { n = sig->hashed->len; + if (sig->version == 5) + { + gcry_md_putc (digest, (n >> 24) ); + gcry_md_putc (digest, (n >> 16) ); + } gcry_md_putc (digest, (n >> 8) ); gcry_md_putc (digest, n ); gcry_md_write (digest, sig->hashed->data, n); - n += 6; + if (sig->version == 5) + n += 8; + else + n += 6; } else { @@ -1032,6 +1040,9 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, /* Hash the relevant data. */ + if (sig->version == 5) + gcry_md_write (md, sig->v5_salt, 16); + if (IS_KEY_SIG (sig) || IS_KEY_REV (sig)) { log_assert (packet->pkttype == PKT_PUBLIC_KEY);