1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Check v5 signature correctly.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-04-13 13:26:11 +09:00
parent 5dc6ef7e69
commit 7b24f7e998
2 changed files with 18 additions and 1 deletions

View File

@ -2417,6 +2417,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
(ulong) sig->keyid[0], (ulong) sig->keyid[1],
sig->version, (ulong) sig->timestamp, md5_len, sig->sig_class,
sig->digest_algo, sig->digest_start[0], sig->digest_start[1]);
if (sig->version == 5)
{
es_fprintf (listfp, "\tv5salt ");
es_write_hexstring (listfp, sig->v5_salt, 16, 0, NULL);
es_fputs ("\n", listfp);
}
if (is_v4or5)
{
parse_sig_subpkt (sig, 1, SIGSUBPKT_LIST_HASHED, NULL);

View File

@ -574,10 +574,18 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
if (sig->hashed)
{
n = sig->hashed->len;
if (sig->version == 5)
{
gcry_md_putc (digest, (n >> 24) );
gcry_md_putc (digest, (n >> 16) );
}
gcry_md_putc (digest, (n >> 8) );
gcry_md_putc (digest, n );
gcry_md_write (digest, sig->hashed->data, n);
n += 6;
if (sig->version == 5)
n += 8;
else
n += 6;
}
else
{
@ -1032,6 +1040,9 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
/* Hash the relevant data. */
if (sig->version == 5)
gcry_md_write (md, sig->v5_salt, 16);
if (IS_KEY_SIG (sig) || IS_KEY_REV (sig))
{
log_assert (packet->pkttype == PKT_PUBLIC_KEY);