Fix ECDSA 521 bit signing.

This fix also allows the creation and use of an 521 bit ECDH key which used to fail while creating the binding signature.
2025-07-03 22:56:33 +02:00 · 2011-02-07 14:38:39 +01:00 · 2011-02-07 14:38:39 +01:00 · 8a7336e0bf
commit 8a7336e0bf
parent b008274afd
4 changed files with 27 additions and 16 deletions
--- a/agent/pksign.c
+++ b/agent/pksign.c
@ -132,8 +132,10 @@ do_encode_dsa (const byte *md, size_t mdlen, int dsaalgo, gcry_sexp_t pkey,
  else
    return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);

-  if ((qbits%8))
+  if (pkalgo == GCRY_PK_DSA && (qbits%8))
    {
+      /* FIXME: We check the QBITS but print a message about the hash
+         length.  */
      log_error (_("DSA requires the hash length to be a"
                   " multiple of 8 bits\n"));
      return gpg_error (GPG_ERR_INV_LENGTH);