Truncate the DSA hash; fixes regression.

Removed left over debug code.

g10/ChangeLog

@@ -1,5 +1,7 @@
 2011-01-21  Werner Koch  <wk@g10code.com>
 
+	* seskey.c (encode_md_value): Truncate the DSA hash again.
+
 	* misc.c (openpgp_pk_algo_name): Always use the gcrypt function.
 
 2010-12-09  Werner Koch  <wk@g10code.com>

g10/seskey.c

@@ -319,11 +319,13 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo)
 	  return NULL;
 	}
 
-      /* Note that in case of ECDSA 521 hash is always smaller than
-         the key size.  */
+      /* By passing QBYTES as length to mpi_scan, we do the truncation
+         of the hash.
+
+         Note that in case of ECDSA 521 the hash is always smaller
+         than the key size.  */
       if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG,
-                         gcry_md_read (md, hash_algo),
-                         gcry_md_get_algo_dlen (hash_algo), &qbytes))
+                         gcry_md_read (md, hash_algo), qbytes, &qbytes))
         BUG();
     }
   else

g10/sign.c

@@ -298,9 +298,6 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
     {
       PKT_public_key *pk = xmalloc_clear (sizeof *pk);
 
-      log_debug ("checking created signature algo=%d\n", mdalgo);
-      log_printhex ("md:", dp, gcry_md_get_algo_dlen (mdalgo));
-
       if (get_pubkey (pk, sig->keyid ))
         err = gpg_error (GPG_ERR_NO_PUBKEY);
       else