diff options
| author | Werner Koch <wk@gnupg.org> | 2011-02-10 20:16:06 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2011-02-10 20:45:37 +0100 |
| commit | d290f2914abe0a279b7674c915e1b752353812b8 (patch) | |
| tree | e13f2209d3c60db62d28e1299a5b91f5a7bcbc82 /g10/seskey.c | |
| parent | Replace printf by es_printf in keyserver.c (diff) | |
| download | gnupg2-d290f2914abe0a279b7674c915e1b752353812b8.tar.xz gnupg2-d290f2914abe0a279b7674c915e1b752353812b8.zip | |
Add ECC import regression tests and fixed a regression.
The import test imports the keys as needed and because they are
passphrase protected we now need a pinentry script to convey the
passphrase to gpg-agent.
Diffstat (limited to 'g10/seskey.c')
| -rw-r--r-- | g10/seskey.c | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/g10/seskey.c b/g10/seskey.c index f3796f0b0..b210ae063 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -297,18 +297,17 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo) return NULL; } + + /* ECDSA 521 is special has it is larger than the largest hash + we have (SHA-512). Thus we chnage the size for further + processing to 512. */ + if (pkalgo == GCRY_PK_ECDSA && qbits > 512) + qbits = 512; + /* Check if we're too short. Too long is safe as we'll - automatically left-truncate. - - FIXME: Check against FIPS. - This checks would require the use of SHA512 with ECDSA 512. I - think this is overkill to fail in this case. Therefore, - relax the check, but only for ECDSA keys. We may need to - adjust it later for general case. (Note that the check will - never pass for ECDSA 521 anyway as the only hash that - intended to match it is SHA 512, but 512 < 521). */ + automatically left-truncate. */ mdlen = gcry_md_get_algo_dlen (hash_algo); - if (mdlen < ((pkalgo == GCRY_PK_ECDSA && qbits > 521) ? 512: qbits)/8) + if (mdlen < qbits/8) { log_error (_("%s key %s requires a %zu bit or larger hash " "(hash is %s\n"), @@ -318,13 +317,10 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo) return NULL; } - /* By passing MDLEN as length to mpi_scan, we do the truncation - of the hash. - - Note that in case of ECDSA 521 the hash is always smaller - than the key size. */ + /* Note that we do the truncation by passing QBITS/8 as length to + mpi_scan. */ if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG, - gcry_md_read (md, hash_algo), mdlen, NULL)) + gcry_md_read (md, hash_algo), qbits/8, NULL)) BUG(); } else |