sm: Support verification of nistp521 signatures.

* sm/certcheck.c (do_encode_md): Take care of nistp521.
--

That curve is a bit odd in that it does not match a common hash digest
length.  We fix that here for just this case instead of writing more
general code to support all allowed cases (i.e. hash shorter than Q).

Signed-off-by: Werner Koch <wk@gnupg.org>

1 files changed, 8 insertions, 5 deletions

diff --git a/sm/certcheck.c b/sm/certcheck.c
index 3604ac788..cf9495a58 100644
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@@ -77,12 +77,15 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
 
   if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECC)
     {
-      unsigned int qbits;
+      unsigned int qbits0, qbits;
 
       if ( pkalgo == GCRY_PK_ECC )
-        qbits = gcry_pk_get_nbits (pkey);
+        {
+          qbits0 = gcry_pk_get_nbits (pkey);
+          qbits = qbits0 == 521? 512 : qbits;
+        }
       else
-        qbits = get_dsa_qbits (pkey);
+        qbits0 = qbits = get_dsa_qbits (pkey);
 
       if ( (qbits%8) )
 	{
@@ -99,7 +102,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
       if (qbits < 160)
 	{
 	  log_error (_("%s key uses an unsafe (%u bit) hash\n"),
-                     gcry_pk_algo_name (pkalgo), qbits);
+                     gcry_pk_algo_name (pkalgo), qbits0);
 	  return gpg_error (GPG_ERR_INTERNAL);
 	}
 
@@ -110,7 +113,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
         {
 	  log_error (_("a %u bit hash is not valid for a %u bit %s key\n"),
                      (unsigned int)nframe*8,
-                     gcry_pk_get_nbits (pkey),
+                     qbits0,
                      gcry_pk_algo_name (pkalgo));
           /* FIXME: we need to check the requirements for ECDSA.  */
           if (nframe < 20 || pkalgo == GCRY_PK_DSA  )