diff options
author | Werner Koch <wk@gnupg.org> | 2011-06-13 12:33:08 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2011-06-13 12:33:08 +0200 |
commit | c4bce4aa60e62b55e2f7781a2aa55c2e30db2112 (patch) | |
tree | 759fe764ec678f2bbb43e58b40a5bc2e9b1b0109 /cipher/dsa.c | |
parent | f796e9877e7e065b23dee68184e46a4307d9dfa9 (diff) | |
download | libgcrypt-c4bce4aa60e62b55e2f7781a2aa55c2e30db2112.tar.gz |
Fixed a pkcs#1 v1.5 flaw regarding leading zero bytes
With these changes the entire new pkcs#1 test suite passes fine.
The leading zero bytes used to appear due to mixed signed/unsigned use
of our internal representation of the values as MPIs. The changed code
also detected another bug in the DSA selftest which used the pkcs1
flag - this was certainly wrong but didn't throw an error. The code
in GnuPG does the right thing thus I believe not too many applications
got it as wrong as we in our own selftest.
Diffstat (limited to 'cipher/dsa.c')
-rw-r--r-- | cipher/dsa.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/cipher/dsa.c b/cipher/dsa.c index 0d8abcfe..883a815f 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -1043,11 +1043,11 @@ static const char * selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey) { static const char sample_data[] = - "(data (flags pkcs1)" - " (hash sha1 #a0b1c2d3e4f500102030405060708090a1b2c3d4#))"; + "(data (flags raw)" + " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4#))"; static const char sample_data_bad[] = - "(data (flags pkcs1)" - " (hash sha1 #a0b1c2d3e4f510102030405060708090a1b2c3d4#))"; + "(data (flags raw)" + " (value #a0b1c2d3e4f510102030405060708090a1b2c3d4#))"; const char *errtxt = NULL; gcry_error_t err; |