[Pkg-gnupg-commit] [gnupg2] 50/292: agent: Allow only specific digest size for ECDSA.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Nov 21 06:31:25 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit 98bc6f480ac973dccce90378dc021a2e24e58704
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Tue Sep 27 14:01:18 2016 +0900

    agent: Allow only specific digest size for ECDSA.
    
    * agent/pksign.c (do_encode_dsa): Fix validation of digest size.
    
    --
    
    Thanks to Steven Noonan <steven at uplinklabs.net> who offers patches
    and a test case.
    
    GnuPG-bug-id: 2702
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
 agent/pksign.c | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/agent/pksign.c b/agent/pksign.c
index 9011be2..17f2704 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -189,25 +189,21 @@ do_encode_dsa (const byte *md, size_t mdlen, int pkalgo, gcry_sexp_t pkey,
       return gpg_error (GPG_ERR_INV_LENGTH);
     }
 
+  /* ECDSA 521 is special has it is larger than the largest hash
+     we have (SHA-512).  Thus we chnage the size for further
+     processing to 512.  */
+  if (pkalgo == GCRY_PK_ECDSA && qbits > 512)
+    qbits = 512;
+
   /* Check if we're too short.  Too long is safe as we'll
-   * automatically left-truncate.
-   *
-   * This check would require the use of SHA512 with ECDSA 512. I
-   * think this is overkill to fail in this case.  Therefore, relax
-   * the check, but only for ECDSA keys.  We may need to adjust it
-   * later for general case.  (Note that the check is really a bug for
-   * ECDSA 521 as the only hash that matches it is SHA 512, but 512 <
-   * 521 ).
-   */
-  if (mdlen < ((pkalgo==GCRY_PK_ECDSA && qbits > 521) ? 512 : qbits)/8)
+     automatically left-truncate.  */
+  if (mdlen < qbits/8)
     {
       log_error (_("a %zu bit hash is not valid for a %u bit %s key\n"),
                  mdlen*8,
                  gcry_pk_get_nbits (pkey),
                  gcry_pk_algo_name (pkalgo));
-      /* FIXME: we need to check the requirements for ECDSA.  */
-      if (mdlen < 20 || pkalgo == GCRY_PK_DSA)
-        return gpg_error (GPG_ERR_INV_LENGTH);
+      return gpg_error (GPG_ERR_INV_LENGTH);
     }
 
   /* Truncate.  */

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list