Check v5 signature correctly.

Signed-off-by: NIIBE Yutaka <[email protected]>

2 files changed, 18 insertions, 1 deletions

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index c9bf57587..c61d14325 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2417,6 +2417,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
                   (ulong) sig->keyid[0], (ulong) sig->keyid[1],
                   sig->version, (ulong) sig->timestamp, md5_len, sig->sig_class,
                   sig->digest_algo, sig->digest_start[0], sig->digest_start[1]);
+      if (sig->version == 5)
+	{
+	  es_fprintf (listfp, "\tv5salt ");
+	  es_write_hexstring (listfp, sig->v5_salt, 16, 0, NULL);
+	  es_fputs ("\n", listfp);
+	}
       if (is_v4or5)
 	{
 	  parse_sig_subpkt (sig, 1, SIGSUBPKT_LIST_HASHED, NULL);
diff --git a/g10/sig-check.c b/g10/sig-check.c
index eb6c9669d..9978cba60 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -574,10 +574,18 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
       if (sig->hashed)
         {
           n = sig->hashed->len;
+          if (sig->version == 5)
+            {
+              gcry_md_putc (digest, (n >> 24) );
+              gcry_md_putc (digest, (n >> 16) );
+            }
           gcry_md_putc (digest, (n >> 8) );
           gcry_md_putc (digest,  n       );
           gcry_md_write (digest, sig->hashed->data, n);
-          n += 6;
+          if (sig->version == 5)
+            n += 8;
+          else
+            n += 6;
 	}
       else
         {
@@ -1032,6 +1040,9 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
 
   /* Hash the relevant data.  */
 
+  if (sig->version == 5)
+    gcry_md_write (md, sig->v5_salt, 16);
+
   if (IS_KEY_SIG (sig) || IS_KEY_REV (sig))
     {
       log_assert (packet->pkttype == PKT_PUBLIC_KEY);