folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Revert back to DSA-1 only support for NSS 

- This essentially reverts commit fe5a1e5dfa
  which apparently causes intermittent failures with DSA-1. Look at
  DSA-2 again on some sunnier day...
This commit is contained in:
Panu Matilainen 2014-05-19 15:39:49 +03:00
parent 46993cd384
commit e2659684b4
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
rpmio/digest_nss.c
View File

@ -295,25 +295,27 @@ static SECKEYPublicKey *pgpNewPublicKey(KeyType type)
}
/* compatibility with nss < 3.14 */
#ifndef DSA_MAX_Q_BITS
#define DSA_MAX_Q_BITS DSA_Q_BITS
#ifndef DSA1_SUBPRIME_LEN
#define DSA1_SUBPRIME_LEN DSA_SUBPRIME_LEN
#endif
#ifndef DSA_MIN_Q_BITS
#define DSA_MIN_Q_BITS DSA_Q_BITS
#ifndef DSA1_SIGNATURE_LEN
#define DSA1_SIGNATURE_LEN DSA_SIGNATURE_LEN
#endif
#ifndef DSA1_Q_BITS
#define DSA1_Q_BITS DSA_Q_BITS
#endif
static int pgpSetSigMpiDSA(pgpDigAlg pgpsig, int num, const uint8_t *p)
{
SECItem *sig = pgpsig->data;
unsigned int subprlen = (num == 0) ? pgpMpiLen(p) - 2 : sig->len / 2;
unsigned int siglen = subprlen * 2;
unsigned int qbits = subprlen * 8;
unsigned int qbits = DSA1_Q_BITS;
unsigned int subprlen = DSA1_SUBPRIME_LEN;
unsigned int siglen = DSA1_SIGNATURE_LEN;
int rc = 1; /* assume failure */
switch (num) {
case 0:
if (qbits >= DSA_MIN_Q_BITS && qbits <= DSA_MAX_Q_BITS)
sig = pgpsig->data = SECITEM_AllocItem(NULL, NULL, siglen);
sig = pgpsig->data = SECITEM_AllocItem(NULL, NULL, siglen);
if (sig) {
memset(sig->data, 0, siglen);
rc = pgpMpiSet(qbits, sig->data, p);