On Tue, Feb 02, 2016 at 08:14:46PM +0100, Miroslav Suchy wrote:
Dne 2.2.2016 v 13:46 Michael Schroeder napsal(a):
What code is no more? gnupg-2.1.10 still has a write_signature_packets function AFAICS.
It is there, but other functions which this one call and to which is version of signature passed, are cut of. E.g. compare:
gnupg 2.0: static void hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig) { if (sig->version >= 4) gcry_md_putc (md, sig->version); gcry_md_putc (md, sig->sig_class); if (sig->version < 4) { u32 a = sig->timestamp; gcry_md_putc (md, (a >> 24) & 0xff ); gcry_md_putc (md, (a >> 16) & 0xff ); gcry_md_putc (md, (a >> 8) & 0xff ); gcry_md_putc (md, a & 0xff ); } ...
gnupg 2.1: static void hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig) { byte buf[6]; size_t n;
gcry_md_putc (md, sig->version); gcry_md_putc (md, sig->sig_class); gcry_md_putc (md, sig->pubkey_algo); gcry_md_putc (md, sig->digest_algo); ....
An if you grep the old code for 'sig->version < 4' then you will find lots of part, which are there and which are missing in the new code. Yes, I did not tested it, but IMHO the format is so different that it cannot work when you just change the version number.
Well, hash_sigversion_to_magic mustn't get called for files_are_digest anyway, as we already provide the "final" hash. (And I wonder the upstream did the correct thing when they changed hash_sigversion_to_magic. If you have a v3 pubkey, the code seems to still set sig->version to 3, which will result in a broken signature.) Cheers, Michael. -- Michael Schroeder mls@suse.de SUSE LINUX GmbH, GF Jeff Hawn, HRB 16746 AG Nuernberg main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);} -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org