1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
From 3eea12e5f9af7739d5d009c6888b65bd4875a554 Mon Sep 17 00:00:00 2001
From: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sat, 4 Mar 2017 00:41:35 +0200
Subject: [PATCH] crypto: support gnutls-3.4
https://sourceforge.net/p/opendkim/patches/36/
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
---
libopendkim/dkim.c | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/libopendkim/dkim.c b/libopendkim/dkim.c
index d0d75a5..0c2278e 100644
--- a/libopendkim/dkim.c
+++ b/libopendkim/dkim.c
@@ -5301,6 +5301,8 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig)
size_t diglen = 0;
#ifdef USE_GNUTLS
gnutls_datum_t key;
+ gnutls_digest_algorithm_t hash;
+ gnutls_sign_algorithm_t sign_algo;
#else /* USE_GNUTLS */
BIO *key;
#endif /* USE_GNUTLS */
@@ -5442,7 +5444,22 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig)
return DKIM_STAT_OK;
}
- rsastat = gnutls_pubkey_verify_hash(rsa->rsa_pubkey, 0,
+ hash = GNUTLS_DIG_SHA1;
+
+ if (dkim_libfeature(dkim->dkim_libhandle,
+ DKIM_FEATURE_SHA256) &&
+ sig->sig_hashtype == DKIM_HASHTYPE_SHA256)
+ hash = GNUTLS_DIG_SHA256;
+
+ sign_algo = gnutls_pk_to_sign(GNUTLS_PK_RSA, hash);
+ if (sign_algo == GNUTLS_SIGN_UNKNOWN)
+ {
+ assert(0);
+ /* NOTREACHED */
+ }
+
+ rsastat = gnutls_pubkey_verify_hash2(rsa->rsa_pubkey,
+ sign_algo, 0,
&rsa->rsa_digest,
&rsa->rsa_sig);
if (rsastat < 0)
--
2.10.2
|
GitWeb
