Thomas Roessler <roessler@guug.de> writes:
> I'm afraid things aren't so easy. The key in question _does_ have a
> certified user id, but gpg says that this self signature is invalid.
This bug caused bad verification of signatures because the compare
function assumed normalized values - this was not always true and is
now fixed.
I'll put it into the CVS but some things are still not working
(cleartext).
Ralf and Stefan: Are your problems now solved? I'm quite sure about
Ralfs' as I used this as a test case.
Werner
p.s. And here is the mpi patch (yes: the prototype is missing)
Index: mpi/mpi-bit.c
===================================================================
RCS file: /home/koch/cvs/gnupg/mpi/mpi-bit.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- mpi-bit.c 1998/12/23 12:41:29 1.13
+++ mpi-bit.c 1999/01/07 17:05:44 1.14
@@ -48,7 +48,19 @@
#define A_LIMB_1 ((mpi_limb_t)1)
+/****************
+ * Sometimes we have MSL (most significant limbs) which are 0;
+ * this is for some reasons not good, so this function removes them.
+ */
+void
+mpi_normalize( MPI a )
+{
+ if( mpi_is_protected(a) )
+ return;
+ for( ; a->nlimbs && !a->d[a->nlimbs-1]; a->nlimbs-- )
+ ;
+}
@@ -67,6 +79,7 @@
return n;
}
+ mpi_normalize( a );
if( a->nlimbs ) {
mpi_limb_t alimb = a->d[a->nlimbs-1];
if( alimb )
Index: mpi/mpi-cmp.c
===================================================================
RCS file: /home/koch/cvs/gnupg/mpi/mpi-cmp.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- mpi-cmp.c 1998/12/23 12:41:29 1.3
+++ mpi-cmp.c 1999/01/07 17:05:44 1.4
@@ -46,27 +46,28 @@
int
mpi_cmp( MPI u, MPI v )
{
- mpi_size_t usize = u->nlimbs;
- mpi_size_t vsize = v->nlimbs;
+ mpi_size_t usize, vsize;
int cmp;
- /* FIXME: are the numbers always normalized? */
+ mpi_normalize( u );
+ mpi_normalize( v );
+ usize = u->nlimbs;
+ vsize = v->nlimbs;
if( !u->sign && v->sign )
return 1;
- else if( u->sign && !v->sign )
+ if( u->sign && !v->sign )
return -1;
- else if( usize != vsize && !u->sign && !v->sign )
+ if( usize != vsize && !u->sign && !v->sign )
return usize - vsize;
- else if( usize != vsize && u->sign && v->sign )
+ if( usize != vsize && u->sign && v->sign )
return vsize + usize;
- else if( !usize )
+ if( !usize )
return 0;
- else if( !(cmp=mpihelp_cmp( u->d, v->d, usize )) )
+ if( !(cmp=mpihelp_cmp( u->d, v->d, usize )) )
return 0;
- else if( (cmp < 0?1:0) == (u->sign?1:0))
+ if( (cmp < 0?1:0) == (u->sign?1:0))
return 1;
- else
- return -1;
+ return -1;
}
> I'm afraid things aren't so easy. The key in question _does_ have a
> certified user id, but gpg says that this self signature is invalid.
This bug caused bad verification of signatures because the compare
function assumed normalized values - this was not always true and is
now fixed.
I'll put it into the CVS but some things are still not working
(cleartext).
Ralf and Stefan: Are your problems now solved? I'm quite sure about
Ralfs' as I used this as a test case.
Werner
p.s. And here is the mpi patch (yes: the prototype is missing)
Index: mpi/mpi-bit.c
===================================================================
RCS file: /home/koch/cvs/gnupg/mpi/mpi-bit.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- mpi-bit.c 1998/12/23 12:41:29 1.13
+++ mpi-bit.c 1999/01/07 17:05:44 1.14
@@ -48,7 +48,19 @@
#define A_LIMB_1 ((mpi_limb_t)1)
+/****************
+ * Sometimes we have MSL (most significant limbs) which are 0;
+ * this is for some reasons not good, so this function removes them.
+ */
+void
+mpi_normalize( MPI a )
+{
+ if( mpi_is_protected(a) )
+ return;
+ for( ; a->nlimbs && !a->d[a->nlimbs-1]; a->nlimbs-- )
+ ;
+}
@@ -67,6 +79,7 @@
return n;
}
+ mpi_normalize( a );
if( a->nlimbs ) {
mpi_limb_t alimb = a->d[a->nlimbs-1];
if( alimb )
Index: mpi/mpi-cmp.c
===================================================================
RCS file: /home/koch/cvs/gnupg/mpi/mpi-cmp.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- mpi-cmp.c 1998/12/23 12:41:29 1.3
+++ mpi-cmp.c 1999/01/07 17:05:44 1.4
@@ -46,27 +46,28 @@
int
mpi_cmp( MPI u, MPI v )
{
- mpi_size_t usize = u->nlimbs;
- mpi_size_t vsize = v->nlimbs;
+ mpi_size_t usize, vsize;
int cmp;
- /* FIXME: are the numbers always normalized? */
+ mpi_normalize( u );
+ mpi_normalize( v );
+ usize = u->nlimbs;
+ vsize = v->nlimbs;
if( !u->sign && v->sign )
return 1;
- else if( u->sign && !v->sign )
+ if( u->sign && !v->sign )
return -1;
- else if( usize != vsize && !u->sign && !v->sign )
+ if( usize != vsize && !u->sign && !v->sign )
return usize - vsize;
- else if( usize != vsize && u->sign && v->sign )
+ if( usize != vsize && u->sign && v->sign )
return vsize + usize;
- else if( !usize )
+ if( !usize )
return 0;
- else if( !(cmp=mpihelp_cmp( u->d, v->d, usize )) )
+ if( !(cmp=mpihelp_cmp( u->d, v->d, usize )) )
return 0;
- else if( (cmp < 0?1:0) == (u->sign?1:0))
+ if( (cmp < 0?1:0) == (u->sign?1:0))
return 1;
- else
- return -1;
+ return -1;
}