Simon Josefsson <[email protected]> writes: > Peter Stuge <[email protected]> writes: > >> Simon Josefsson wrote: >>> > ping >>> >>> I pushed your patch, please test whether what is in git now works >>> for both RSA and DSA. >> >> So I was looking into this. The reason I didn't immediately apply the >> patch to bring back the previous behavior of the libgcrypt code is >> that it makes some assumptions on how r and s are stored internally >> by libgcrypt and that doesn't seem as reliable as can be. > > Do we have any reports that the old code didn't work?
Oops, sorry I now see that we do. :-( Anyway, it seems both the old code and the new code are broken. > It would be good to improve the code to not make those assumptions, but > I'm not sure what you are referring to here. What I think the code is > assuming is that we know exactly how the DSA S-exp outputs looks like, > which may not be ideal, but S-exp's is a fairly well-known format [1] so > the assumption doesn't seem all that strange to me. But patches > welcome. :-) This still holds though. :-) If you can get your fix into git relatively soon, that would be good, otherwise I guess the safest is to revert back to the old code. Sorry for causing confusion here, I read Kamil's ping as a indication that the patch was tested and he was looking for it to be applied, but I guess it was a ping for further discussion instead. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
