1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
--- libopendkim/dkim.c.orig 2015-05-12 18:43:09 UTC
+++ libopendkim/dkim.c
@@ -5301,6 +5301,10 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig)
size_t diglen = 0;
#ifdef USE_GNUTLS
gnutls_datum_t key;
+#if GNUTLS_VERSION_MAJOR > 2
+ gnutls_digest_algorithm_t hash;
+ gnutls_sign_algorithm_t sign_algo;
+#endif
#else /* USE_GNUTLS */
BIO *key;
#endif /* USE_GNUTLS */
@@ -5442,7 +5446,20 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig)
return DKIM_STAT_OK;
}
+#if GNUTLS_VERSION_MAJOR < 3
rsastat = gnutls_pubkey_verify_hash(rsa->rsa_pubkey, 0,
+#else
+ hash = dkim_libfeature(dkim->dkim_libhandle,
+ DKIM_FEATURE_SHA256) &&
+ sig->sig_hashtype == DKIM_HASHTYPE_SHA256
+ ? GNUTLS_DIG_SHA256 : GNUTLS_DIG_SHA1;
+
+ sign_algo = gnutls_pk_to_sign(GNUTLS_PK_RSA, hash);
+ assert(sign_algo != GNUTLS_SIGN_UNKNOWN);
+
+ rsastat = gnutls_pubkey_verify_hash2(rsa->rsa_pubkey,
+ sign_algo, 0,
+#endif
&rsa->rsa_digest,
&rsa->rsa_sig);
if (rsastat < 0)
|
