From 1e6cf7fefdc75bb05a0a5ddc0cabc5b890af2fde Mon Sep 17 00:00:00 2001 From: Mark Atwood Date: Thu, 2 Jul 2026 15:28:17 -0700 Subject: [PATCH] rsa: verify PUBKEY_ENC_UNKNOWN via the raw compare path GnuPG's OpenPGP RSA signature verification supplies the full pre-encoded PKCS#1 v1.5 message and leaves ctx.encoding == PUBKEY_ENC_UNKNOWN. wc_rsa_verify()'s switch only handled the named encodings and routed UNKNOWN to default -> GPG_ERR_BAD_SIGNATURE, so every GnuPG/apt RSA signature verification failed (keys reported "Unusable", "1 bad signature"). Stock libgcrypt performs the raw mpi_cmp for all non-PSS encodings; route UNKNOWN into the existing wc_RsaDirect + mpi_cmp path. Verified: gpg --check-sigs goes from "1 bad signature" to clean. Fixes #28 --- cipher/rsa.c | 1 + 1 file changed, 1 insertion(+) diff --git a/cipher/rsa.c b/cipher/rsa.c index 28d2e855..8439844f 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -3612,6 +3612,7 @@ wc_rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) case PUBKEY_ENC_PKCS1: case PUBKEY_ENC_RAW: case PUBKEY_ENC_OAEP: + case PUBKEY_ENC_UNKNOWN: /* GnuPG OpenPGP verify supplies the full encoded message and libgcrypt leaves encoding UNKNOWN; stock libgcrypt does the raw mpi_cmp for all non-PSS encodings, so handle it here instead of falling to default->BAD. */ /* Allocate a buffer for the output */ myDataLen = mySigLen;