fixup! openpgp: Add support for v6 signature packets.

2 files changed, 10 insertions, 6 deletions

diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs
index d3c70a69..08187215 100644
--- a/openpgp/src/packet/signature.rs
+++ b/openpgp/src/packet/signature.rs
@@ -2900,12 +2900,14 @@ impl Signature {
             key.verify(self.mpis(), self.hash_algo(), digest)
         };
 
-        // XXX if hash_algo.salt_size().map(|expected| expected != salt_len)
-        // XXX     .unwrap_or(false)
-        // XXX {
-        // XXX     return php.fail(format!("bad salt length, expected {} got {}",
-        // XXX     );
-        // XXX }
+        if let Ok(expected_salt_len) = self.hash_algo().salt_size() {
+            let salt_len = self.salt().map(|s| s.len()).unwrap_or(0);
+            if self.version() == 6 && salt_len != expected_salt_len {
+                return Err(Error::BadSignature(format!(
+                    "bad salt length, expected {} got {}",
+                    expected_salt_len, salt_len)).into());
+            }
+        }
 
         if result.is_ok() {
             // Mark information in this signature as authenticated.
diff --git a/openpgp/src/types/mod.rs b/openpgp/src/types/mod.rs
index 6a9d7fdc..36f94460 100644
--- a/openpgp/src/types/mod.rs
+++ b/openpgp/src/types/mod.rs
@@ -1535,6 +1535,8 @@ impl HashAlgorithm {
             HashAlgorithm::SHA384 => Ok(24),
             HashAlgorithm::SHA512 => Ok(32),
             HashAlgorithm::SHA224 => Ok(16),
+            HashAlgorithm::SHA3_256 => Ok(16),
+            HashAlgorithm::SHA3_512 => Ok(32),
             _ => Err(Error::UnsupportedHashAlgorithm(*self).into()),
         }
     }