From b3561e0aeeff07c58f97081931499bd32fa9101a Mon Sep 17 00:00:00 2001
From: Daniel Wyatt <Daniel.Wyatt@gmail.com>
Date: Tue, 16 May 2017 21:43:52 -0400
Subject: [PATCH] Undo commit 'Remove (hopefully) legacy code from signature
 check'. Apparently this was checking the PKCS encoding leading bytes and I
 was covering up a bug by removing this.

---
 src/lib/signature.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/lib/signature.c b/src/lib/signature.c
index 48ecba48d7..949d680b91 100644
--- a/src/lib/signature.c
+++ b/src/lib/signature.c
@@ -301,6 +301,10 @@ rsa_verify(pgp_hash_alg_t type,
 		return 0;
 	}
 
+	if (hashbuf_from_sig[0] != 0 || hashbuf_from_sig[1] != 1) {
+		return 0;
+	}
+
 	switch (type) {
 	case PGP_HASH_MD5:
 		prefix = prefix_md5;