mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-20 14:37:08 +01:00
agent: Fix importing ECC key.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Only encrypted parameters are stored as opaque. (apply_protection): ARRAY members are all normal, non-opaque MPI. (extract_private_key): Get public key as normal, non-opaque MPI. Remove support of ECC key with '(flags param)'. Remove support of "ecdsa" and "ecdh" keys of our experiment.
This commit is contained in:
parent
708b7eccde
commit
1542dc604b
@ -838,15 +838,13 @@ convert_from_openpgp_main (ctrl_t ctrl, gcry_sexp_t s_pgp,
|
|||||||
value = gcry_sexp_nth_data (list, ++idx, &valuelen);
|
value = gcry_sexp_nth_data (list, ++idx, &valuelen);
|
||||||
if (!value || !valuelen)
|
if (!value || !valuelen)
|
||||||
goto bad_seckey;
|
goto bad_seckey;
|
||||||
if (is_enc || curve)
|
if (is_enc)
|
||||||
{
|
{
|
||||||
/* Encrypted parameters and ECC parameters need or can be
|
/* Encrypted parameters need to be stored as opaque. */
|
||||||
stored as opaque. */
|
|
||||||
skey[skeyidx] = gcry_mpi_set_opaque_copy (NULL, value, valuelen*8);
|
skey[skeyidx] = gcry_mpi_set_opaque_copy (NULL, value, valuelen*8);
|
||||||
if (!skey[skeyidx])
|
if (!skey[skeyidx])
|
||||||
goto outofmem;
|
goto outofmem;
|
||||||
if (is_enc)
|
gcry_mpi_set_flag (skey[skeyidx], GCRYMPI_FLAG_USER1);
|
||||||
gcry_mpi_set_flag (skey[skeyidx], GCRYMPI_FLAG_USER1);
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -1114,55 +1112,14 @@ apply_protection (gcry_mpi_t *array, int npkey, int nskey,
|
|||||||
ndata = 20; /* Space for the SHA-1 checksum. */
|
ndata = 20; /* Space for the SHA-1 checksum. */
|
||||||
for (i = npkey, j = 0; i < nskey; i++, j++ )
|
for (i = npkey, j = 0; i < nskey; i++, j++ )
|
||||||
{
|
{
|
||||||
if (gcry_mpi_get_flag (array[i], GCRYMPI_FLAG_OPAQUE))
|
err = gcry_mpi_aprint (GCRYMPI_FMT_USG, bufarr+j, narr+j, array[i]);
|
||||||
|
if (err)
|
||||||
{
|
{
|
||||||
const unsigned char *s;
|
for (i = 0; i < j; i++)
|
||||||
unsigned int n;
|
xfree (bufarr[i]);
|
||||||
|
return err;
|
||||||
s = gcry_mpi_get_opaque (array[i], &n);
|
|
||||||
if (!s)
|
|
||||||
{
|
|
||||||
s = "";
|
|
||||||
n = 0;
|
|
||||||
}
|
|
||||||
/* Strip leading zero bits. */
|
|
||||||
for (; n >= 8 && !*s; s++, n -= 8)
|
|
||||||
;
|
|
||||||
if (n >= 8 && !(*s & 0x80))
|
|
||||||
if (--n >= 7 && !(*s & 0x40))
|
|
||||||
if (--n >= 6 && !(*s & 0x20))
|
|
||||||
if (--n >= 5 && !(*s & 0x10))
|
|
||||||
if (--n >= 4 && !(*s & 0x08))
|
|
||||||
if (--n >= 3 && !(*s & 0x04))
|
|
||||||
if (--n >= 2 && !(*s & 0x02))
|
|
||||||
if (--n >= 1 && !(*s & 0x01))
|
|
||||||
--n;
|
|
||||||
|
|
||||||
nbits[j] = n;
|
|
||||||
n = (n+7)/8;
|
|
||||||
narr[j] = n;
|
|
||||||
bufarr[j] = (gcry_is_secure (s)? xtrymalloc_secure (n?n:1)
|
|
||||||
/* */ : xtrymalloc (n?n:1));
|
|
||||||
if (!bufarr[j])
|
|
||||||
{
|
|
||||||
err = gpg_error_from_syserror ();
|
|
||||||
for (i = 0; i < j; i++)
|
|
||||||
xfree (bufarr[i]);
|
|
||||||
return err;
|
|
||||||
}
|
|
||||||
memcpy (bufarr[j], s, n);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
err = gcry_mpi_aprint (GCRYMPI_FMT_USG, bufarr+j, narr+j, array[i]);
|
|
||||||
if (err)
|
|
||||||
{
|
|
||||||
for (i = 0; i < j; i++)
|
|
||||||
xfree (bufarr[i]);
|
|
||||||
return err;
|
|
||||||
}
|
|
||||||
nbits[j] = gcry_mpi_get_nbits (array[i]);
|
|
||||||
}
|
}
|
||||||
|
nbits[j] = gcry_mpi_get_nbits (array[i]);
|
||||||
ndata += 2 + narr[j];
|
ndata += 2 + narr[j];
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1317,53 +1274,13 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data,
|
|||||||
else if (!strcmp (name, "ecc"))
|
else if (!strcmp (name, "ecc"))
|
||||||
{
|
{
|
||||||
algoname = "ecc";
|
algoname = "ecc";
|
||||||
format = "/qd?";
|
format = "qd?";
|
||||||
npkey = 1;
|
npkey = 1;
|
||||||
nskey = 2;
|
nskey = 2;
|
||||||
curve = gcry_sexp_find_token (list, "curve", 0);
|
curve = gcry_sexp_find_token (list, "curve", 0);
|
||||||
flags = gcry_sexp_find_token (list, "flags", 0);
|
flags = gcry_sexp_find_token (list, "flags", 0);
|
||||||
err = gcry_sexp_extract_param (list, NULL, format,
|
err = gcry_sexp_extract_param (list, NULL, format,
|
||||||
array+0, array+1, NULL);
|
array+0, array+1, NULL);
|
||||||
if (flags)
|
|
||||||
{
|
|
||||||
gcry_sexp_t param = gcry_sexp_find_token (flags, "param", 0);
|
|
||||||
if (param)
|
|
||||||
{
|
|
||||||
gcry_sexp_release (param);
|
|
||||||
array[6] = array[0];
|
|
||||||
array[7] = array[1];
|
|
||||||
err = gcry_sexp_extract_param (list, NULL, "pabgnh?",
|
|
||||||
array+0, array+1, array+2, array+3,
|
|
||||||
array+4, array+5, NULL);
|
|
||||||
if (array[5] == NULL)
|
|
||||||
{
|
|
||||||
array[5] = GCRYMPI_CONST_ONE;
|
|
||||||
npkey += 6;
|
|
||||||
nskey += 6;
|
|
||||||
}
|
|
||||||
format = "pabgnhqd?";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else if (!strcmp (name, "ecdsa"))
|
|
||||||
{
|
|
||||||
algoname = "ecdsa";
|
|
||||||
format = "pabgnqd?";
|
|
||||||
npkey = 6;
|
|
||||||
nskey = 7;
|
|
||||||
err = gcry_sexp_extract_param (list, NULL, format,
|
|
||||||
array+0, array+1, array+2, array+3,
|
|
||||||
array+4, array+5, array+6, NULL);
|
|
||||||
}
|
|
||||||
else if (!strcmp (name, "ecdh"))
|
|
||||||
{
|
|
||||||
algoname = "ecdh";
|
|
||||||
format = "pabgnqd?";
|
|
||||||
npkey = 6;
|
|
||||||
nskey= 7;
|
|
||||||
err = gcry_sexp_extract_param (list, NULL, format,
|
|
||||||
array+0, array+1, array+2, array+3,
|
|
||||||
array+4, array+5, array+6, NULL);
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -1381,12 +1298,7 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data,
|
|||||||
{
|
{
|
||||||
*r_algoname = algoname;
|
*r_algoname = algoname;
|
||||||
if (r_elems)
|
if (r_elems)
|
||||||
{
|
*r_elems = format;
|
||||||
if (format[0] == '/') /* It is opaque data qualifier, skip it. */
|
|
||||||
*r_elems = format+1;
|
|
||||||
else
|
|
||||||
*r_elems = format;
|
|
||||||
}
|
|
||||||
*r_npkey = npkey;
|
*r_npkey = npkey;
|
||||||
if (r_nskey)
|
if (r_nskey)
|
||||||
*r_nskey = nskey;
|
*r_nskey = nskey;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user