1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

agent: Allow NULL for R_PADDING, when calling scd and tpm2d.

* agent/call-scd.c (padding_info_cb): Allow NULL.
(agent_card_pkdecrypt): Likewise.
* agent/divert-scd.c (divert_pkdecrypt): Likewise.
* agent/divert-tpm2.c (divert_tpm2_pkdecrypt): Likewise.

--

It's for RSA PKCD#1 encoding if the decrypt operation removes padding
or not.  When caller knows it's not RSA, this information is no use
and it is better to allow NULL with the variable R_PADDING.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2024-04-25 10:48:24 +09:00
parent 2958e5e4cf
commit 2593dcbceb
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
3 changed files with 13 additions and 8 deletions

View File

@ -548,6 +548,7 @@ padding_info_cb (void *opaque, const char *line)
if ((s=has_leading_keyword (line, "PADDING")))
{
if (r_padding)
*r_padding = atoi (s);
}
else if ((s=has_leading_keyword (line, "PINCACHE_PUT")))
@ -560,8 +561,8 @@ padding_info_cb (void *opaque, const char *line)
/* Decipher INDATA using the current card. Note that the returned
* value is not an s-expression but the raw data as returned by
* scdaemon. The padding information is stored at R_PADDING with -1
* for not known. DESC_TEXT is an additional parameter passed to
* GETPIN_CB. */
* for not known, when it's not NULL. DESC_TEXT is an additional
* parameter passed to GETPIN_CB. */
int
agent_card_pkdecrypt (ctrl_t ctrl,
const char *keyid,
@ -579,6 +580,7 @@ agent_card_pkdecrypt (ctrl_t ctrl,
size_t len;
*r_buf = NULL;
if (r_padding)
*r_padding = -1; /* Unknown. */
rc = start_scd (ctrl);
if (rc)

View File

@ -380,7 +380,7 @@ divert_pksign (ctrl_t ctrl, const unsigned char *grip,
/* Decrypt the value given as an s-expression in CIPHER using the
key identified by SHADOW_INFO and return the plaintext in an
allocated buffer in R_BUF. The padding information is stored at
R_PADDING with -1 for not known. */
R_PADDING with -1 for not known, when it's not NULL. */
int
divert_pkdecrypt (ctrl_t ctrl,
const unsigned char *grip,
@ -399,6 +399,7 @@ divert_pkdecrypt (ctrl_t ctrl,
bin2hex (grip, 20, hexgrip);
if (r_padding)
*r_padding = -1;
s = cipher;
if (*s != '(')

View File

@ -106,6 +106,7 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl,
const unsigned char *s;
size_t n;
if (r_padding)
*r_padding = -1;
s = cipher;
@ -125,6 +126,7 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl,
return gpg_error (GPG_ERR_INV_SEXP);
if (smatch (&s, n, "rsa"))
{
if (r_padding)
*r_padding = 0;
if (*s != '(')
return gpg_error (GPG_ERR_UNKNOWN_SEXP);