scd: Support changing key attribute back to RSA.

* scd/app-openpgp.c (change_rsa_keyattr): Try usual RSA. -- In the OpenPGP card specification, there are multiple options to support RSA (having P and Q or not, etc.), and it is implementation dependent. Since GnuPG doesn't have knowledge which card implementation support which option and there is no way (yet) for card to express itself which key attributes are supported, we haven't supported key attribute change back to RSA. But, many card implementation uses P and Q, try this option. If other cases, factory-reset would be easier option. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-12-22 10:19:57 +01:00 · 2018-03-30 09:59:09 +09:00 · 2018-03-30 09:59:09 +09:00 · 2969271876
commit 2969271876
parent a1515b3bbc
1 changed files with 18 additions and 6 deletions
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@ -3208,21 +3208,33 @@ change_rsa_keyattr (app_t app, int keyno, unsigned int nbits,
  relptr = get_one_do (app, 0xC1+keyno, &buf, &buflen, NULL);
  if (!relptr)
    err = gpg_error (GPG_ERR_CARD);
-  else if (buflen < 6 || buf[0] != PUBKEY_ALGO_RSA)
+  else if (buflen < 6)
    {
-      /* Attriutes too short or not an RSA key.  */
+      /* Attributes too short.  */
      xfree (relptr);
      err = gpg_error (GPG_ERR_CARD);
    }
  else
    {
-      /* We only change n_bits and don't touch anything else.  Before we
-         do so, we round up NBITS to a sensible way in the same way as
-         gpg's key generation does it.  This may help to sort out problems
-         with a few bits too short keys.  */
+      /* If key attribute was RSA, we only change n_bits and don't
+         touch anything else.  Before we do so, we round up NBITS to a
+         sensible way in the same way as gpg's key generation does it.
+         This may help to sort out problems with a few bits too short
+         keys.  */
      nbits = ((nbits + 31) / 32) * 32;
      buf[1] = (nbits >> 8);
      buf[2] = nbits;
+
+      /* If it was not RSA, we need to fill other parts.  */
+      if (buf[0] != PUBKEY_ALGO_RSA)
+        {
+          buf[0] = PUBKEY_ALGO_RSA;
+          buf[3] = 0;
+          buf[4] = 32;
+          buf[5] = 0;
+          buflen = 6;
+        }
+
      err = change_keyattr (app, keyno, buf, buflen, pincb, pincb_arg);
      xfree (relptr);
    }