sm: Fix a wrong key parameter in an exported private key file

* sm/export.c (sexp_to_kparms): Fix the computation of array[6], which must be 'd mod (q-1)' but was 'p mod (q-1)'. -- This bug is not serious but makes some consistency checks fail. For example, 'openssl rsa -check' reports the following error: $ gpgsm --out my.key --export-secret-key-raw 0xXXXXXXXX $ openssl rsa -check -noout -inform DER -in my.key RSA key error: dmq1 not congruent to d -- Let me(wk) add this: This bug was introduced with Fixes-commit: 91056b1976bfb7b755e53b1302f4ede2b5cbc05d right at the start of GnuPG 2.1 in July 2010. Before that (in 2.0) we used gpg-protect-tool which got it right. We probably never noticed this because gpgsm, and maybe other tools too, fix things up during import. Signed-off-by: Werner Koch <wk@gnupg.org>
2024-12-22 10:19:57 +01:00 · 2018-02-07 18:46:54 +09:00 · 2018-02-07 18:46:54 +09:00 · 29aac77980
commit 29aac77980
parent f19ff78f0f
1 changed files with 1 additions and 1 deletions
--- a/sm/export.c
+++ b/sm/export.c
@ -603,7 +603,7 @@ sexp_to_kparms (gcry_sexp_t sexp)

  array[6] = gcry_mpi_snew (0);  /* compute d mod (p-1) */
  gcry_mpi_sub_ui (array[6], array[4], 1);
-  gcry_mpi_mod (array[6], array[3], array[6]);
+  gcry_mpi_mod (array[6], array[2], array[6]);

  return array;
 }