1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

agent: Skip unknown unknown ssh curves seen on cards.

* agent/command-ssh.c (ssh_handler_request_identities): Skip unknown
curves.
--

For example when using my standard ed25519 token and testing cards
with only Brainpool support, the ssh-agent failed due to the unknown
curves seen on the card.  This patches fixes this by ignoring keys
with unknown curves.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2021-03-29 15:39:32 +02:00
parent a494b29af9
commit 2d2391dfc2
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -2513,17 +2513,27 @@ ssh_handler_request_identities (ctrl_t ctrl,
continue; continue;
err = ssh_send_key_public (key_blobs, key_public, cardsn); err = ssh_send_key_public (key_blobs, key_public, cardsn);
if (err && opt.verbose)
gcry_log_debugsxp ("pubkey", key_public);
gcry_sexp_release (key_public); gcry_sexp_release (key_public);
key_public = NULL; key_public = NULL;
xfree (cardsn); xfree (cardsn);
if (err) if (err)
{
if (err && opt.verbose)
gcry_log_debugsxp ("pubkey", key_public);
if (gpg_err_code (err) == GPG_ERR_UNKNOWN_CURVE
|| gpg_err_code (err) == GPG_ERR_INV_CURVE)
{
/* For example a Brainpool curve or a curve we don't
* support at all but a smartcard lists that curve.
* We ignore them. */
}
else
{ {
agent_card_free_keyinfo (keyinfo_list); agent_card_free_keyinfo (keyinfo_list);
goto out; goto out;
} }
}
else
key_counter++; key_counter++;
} }