security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

scd,openpgp: Use app_get_serialno function to get SERIALNO. 

* scd/app-openpgp.c (check_keyidstr): Don't directly access
app->serialno, but use app_get_serialno.
(do_with_keygrip): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2020-10-23 15:14:12 +09:00
parent 7e22e08e2a
commit 41505f0ae5
1 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
scd/app-openpgp.c
View File

@ -5001,7 +5001,6 @@ check_keyidstr (app_t app, const char *keyidstr, int keyno, int *r_use_auth)
const char *s;
int n;
const char *fpr = NULL;
unsigned char tmp_sn[20]; /* Actually 16 bytes but also for the fpr. */
if (r_use_auth)
*r_use_auth = 0;
@ -5010,6 +5009,8 @@ check_keyidstr (app_t app, const char *keyidstr, int keyno, int *r_use_auth)
return gpg_error (GPG_ERR_INV_ID);
else
{
char *serial;
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
;
@ -5039,13 +5040,14 @@ check_keyidstr (app_t app, const char *keyidstr, int keyno, int *r_use_auth)
else if (*s == '/')
fpr = s + 1;
for (s=keyidstr, n=0; n < 16; s += 2, n++)
tmp_sn[n] = xtoi_2 (s);
serial = app_get_serialno (app);
if (strncmp (serial, keyidstr, 32))
{
xfree (serial);
return gpg_error (GPG_ERR_WRONG_CARD);
}
if (app->card->serialnolen != 16)
return gpg_error (GPG_ERR_INV_CARD);
if (memcmp (app->card->serialno, tmp_sn, 16))
return gpg_error (GPG_ERR_WRONG_CARD);
xfree (serial);
}
/* If a fingerprint has been specified check it against the one on
@ -5672,20 +5674,15 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action, const char *keygrip_str,
}
else
{
char buf[65];
int data = (action == KEYGRIP_ACTION_SEND_DATA);
if (DIM (buf) < 2 * app->card->serialnolen + 1)
return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
bin2hex (app->card->serialno, app->card->serialnolen, buf);
char *serial = app_get_serialno (app);
if (keygrip_str == NULL)
{
if (capability == 0)
{
for (i = 0; i < 3; i++)
send_keyinfo_if_available (app, ctrl, buf, data, i);
send_keyinfo_if_available (app, ctrl, serial, data, i);
}
else
{
@ -5698,9 +5695,11 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action, const char *keygrip_str,
else
i = -1;
if (i >= 0)
send_keyinfo_if_available (app, ctrl, buf, data, i);
send_keyinfo_if_available (app, ctrl, serial, data, i);
}
xfree (serial);
/* Return an error so that the dispatcher keeps on looping
* over the other applications. Only for clarity we use a
* different error code than for the not_found case. */
@ -5711,9 +5710,11 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action, const char *keygrip_str,
for (i = 0; i < 3; i++)
if (!strcmp (keygrip_str, app->app_local->pk[i].keygrip_str))
{
send_keyinfo_if_available (app, ctrl, buf, data, i);
send_keyinfo_if_available (app, ctrl, serial, data, i);
xfree (serial);
return 0;
}
xfree (serial);
}
}