scd:p15: Fix decrypt followed by sign problem for D-Trust cards.

* scd/iso7816.c (iso7816_select_mf): New. * scd/app-p15.c (card_product_t): New. (struct app_local_s): Add field 'card_product'. (read_ef_tokeninfo): Detect D-Trust card. (prepare_verify_pin): Switch to D-Trust AID. (do_decipher): Restore a SE for D-TRust cards. Change the padding indicator to 0x81. * common/percent.c (percent_data_escape): new. Taken from master. -- Using what I learned from a USB trace running the Governikus Signer Software on Windows this fixes the left over problem with the new D-Trust card support. Signed-off-by: Werner Koch <wk@gnupg.org> Backported from master. This required to add the percent_data_escape function we introduced in master on 2018-07-02: commit 58baf40af6 common: New function percent_data_escape. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2020-04-07 16:00:11 +02:00 · 2020-04-07 16:00:11 +02:00 · 471b06e91b
commit 471b06e91b
parent 4148976841
5 changed files with 197 additions and 14 deletions
--- a/common/percent.c
+++ b/common/percent.c
@ -87,6 +87,89 @@ percent_plus_escape (const char *string)
 }


+/* Create a newly malloced string from (DATA,DATALEN) with embedded
+ * nuls quoted as %00.  The standard percent unescaping can be used to
+ * reverse this encoding.  With PLUS_ESCAPE set plus-escaping (spaces
+ * are replaced by a '+') and escaping of characters with values less
+ * than 0x20 is used.  If PREFIX is not NULL it will be prepended to
+ * the output in standard escape format; that is PLUS_ESCAPING is
+ * ignored for PREFIX. */
+char *
+percent_data_escape (int plus_escape, const char *prefix,
+                     const void *data, size_t datalen)
+{
+  char *buffer, *p;
+  const unsigned char *s;
+  size_t n;
+  size_t length = 1;
+
+  if (prefix)
+    {
+      for (s = prefix; *s; s++)
+        {
+          if (*s == '%' || *s < 0x20)
+            length += 3;
+          else
+            length++;
+        }
+    }
+
+  for (s=data, n=datalen; n; s++, n--)
+    {
+      if (!*s || *s == '%' || (plus_escape && (*s < ' ' || *s == '+')))
+        length += 3;
+      else
+        length++;
+    }
+
+  buffer = p = xtrymalloc (length);
+  if (!buffer)
+    return NULL;
+
+  if (prefix)
+    {
+      for (s = prefix; *s; s++)
+        {
+          if (*s == '%' || *s < 0x20)
+            {
+              snprintf (p, 4, "%%%02X", *s);
+              p += 3;
+            }
+          else
+            *p++ = *s;
+        }
+    }
+
+  for (s=data, n=datalen; n; s++, n--)
+    {
+      if (!*s)
+        {
+          memcpy (p, "%00", 3);
+          p += 3;
+        }
+      else if (*s == '%')
+        {
+          memcpy (p, "%25", 3);
+          p += 3;
+        }
+      else if (plus_escape && *s == ' ')
+        {
+          *p++ = '+';
+        }
+      else if (plus_escape && (*s < ' ' || *s == '+'))
+        {
+          snprintf (p, 4, "%%%02X", *s);
+          p += 3;
+        }
+      else
+        *p++ = *s;
+    }
+  *p = 0;
+
+  return buffer;
+}
+
+
 /* Do the percent and plus/space unescaping from STRING to BUFFER and
   return the length of the valid buffer.  Plus unescaping is only
   done if WITHPLUS is true.  An escaped Nul character will be
--- a/common/util.h
+++ b/common/util.h
@ -224,6 +224,8 @@ char *hex2str_alloc (const char *hexstring, size_t *r_count);

 /*-- percent.c --*/
 char *percent_plus_escape (const char *string);
+char *percent_data_escape (int plus_escape, const char *prefix,
+                           const void *data, size_t datalen);
 char *percent_plus_unescape (const char *string, int nulrepl);
 char *percent_unescape (const char *string, int nulrepl);