mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-06 23:17:47 +02:00
agent: Fix verification of signature for smartcard.
* agent/pksign.c (agent_pksign_do): Use public key smartcard. -- Since gcry_pk_verify can't handle shadowed private key, public key SEXP should be prepared for smartcard.
This commit is contained in:
parent
ce2a84b588
commit
4a5bd1720f
|
@ -291,6 +291,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
|
||||||
{
|
{
|
||||||
gcry_sexp_t s_skey = NULL, s_sig = NULL;
|
gcry_sexp_t s_skey = NULL, s_sig = NULL;
|
||||||
gcry_sexp_t s_hash = NULL;
|
gcry_sexp_t s_hash = NULL;
|
||||||
|
gcry_sexp_t s_pkey = NULL;
|
||||||
unsigned char *shadow_info = NULL;
|
unsigned char *shadow_info = NULL;
|
||||||
unsigned int rc = 0; /* FIXME: gpg-error? */
|
unsigned int rc = 0; /* FIXME: gpg-error? */
|
||||||
const unsigned char *data;
|
const unsigned char *data;
|
||||||
|
@ -331,6 +332,13 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
|
||||||
int is_ECDSA = 0;
|
int is_ECDSA = 0;
|
||||||
int is_EdDSA = 0;
|
int is_EdDSA = 0;
|
||||||
|
|
||||||
|
rc = agent_public_key_from_file (ctrl, ctrl->keygrip, &s_pkey);
|
||||||
|
if (rc)
|
||||||
|
{
|
||||||
|
log_error ("failed to read the public key\n");
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
if (agent_is_eddsa_key (s_skey))
|
if (agent_is_eddsa_key (s_skey))
|
||||||
is_EdDSA = 1;
|
is_EdDSA = 1;
|
||||||
else
|
else
|
||||||
|
@ -497,7 +505,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
|
||||||
ctrl->digest.raw_value);
|
ctrl->digest.raw_value);
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = gcry_pk_verify (s_sig, s_hash, s_skey);
|
rc = gcry_pk_verify (s_sig, s_hash, s_pkey? s_pkey: s_skey);
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
|
@ -512,6 +520,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
|
||||||
|
|
||||||
*signature_sexp = s_sig;
|
*signature_sexp = s_sig;
|
||||||
|
|
||||||
|
gcry_sexp_release (s_pkey);
|
||||||
gcry_sexp_release (s_skey);
|
gcry_sexp_release (s_skey);
|
||||||
gcry_sexp_release (s_hash);
|
gcry_sexp_release (s_hash);
|
||||||
xfree (shadow_info);
|
xfree (shadow_info);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user