security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-21 10:09:57 +01:00
Code Activity

gpg: Fix modifying signature data by pk_verify for Ed25519.

Browse Source 
* g10/pkglue.c (pk_verify): When fixing R and S, make sure those are
copies.

--

GnuPG-bug-id: 7426
Fixing-commit: 0a5a854510fda6e6990938a3fca424df868fe676
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2024-11-25 14:39:59 +09:00
parent bb6b38c240
commit 70c49ce024
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
g10/pkglue.c
View File

@ -331,6 +331,15 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
rc = gpg_error (GPG_ERR_BAD_MPI);
else
{
r = gcry_mpi_copy (r);
s = gcry_mpi_copy (s);
if (!r || !s)
{
rc = gpg_error_from_syserror ();
goto leave;
}
/* We need to fixup the length in case of leading zeroes.
* OpenPGP does not allow leading zeroes and the parser for
* the signature packet has no information on the use curve,
@ -416,6 +425,7 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
if (!rc)
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
leave:
gcry_sexp_release (s_sig);
gcry_sexp_release (s_hash);
gcry_sexp_release (s_pkey);