1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00

gpg: Make decryption with the OpenPGP card work.

* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New.
* scd/app-openpgp.c (do_decipher): Add arg R_INFO.
* scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy.
* scd/app.c (app_decipher): Add arg R_INFO.
* scd/command.c (cmd_pkdecrypt): Print status line "PADDING".
* agent/call-scd.c (padding_info_cb): New.
(agent_card_pkdecrypt): Add arg R_PADDING.
* agent/divert-scd.c (divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Ditto.
* agent/command.c (cmd_pkdecrypt):  Print status line "PADDING".
* g10/call-agent.c (padding_info_cb): New.
(agent_pkdecrypt): Add arg R_PADDING.
* g10/pubkey-enc.c (get_it): Use padding info.
--

Decryption using a card never worked in gpg 2.1 because the
information whether the pkcs#1 padding needs to be removed was not
available.  Gpg < 2.1 too this info from the secret sub key but that
has gone in 2.1.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2013-08-26 17:29:54 +02:00
parent 04e2c83f18
commit 780ba32336
16 changed files with 134 additions and 39 deletions

View file

@ -32,11 +32,12 @@
/* DECRYPT the stuff in ciphertext which is expected to be a S-Exp.
Try to get the key from CTRL and write the decoded stuff back to
OUTFP. */
OUTFP. The padding information is stored at R_PADDING with -1
for not known. */
int
agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
const unsigned char *ciphertext, size_t ciphertextlen,
membuf_t *outbuf)
membuf_t *outbuf, int *r_padding)
{
gcry_sexp_t s_skey = NULL, s_cipher = NULL, s_plain = NULL;
unsigned char *shadow_info = NULL;
@ -44,6 +45,8 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
char *buf = NULL;
size_t len;
*r_padding = -1;
if (!ctrl->have_keygrip)
{
log_error ("speculative decryption not yet supported\n");
@ -85,7 +88,8 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
goto leave;
}
rc = divert_pkdecrypt (ctrl, ciphertext, shadow_info, &buf, &len );
rc = divert_pkdecrypt (ctrl, ciphertext, shadow_info,
&buf, &len, r_padding);
if (rc)
{
log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));