gpg: Make decryption with the OpenPGP card work.

* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New. * scd/app-openpgp.c (do_decipher): Add arg R_INFO. * scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy. * scd/app.c (app_decipher): Add arg R_INFO. * scd/command.c (cmd_pkdecrypt): Print status line "PADDING". * agent/call-scd.c (padding_info_cb): New. (agent_card_pkdecrypt): Add arg R_PADDING. * agent/divert-scd.c (divert_pkdecrypt): Ditto. * agent/pkdecrypt.c (agent_pkdecrypt): Ditto. * agent/command.c (cmd_pkdecrypt): Print status line "PADDING". * g10/call-agent.c (padding_info_cb): New. (agent_pkdecrypt): Add arg R_PADDING. * g10/pubkey-enc.c (get_it): Use padding info. -- Decryption using a card never worked in gpg 2.1 because the information whether the pkcs#1 padding needs to be removed was not available. Gpg < 2.1 too this info from the secret sub key but that has gone in 2.1. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2013-08-26 17:29:54 +02:00 · 2013-08-26 17:29:54 +02:00 · 780ba32336
commit 780ba32336
parent 04e2c83f18
16 changed files with 134 additions and 39 deletions
--- a/scd/app-common.h
+++ b/scd/app-common.h
@ -34,6 +34,9 @@
 #define APP_CHANGE_FLAG_RESET    1
 #define APP_CHANGE_FLAG_NULLPIN  2

+/* Bit flags set by the decipher function into R_INFO.  */
+#define APP_DECIPHER_INFO_NOPAD  1  /* Padding has been removed.  */
+

 struct app_local_s;  /* Defined by all app-*.c.  */

@ -93,10 +96,11 @@ struct app_ctx_s {
                 const void *indata, size_t indatalen,
                 unsigned char **outdata, size_t *outdatalen);
    gpg_error_t (*decipher) (app_t app, const char *keyidstr,
-                     gpg_error_t (*pincb)(void*, const char *, char **),
-                     void *pincb_arg,
-                     const void *indata, size_t indatalen,
-                     unsigned char **outdata, size_t *outdatalen);
+                             gpg_error_t (*pincb)(void*, const char *, char **),
+                             void *pincb_arg,
+                             const void *indata, size_t indatalen,
+                             unsigned char **outdata, size_t *outdatalen,
+                             unsigned int *r_info);
    gpg_error_t (*writecert) (app_t app, ctrl_t ctrl,
                              const char *certid,
                              gpg_error_t (*pincb)(void*,const char *,char **),
@ -168,15 +172,16 @@ gpg_error_t app_sign (app_t app, const char *keyidstr, int hashalgo,
              const void *indata, size_t indatalen,
              unsigned char **outdata, size_t *outdatalen );
 gpg_error_t app_auth (app_t app, const char *keyidstr,
-              gpg_error_t (*pincb)(void*, const char *, char **),
-              void *pincb_arg,
-              const void *indata, size_t indatalen,
-              unsigned char **outdata, size_t *outdatalen);
+                      gpg_error_t (*pincb)(void*, const char *, char **),
+                      void *pincb_arg,
+                      const void *indata, size_t indatalen,
+                      unsigned char **outdata, size_t *outdatalen);
 gpg_error_t app_decipher (app_t app, const char *keyidstr,
-                  gpg_error_t (*pincb)(void*, const char *, char **),
-                  void *pincb_arg,
-                  const void *indata, size_t indatalen,
-                  unsigned char **outdata, size_t *outdatalen );
+                          gpg_error_t (*pincb)(void*, const char *, char **),
+                          void *pincb_arg,
+                          const void *indata, size_t indatalen,
+                          unsigned char **outdata, size_t *outdatalen,
+                          unsigned int *r_info);
 gpg_error_t app_writecert (app_t app, ctrl_t ctrl,
                           const char *certidstr,
                           gpg_error_t (*pincb)(void*, const char *, char **),