From 8720125f5a283ede34e52c2493b8a9b0226ae62c Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 5 Dec 2014 14:20:50 +0900
Subject: [PATCH] scd: Fix for NIST P-256.

* g10/card-util.c (card_store_subkey): Error check.
* scd/app-opengpg.c (ecc_writekey): Support NIST P-256.
(do_writekey): Error check.
---
 g10/card-util.c   |  2 +-
 scd/app-openpgp.c | 18 ++++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/g10/card-util.c b/g10/card-util.c
index 3d5c43c3e..4f1c9d808 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -1619,7 +1619,7 @@ card_store_subkey (KBNODE node, int use)
     goto leave;
 
   epoch2isotime (timebuf, (time_t)pk->timestamp);
-  agent_keytocard (hexgrip, keyno, rc, info.serialno, timebuf);
+  rc = agent_keytocard (hexgrip, keyno, rc, info.serialno, timebuf);
 
   if (rc)
     log_error (_("KEYTOCARD failed: %s\n"), gpg_strerror (rc));
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 9b4ab2220..e27a2cb36 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -3258,8 +3258,8 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
   u32 created_at = 0;
   int curve = CURVE_UNKNOWN;
 
-  /* (private-key(ecdsa(curve%s)(q%m)(d%m))(created-at%d)):
-     curve = "1.2.840.10045.3.1.7" */
+  /* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)):
+     curve = "NIST P-256" */
   /* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)):
      curve = "secp256k1" */
   /* (private-key(ecc(curve%s)(flags eddsa)(q%m)(d%m))(created-at%d)):
@@ -3281,12 +3281,18 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
           if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
             goto leave;
 
-          if (tok && toklen == 19 && !memcmp (tok, "1.2.840.10045.3.1.7", 19))
+          if (tok && toklen == 10 && !memcmp (tok, "NIST P-256", 10))
             curve = CURVE_NIST_P256;
           else if (tok && toklen == 9 && !memcmp (tok, "secp256k1", 9))
             curve = CURVE_SEC_P256K1;
           else if (tok && toklen == 7 && !memcmp (tok, "Ed25519", 7))
             curve = CURVE_ED25519;
+          else
+            {
+              log_error (_("unsupported curve\n"));
+              err = gpg_error (GPG_ERR_INV_VALUE);
+              goto leave;
+            }
         }
       else if (tok && toklen == 1)
         {
@@ -3491,15 +3497,15 @@ do_writekey (app_t app, ctrl_t ctrl,
   if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
     goto leave;
   if (tok && toklen == 3 && memcmp ("rsa", tok, toklen) == 0)
-    rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
+    err = rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
   else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
             && (keyno == 0 || keyno == 2))
            || (tok && toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0))
-    ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
+    err = ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
   else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
             && keyno == 1)
            || (tok && toklen == 4 && memcmp ("ecdh", tok, toklen) == 0))
-    ecdh_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
+    err = ecdh_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
   else
     {
       err = gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);