mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-18 14:17:03 +01:00
scd: Fix for NIST P-256.
* g10/card-util.c (card_store_subkey): Error check. * scd/app-opengpg.c (ecc_writekey): Support NIST P-256. (do_writekey): Error check.
This commit is contained in:
parent
63e7891f0f
commit
8720125f5a
@ -1619,7 +1619,7 @@ card_store_subkey (KBNODE node, int use)
|
|||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
epoch2isotime (timebuf, (time_t)pk->timestamp);
|
epoch2isotime (timebuf, (time_t)pk->timestamp);
|
||||||
agent_keytocard (hexgrip, keyno, rc, info.serialno, timebuf);
|
rc = agent_keytocard (hexgrip, keyno, rc, info.serialno, timebuf);
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error (_("KEYTOCARD failed: %s\n"), gpg_strerror (rc));
|
log_error (_("KEYTOCARD failed: %s\n"), gpg_strerror (rc));
|
||||||
|
@ -3258,8 +3258,8 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
u32 created_at = 0;
|
u32 created_at = 0;
|
||||||
int curve = CURVE_UNKNOWN;
|
int curve = CURVE_UNKNOWN;
|
||||||
|
|
||||||
/* (private-key(ecdsa(curve%s)(q%m)(d%m))(created-at%d)):
|
/* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)):
|
||||||
curve = "1.2.840.10045.3.1.7" */
|
curve = "NIST P-256" */
|
||||||
/* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)):
|
/* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)):
|
||||||
curve = "secp256k1" */
|
curve = "secp256k1" */
|
||||||
/* (private-key(ecc(curve%s)(flags eddsa)(q%m)(d%m))(created-at%d)):
|
/* (private-key(ecc(curve%s)(flags eddsa)(q%m)(d%m))(created-at%d)):
|
||||||
@ -3281,12 +3281,18 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
if (tok && toklen == 19 && !memcmp (tok, "1.2.840.10045.3.1.7", 19))
|
if (tok && toklen == 10 && !memcmp (tok, "NIST P-256", 10))
|
||||||
curve = CURVE_NIST_P256;
|
curve = CURVE_NIST_P256;
|
||||||
else if (tok && toklen == 9 && !memcmp (tok, "secp256k1", 9))
|
else if (tok && toklen == 9 && !memcmp (tok, "secp256k1", 9))
|
||||||
curve = CURVE_SEC_P256K1;
|
curve = CURVE_SEC_P256K1;
|
||||||
else if (tok && toklen == 7 && !memcmp (tok, "Ed25519", 7))
|
else if (tok && toklen == 7 && !memcmp (tok, "Ed25519", 7))
|
||||||
curve = CURVE_ED25519;
|
curve = CURVE_ED25519;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
log_error (_("unsupported curve\n"));
|
||||||
|
err = gpg_error (GPG_ERR_INV_VALUE);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (tok && toklen == 1)
|
else if (tok && toklen == 1)
|
||||||
{
|
{
|
||||||
@ -3491,15 +3497,15 @@ do_writekey (app_t app, ctrl_t ctrl,
|
|||||||
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
||||||
goto leave;
|
goto leave;
|
||||||
if (tok && toklen == 3 && memcmp ("rsa", tok, toklen) == 0)
|
if (tok && toklen == 3 && memcmp ("rsa", tok, toklen) == 0)
|
||||||
rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
err = rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
||||||
else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
|
else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
|
||||||
&& (keyno == 0 || keyno == 2))
|
&& (keyno == 0 || keyno == 2))
|
||||||
|| (tok && toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0))
|
|| (tok && toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0))
|
||||||
ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
err = ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
||||||
else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
|
else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0
|
||||||
&& keyno == 1)
|
&& keyno == 1)
|
||||||
|| (tok && toklen == 4 && memcmp ("ecdh", tok, toklen) == 0))
|
|| (tok && toklen == 4 && memcmp ("ecdh", tok, toklen) == 0))
|
||||||
ecdh_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
err = ecdh_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
err = gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
err = gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user