1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

scd:openpgp: Fix workaround for Yubikey heuristics.

* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case
of firmware 5.4, too.

--

Cherry-picked master commit of:
	f34b9147eb3070bce80d53febaa564164cd6c977

GnuPG-bug-id: 6070
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-07-13 10:40:55 +09:00
parent 225c66f13b
commit 8c9f879d4a

View File

@ -5252,15 +5252,28 @@ parse_algorithm_attribute (app_t app, int keyno)
app->app_local->keyattr[keyno].ecc.flags = 0;
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY
|| buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
{ /* Found "pubkey required"-byte for private key template. */
oidlen--;
if (buffer[buflen-1] == 0xff)
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY)
{
/* Yubikey implementations vary.
* Firmware version 5.2 returns "pubkey required"-byte with
* 0x00, but after removal and second time insertion, it
* returns bogus value there.
* Firmware version 5.4 returns none.
*/
curve = ecc_curve (buffer + 1, oidlen);
if (!curve)
curve = ecc_curve (buffer + 1, oidlen - 1);
}
else
{
if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
{ /* Found "pubkey required"-byte for private key template. */
oidlen--;
if (buffer[buflen-1] == 0xff)
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
}
curve = ecc_curve (buffer + 1, oidlen);
}
curve = ecc_curve (buffer + 1, oidlen);
if (!curve)
{