mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
scd:openpgp: Fix workaround for Yubikey heuristics.
* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case of firmware 5.4, too. -- Cherry-picked master commit of: f34b9147eb3070bce80d53febaa564164cd6c977 GnuPG-bug-id: 6070 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
225c66f13b
commit
8c9f879d4a
@ -5252,15 +5252,28 @@ parse_algorithm_attribute (app_t app, int keyno)
|
||||
|
||||
app->app_local->keyattr[keyno].ecc.flags = 0;
|
||||
|
||||
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY
|
||||
|| buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
|
||||
{ /* Found "pubkey required"-byte for private key template. */
|
||||
oidlen--;
|
||||
if (buffer[buflen-1] == 0xff)
|
||||
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
|
||||
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY)
|
||||
{
|
||||
/* Yubikey implementations vary.
|
||||
* Firmware version 5.2 returns "pubkey required"-byte with
|
||||
* 0x00, but after removal and second time insertion, it
|
||||
* returns bogus value there.
|
||||
* Firmware version 5.4 returns none.
|
||||
*/
|
||||
curve = ecc_curve (buffer + 1, oidlen);
|
||||
if (!curve)
|
||||
curve = ecc_curve (buffer + 1, oidlen - 1);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
|
||||
{ /* Found "pubkey required"-byte for private key template. */
|
||||
oidlen--;
|
||||
if (buffer[buflen-1] == 0xff)
|
||||
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
|
||||
}
|
||||
curve = ecc_curve (buffer + 1, oidlen);
|
||||
}
|
||||
|
||||
curve = ecc_curve (buffer + 1, oidlen);
|
||||
|
||||
if (!curve)
|
||||
{
|
||||
|
Loading…
x
Reference in New Issue
Block a user