mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
scd:openpgp: Fix workaround for Yubikey heuristics.
* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case of firmware 5.4, too. -- Cherry-picked master commit of: f34b9147eb3070bce80d53febaa564164cd6c977 GnuPG-bug-id: 6070 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
225c66f13b
commit
8c9f879d4a
@ -5252,15 +5252,28 @@ parse_algorithm_attribute (app_t app, int keyno)
|
|||||||
|
|
||||||
app->app_local->keyattr[keyno].ecc.flags = 0;
|
app->app_local->keyattr[keyno].ecc.flags = 0;
|
||||||
|
|
||||||
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY
|
if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY)
|
||||||
|| buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
|
{
|
||||||
|
/* Yubikey implementations vary.
|
||||||
|
* Firmware version 5.2 returns "pubkey required"-byte with
|
||||||
|
* 0x00, but after removal and second time insertion, it
|
||||||
|
* returns bogus value there.
|
||||||
|
* Firmware version 5.4 returns none.
|
||||||
|
*/
|
||||||
|
curve = ecc_curve (buffer + 1, oidlen);
|
||||||
|
if (!curve)
|
||||||
|
curve = ecc_curve (buffer + 1, oidlen - 1);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
|
||||||
{ /* Found "pubkey required"-byte for private key template. */
|
{ /* Found "pubkey required"-byte for private key template. */
|
||||||
oidlen--;
|
oidlen--;
|
||||||
if (buffer[buflen-1] == 0xff)
|
if (buffer[buflen-1] == 0xff)
|
||||||
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
|
app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
|
||||||
}
|
}
|
||||||
|
|
||||||
curve = ecc_curve (buffer + 1, oidlen);
|
curve = ecc_curve (buffer + 1, oidlen);
|
||||||
|
}
|
||||||
|
|
||||||
if (!curve)
|
if (!curve)
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user