Allow decryption with card keys > 3072 bits

* scd/command.c (MAXLEN_SETDATA): New. (cmd_setdata): Add option --append. * agent/call-scd.c (agent_card_pkdecrypt): Use new option for long data. * scd/app-openpgp.c (struct app_local_s): Add field manufacturer. (app_select_openpgp): Store manufacturer. (do_decipher): Print a note for broken cards. -- Please note that I was not able to run a full test because I only have broken cards (S/N < 346) available.
2025-07-03 22:56:33 +02:00 · 2012-11-06 12:02:25 +01:00 · 2012-11-06 12:02:25 +01:00 · 905b6a36d3
commit 905b6a36d3
parent 8f8c29d24c
3 changed files with 58 additions and 17 deletions
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@ -926,17 +926,22 @@ agent_card_pkdecrypt (ctrl_t ctrl,
    return rc;

  /* FIXME: use secure memory where appropriate */
-  if (indatalen*2 + 50 > DIM(line))
-    return unlock_scd (ctrl, gpg_error (GPG_ERR_GENERAL));

-  sprintf (line, "SETDATA ");
-  p = line + strlen (line);
-  for (i=0; i < indatalen ; i++, p += 2 )
-    sprintf (p, "%02X", indata[i]);
-  rc = assuan_transact (ctrl->scd_local->ctx, line,
-                        NULL, NULL, NULL, NULL, NULL, NULL);
-  if (rc)
-    return unlock_scd (ctrl, rc);
+  for (len = 0; len < indatalen;)
+    {
+      p = stpcpy (line, "SETDATA ");
+      if (len)
+        p = stpcpy (p, "--append ");
+      for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
+        {
+          sprintf (p, "%02X", indata[len]);
+          p += 2;
+        }
+      rc = assuan_transact (ctrl->scd_local->ctx, line,
+                            NULL, NULL, NULL, NULL, NULL, NULL);
+      if (rc)
+        return unlock_scd (ctrl, rc);
+    }

  init_membuf (&data, 1024);
  inqparm.ctx = ctrl->scd_local->ctx;