From a12c3a566e2e4b10bc02976a2819070877ee895c Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 22 Feb 2019 14:09:02 +0100 Subject: [PATCH] agent: Fix for suggested Libgcrypt use. * agent/divert-scd.c (divert_pkdecrypt): Skip a flags parameter. -- The libgcrypt docs say that a "flags" parameter should always be used in the input of pkdecrypt. Thus we should allow that parameter also when parsing an s-expression to figure out the algorithm for use with scdaemon. Signed-off-by: Werner Koch --- agent/divert-scd.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/agent/divert-scd.c b/agent/divert-scd.c index b9781547d..02fe5295a 100644 --- a/agent/divert-scd.c +++ b/agent/divert-scd.c @@ -498,6 +498,7 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text, char *kid; const unsigned char *s; size_t n; + int depth; const unsigned char *ciphertext; size_t ciphertextlen; char *plaintext; @@ -506,7 +507,6 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text, (void)desc_text; *r_padding = -1; - s = cipher; if (*s != '(') return gpg_error (GPG_ERR_INV_SEXP); @@ -522,6 +522,21 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text, n = snext (&s); if (!n) return gpg_error (GPG_ERR_INV_SEXP); + + /* First check whether we have a flags parameter and skip it. */ + if (smatch (&s, n, "flags")) + { + depth = 1; + if (sskip (&s, &depth) || depth) + return gpg_error (GPG_ERR_INV_SEXP); + if (*s != '(') + return gpg_error (GPG_ERR_INV_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + } + if (smatch (&s, n, "rsa")) { if (*s != '(')