1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

agent: Skip unknown unknown ssh curves seen on cards.

* agent/command-ssh.c (ssh_handler_request_identities): Skip unknown
curves.
--

For example when using my standard ed25519 token and testing cards
with only Brainpool support, the ssh-agent failed due to the unknown
curves seen on the card.  This patches fixes this by ignoring keys
with unknown curves.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 2d2391dfc25cfe160581b1bb4b4b8fc4764ac304)
This commit is contained in:
Werner Koch 2021-03-29 15:39:32 +02:00
parent a456303ae3
commit bbf4bd3bfc
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -2608,19 +2608,29 @@ ssh_handler_request_identities (ctrl_t ctrl,
continue;
err = ssh_send_key_public (key_blobs, key_public, cardsn);
if (err && opt.verbose)
gcry_log_debugsxp ("pubkey", key_public);
gcry_sexp_release (key_public);
key_public = NULL;
xfree (cardsn);
if (err)
{
xfree (serialno);
free_strlist (card_list);
goto out;
if (opt.verbose)
gcry_log_debugsxp ("pubkey", key_public);
if (gpg_err_code (err) == GPG_ERR_UNKNOWN_CURVE
|| gpg_err_code (err) == GPG_ERR_INV_CURVE)
{
/* For example a Brainpool curve or a curve we don't
* support at all but a smartcard lists that curve.
* We ignore them. */
}
else
{
xfree (serialno);
free_strlist (card_list);
goto out;
}
}
key_counter++;
else
key_counter++;
}
xfree (serialno);