security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-05 12:31:50 +01:00
Code Activity

gpg: Fix SOS handling when exporting SSH key with libgcrypt 1.8.

Browse Source 
* g10/export.c (key_to_sshblob): Fix SOS correctly.

--

GnuPG-bug-id: 5116
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2020-11-09 11:41:03 +09:00
parent ba4f684167
commit bf3a9377d1
1 changed files with 35 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
g10/export.c
View File

@ -2189,20 +2189,45 @@ key_to_sshblob (membuf_t *mb, const char *identifier, ...)
va_start (arg_ptr, identifier); va_start (arg_ptr, identifier);
while ((a = va_arg (arg_ptr, gcry_mpi_t))) while ((a = va_arg (arg_ptr, gcry_mpi_t)))
{ {
err = gcry_mpi_aprint (GCRYMPI_FMT_SSH, &buf, &buflen, a); if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
if (err) {
break; unsigned int nbits;
const unsigned char *p;
p = gcry_mpi_get_opaque (a, &nbits);
buflen = (nbits + 7) / 8;
if (!strcmp (identifier, "ssh-ed25519") if (!strcmp (identifier, "ssh-ed25519")
&& buflen > 5 && buf[4] == 0x40) && buflen > 1 && p[0] == 0x40)
{ {
/* We need to strip our 0x40 prefix. */ /* We need to strip our 0x40 prefix. */
put_membuf (mb, "\x00\x00\x00\x20", 4); put_membuf (mb, "\x00\x00\x00\x20", 4);
put_membuf (mb, buf+5, buflen-5); put_membuf (mb, p+1, buflen-1);
} }
else else
{
unsigned char c;
c = buflen >> 24;
put_membuf (mb, &c, 1);
c = buflen >> 16;
put_membuf (mb, &c, 1);
c = buflen >> 8;
put_membuf (mb, &c, 1);
c = buflen;
put_membuf (mb, &c, 1);
put_membuf (mb, p, buflen);
}
}
else
{
err = gcry_mpi_aprint (GCRYMPI_FMT_SSH, &buf, &buflen, a);
if (err)
break;
put_membuf (mb, buf, buflen); put_membuf (mb, buf, buflen);
gcry_free (buf); gcry_free (buf);
} }
}
va_end (arg_ptr); va_end (arg_ptr);
return err; return err;
} }