gpg: Print a warning when importing a bad cv25519 secret key.

* g10/import.c (transfer_secret_keys): Add simple check.
--

Note that the requirement for a set high bit is not yet checked.
GnuPG-bug-id: 5464
This commit is contained in:
Werner Koch 2021-09-14 13:00:40 +02:00
parent 18e94c7229
commit dbfb7f809b
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 17 additions and 1 deletions

View File

@ -2566,7 +2566,6 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
gcry_sexp_release (curve);
err = gcry_sexp_build (&curve, NULL, "(curve %s)",
curvename?curvename:curvestr);
xfree (curvestr);
if (!err)
{
j = 0;
@ -2583,7 +2582,24 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
else
put_membuf_str (&mbuf, " _ %m");
format_args[j++] = pk->pkey + i;
/* Simple hack to print a warning for an invalid key
* in case of cv25519. We have only opaque MPIs here. */
if (pk->pubkey_algo == PUBKEY_ALGO_ECDH
&& !strcmp (curvestr, "1.3.6.1.4.1.3029.1.5.1")
&& gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_OPAQUE))
{
const unsigned char *pp;
unsigned int nn;
pp = gcry_mpi_get_opaque (pk->pkey[i], &nn);
nn = (nn+7)/8;
if (pp && nn && (pp[nn-1] & 7))
log_info ("warning: lower 3 bits of the secret key"
" are not cleared\n");
}
}
xfree (curvestr);
}
}
else