From f0f8b124f0d2332e1c0b496df5e5f9c4b3db6bc3 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 13 Aug 2020 11:19:22 +0200
Subject: [PATCH] gpg: Ignore personal_digest_prefs for ECDSA keys.

* g10/sign.c (hash_for): Simplify hash algo selection for ECDSA.
--

GnuPG-bug-id: 5021
Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/sign.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/g10/sign.c b/g10/sign.c
index a71ceda21..4793dd137 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -534,7 +534,7 @@ openpgp_card_v1_p (PKT_public_key *pk)
 }
 
 
-
+/* Get a matching hash algorithm for DSA and ECDSA.  */
 static int
 match_dsa_hash (unsigned int qbytes)
 {
@@ -609,9 +609,13 @@ hash_for (PKT_public_key *pk)
 	 160-bit hash unless --enable-dsa2 is set, in which case act
 	 like a new DSA key that just happens to have a 160-bit q
 	 (i.e. allow truncation).  If q is not 160, by definition it
-	 must be a new DSA key. */
+	 must be a new DSA key.  We ignore the personal_digest_prefs
+	 for ECDSA because they should always macth the curve and
+	 truncated hashes are not useful either.  Even worse,
+	 smartcards may reject non matching hash lengths for curves
+	 (e.g. using SHA-512 with brainpooolP385r1 on a Yubikey).  */
 
-      if (opt.personal_digest_prefs)
+      if (pk->pubkey_algo == PUBKEY_ALGO_DSA && opt.personal_digest_prefs)
 	{
 	  prefitem_t *prefs;