agent: Fix for the prefix 0x40 in the point representation.

* agent/pkdecrypt.c (ECC_CURVE25519_INDEX): New. (ecc_pgp_kem_decap): Handle the prefix 0x40 for Curve25519. -- GnuPG-bug-id: 7676 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-06-11 18:01:03 +02:00 · 2025-06-06 14:13:05 +09:00 · 2025-06-06 14:13:05 +09:00 · fde915af1c
commit fde915af1c
parent 27e6622322
1 changed files with 10 additions and 0 deletions
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@ -43,6 +43,9 @@ struct ecc_params
  int scalar_reverse;
 };

+/* The first entry must be Curve25519, to handle the prefix of 0x40 in
+   OpenPGP. */
+#define ECC_CURVE25519_INDEX 0
 static const struct ecc_params ecc_table[] =
  {
    {
@ -484,6 +487,13 @@ ecc_pgp_kem_decap (ctrl_t ctrl, gcry_sexp_t s_skey0,
    }
  *r_ecc = ecc;

+  if (ecc == &ecc_table[ECC_CURVE25519_INDEX]
+      && ecc_point_len == ecc->point_len + 1 && *ecc_ct == 0x40)
+    {
+      ecc_ct++;
+      ecc_point_len--;
+    }
+
  if (ecc->point_len != ecc_point_len)
    {
      if (opt.verbose)