* agent/cvt-openpgp.c (scan_pgp_format): New.
(do_unprotect): Fix NBITS in SOS. Use scan_pgp_format.
(convert_from_openpgp_main): Always use opaque MPI.
Use GCRYMPI_FLAG_USER1 for encrypted data.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/build-packet.c (sos_write): Add an argument COMPAT. When
COMPAT=1, NBITS specifies number of bits when interpreted as MPI,
except the case when the first octet is zero.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
For SOS, an ECC point with prefix 0x40 can be represented in two ways.
One for 0x40 interpreted as 7-bit, another as 8-bit (MSB is zero).
This matters for fingerprint computation, so, the representation
should be preserved, or we should use another flag to hold the
difference in the representation...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* sm/minip12.c [TEST]: Remove test code. Include util.h, tlv.h. and
openpgpdefs.h. Remove the class and tag constants and replace them by
those from tlv.h.
(builder_add_oid, builder_add_mpi): New.
(build_key_sequence): Rename to ...
(build_rsa_key_sequence): this.
(build_ecc_key_sequence): New.
(p12_build): Call RSA or ECC builder.
(p12_raw_build): Ditto.
* sm/export.c (gpgsm_p12_export): Use correct armor header for ECC.
(sexp_to_kparms): Support ECC.
* sm/t-minip12.c: New to replace the former TEST code in minip12.h.
--
GnuPG-bug-id: 4921
* common/tlv-builder.c: New.
* common/tlv.c: Remove stuff only used by GnuPG 1.
(put_tlv_to_membuf, get_tlv_length): Move to ...
* common/tlv-builder.c: here.
* common/tlv.h (tlv_builder_t): New.
--
Such code should actually go into libksba and we will eventually do
that. However, for now it is easier to keep it here.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/decrypt.c: Include tlv.h.
(string_from_gcry_buffer): New.
(hash_ecc_cms_shared_info): New.
(ecdh_decrypt): New.
(prepare_decryption): Support ECDH. Add arg pk_algo.
(gpgsm_decrypt): Lift some variables from an inner code block.
--
Note: This has only been tested with a single messages created by
OpenSSL and taken from the Mozilla bug tracker. In particular the
code to included UserKeyingMaterial (ukm) has not been tested.
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-nks.c: Major rework to support non-RSA cards.
--
This is a fist step so support this ECC card. The code has been
reworked while taking care that old cards should keep on working.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app.c (send_card_and_app_list): Detect no app case.
--
This is a minor nug fix to return a better error message.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/certchain.c (find_up): Disable external lookups in offline mode.
Always allow AKI lookup if CRLs are also enabled.
--
GnuPG-bug-id: 4898
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/call-dirmngr.c (gpgsm_dirmngr_lookup): Add optional arg URL and
adjust all callers.
* sm/certchain.c (oidstr_caIssuers): New.
(struct find_up_store_certs_s): Add additional fields.
(find_up_store_certs_cb): Store the fingerprint.
(find_up_via_auth_info_access): New.
(find_up): Try the AIA URI first.
--
Note that --auto-issuer-key-retrieve is required to use that.
GnuPG-bug-id: 4898
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/decrypt-data.c (decrypt_data): Move aead algo detection up.
--
Note that the AEAD modes are not yet approved for --compliance=de-vs
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/main.h (DEFAULT_AEAD_ALGO): Set to OCB.
--
With the old code and using libgcrypt 1.9 would have switched from the
high performance OCB to the ugly EAX mode. We are free software, we
are OCB.
* dirmngr/validate.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(check_cert_sig): Support rsaPSS.
* sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on
error.
--
Yes, I know that there is a lot of code duplication. In fact some of
the code is ugly and it would be better if we enhance Libgcrypt to
guarantee that returned memory buffers via gcry_sexp_extract_param are
allways Nul terminated and we should also enhance that function to
directly extract into an unsigned int or char *.
GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sexputil.c (hash_algo_to_string): New.
--
Libgcrypt expects lowercase names and it is cumbersome to downcase
those retrieved via gcry_md_algo_name. It is easier and also faster
to use a dedicated map function.
* scd/app-p15.c (make_pin_prompt): Factor some code out to ...
(get_dispserialno): this.
(do_getattr): Use new fucntion for a $DISPSERIALNO.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/pubkey-enc.c (get_it): Remove check which mandates shorter
padding.
--
According to the section 8 of RFC 6637, the sender MAY use 21 bytes of
padding for AES-128 to provide 40-byte "m".
Reported-by: Metin Savignano
GnuPG-bug-id: 4908
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-p15.c (struct prkdf_object_s): New fields common_name and
serial_number.
(release_prkdflist): Free them.
(keygrip_from_prkdf): Parse cert and set them.
(any_control_or_space): New.
(make_pin_prompt): New.
(verify_pin): Construct a pretty PIN prompt.
(do_sign): Remove debug output.
--
The D-Trust card has the SerialNumber part of the Subject printed on
the front matter, we assume this is also possible with other cards and
thus we show this as serial number.
The holder of the card is also extracted from the card's subject.
Signed-off-by: Werner Koch <wk@gnupg.org>
