From 381a76d7aff0f6dcad6ff41700d8d1dc3f683f47 Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Tue, 26 Jan 2021 12:20:19 +0000
Subject: [PATCH] core/libgcrypt to 1.9.0-2

---
 core/libgcrypt/PKGBUILD                       | 17 +++-
 .../libgcrypt-1.9.0-fix-ed25519.patch         | 95 +++++++++++++++++++
 2 files changed, 107 insertions(+), 5 deletions(-)
 create mode 100644 core/libgcrypt/libgcrypt-1.9.0-fix-ed25519.patch

diff --git a/core/libgcrypt/PKGBUILD b/core/libgcrypt/PKGBUILD
index a518434c8..e58c94744 100644
--- a/core/libgcrypt/PKGBUILD
+++ b/core/libgcrypt/PKGBUILD
@@ -5,8 +5,8 @@
 #  - fix screwed up capability detection
 
 pkgname=libgcrypt
-pkgver=1.8.7
-pkgrel=1
+pkgver=1.9.0
+pkgrel=2
 pkgdesc="General purpose cryptographic library based on the code from GnuPG"
 arch=(x86_64)
 url="https://www.gnupg.org"
@@ -14,13 +14,20 @@ license=('LGPL')
 depends=('libgpg-error')
 options=('!emptydirs')
 # https://www.gnupg.org/download/integrity_check.html
-source=(https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.sig})
-sha1sums=('ea79a279b27bf25cb1564f96693128f8fc9f41d6'
-          'SKIP')
+source=(https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.sig}
+        libgcrypt-1.9.0-fix-ed25519.patch)
+sha1sums=('459383a8b6200673cfc31f7b265c4961c0850031'
+          'SKIP'
+          '7721be79a4de70be2def86f3e97416c380acd9cb')
 validpgpkeys=('6DAA6E64A76D2840571B4902528897B826403ADA') # "Werner Koch (dist signing 2020)"
 
 prepare() {
   cd "${pkgname}"-${pkgver}
+
+  # fix gpg-agent crash using Ed25519 keys - FS#69389
+  # https://lists.gnupg.org/pipermail/gcrypt-devel/2021-January/005076.html
+  patch -Np1 -i ../libgcrypt-1.9.0-fix-ed25519.patch
+
   # tests fail due to systemd+libseccomp preventing memory syscalls when building in chroots
   #  t-secmem: line 176: gcry_control (GCRYCTL_INIT_SECMEM, pool_size, 0) failed: General error
   #  FAIL: t-secmem
diff --git a/core/libgcrypt/libgcrypt-1.9.0-fix-ed25519.patch b/core/libgcrypt/libgcrypt-1.9.0-fix-ed25519.patch
new file mode 100644
index 000000000..13ce088c4
--- /dev/null
+++ b/core/libgcrypt/libgcrypt-1.9.0-fix-ed25519.patch
@@ -0,0 +1,95 @@
+diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
+index 26006d6c..900b668a 100644
+--- a/cipher/ecc-curves.c
++++ b/cipher/ecc-curves.c
+@@ -1200,13 +1200,18 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags,
+ 
+           if ((n+7)/8 != len)
+             {
+-              if ((n+7)/8 < len && ec->dialect == ECC_DIALECT_ED25519)
++              if (ec->dialect == ECC_DIALECT_ED25519)
+                 {
+                   /*
+                    * GnuPG (<= 2.2) or OpenPGP implementations with no
+                    * SOS support may remove zeros at the beginning.
+                    * Recover those zeros.
+                    */
++                  /*
++                   * Also, GnuPG (<= 2.2) may add additional zero at
++                   * the beginning, when private key is moved from
++                   * OpenPGP to gpg-agent.  Remove such a zero-prefix.
++                   */
+                   const unsigned char *buf;
+                   unsigned char *value;
+ 
+@@ -1214,13 +1219,26 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags,
+                   if (!buf)
+                     return GPG_ERR_INV_OBJ;
+ 
+-                  value = xtrycalloc_secure (1, len);
++                  value = xtrymalloc_secure (len);
+                   if (!value)
+                     return gpg_err_code_from_syserror ();
+ 
+-                  memset (value, 0, len - (n+7)/8);
+-                  memcpy (value + len - (n+7)/8, buf, (n+7)/8);
+-                  mpi_set_opaque (ec->d, value, len);
++                  if ((n+7)/8 < len)
++                    /* Recover zeros.  */
++                    {
++                      memset (value, 0, len - (n+7)/8);
++                      memcpy (value + len - (n+7)/8, buf, (n+7)/8);
++                    }
++                  else if ((n+7)/8 == len + 1)
++                    /* Remove a zero.  */
++                    memcpy (value, buf+1, len);
++                  else
++                    {
++                      xfree (value);
++                      return GPG_ERR_INV_OBJ;
++                    }
++
++                  mpi_set_opaque (ec->d, value, len*8);
+                 }
+               else
+                 {
+diff --git a/cipher/ecc.c b/cipher/ecc.c
+index b4672d3d..5d8c7607 100644
+--- a/cipher/ecc.c
++++ b/cipher/ecc.c
+@@ -688,6 +688,8 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
+   mpi_ec_t ec = NULL;
+   int flags = 0;
+ 
++  _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_SIGN, 0);
++
+   /*
+    * Extract the key.
+    */
+@@ -700,7 +702,6 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
+       goto leave;
+     }
+ 
+-  _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_SIGN, 0);
+   ctx.flags |= flags;
+   if (ec->model == MPI_EC_EDWARDS && ec->dialect == ECC_DIALECT_SAFECURVE)
+     ctx.flags |= PUBKEY_FLAG_EDDSA;
+@@ -783,6 +784,9 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
+   mpi_ec_t ec = NULL;
+   int flags = 0;
+ 
++  _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_VERIFY,
++                                   ecc_get_nbits (s_keyparms));
++
+   /*
+    * Extract the key.
+    */
+@@ -804,8 +808,6 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
+       goto leave;
+     }
+ 
+-  _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_VERIFY,
+-                                   ecc_get_nbits (s_keyparms));
+   ctx.flags |= flags;
+   if (ec->model == MPI_EC_EDWARDS && ec->dialect == ECC_DIALECT_SAFECURVE)
+     ctx.flags |= PUBKEY_FLAG_EDDSA;