mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-08 22:45:43 +00:00
95 lines
3.4 KiB
Diff
95 lines
3.4 KiB
Diff
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
|
|
index 26006d6c..900b668a 100644
|
|
--- a/cipher/ecc-curves.c
|
|
+++ b/cipher/ecc-curves.c
|
|
@@ -1200,13 +1200,18 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags,
|
|
|
|
if ((n+7)/8 != len)
|
|
{
|
|
- if ((n+7)/8 < len && ec->dialect == ECC_DIALECT_ED25519)
|
|
+ if (ec->dialect == ECC_DIALECT_ED25519)
|
|
{
|
|
/*
|
|
* GnuPG (<= 2.2) or OpenPGP implementations with no
|
|
* SOS support may remove zeros at the beginning.
|
|
* Recover those zeros.
|
|
*/
|
|
+ /*
|
|
+ * Also, GnuPG (<= 2.2) may add additional zero at
|
|
+ * the beginning, when private key is moved from
|
|
+ * OpenPGP to gpg-agent. Remove such a zero-prefix.
|
|
+ */
|
|
const unsigned char *buf;
|
|
unsigned char *value;
|
|
|
|
@@ -1214,13 +1219,26 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags,
|
|
if (!buf)
|
|
return GPG_ERR_INV_OBJ;
|
|
|
|
- value = xtrycalloc_secure (1, len);
|
|
+ value = xtrymalloc_secure (len);
|
|
if (!value)
|
|
return gpg_err_code_from_syserror ();
|
|
|
|
- memset (value, 0, len - (n+7)/8);
|
|
- memcpy (value + len - (n+7)/8, buf, (n+7)/8);
|
|
- mpi_set_opaque (ec->d, value, len);
|
|
+ if ((n+7)/8 < len)
|
|
+ /* Recover zeros. */
|
|
+ {
|
|
+ memset (value, 0, len - (n+7)/8);
|
|
+ memcpy (value + len - (n+7)/8, buf, (n+7)/8);
|
|
+ }
|
|
+ else if ((n+7)/8 == len + 1)
|
|
+ /* Remove a zero. */
|
|
+ memcpy (value, buf+1, len);
|
|
+ else
|
|
+ {
|
|
+ xfree (value);
|
|
+ return GPG_ERR_INV_OBJ;
|
|
+ }
|
|
+
|
|
+ mpi_set_opaque (ec->d, value, len*8);
|
|
}
|
|
else
|
|
{
|
|
diff --git a/cipher/ecc.c b/cipher/ecc.c
|
|
index b4672d3d..5d8c7607 100644
|
|
--- a/cipher/ecc.c
|
|
+++ b/cipher/ecc.c
|
|
@@ -688,6 +688,8 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
|
|
mpi_ec_t ec = NULL;
|
|
int flags = 0;
|
|
|
|
+ _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_SIGN, 0);
|
|
+
|
|
/*
|
|
* Extract the key.
|
|
*/
|
|
@@ -700,7 +702,6 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
|
|
goto leave;
|
|
}
|
|
|
|
- _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_SIGN, 0);
|
|
ctx.flags |= flags;
|
|
if (ec->model == MPI_EC_EDWARDS && ec->dialect == ECC_DIALECT_SAFECURVE)
|
|
ctx.flags |= PUBKEY_FLAG_EDDSA;
|
|
@@ -783,6 +784,9 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
|
|
mpi_ec_t ec = NULL;
|
|
int flags = 0;
|
|
|
|
+ _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_VERIFY,
|
|
+ ecc_get_nbits (s_keyparms));
|
|
+
|
|
/*
|
|
* Extract the key.
|
|
*/
|
|
@@ -804,8 +808,6 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
|
|
goto leave;
|
|
}
|
|
|
|
- _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_VERIFY,
|
|
- ecc_get_nbits (s_keyparms));
|
|
ctx.flags |= flags;
|
|
if (ec->model == MPI_EC_EDWARDS && ec->dialect == ECC_DIALECT_SAFECURVE)
|
|
ctx.flags |= PUBKEY_FLAG_EDDSA;
|