diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2022-07-14 07:39:06 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2022-07-14 07:39:06 +0100 |
| commit | 4a30f472147c2d8642bd558b78fcfce7b6a9c6b9 (patch) | |
| tree | ac0800b987f671677c408554735a832a6924b9a6 /app-crypt/gnupg/files | |
| parent | ae5005f56ad29d19861ad8a8acb541cf0e99c8d9 (diff) | |
gentoo auto-resync : 14:07:2022 - 07:39:06
Diffstat (limited to 'app-crypt/gnupg/files')
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch b/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch new file mode 100644 index 000000000000..94062c885b5b --- /dev/null +++ b/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch @@ -0,0 +1,53 @@ +https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f34b9147eb3070bce80d53febaa564164cd6c977 + +From f34b9147eb3070bce80d53febaa564164cd6c977 Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka <gniibe@fsij.org> +Date: Wed, 13 Jul 2022 10:40:55 +0900 +Subject: [PATCH] scd:openpgp: Fix workaround for Yubikey heuristics. + +* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case +of firmware 5.4, too. + +-- + +GnuPG-bug-id: 6070 +Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> +--- a/scd/app-openpgp.c ++++ b/scd/app-openpgp.c +@@ -6259,15 +6259,28 @@ parse_algorithm_attribute (app_t app, int keyno) + app->app_local->keyattr[keyno].ecc.algo = *buffer; + app->app_local->keyattr[keyno].ecc.flags = 0; + +- if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY +- || buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff) +- { /* Found "pubkey required"-byte for private key template. */ +- oidlen--; +- if (buffer[buflen-1] == 0xff) +- app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY; ++ if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY) ++ { ++ /* Yubikey implementations vary. ++ * Firmware version 5.2 returns "pubkey required"-byte with ++ * 0x00, but after removal and second time insertion, it ++ * returns bogus value there. ++ * Firmware version 5.4 returns none. ++ */ ++ curve = ecc_curve (buffer + 1, oidlen); ++ if (!curve) ++ curve = ecc_curve (buffer + 1, oidlen - 1); ++ } ++ else ++ { ++ if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff) ++ { /* Found "pubkey required"-byte for private key template. */ ++ oidlen--; ++ if (buffer[buflen-1] == 0xff) ++ app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY; ++ } ++ curve = ecc_curve (buffer + 1, oidlen); + } +- +- curve = ecc_curve (buffer + 1, oidlen); + + if (!curve) + { |