[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-167-g73ad742

by NIIBE Yutaka cvs at cvs.gnupg.org
Sat Mar 9 01:48:45 CET 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  73ad742deacfe2bf7d6efc7cc30f9ced2d83521a (commit)
      from  010bc7f4f06d8affb98950e1adc76c68bfcc9abb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 73ad742deacfe2bf7d6efc7cc30f9ced2d83521a
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Sat Mar 9 09:36:21 2013 +0900

    scd: support ECDSA signing.
    
    * scd/app-openpgp.c (do_sign): Only prepend message digest block
    for RSA or do_auth.
    (do_auth): Remove message digest block for ECDSA.
    
    --
    
    If we don't need to check the message digest block by SCDaemon, we
    don't requite the message digest block for ECDSA by gpg-agent.

diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 8d507c4..1df35b2 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -3416,14 +3416,23 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
       memcpy (data + sizeof b ## _prefix, indata, indatalen); \
     }
 
-  X(SHA1,   sha1,   1)
-  else X(RMD160, rmd160, 1)
-  else X(SHA224, sha224, app->app_local->extcap.is_v2)
-  else X(SHA256, sha256, app->app_local->extcap.is_v2)
-  else X(SHA384, sha384, app->app_local->extcap.is_v2)
-  else X(SHA512, sha512, app->app_local->extcap.is_v2)
+  if (use_auth
+      || app->app_local->keyattr[use_auth? 2: 0].key_type == KEY_TYPE_RSA)
+    {
+      X(SHA1,   sha1,   1)
+      else X(RMD160, rmd160, 1)
+      else X(SHA224, sha224, app->app_local->extcap.is_v2)
+      else X(SHA256, sha256, app->app_local->extcap.is_v2)
+      else X(SHA384, sha384, app->app_local->extcap.is_v2)
+      else X(SHA512, sha512, app->app_local->extcap.is_v2)
+      else
+        return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+    }
   else
-    return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+    {
+      datalen = indatalen;
+      memcpy (data, indata, indatalen);
+    }
 #undef X
 
   /* Redirect to the AUTH command if asked to. */
@@ -3515,6 +3524,14 @@ do_auth (app_t app, const char *keyidstr,
   if (indatalen > 101) /* For a 2048 bit key. */
     return gpg_error (GPG_ERR_INV_VALUE);
 
+  if (app->app_local->keyattr[2].key_type == KEY_TYPE_ECDSA
+      && (indatalen == 51 || indatalen == 67 || indatalen == 83)
+    {
+      const char *p = (const char *)indata + 19;
+      indata = p;
+      indatalen -= 19;
+    }
+
   /* Check whether an OpenPGP card of any version has been requested. */
   if (!strcmp (keyidstr, "OPENPGP.3"))
     ;

-----------------------------------------------------------------------

Summary of changes:
 scd/app-openpgp.c |   31 ++++++++++++++++++++++++-------
 1 files changed, 24 insertions(+), 7 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list