[git] GnuPG - branch, master, updated. gnupg-2.1.10-76-gff3b607

by NIIBE Yutaka cvs at cvs.gnupg.org
Tue Jan 5 02:21:38 CET 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  ff3b607fc879b70665c187500022cc63e2a0cd86 (commit)
      from  575c15a090913d86cf8d75b2bc4471e371f234b9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ff3b607fc879b70665c187500022cc63e2a0cd86
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Tue Jan 5 10:15:49 2016 +0900

    agent: Fix RSA verification for card.
    
    * agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
    of shadowed key.
    
    --
    
    Reported-by: Justus Winter
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/agent/pksign.c b/agent/pksign.c
index 7b498d4..9011be2 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -492,21 +492,20 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
    * for RSA internally there is no need to do it here again.  */
   if (check_signature)
     {
+      gcry_sexp_t sexp_key = s_pkey? s_pkey: s_skey;
+
       if (s_hash == NULL)
         {
           if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
             rc = do_encode_raw_pkcs1 (data, datalen,
-                                      gcry_pk_get_nbits (s_skey),
-                                      &s_hash);
+                                      gcry_pk_get_nbits (sexp_key), &s_hash);
           else
-            rc = do_encode_md (data, datalen,
-                               ctrl->digest.algo,
-                               &s_hash,
+            rc = do_encode_md (data, datalen, ctrl->digest.algo, &s_hash,
                                ctrl->digest.raw_value);
         }
 
       if (! rc)
-        rc = gcry_pk_verify (s_sig, s_hash, s_pkey? s_pkey: s_skey);
+        rc = gcry_pk_verify (s_sig, s_hash, sexp_key);
 
       if (rc)
         {

-----------------------------------------------------------------------

Summary of changes:
 agent/pksign.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list