[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.4-24-g8071961

by Werner Koch cvs at cvs.gnupg.org
Wed Feb 14 15:01:10 CET 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-2 has been updated
       via  80719612b7e92aff5887f2a68d550a24f350722c (commit)
       via  29aac7798085ee38da5107698618890ae7593c96 (commit)
      from  f19ff78f0fbfc2793d8a9ab0173486bf712871ac (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 80719612b7e92aff5887f2a68d550a24f350722c
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Feb 14 14:54:51 2018 +0100

    sm: Fix minor memory leak in --export-p12.
    
    * sm/export.c (gpgsm_p12_export): Free KEYGRIP.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/sm/export.c b/sm/export.c
index a8c9a4a..7bea9cc 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -479,6 +479,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
  leave:
   gnupg_ksba_destroy_writer (b64writer);
   ksba_cert_release (cert);
+  xfree (keygrip);
   xfree (desc);
   keydb_release (hd);
 }

commit 29aac7798085ee38da5107698618890ae7593c96
Author: Katsuhiro Ueno <uenobk at gmail.com>
Date:   Wed Feb 7 18:46:54 2018 +0900

    sm: Fix a wrong key parameter in an exported private key file
    
    * sm/export.c (sexp_to_kparms): Fix the computation of array[6],
    which must be 'd mod (q-1)' but was 'p mod (q-1)'.
    --
    
    This bug is not serious but makes some consistency checks fail.
    For example, 'openssl rsa -check' reports the following error:
    
    $ gpgsm --out my.key --export-secret-key-raw 0xXXXXXXXX
    $ openssl rsa -check -noout -inform DER -in my.key
    RSA key error: dmq1 not congruent to d
    
    --
    Let me(wk) add this:
    
    This bug was introduced with
    Fixes-commit: 91056b1976bfb7b755e53b1302f4ede2b5cbc05d
    right at the start of GnuPG 2.1 in July 2010.  Before that (in 2.0) we
    used gpg-protect-tool which got it right.  We probably never noticed
    this because gpgsm, and maybe other tools too, fix things up during
    import.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/sm/export.c b/sm/export.c
index 29a5ac3..a8c9a4a 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -603,7 +603,7 @@ sexp_to_kparms (gcry_sexp_t sexp)
 
   array[6] = gcry_mpi_snew (0);  /* compute d mod (p-1) */
   gcry_mpi_sub_ui (array[6], array[4], 1);
-  gcry_mpi_mod (array[6], array[3], array[6]);
+  gcry_mpi_mod (array[6], array[2], array[6]);
 
   return array;
 }

-----------------------------------------------------------------------

Summary of changes:
 sm/export.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list