Patches gpg-agent + scute for ssl/tls auth using opengpg card with 2048 rsa key

Damien Goutte-Gattat dgouttegattat at incenp.org
Sat Sep 13 03:32:45 CEST 2014 

On 09/12/2014 03:50 PM, Werner Koch wrote:
 
> Well, I coded something up but did not test it.  Can you please apply
> the attached patch to Scute and try it?  No need for any GnuPG patches.

I have applied the patch and tried, but it does not work with an
unpatched GnuPG 2.0.26.

Here is a trace of the dialog between Gpg-agent and Scute (chan_8), and
between Gpg-agent and Scdaemon (chan_9):

gpg-agent[1443]: chan_8 <- SIGKEY 379926AD[truncated]
gpg-agent[1443]: chan_8 -> OK
gpg-agent[1443]: chan_8 <- SETHASH --hash=3Dsha256 C318621C[truncated]
gpg-agent[1443]: chan_8 -> OK
gpg-agent[1443]: chan_8 <- PKSIGN
gpg-agent[1443]: chan_9 -> SERIALNO
gpg-agent[1443]: chan_9 <- S SERIALNO D2760001240102000005000019B60000 0
gpg-agent[1443]: chan_9 <- OK
gpg-agent[1443]: chan_9 -> SETDATA 3031300D[truncated]
gpg-agent[1443]: chan_9 <- OK
gpg-agent[1443]: chan_9 -> PKSIGN OPENPGP.3
gpg-agent[1443]: chan_9 <- ERR 100663351 Invalid value <SCD>
gpg-agent[1443] smartcard signing failed: Invalid value
gpg-agent[1443] command pksign failed: Invalid value
gpg-agent[1443]: chan_8 -> ERR 100663351 Invalid value <SCD>

I believe that the second PKISGN command (the one sent by Gpg-agent to
Scdaemon) should be `PKSIGN --sha256 OPENPGP.3', so that the daemon
would know to expect a SHA256 value.

This problem seems to have been fixed already in master branch by the
following commit:

commit 1c09def22d97de3738a2bec4970504bfc155680b
Author: Werner Koch <wk at gnupg.org>

    Fix usage of SHA-2 algorithm with OpenPGP cards.


I have not tested with the master branch, but I backported that commit
to the 2.0.26 release (patch below for anyone interested), and it works.


Damien

-- >8 --
From 431f4a3e4db197a663264d628cd7db4b0352f64c Mon Sep 17 00:00:00 2001
From: Damien Goutte-Gattat <dgouttegattat at incenp.org>
Date: Sun, 7 Sep 2014 13:53:13 +0200
Subject: [PATCH] Fix usage of SHA-2 algorithm with OpenPGP cards.

Backport commit 1c09def22d97de3738a2bec4970504bfc155680b into the
2.0.26 version.

diff --git a/agent/agent.h b/agent/agent.h
index 938a9aa..2c8dc75 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -370,6 +370,7 @@ int agent_card_pksign (ctrl_t ctrl,
                        const char *keyid,
                        int (*getpin_cb)(void *, const char *, char*, size_t),
                        void *getpin_cb_arg,
+                       int mdalgo,
                        const unsigned char *indata, size_t indatalen,
                        unsigned char **r_buf, size_t *r_buflen);
 int agent_card_pkdecrypt (ctrl_t ctrl,
diff --git a/agent/call-scd.c b/agent/call-scd.c
index 9a2e65e..9785696 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -804,13 +804,32 @@ inq_needpin (void *opaque, const char *line)
 }
 
 
+/* Helper returning a command option to describe the used hash
+   algorithm. See scd/command.c:cmd_pksign.  */
+static const char *
+hash_algo_option (int algo)
+{
+  switch (algo)
+    {
+    case GCRY_MD_MD5   : return "--hash=md5";
+    case GCRY_MD_RMD160: return "--hash=rmd160";
+    case GCRY_MD_SHA1  : return "--hash=sha1";
+    case GCRY_MD_SHA224: return "--hash=sha224";
+    case GCRY_MD_SHA256: return "--hash=sha256";
+    case GCRY_MD_SHA384: return "--hash=sha384";
+    case GCRY_MD_SHA512: return "--hash=sha512";
+    default:             return "";
+    }
+}
 
-/* Create a signature using the current card */
+/* Create a signature using the current card.  MDALGO is either 0 or
+   gives the digest algorithm.  */
 int
 agent_card_pksign (ctrl_t ctrl,
                    const char *keyid,
                    int (*getpin_cb)(void *, const char *, char*, size_t),
                    void *getpin_cb_arg,
+                   int mdalgo,
                    const unsigned char *indata, size_t indatalen,
                    unsigned char **r_buf, size_t *r_buflen)
 {
@@ -844,8 +863,11 @@ agent_card_pksign (ctrl_t ctrl,
   inqparm.getpin_cb = getpin_cb;
   inqparm.getpin_cb_arg = getpin_cb_arg;
   inqparm.passthru = 0;
-  snprintf (line, DIM(line)-1, 
-            ctrl->use_auth_call? "PKAUTH %s":"PKSIGN %s", keyid);
+  if (ctrl->use_auth_call)
+    snprintf (line, DIM(line)-1, "PKAUTH %s", keyid);
+  else
+    snprintf (line, DIM(line)-1, "PKSIGN %s %s",
+              hash_algo_option (mdalgo), keyid);
   line[DIM(line)-1] = 0;
   rc = assuan_transact (ctrl->scd_local->ctx, line,
                         membuf_data_cb, &data,
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 1f36f6e..ee5bcc7 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -347,7 +347,7 @@ divert_pksign (ctrl_t ctrl,
       int save = ctrl->use_auth_call;
       ctrl->use_auth_call = 1;
       rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
-                              digest, digestlen, &sigval, &siglen);
+                              algo, digest, digestlen, &sigval, &siglen);
       ctrl->use_auth_call = save;
     }
   else
@@ -359,7 +359,7 @@ divert_pksign (ctrl_t ctrl,
       if (!rc)
         {
           rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
-                                  data, ndata, &sigval, &siglen);
+                                  algo, data, ndata, &sigval, &siglen);
           xfree (data);
         }
     }
-- 
1.8.4

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140913/ad7612ab/attachment.sig>

More information about the Gnupg-devel mailing list