gpgsm --gen-key segfault with ECC key on smartcard
Bertrand Jacquin
bertrand at jacquin.bzh
Fri Oct 30 22:22:34 CET 2015
Hi Werner,
On Wed, Oct 28, 2015 at 11:28:34AM +0100, Werner Koch wrote:
> On Mon, 26 Oct 2015 15:34, bertrand at jacquin.bzh said:
> > On 19/08/2015 22:27, Bertrand Jacquin wrote:
>
> >> I'm getting a SEGV running gpgsm --gen-key with GnuPG 2.1.6. The issue
> >> comes from libksba. Here is a backtrace:
>
> Thanks for the data. I can't replicate this right now but the backtrace
> was helpful enough. The attached patch to libksba should fix the segv.
> I look into extending the table of curve names.
Thanks for this. I've just tested that and in fact I'm not getting a
SEGV anymore. Instead, I'm getting the following error:
Proceed with creation? (y/N) y
Now creating self-signed certificate. This may take a while ...
gpgsm: error setting the siginfo: Wrong public key algorithm
gpgsm: error creating certificate request: Wrong public key algorithm
<GpgSM>
Is this expected for EdDSA keys ?
Cheers,
> Shalom-Salam,
>
> Werner
>
> ========
> From 9df0ac3a4afa0272dbff08d17e9064f13be95814 Mon Sep 17 00:00:00 2001
> From: Werner Koch <wk at gnupg.org>
> Date: Wed, 28 Oct 2015 11:18:59 +0100
> Subject: [PATCH] Fix lookup of ECC OIDs by name.
>
> * src/keyinfo.c (get_ecc_curve_oid): Fix obviously never tested table
> lookup.
> --
>
> This led to a crash see
> https://lists.gnupg.org/pipermail/gnupg-devel/2015-October/030445.html
>
> The fix is obvious but I do not have test data for this.
>
> Signed-off-by: Werner Koch <wk at gnupg.org>
> ---
> src/keyinfo.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/keyinfo.c b/src/keyinfo.c
> index 02dc7ae..3ea0cfa 100644
> --- a/src/keyinfo.c
> +++ b/src/keyinfo.c
> @@ -322,10 +322,10 @@ get_ecc_curve_oid (const unsigned char *buf, size_t buflen, size_t *r_oidlen)
> if (buflen == strlen (curve_names[i].name)
> && !memcmp (buf, curve_names[i].name, buflen))
> break;
> - if (curve_names[i].oid)
> + if (!curve_names[i].oid)
> return NULL; /* Not found. */
> - buf = curve_names[i].name;
> - buflen = strlen (curve_names[i].name);
> + buf = curve_names[i].oid;
> + buflen = strlen (curve_names[i].oid);
> }
>
> if (_ksba_oid_from_buf (buf, buflen, &der_oid, r_oidlen))
> --
> 2.1.4
>
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
--
Bertrand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: Digital signature
URL: </pipermail/attachments/20151030/9556d136/attachment-0001.sig>
More information about the Gnupg-devel
mailing list