Invalid keys when switching smartcard from ed25519 to other curves
Trevor Bentley
trevor at yubico.com
Mon Mar 25 15:19:47 CET 2019
Just want to follow up on this again and see if anybody has any
opinions. I have included a small patch to fix it:
-- >8 --
Subject: [PATCH] gpg: Don't use EdDSA algo ID for ECDSA curves.
* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.
---
Fixes a bug that causes a slot to get stuck reporting itself as EdDSA
when the curve has changed to ECDSA. If a smartcard did not override
the algo that gpg sent it, gpg would get confused about an ECDSA curve
with an EdDSA algo ID, and would generate invalid public keys.
---
g10/keygen.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
diff --git a/g10/keygen.c b/g10/keygen.c
index 64fefd231..943b40110 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2507,14 +2507,25 @@ ask_curve (int *algo, int *subkey_algo, const
char *current)
else
{
/* If the user selected a signing algorithm and Curve25519
- we need to set the algo to EdDSA and update the curve name. */
- if ((*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
- && curves[idx].eddsa_curve)
+ we need to set the algo to EdDSA and update the curve name.
+ If switching away from EdDSA, we need to set the algo back
+ to ECDSA. */
+ if (*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
{
- if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
- *subkey_algo = PUBKEY_ALGO_EDDSA;
- *algo = PUBKEY_ALGO_EDDSA;
- result = curves[idx].eddsa_curve;
+ if (curves[idx].eddsa_curve)
+ {
+ if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
+ *subkey_algo = PUBKEY_ALGO_EDDSA;
+ *algo = PUBKEY_ALGO_EDDSA;
+ result = curves[idx].eddsa_curve;
+ }
+ else
+ {
+ if (subkey_algo && *subkey_algo == PUBKEY_ALGO_EDDSA)
+ *subkey_algo = PUBKEY_ALGO_ECDSA;
+ *algo = PUBKEY_ALGO_ECDSA;
+ result = curves[idx].name;
+ }
}
else
result = curves[idx].name;
--
2.20.1
More information about the Gnupg-devel
mailing list