[Pkg-gnupg-commit] [gnupg2] 76/159: agent: Fix RSA verification for card.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:23:56 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit ff3b607fc879b70665c187500022cc63e2a0cd86
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jan 5 10:15:49 2016 +0900
agent: Fix RSA verification for card.
* agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
of shadowed key.
--
Reported-by: Justus Winter
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
agent/pksign.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/agent/pksign.c b/agent/pksign.c
index 7b498d4..9011be2 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -492,21 +492,20 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
* for RSA internally there is no need to do it here again. */
if (check_signature)
{
+ gcry_sexp_t sexp_key = s_pkey? s_pkey: s_skey;
+
if (s_hash == NULL)
{
if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
rc = do_encode_raw_pkcs1 (data, datalen,
- gcry_pk_get_nbits (s_skey),
- &s_hash);
+ gcry_pk_get_nbits (sexp_key), &s_hash);
else
- rc = do_encode_md (data, datalen,
- ctrl->digest.algo,
- &s_hash,
+ rc = do_encode_md (data, datalen, ctrl->digest.algo, &s_hash,
ctrl->digest.raw_value);
}
if (! rc)
- rc = gcry_pk_verify (s_sig, s_hash, s_pkey? s_pkey: s_skey);
+ rc = gcry_pk_verify (s_sig, s_hash, sexp_key);
if (rc)
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list