[Pkg-gnupg-commit] [gnupg2] 76/159: agent: Fix RSA verification for card.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit ff3b607fc879b70665c187500022cc63e2a0cd86
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Tue Jan 5 10:15:49 2016 +0900

    agent: Fix RSA verification for card.
    
    * agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
    of shadowed key.
    
    --
    
    Reported-by: Justus Winter
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
 agent/pksign.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/agent/pksign.c b/agent/pksign.c
index 7b498d4..9011be2 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -492,21 +492,20 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
    * for RSA internally there is no need to do it here again.  */
   if (check_signature)
     {
+      gcry_sexp_t sexp_key = s_pkey? s_pkey: s_skey;
+
       if (s_hash == NULL)
         {
           if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
             rc = do_encode_raw_pkcs1 (data, datalen,
-                                      gcry_pk_get_nbits (s_skey),
-                                      &s_hash);
+                                      gcry_pk_get_nbits (sexp_key), &s_hash);
           else
-            rc = do_encode_md (data, datalen,
-                               ctrl->digest.algo,
-                               &s_hash,
+            rc = do_encode_md (data, datalen, ctrl->digest.algo, &s_hash,
                                ctrl->digest.raw_value);
         }
 
       if (! rc)
-        rc = gcry_pk_verify (s_sig, s_hash, s_pkey? s_pkey: s_skey);
+        rc = gcry_pk_verify (s_sig, s_hash, sexp_key);
 
       if (rc)
         {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git