* keygen.c (gen_card_key): Add optional argument to return a pointer

(not a copy) of the stub secret key for the secret key we just generated on the card. (generate_card_subkeypair): Use it here so that the signing key on the card can use the card to generate the 0x19 backsig on the primary key. Noted by Janko Heilgeist and Jonas Oberg.
author: David Shaw <[email protected]> 2006-06-10 04:11:05 +0000
committer: David Shaw <[email protected]> 2006-06-10 04:11:05 +0000
commit: 7211ee589a517e33ba5b4c171f65759a00d3ab60 (patch)
tree: 70e0e1a5d3b8371b2350a46bf0f7979e9cddeea9
parent: * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes. (diff)
download: gnupg-7211ee589a517e33ba5b4c171f65759a00d3ab60.tar.gz
gnupg-7211ee589a517e33ba5b4c171f65759a00d3ab60.zip
2 files changed, 20 insertions, 8 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index a8dc0f013..58d65d31f 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,5 +1,12 @@
 2006-06-09  David Shaw  <[email protected]>
 
+	* keygen.c (gen_card_key): Add optional argument to return a
+	pointer (not a copy) of the stub secret key for the secret key we
+	just generated on the card.
+	(generate_card_subkeypair): Use it here so that the signing key on
+	the card can use the card to generate the 0x19 backsig on the
+	primary key.  Noted by Janko Heilgeist and Jonas Oberg.
+
 	* parse-packet.c (parse_user_id): Cap the user ID size at 2048
 	bytes.  This prevents a memory allocation attack with a very large
 	user ID.  A very large packet length could even cause the
diff --git a/g10/keygen.c b/g10/keygen.c
index 6e06c7280..d24085661 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -122,6 +122,7 @@ static void do_generate_keypair( struct para_data_s *para,
 static int  write_keyblock( IOBUF out, KBNODE node );
 static int gen_card_key (int algo, int keyno, int is_primary,
                          KBNODE pub_root, KBNODE sec_root,
+			 PKT_secret_key **ret_sk,
                          u32 expireval, struct para_data_s *para);
 static int gen_card_key_with_backup (int algo, int keyno, int is_primary,
                                      KBNODE pub_root, KBNODE sec_root,
@@ -937,7 +938,6 @@ write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
     return rc;
 }
 
-/* sub_sk is currently unused (reserved for backsigs) */
 static int
 write_keybinding( KBNODE root, KBNODE pub_root,
 		  PKT_secret_key *pri_sk, PKT_secret_key *sub_sk,
@@ -2908,7 +2908,7 @@ do_generate_keypair( struct para_data_s *para,
       }
     else
       {
-        rc = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, sec_root,
+        rc = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, sec_root, NULL,
                            get_parameter_u32 (para, pKEYEXPIRE), para);
         if (!rc)
           {
@@ -2944,7 +2944,7 @@ do_generate_keypair( struct para_data_s *para,
 
     if (!rc && card && get_parameter (para, pAUTHKEYTYPE))
       {
-        rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root,
+        rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root, NULL,
                            get_parameter_u32 (para, pKEYEXPIRE), para);
         
         if (!rc)
@@ -2980,6 +2980,7 @@ do_generate_keypair( struct para_data_s *para,
               }
             else
               rc = gen_card_key (PUBKEY_ALGO_RSA, 2, 0, pub_root, sec_root,
+				 NULL,
                                  get_parameter_u32 (para, pKEYEXPIRE), para);
           }
 
@@ -3238,7 +3239,7 @@ generate_card_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock,
 {
   int okay=0, rc=0;
   KBNODE node;
-  PKT_secret_key *pri_sk = NULL;
+  PKT_secret_key *pri_sk = NULL, *sub_sk;
   int algo;
   unsigned int use;
   u32 expire;
@@ -3318,11 +3319,12 @@ generate_card_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock,
 
   if (passphrase)
     set_next_passphrase (passphrase);
-  rc = gen_card_key (algo, keyno, 0, pub_keyblock, sec_keyblock, expire, para);
+  rc = gen_card_key (algo, keyno, 0, pub_keyblock, sec_keyblock,
+		     &sub_sk, expire, para);
   if (!rc)
-    rc = write_keybinding (pub_keyblock, pub_keyblock, pri_sk, NULL, use);
+    rc = write_keybinding (pub_keyblock, pub_keyblock, pri_sk, sub_sk, use);
   if (!rc)
-    rc = write_keybinding (sec_keyblock, pub_keyblock, pri_sk, NULL, use);
+    rc = write_keybinding (sec_keyblock, pub_keyblock, pri_sk, sub_sk, use);
   if (!rc)
     {
       okay = 1;
@@ -3369,7 +3371,7 @@ write_keyblock( IOBUF out, KBNODE node )
 
 static int
 gen_card_key (int algo, int keyno, int is_primary,
-              KBNODE pub_root, KBNODE sec_root,
+              KBNODE pub_root, KBNODE sec_root, PKT_secret_key **ret_sk,
               u32 expireval, struct para_data_s *para)
 {
 #ifdef ENABLE_CARD_SUPPORT
@@ -3430,6 +3432,9 @@ gen_card_key (int algo, int keyno, int is_primary,
         sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s);
     }
 
+  if( ret_sk )
+    *ret_sk = sk;
+
   pkt = xcalloc (1,sizeof *pkt);
   pkt->pkttype = is_primary ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
   pkt->pkt.public_key = pk;
author	David Shaw <[email protected]>	2006-06-10 04:11:05 +0000
committer	David Shaw <[email protected]>	2006-06-10 04:11:05 +0000
commit	7211ee589a517e33ba5b4c171f65759a00d3ab60 (patch)
tree	70e0e1a5d3b8371b2350a46bf0f7979e9cddeea9
parent	* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes. (diff)
download	gnupg-7211ee589a517e33ba5b4c171f65759a00d3ab60.tar.gz gnupg-7211ee589a517e33ba5b4c171f65759a00d3ab60.zip