scd: support ECDSA signing.

* scd/app-openpgp.c (do_sign): Only prepend message digest block for RSA or do_auth. (do_auth): Remove message digest block for ECDSA. -- If we don't need to check the message digest block by SCDaemon, we don't requite the message digest block for ECDSA by gpg-agent.
author: NIIBE Yutaka <[email protected]> 2013-03-09 00:36:21 +0000
committer: NIIBE Yutaka <[email protected]> 2013-03-09 00:36:21 +0000
commit: 73ad742deacfe2bf7d6efc7cc30f9ced2d83521a (patch)
tree: b75e5f4588fcf4191a2ce1c4d89446542ce5f9ac
parent: scd: support ECDSA public key. (diff)
download: gnupg-73ad742deacfe2bf7d6efc7cc30f9ced2d83521a.tar.gz
gnupg-73ad742deacfe2bf7d6efc7cc30f9ced2d83521a.zip
1 files changed, 24 insertions, 7 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 8d507c4ed..1df35b275 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -3416,14 +3416,23 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
       memcpy (data + sizeof b ## _prefix, indata, indatalen); \
     }
 
-  X(SHA1,   sha1,   1)
-  else X(RMD160, rmd160, 1)
-  else X(SHA224, sha224, app->app_local->extcap.is_v2)
-  else X(SHA256, sha256, app->app_local->extcap.is_v2)
-  else X(SHA384, sha384, app->app_local->extcap.is_v2)
-  else X(SHA512, sha512, app->app_local->extcap.is_v2)
+  if (use_auth
+      || app->app_local->keyattr[use_auth? 2: 0].key_type == KEY_TYPE_RSA)
+    {
+      X(SHA1,   sha1,   1)
+      else X(RMD160, rmd160, 1)
+      else X(SHA224, sha224, app->app_local->extcap.is_v2)
+      else X(SHA256, sha256, app->app_local->extcap.is_v2)
+      else X(SHA384, sha384, app->app_local->extcap.is_v2)
+      else X(SHA512, sha512, app->app_local->extcap.is_v2)
+      else
+        return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+    }
   else
-    return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+    {
+      datalen = indatalen;
+      memcpy (data, indata, indatalen);
+    }
 #undef X
 
   /* Redirect to the AUTH command if asked to. */
@@ -3515,6 +3524,14 @@ do_auth (app_t app, const char *keyidstr,
   if (indatalen > 101) /* For a 2048 bit key. */
     return gpg_error (GPG_ERR_INV_VALUE);
 
+  if (app->app_local->keyattr[2].key_type == KEY_TYPE_ECDSA
+      && (indatalen == 51 || indatalen == 67 || indatalen == 83)
+    {
+      const char *p = (const char *)indata + 19;
+      indata = p;
+      indatalen -= 19;
+    }
+
   /* Check whether an OpenPGP card of any version has been requested. */
   if (!strcmp (keyidstr, "OPENPGP.3"))
     ;
author	NIIBE Yutaka <[email protected]>	2013-03-09 00:36:21 +0000
committer	NIIBE Yutaka <[email protected]>	2013-03-09 00:36:21 +0000
commit	73ad742deacfe2bf7d6efc7cc30f9ced2d83521a (patch)
tree	b75e5f4588fcf4191a2ce1c4d89446542ce5f9ac
parent	scd: support ECDSA public key. (diff)
download	gnupg-73ad742deacfe2bf7d6efc7cc30f9ced2d83521a.tar.gz gnupg-73ad742deacfe2bf7d6efc7cc30f9ced2d83521a.zip