agent: Skip unknown unknown ssh curves seen on cards.

* agent/command-ssh.c (ssh_handler_request_identities): Skip unknown
curves.
--

For example when using my standard ed25519 token and testing cards
with only Brainpool support, the ssh-agent failed due to the unknown
curves seen on the card.  This patches fixes this by ignoring keys
with unknown curves.

Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 2d2391dfc25cfe160581b1bb4b4b8fc4764ac304)

1 files changed, 17 insertions, 7 deletions

diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index bcc78bd15..1ed541621 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -2608,19 +2608,29 @@ ssh_handler_request_identities (ctrl_t ctrl,
             continue;
 
           err = ssh_send_key_public (key_blobs, key_public, cardsn);
-          if (err && opt.verbose)
-            gcry_log_debugsxp ("pubkey", key_public);
           gcry_sexp_release (key_public);
           key_public = NULL;
           xfree (cardsn);
           if (err)
             {
-              xfree (serialno);
-              free_strlist (card_list);
-              goto out;
+              if (opt.verbose)
+                gcry_log_debugsxp ("pubkey", key_public);
+              if (gpg_err_code (err) == GPG_ERR_UNKNOWN_CURVE
+                  || gpg_err_code (err) == GPG_ERR_INV_CURVE)
+                {
+                  /* For example a Brainpool curve or a curve we don't
+                   * support at all but a smartcard lists that curve.
+                   * We ignore them.  */
+                }
+              else
+                {
+                  xfree (serialno);
+                  free_strlist (card_list);
+                  goto out;
+                }
             }
-
-          key_counter++;
+          else
+            key_counter++;
         }
 
       xfree (serialno);