diff options
| author | Werner Koch <[email protected]> | 2023-11-23 15:04:52 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-11-23 15:06:15 +0000 |
| commit | 1d472e4934b889c3ccd99ce61d8b5bdc1bf0d5ee (patch) | |
| tree | d07e9f3c225bc8477299cbf954eb8f1bb3e5ce91 | |
| parent | Update NEWS (diff) | |
| download | gnupg-1d472e4934b889c3ccd99ce61d8b5bdc1bf0d5ee.tar.gz gnupg-1d472e4934b889c3ccd99ce61d8b5bdc1bf0d5ee.zip | |
scd:openpgp: Print a diagnostic for the use of default ECDH params.
* scd/app-openpgp.c (ecc_writekey): Remove the useless check and print
a diagnostic if the default params are used.
--
Note that here in 2.2 we use different default ECDH parameters than in
2.4 (AES192 instead of AES256 for 384 bit curves).
GnuPG-bug-id: 6378
| -rw-r--r-- | scd/app-openpgp.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index f2f99333a..6e4aa5808 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -355,6 +355,7 @@ do_deinit (app_t app) * we do not need this if the buffer has been allocated in secure * memory. However at some places we can't make that sure and thus we * better to an extra wipe here. */ +#if 0 /* Not yet used. */ static void wipe_and_free (void *p, size_t len) { @@ -365,10 +366,11 @@ wipe_and_free (void *p, size_t len) xfree (p); } } - +#endif /* Similar to wipe_and_free but assumes P is eitehr NULL or a proper * string. */ +#if 0 /* Not yet used. */ static void wipe_and_free_string (char *p) { @@ -378,7 +380,7 @@ wipe_and_free_string (char *p) xfree (p); } } - +#endif /* Wrapper around iso7816_get_data which first tries to get the data from the cache. With GET_IMMEDIATE passed as true, the cache is @@ -4487,20 +4489,15 @@ ecc_writekey (app_t app, ctrl_t ctrl, else algo = PUBKEY_ALGO_ECDSA; - /* Not provided by GnuPG 2.2 - take the default value. */ if (algo == PUBKEY_ALGO_ECDH && !ecdh_param) { + /* In case this is used by older clients we fallback to our + * default ecc parameters. */ + log_info ("opgp: using default ecdh parameters\n"); ecdh_param = ecdh_params (curve); ecdh_param_len = 4; } - if (algo == PUBKEY_ALGO_ECDH && !ecdh_param) - { - log_error ("opgp: ecdh parameters missing\n"); - err = gpg_error (GPG_ERR_INV_VALUE); - goto leave; - } - oidstr = openpgp_curve_to_oid (curve, &n, NULL); ecc_d_fixed_len = (n+7)/8; err = openpgp_oid_from_str (oidstr, &oid); |