gpg: Make decryption with the OpenPGP card work.

* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New.
* scd/app-openpgp.c (do_decipher): Add arg R_INFO.
* scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy.
* scd/app.c (app_decipher): Add arg R_INFO.
* scd/command.c (cmd_pkdecrypt): Print status line "PADDING".
* agent/call-scd.c (padding_info_cb): New.
(agent_card_pkdecrypt): Add arg R_PADDING.
* agent/divert-scd.c (divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Ditto.
* agent/command.c (cmd_pkdecrypt):  Print status line "PADDING".
* g10/call-agent.c (padding_info_cb): New.
(agent_pkdecrypt): Add arg R_PADDING.
* g10/pubkey-enc.c (get_it): Use padding info.
--

Decryption using a card never worked in gpg 2.1 because the
information whether the pkcs#1 padding needs to be removed was not
available.  Gpg < 2.1 too this info from the secret sub key but that
has gone in 2.1.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 27 insertions, 3 deletions

diff --git a/agent/call-scd.c b/agent/call-scd.c
index a334b15a1..a6c429c41 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -1,6 +1,7 @@
 /* call-scd.c - fork of the scdaemon to do SC operations
  * Copyright (C) 2001, 2002, 2005, 2007, 2010,
  *               2011 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Werner Koch
  *
  * This file is part of GnuPG.
  *
@@ -874,14 +875,36 @@ agent_card_pksign (ctrl_t ctrl,
   return unlock_scd (ctrl, 0);
 }
 
-/* Decipher INDATA using the current card. Note that the returned value is */
+
+
+
+/* Check whether there is any padding info from scdaemon.  */
+static gpg_error_t
+padding_info_cb (void *opaque, const char *line)
+{
+  int *r_padding = opaque;
+  const char *s;
+
+  if ((s=has_leading_keyword (line, "PADDING")))
+    {
+      *r_padding = atoi (s);
+    }
+
+  return 0;
+}
+
+
+/* Decipher INDATA using the current card.  Note that the returned
+   value is not an s-expression but the raw data as returned by
+   scdaemon.  The padding information is stored at R_PADDING with -1
+   for not known.  */
 int
 agent_card_pkdecrypt (ctrl_t ctrl,
                       const char *keyid,
                       int (*getpin_cb)(void *, const char *, char*, size_t),
                       void *getpin_cb_arg,
                       const unsigned char *indata, size_t indatalen,
-                      char **r_buf, size_t *r_buflen)
+                      char **r_buf, size_t *r_buflen, int *r_padding)
 {
   int rc, i;
   char *p, line[ASSUAN_LINELENGTH];
@@ -890,6 +913,7 @@ agent_card_pkdecrypt (ctrl_t ctrl,
   size_t len;
 
   *r_buf = NULL;
+  *r_padding = -1; /* Unknown.  */
   rc = start_scd (ctrl);
   if (rc)
     return rc;
@@ -923,7 +947,7 @@ agent_card_pkdecrypt (ctrl_t ctrl,
   rc = assuan_transact (ctrl->scd_local->ctx, line,
                         membuf_data_cb, &data,
                         inq_needpin, &inqparm,
-                        NULL, NULL);
+                        padding_info_cb, r_padding);
   if (inqparm.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
 	gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
     rc = cancel_inquire (ctrl, rc);