diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/sign.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/g10/sign.c b/g10/sign.c index 9c732799f..604802577 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -421,13 +421,16 @@ hash_for (PKT_public_key *pk) return match_dsa_hash(qbytes); } - else if (/*FIXME: call agent - pk->is_protected && sk->protect.s2k.mode==1002*/ 0) + else if (0 + /* FIXME: call agent sk->is_protected && sk->protect.s2k.mode == 1002 + && sk->protect.ivlen == 16 + && !memcmp (sk->protect.iv, "\xD2\x76\x00\x01\x24\x01\x01", 7)*/) { - /* The secret key lives on a smartcard, and current smartcards only - handle SHA-1 and RIPEMD/160. This is correct now, but may - need revision as the cards add algorithms. */ - + /* The sk lives on a smartcard, and old smartcards only handle + SHA-1 and RIPEMD/160. Newer smartcards (v2.0) don't have + this restriction anymore. Fortunately the serial number + encodes the version of the card and thus we know that this + key is on a v1 card. */ if(opt.personal_digest_prefs) { prefitem_t *prefs; |