aboutsummaryrefslogtreecommitdiffstats
path: root/scd
diff options
context:
space:
mode:
Diffstat (limited to 'scd')
-rw-r--r--scd/app-common.h29
-rw-r--r--scd/app-nks.c5
-rw-r--r--scd/app-openpgp.c5
-rw-r--r--scd/app.c8
-rw-r--r--scd/command.c10
5 files changed, 40 insertions, 17 deletions
diff --git a/scd/app-common.h b/scd/app-common.h
index e3d23c2b4..66430b61d 100644
--- a/scd/app-common.h
+++ b/scd/app-common.h
@@ -34,6 +34,9 @@
#define APP_CHANGE_FLAG_RESET 1
#define APP_CHANGE_FLAG_NULLPIN 2
+/* Bit flags set by the decipher function into R_INFO. */
+#define APP_DECIPHER_INFO_NOPAD 1 /* Padding has been removed. */
+
struct app_local_s; /* Defined by all app-*.c. */
@@ -93,10 +96,11 @@ struct app_ctx_s {
const void *indata, size_t indatalen,
unsigned char **outdata, size_t *outdatalen);
gpg_error_t (*decipher) (app_t app, const char *keyidstr,
- gpg_error_t (*pincb)(void*, const char *, char **),
- void *pincb_arg,
- const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen);
+ gpg_error_t (*pincb)(void*, const char *, char **),
+ void *pincb_arg,
+ const void *indata, size_t indatalen,
+ unsigned char **outdata, size_t *outdatalen,
+ unsigned int *r_info);
gpg_error_t (*writecert) (app_t app, ctrl_t ctrl,
const char *certid,
gpg_error_t (*pincb)(void*,const char *,char **),
@@ -168,15 +172,16 @@ gpg_error_t app_sign (app_t app, const char *keyidstr, int hashalgo,
const void *indata, size_t indatalen,
unsigned char **outdata, size_t *outdatalen );
gpg_error_t app_auth (app_t app, const char *keyidstr,
- gpg_error_t (*pincb)(void*, const char *, char **),
- void *pincb_arg,
- const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen);
+ gpg_error_t (*pincb)(void*, const char *, char **),
+ void *pincb_arg,
+ const void *indata, size_t indatalen,
+ unsigned char **outdata, size_t *outdatalen);
gpg_error_t app_decipher (app_t app, const char *keyidstr,
- gpg_error_t (*pincb)(void*, const char *, char **),
- void *pincb_arg,
- const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen );
+ gpg_error_t (*pincb)(void*, const char *, char **),
+ void *pincb_arg,
+ const void *indata, size_t indatalen,
+ unsigned char **outdata, size_t *outdatalen,
+ unsigned int *r_info);
gpg_error_t app_writecert (app_t app, ctrl_t ctrl,
const char *certidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
diff --git a/scd/app-nks.c b/scd/app-nks.c
index 72e726d39..c83217fd0 100644
--- a/scd/app-nks.c
+++ b/scd/app-nks.c
@@ -985,13 +985,16 @@ do_decipher (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen )
+ unsigned char **outdata, size_t *outdatalen,
+ unsigned int *r_info)
{
int rc, i;
int is_sigg = 0;
int fid;
int kid;
+ (void)r_info;
+
if (!keyidstr || !*keyidstr || !indatalen)
return gpg_error (GPG_ERR_INV_VALUE);
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 011c24840..dd4a2d91e 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -3598,7 +3598,8 @@ do_decipher (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen )
+ unsigned char **outdata, size_t *outdatalen,
+ unsigned int *r_info)
{
int rc;
unsigned char tmp_sn[20]; /* actually 16 but we use it also for the fpr. */
@@ -3727,6 +3728,8 @@ do_decipher (app_t app, const char *keyidstr,
&& app->card_version == 0x0200)
log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
" do not work with encryption keys > 2048 bits\n");
+
+ *r_info |= APP_DECIPHER_INFO_NOPAD;
}
return rc;
diff --git a/scd/app.c b/scd/app.c
index e6a663e1e..a0bb5f5ac 100644
--- a/scd/app.c
+++ b/scd/app.c
@@ -801,10 +801,13 @@ app_decipher (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
- unsigned char **outdata, size_t *outdatalen )
+ unsigned char **outdata, size_t *outdatalen,
+ unsigned int *r_info)
{
gpg_error_t err;
+ *r_info = 0;
+
if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
return gpg_error (GPG_ERR_INV_VALUE);
if (!app->ref_count)
@@ -817,7 +820,8 @@ app_decipher (app_t app, const char *keyidstr,
err = app->fnc.decipher (app, keyidstr,
pincb, pincb_arg,
indata, indatalen,
- outdata, outdatalen);
+ outdata, outdatalen,
+ r_info);
unlock_reader (app->slot);
if (opt.verbose)
log_info ("operation decipher result: %s\n", gpg_strerror (err));
diff --git a/scd/command.c b/scd/command.c
index d5cc32cd9..05b50b935 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -1089,6 +1089,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
unsigned char *outdata;
size_t outdatalen;
char *keyidstr;
+ unsigned int infoflags;
if ( IS_LOCKED (ctrl) )
return gpg_error (GPG_ERR_LOCKED);
@@ -1103,7 +1104,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
keyidstr,
pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
- &outdata, &outdatalen);
+ &outdata, &outdatalen, &infoflags);
xfree (keyidstr);
if (rc)
@@ -1112,6 +1113,13 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
}
else
{
+ /* If the card driver told us that there is no padding, send a
+ status line. If there is a padding it is assumed that the
+ caller knows what padding is used. It would have been better
+ to always send that information but for backward
+ compatibility we can't do that. */
+ if ((infoflags & APP_DECIPHER_INFO_NOPAD))
+ send_status_direct (ctrl, "PADDING", "0");
rc = assuan_send_data (ctx, outdata, outdatalen);
xfree (outdata);
if (rc)
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 07:05:49 +0000