diff options
| -rw-r--r-- | scd/app-openpgp.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 85202313b..0e751e0e0 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -4046,6 +4046,7 @@ do_decipher (app_t app, const char *keyidstr, int exmode, le_value; unsigned char *fixbuf = NULL; int padind = 0; + int fixuplen = 0; if (!keyidstr || !*keyidstr || !indatalen) return gpg_error (GPG_ERR_INV_VALUE); @@ -4092,8 +4093,6 @@ do_decipher (app_t app, const char *keyidstr, if (app->app_local->keyattr[1].key_type == KEY_TYPE_RSA) { - int fixuplen; - /* We might encounter a couple of leading zeroes in the cryptogram. Due to internal use of MPIs these leading zeroes are stripped. However the OpenPGP card expects exactly 128 @@ -4146,7 +4145,26 @@ do_decipher (app_t app, const char *keyidstr, } } else if (app->app_local->keyattr[1].key_type == KEY_TYPE_ECC) - padind = -1; + { + fixuplen = 7; + fixbuf = xtrymalloc (fixuplen + indatalen); + if (!fixbuf) + return gpg_error_from_syserror (); + + /* Build 'Cipher DO' */ + fixbuf[0] = '\xa6'; + fixbuf[1] = (char)(indatalen+5); + fixbuf[2] = '\x7f'; + fixbuf[3] = '\x49'; + fixbuf[4] = (char)(indatalen+2); + fixbuf[5] = '\x86'; + fixbuf[6] = (char)indatalen; + memcpy (fixbuf+fixuplen, indata, indatalen); + indata = fixbuf; + indatalen = fixuplen + indatalen; + + padind = -1; + } else return gpg_error (GPG_ERR_INV_VALUE); |