Diffusion GnuPG 0173b249cfb7

agent: PKSIGN should return signature in same format for card.

Authored by gniibe on Feb 27 2019, 2:37 AM.

Description

agent: PKSIGN should return signature in same format for card.

* agent/pksign.c (agent_pksign_do):

It's best to keep same data format by libgcrypt.

For card (due to historical reasons), gpg-agent or scdaemon used to
prefix 0x00 when it starts 0x80, so that it can be parsed signed MPI
as well as unsigned MPI. It used to do nothing for preceding zeros.

  • Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Committed
gniibeFeb 27 2019, 2:37 AM
Parents
rGc2235d994dbb: scd: Simplify the app_readkey parameters.
Branches
Unknown
Tags
Unknown
werner added a subscriber: werner.Feb 27 2019, 8:02 AM
werner added inline comments.
/agent/pksign.c
412

Isn't this a problem if R and S have different length? I recall code which splits a block in the middle to get R and S. Not sure; thus this question.

gniibe added inline comments.Feb 28 2019, 12:59 AM
/agent/pksign.c
412

For signature, OpenPGP card sends back result in fixed-size (not only RSA but also ECC).

Both of R and S has same size in ECDSA, because it's modulo the order of curve.

So, no such problem occurs.