Revert wrong fix for ECDSA.
authorNIIBE Yutaka <gniibe@fsij.org>
Wed, 27 Feb 2019 05:40:24 +0000 (14:40 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Wed, 27 Feb 2019 05:40:24 +0000 (14:40 +0900)
* src/certreq.c (ksba_certreq_set_sig_val): Add back MSB handling of
0x80 for ECDSA.

--

This was removed because MSB handling was implemented in gpg-agent for
smartcard (historical reason).  Since gpg-agent should return
consistent result for both of smartcard keys and normal disk keys,
gpg-agent has been fixed to libgcrypt format (with no prefixed 0).

Fixes-commit: 5d9278f3d13050eddd68d8a1c490274a4f631f5f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
src/certreq.c

index 05413d8..91bddf2 100644 (file)
@@ -504,8 +504,9 @@ ksba_certreq_set_sig_val (ksba_certreq_t cr, ksba_const_sexp_t sigval)
               if (is_EdDSA || nparam == 1)
                 len += n;
               else
-                len += _ksba_ber_count_tl (TYPE_INTEGER, CLASS_UNIVERSAL, 0, n)
-                       + n;
+                len += _ksba_ber_count_tl (TYPE_INTEGER, CLASS_UNIVERSAL, 0,
+                                           *s >= 0x80? n + 1 : n)
+                       + (*s >= 0x80? n + 1 : n);
             }
           else if (pass == 3)
             {
@@ -516,8 +517,15 @@ ksba_certreq_set_sig_val (ksba_certreq_t cr, ksba_const_sexp_t sigval)
                 }
               else
                 {
-                  buf += _ksba_ber_encode_tl (buf, TYPE_INTEGER,
-                                              CLASS_UNIVERSAL, 0, n);
+                  if (*s >= 0x80)
+                   { /* Add leading zero byte.  */
+                     buf += _ksba_ber_encode_tl (buf, TYPE_INTEGER,
+                                                 CLASS_UNIVERSAL, 0, n + 1);
+                     *buf++ = 0;
+                   }
+                 else
+                   buf += _ksba_ber_encode_tl (buf, TYPE_INTEGER,
+                                               CLASS_UNIVERSAL, 0, n);
                   memcpy (buf, s, n);
                   buf += n;
                 }