暫無描述

0011-OpenPGP-Provide-enough-buffer-to-read-pubkey-from-Gn.patch 2.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. From 752f8981bed49a98d3592ead3aa50e743318dea8 Mon Sep 17 00:00:00 2001
  2. From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
  3. <ng.hong.quan@gmail.com>
  4. Date: Fri, 5 Apr 2013 17:18:50 +0700
  5. Subject: [PATCH 11/26] OpenPGP: Provide enough buffer to read pubkey from
  6. Gnuk.
  7. ---
  8. src/libopensc/card-openpgp.c | 28 +++++++++++++++++++++++-----
  9. 1 file changed, 23 insertions(+), 5 deletions(-)
  10. diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
  11. index e7b25c0..1913eca 100644
  12. --- a/src/libopensc/card-openpgp.c
  13. +++ b/src/libopensc/card-openpgp.c
  14. @@ -263,7 +263,12 @@ static struct do_info pgp2_objects[] = { /* OpenPGP card spec 2.0 */
  15. /* The DO holding X.509 certificate is constructed but does not contain child DO.
  16. * We should notice this when building fake file system later. */
  17. -#define DO_CERT 0x7f21
  18. +#define DO_CERT 0x7f21
  19. +/* Maximum length for response buffer when reading pubkey. This value is calculated with
  20. + * 4096-bit key length */
  21. +#define MAXLEN_RESP_PUBKEY 527
  22. +/* Gnuk only support 1 key length (2048 bit) */
  23. +#define MAXLEN_RESP_PUBKEY_GNUK 271
  24. #define DRVDATA(card) ((struct pgp_priv_data *) ((card)->drv_data))
  25. struct pgp_priv_data {
  26. @@ -731,6 +736,14 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
  27. u8 buffer[2048];
  28. size_t buf_len = (card->caps & SC_CARD_CAP_APDU_EXT)
  29. ? sizeof(buffer) : 256;
  30. +
  31. + /* Buffer length for Gnuk pubkey */
  32. + if (card->type == SC_CARD_TYPE_OPENPGP_GNUK &&
  33. + (blob->id == 0xa400 || blob->id == 0xb600 || blob->id == 0xb800
  34. + || blob->id == 0xa401 || blob->id == 0xb601 || blob->id == 0xb801)) {
  35. + buf_len = MAXLEN_RESP_PUBKEY_GNUK;
  36. + }
  37. +
  38. int r = blob->info->get_fn(card, blob->id, buffer, buf_len);
  39. if (r < 0) { /* an error occurred */
  40. @@ -1828,6 +1841,7 @@ static int pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_in
  41. u8 apdu_case;
  42. u8 *apdu_data;
  43. size_t apdu_le;
  44. + size_t resplen = 0;
  45. int r = SC_SUCCESS;
  46. LOG_FUNC_CALLED(card->ctx);
  47. @@ -1868,23 +1882,27 @@ static int pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_in
  48. apdu_case = SC_APDU_CASE_4_EXT;
  49. }
  50. else {
  51. - apdu_le = 256;
  52. apdu_case = SC_APDU_CASE_4_SHORT;
  53. + apdu_le = 256;
  54. + resplen = MAXLEN_RESP_PUBKEY;
  55. + }
  56. + if (card->type == SC_CARD_TYPE_OPENPGP_GNUK) {
  57. + resplen = MAXLEN_RESP_PUBKEY_GNUK;
  58. }
  59. /* Prepare APDU */
  60. - sc_format_apdu(card, &apdu, apdu_case, 0x47, 0x80, 0);
  61. + sc_format_apdu(card, &apdu, apdu_case, 0x47, 0x80, 0);
  62. apdu.data = apdu_data;
  63. apdu.datalen = 2; /* Data = B600 */
  64. apdu.lc = 2;
  65. apdu.le = apdu_le;
  66. /* Buffer to receive response */
  67. - apdu.resp = calloc(apdu.le, 1);
  68. + apdu.resplen = (resplen > 0) ? resplen : apdu_le;
  69. + apdu.resp = calloc(apdu.resplen, 1);
  70. if (apdu.resp == NULL) {
  71. LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_ENOUGH_MEMORY);
  72. }
  73. - apdu.resplen = apdu.le;
  74. /* Send */
  75. sc_log(card->ctx, "Waiting for the card to generate key...");
  76. --
  77. 2.1.3