Home Explore Help
Sign In
fphammerle
/
scute
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

scute: Remove prepended nul byte in signature data

* src/agent.c (pksign_parse_result): Check for nul byte prepended
by the agent to the signature value.
--

GPG Agent may prepend a nul byte in the signature value if the
first byte of the signature has its most significant bit set, to
prevent it from being interpreted as a sign bit (see the function
agent_pksign_do, in GnuPG's agent/pksign.c file).

The current sexp parser in Scute does not expect this extra nul
byte, and will reject any signature containing it with a
GPG_ERR_INV_LENGTH error.

This patch checks for an initial nul byte in the signature
data, and removes it.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Damien Goutte-Gattat 9 years ago
parent
086b72ab07
commit
dd7cf6c779
1 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 7 0
      src/agent.c

+ 7 - 0
src/agent.c
View File 

@@ -1025,6 +1025,13 @@ pksign_parse_result (const struct signature *sig,
 
   if (! n)
 
     return gpg_error (GPG_ERR_INV_SEXP);
 
 
+  /* Remove nul byte prepended by gpg-agent. */
 
+  if (*s == 0)
 
+    {
 
+      n -= 1;
 
+      s += 1;
 
+    }
 
+
 
   if (*len < (unsigned int) n)
 
     return gpg_error (GPG_ERR_INV_LENGTH);