From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/gnupg/files/, app-crypt/gnupg/
Date: Thu, 14 Jul 2022 00:49:49 +0000 (UTC) [thread overview]
Message-ID: <1657759769.70a5cc46592ba76ffa08535b1c60f9cc59470e88.sam@gentoo> (raw)
commit: 70a5cc46592ba76ffa08535b1c60f9cc59470e88
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu Jul 14 00:49:29 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Jul 14 00:49:29 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70a5cc46
app-crypt/gnupg: backport yubikey fix
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/gnupg-2.3.7-yubikey-workaround-fix.patch | 53 ++++++++++++++++++++++
.../{gnupg-2.3.7.ebuild => gnupg-2.3.7-r1.ebuild} | 1 +
2 files changed, 54 insertions(+)
diff --git a/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch b/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch
new file mode 100644
index 000000000000..94062c885b5b
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.3.7-yubikey-workaround-fix.patch
@@ -0,0 +1,53 @@
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f34b9147eb3070bce80d53febaa564164cd6c977
+
+From f34b9147eb3070bce80d53febaa564164cd6c977 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Wed, 13 Jul 2022 10:40:55 +0900
+Subject: [PATCH] scd:openpgp: Fix workaround for Yubikey heuristics.
+
+* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case
+of firmware 5.4, too.
+
+--
+
+GnuPG-bug-id: 6070
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+--- a/scd/app-openpgp.c
++++ b/scd/app-openpgp.c
+@@ -6259,15 +6259,28 @@ parse_algorithm_attribute (app_t app, int keyno)
+ app->app_local->keyattr[keyno].ecc.algo = *buffer;
+ app->app_local->keyattr[keyno].ecc.flags = 0;
+
+- if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY
+- || buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
+- { /* Found "pubkey required"-byte for private key template. */
+- oidlen--;
+- if (buffer[buflen-1] == 0xff)
+- app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
++ if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY)
++ {
++ /* Yubikey implementations vary.
++ * Firmware version 5.2 returns "pubkey required"-byte with
++ * 0x00, but after removal and second time insertion, it
++ * returns bogus value there.
++ * Firmware version 5.4 returns none.
++ */
++ curve = ecc_curve (buffer + 1, oidlen);
++ if (!curve)
++ curve = ecc_curve (buffer + 1, oidlen - 1);
++ }
++ else
++ {
++ if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
++ { /* Found "pubkey required"-byte for private key template. */
++ oidlen--;
++ if (buffer[buflen-1] == 0xff)
++ app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
++ }
++ curve = ecc_curve (buffer + 1, oidlen);
+ }
+-
+- curve = ecc_curve (buffer + 1, oidlen);
+
+ if (!curve)
+ {
diff --git a/app-crypt/gnupg/gnupg-2.3.7.ebuild b/app-crypt/gnupg/gnupg-2.3.7-r1.ebuild
similarity index 99%
rename from app-crypt/gnupg/gnupg-2.3.7.ebuild
rename to app-crypt/gnupg/gnupg-2.3.7-r1.ebuild
index 6f376da7aafd..54821c7edea1 100644
--- a/app-crypt/gnupg/gnupg-2.3.7.ebuild
+++ b/app-crypt/gnupg/gnupg-2.3.7-r1.ebuild
@@ -57,6 +57,7 @@ DOCS=(
PATCHES=(
"${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+ "${FILESDIR}"/${P}-yubikey-workaround-fix.patch
)
src_prepare() {
next reply other threads:[~2022-07-14 6:10 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-14 0:49 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-01-25 17:24 [gentoo-commits] repo/gentoo:master commit in: app-crypt/gnupg/files/, app-crypt/gnupg/ Sam James
2024-11-03 9:04 Sam James
2024-11-03 9:04 Sam James
2024-06-24 4:00 Sam James
2024-03-04 3:08 Sam James
2024-03-04 3:02 Sam James
2023-07-06 0:06 Sam James
2023-06-10 21:02 Sam James
2023-05-23 4:13 Sam James
2022-09-23 1:06 Sam James
2022-06-30 20:01 Sam James
2022-04-25 16:06 Sam James
2021-04-08 9:21 Lars Wendler
2020-09-01 9:41 Mikle Kolyada
2020-03-21 16:47 Mikle Kolyada
2018-02-07 20:44 Kristian Fiskerstrand
2017-03-18 3:12 Robin H. Johnson
2017-02-18 18:35 Alon Bar-Lev
2017-02-18 18:35 Alon Bar-Lev
2017-01-23 17:54 Alon Bar-Lev
2017-01-04 12:43 Kristian Fiskerstrand
2016-11-22 18:31 Kristian Fiskerstrand
2016-06-16 19:34 Kristian Fiskerstrand
2016-05-19 21:16 Kristian Fiskerstrand
2016-02-12 21:41 Kristian Fiskerstrand
2015-12-19 10:37 Kristian Fiskerstrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1657759769.70a5cc46592ba76ffa08535b1c60f9cc59470e88.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox