sm: Prepare algo mapping to handle values > 255.

* sm/misc.c (transform_sigval): Allow for larger values of MDALGO and PKALGO. -- Libgcrypt already defines larger values for them, so we should be prepared in case we use them in the future. Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2019-02-21 08:51:27 +0100
committer: Werner Koch <wk@gnupg.org> 2019-02-21 08:51:50 +0100
commit: d7a54ca461ad75e4fab77a2f1b25986c7637762a (patch)
tree: d3b5c9000ab3c6df4435509eba142a60a4388469 /sm
parent: scd: Clear CHV status on timeout error. (diff)
download: gnupg2-d7a54ca461ad75e4fab77a2f1b25986c7637762a.tar.xz
gnupg2-d7a54ca461ad75e4fab77a2f1b25986c7637762a.zip
1 files changed, 13 insertions, 10 deletions
diff --git a/sm/misc.c b/sm/misc.c
index 4672f269e..954529390 100644
--- a/sm/misc.c
+++ b/sm/misc.c
@@ -204,41 +204,44 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
     return err;
 
   /* Map the hash algorithm to an OID.  */
-  switch (mdalgo | (pkalgo << 8))
+  if (mdalgo < 0 || mdalgo > (1<<15) || pkalgo < 0 || pkalgo > (1<<15))
+    return gpg_error (GPG_ERR_DIGEST_ALGO);
+
+  switch (mdalgo | (pkalgo << 16))
     {
-    case GCRY_MD_SHA1 | (GCRY_PK_RSA << 8):
+    case GCRY_MD_SHA1 | (GCRY_PK_RSA << 16):
       oid = "1.2.840.113549.1.1.5";  /* sha1WithRSAEncryption */
       break;
 
-    case GCRY_MD_SHA256 | (GCRY_PK_RSA << 8):
+    case GCRY_MD_SHA256 | (GCRY_PK_RSA << 16):
       oid = "1.2.840.113549.1.1.11"; /* sha256WithRSAEncryption */
       break;
 
-    case GCRY_MD_SHA384 | (GCRY_PK_RSA << 8):
+    case GCRY_MD_SHA384 | (GCRY_PK_RSA << 16):
       oid = "1.2.840.113549.1.1.12"; /* sha384WithRSAEncryption */
       break;
 
-    case GCRY_MD_SHA512 | (GCRY_PK_RSA << 8):
+    case GCRY_MD_SHA512 | (GCRY_PK_RSA << 16):
       oid = "1.2.840.113549.1.1.13"; /* sha512WithRSAEncryption */
       break;
 
-    case GCRY_MD_SHA224 | (GCRY_PK_ECC << 8):
+    case GCRY_MD_SHA224 | (GCRY_PK_ECC << 16):
       oid = "1.2.840.10045.4.3.1"; /* ecdsa-with-sha224 */
       break;
 
-    case GCRY_MD_SHA256 | (GCRY_PK_ECC << 8):
+    case GCRY_MD_SHA256 | (GCRY_PK_ECC << 16):
       oid = "1.2.840.10045.4.3.2"; /* ecdsa-with-sha256 */
       break;
 
-    case GCRY_MD_SHA384 | (GCRY_PK_ECC << 8):
+    case GCRY_MD_SHA384 | (GCRY_PK_ECC << 16):
       oid = "1.2.840.10045.4.3.3"; /* ecdsa-with-sha384 */
       break;
 
-    case GCRY_MD_SHA512 | (GCRY_PK_ECC << 8):
+    case GCRY_MD_SHA512 | (GCRY_PK_ECC << 16):
       oid = "1.2.840.10045.4.3.4"; /* ecdsa-with-sha512 */
       break;
 
-    case GCRY_MD_SHA512 | (GCRY_PK_EDDSA << 8):
+    case GCRY_MD_SHA512 | (GCRY_PK_EDDSA << 16):
       oid = "1.3.101.112"; /* ed25519 */
       break;
author	Werner Koch <wk@gnupg.org>	2019-02-21 08:51:27 +0100
committer	Werner Koch <wk@gnupg.org>	2019-02-21 08:51:50 +0100
commit	d7a54ca461ad75e4fab77a2f1b25986c7637762a (patch)
tree	d3b5c9000ab3c6df4435509eba142a60a4388469 /sm
parent	scd: Clear CHV status on timeout error. (diff)
download	gnupg2-d7a54ca461ad75e4fab77a2f1b25986c7637762a.tar.xz gnupg2-d7a54ca461ad75e4fab77a2f1b25986c7637762a.zip