agent: Fix for suggested Libgcrypt use.

* agent/divert-scd.c (divert_pkdecrypt): Skip a flags parameter.
--

The libgcrypt docs say that a "flags" parameter should always be used
in the input of pkdecrypt.  Thus we should allow that parameter also
when parsing an s-expression to figure out the algorithm for use with
scdaemon.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit a12c3a566e2e4b10bc02976a2819070877ee895c)
(cherry picked from commit 0a95b153811f36739d1b20f23920bad0bb07c68b)

Gbp-Pq: Topic from-2.2.14
Gbp-Pq: Name agent-Fix-for-suggested-Libgcrypt-use.patch

diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 88b35cd21fca21529df21cbba5af82b939099feb..aff50553aa0c32f38e9a3f661e0909586b97be9f 100644 (file)
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -476,6 +476,7 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
   char *kid;
   const unsigned char *s;
   size_t n;
+  int depth;
   const unsigned char *ciphertext;
   size_t ciphertextlen;
   char *plaintext;
@@ -484,7 +485,6 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
   (void)desc_text;
 
   *r_padding = -1;
-
   s = cipher;
   if (*s != '(')
     return gpg_error (GPG_ERR_INV_SEXP);
@@ -500,6 +500,21 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
   n = snext (&s);
   if (!n)
     return gpg_error (GPG_ERR_INV_SEXP);
+
+  /* First check whether we have a flags parameter and skip it.  */
+  if (smatch (&s, n, "flags"))
+    {
+      depth = 1;
+      if (sskip (&s, &depth) || depth)
+        return gpg_error (GPG_ERR_INV_SEXP);
+      if (*s != '(')
+        return gpg_error (GPG_ERR_INV_SEXP);
+      s++;
+      n = snext (&s);
+      if (!n)
+        return gpg_error (GPG_ERR_INV_SEXP);
+    }
+
   if (smatch (&s, n, "rsa"))
     {
       if (*s != '(')