polhenarejos / pico-openpgp

OpenPGP CCID smart card for Raspberry Pico and ESP32
https://www.picokeys.com
GNU General Public License v3.0
78 stars 10 forks source link

keytocard fails #12

Closed al-heisner closed 6 months ago

al-heisner commented 6 months ago

I haven't dug into the details yet, but maybe a re-occurence of https://github.com/polhenarejos/pico-openpgp/issues/3? I had keytocard working in the past, but updated to latest firmware and I'm now unable to use keytocard. I'm trying to load 4k key size with keytocard because generation of 4k keys on the card takes long and gets a timeout.

keytocard fails with: gpg: KEYTOCARD failed: Invalid value

Tried on Windows 11, Linux Mint 21, and Raspbian

al-heisner commented 6 months ago

I got a chance to debug this. In cmd_import_data(), len is declared as uint8_t len[9], which is overflowed when length>255. I got it working by changing it to type size_t, my git diff looks like this:


diff --git a/src/openpgp/openpgp.c b/src/openpgp/openpgp.c

index fb41029..01d59f2 100644
--- a/src/openpgp/openpgp.c
+++ b/src/openpgp/openpgp.c
@@ -1893,7 +1893,8 @@ static int cmd_import_data() {
         return SW_WRONG_DATA();
     }
     tgl = tag_len(&start);
-    uint8_t *end = start + tgl, len[9] = { 0 }, *p[9] = { 0 };
+    size_t len[9] = { 0 };
+    uint8_t *end = start + tgl, *p[9] = { 0 };
     while (start < end) {
         uint8_t tag = *start++;
         if ((tag >= 0x91 && tag <= 0x97) || tag == 0x99) {