0003-agent-Fix-the-regression-in-pkdecrypt-with-TPM-RSA.patch - portage-overlay

0003-agent-Fix-the-regression-in-pkdecrypt-with-TPM-RSA.patch (1234B)
      1 From 6eed3959303c81c9699fe9273030e480732f72be Mon Sep 17 00:00:00 2001
      2 Message-ID: <6eed3959303c81c9699fe9273030e480732f72be.1771025112.git.sam@gentoo.org>
      3 From: NIIBE Yutaka <gniibe@fsij.org>
      4 Date: Thu, 12 Feb 2026 11:51:17 +0900
      5 Subject: [PATCH GnuPG] agent: Fix the regression in pkdecrypt with TPM RSA.
      6 
      7 * agent/divert-tpm2.c (divert_tpm2_pkdecrypt): Care about additional
      8 0x00.
      9 
     10 --
     11 
     12 GnuPG-bug-id: 8045
     13 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
     14 ---
     15  agent/divert-tpm2.c | 9 +++++++++
     16  1 file changed, 9 insertions(+)
     17 
     18 diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
     19 index 5500c07f1..839a039bc 100644
     20 --- a/agent/divert-tpm2.c
     21 +++ b/agent/divert-tpm2.c
     22 @@ -138,6 +138,15 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl,
     23        if (!smatch (&s, n, "a"))
     24          return gpg_error (GPG_ERR_UNKNOWN_SEXP);
     25        n = snext (&s);
     26 +      /* NOTE: gpg-agent protocol uses signed integer for RSA (%m in
     27 +       * MPI), where 0x00 is added when the MSB is 1.  TPM2 uses
     28 +       * unsigned integer.  We need to remove this 0x00, or else
     29 +       * it may result GPG_ERR_TOO_LARGE in tpm2daemon.  */
     30 +      if (!*s && (n&1))
     31 +        {
     32 +          s++;
     33 +          n--;
     34 +        }
     35      }
     36    else if (smatch (&s, n, "ecdh"))
     37      {
     38 -- 
     39 2.53.0
     40