Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ignore randomly generated last octet of OIDs for ECKeys. fixes #2590 #2631

Closed
wants to merge 1 commit into from
Closed

ignore randomly generated last octet of OIDs for ECKeys. fixes #2590 #2631

wants to merge 1 commit into from

Conversation

n0emis
Copy link

@n0emis n0emis commented Dec 21, 2020

Description

As @schch already described in more detail in #2590 (comment), the last octet of the OID for ECKeys is randomly generated on insertion. This leads to a crash most of the time when trying to decrypt with a ECKey on a security token.

This PR ignores this last octet of the OID. And therefor fixes this bug/crash.

Motivation and Context

This PR fixes #2590. The problem was, that the OID with the random suffix was resolved to a ECNamedCurveTable, which was unsuccessful. As this PR removes this suffix from the OID, the resoving works again. Therefor open-keychain does not anymore crash most of the time when trying to decrypt with a security token and an ECKey.

How Has This Been Tested?

I have tested this change with my YubiKey on my phone and I successfully ran the testsuite.

Types of changes

  • ✅ Bug fix (non-breaking change which fixes an issue)

@CLAassistant
Copy link

CLAassistant commented Dec 21, 2020
edited

CLA assistant check
All committers have signed the CLA.

@n0emis n0emis mentioned this pull request Feb 5, 2021
Closed
msfjarvis added a commit to android-password-store/open-keychain that referenced this pull request Feb 5, 2021
@msfjarvis
Merge pull request open-keychain#2631 from n0emis/ignore-random-octet
a7c6bde 
ignore randomly generated last octet of OIDs for ECKeys. fixes open-keychain#2590

* github.com:open-keychain/open-keychain:
  ignore randomly generated last octet of OIDs for ECKeys. fixes open-keychain#2590
@msfjarvis msfjarvis mentioned this pull request Feb 5, 2021
Closed
@msfjarvis
Copy link
Contributor

On Yubikeys the source of the problem is a hardware bug as noted here. @Valodim can the PR be merged and a new release cut anytime soon? It's been over a year since the last OpenKeychain release.

@clumbo
Copy link

clumbo commented Feb 8, 2021

Would be good to get this in as its stopping my key working.

@msfjarvis
Copy link
Contributor

@dschuermann @Valodim can this be reviewed sometime soon? We still have many users who are unable to use their Yubikeys because of this.

@msfjarvis msfjarvis mentioned this pull request Feb 21, 2021
Merged
@dschuermann
Copy link
Member

fixed with 2a0625e

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Crash while decrypting with YubiKey and Ellyptic Curve
5 participants
@n0emis @CLAassistant @msfjarvis @clumbo @dschuermann