From 85d3227f358e8c04ecc35fd62b717e6d60bd5fc3 Mon Sep 17 00:00:00 2001
From: Doug Engert <deengert@gmail.com>
Date: Thu, 15 Feb 2024 13:44:46 -0600
Subject: [PATCH] pkcs15-openpgp.c  Authentication key for decrypt requires MSE

pkcs11-tool --test calls "test_decrypt" and test any RSA key
that supports decryption.

OpenPGP can do this for the Authentication key, but requires
the optional MANAGE SECURITY ENVIRONMENT (MSE) command.

Do not set decrypt or wrap usage bits unless MSE is supported
for the card.

Found using YubiKey NFC and Nitro start that do not support MSE.

 On branch X25519-improvements-2
 Changes to be committed:
	modified:   libopensc/pkcs15-openpgp.c
---
 src/libopensc/card-openpgp.c   | 2 +-
 src/libopensc/pkcs15-openpgp.c | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
index cef84092c43..42f0592bb5c 100644
--- a/src/libopensc/card-openpgp.c
+++ b/src/libopensc/card-openpgp.c
@@ -2500,7 +2500,7 @@ pgp_update_new_algo_attr(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_
 	pgp_blob_t *algo_blob = NULL;
 	const unsigned int tag = 0x00C0 | key_info->key_id;
 	u8 *data;
-	int data_len;
+	size_t data_len;
 	int r = SC_SUCCESS;
 	unsigned int i;
 
diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
index 00409840372..27fab34e668 100644
--- a/src/libopensc/pkcs15-openpgp.c
+++ b/src/libopensc/pkcs15-openpgp.c
@@ -182,6 +182,7 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
 {
 	sc_card_t	*card = p15card->card;
 	sc_context_t	*ctx = card->ctx;
+	struct pgp_priv_data *priv = DRVDATA(card);
 	char		string[256];
 	u8		c4data[10];
 	u8		c5data[100];
@@ -402,6 +403,10 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
 
 			case SC_OPENPGP_KEYALGO_RSA:
 				if (cxdata_len >= 3) {
+					/* with Authentication key, can only decrypt if can change MSE */
+					if (i == 2 && !(priv->ext_caps & EXT_CAP_MSE)) {
+						prkey_info.usage &= ~PGP_ENC_PRKEY_USAGE;
+					}
 					prkey_info.modulus_length = bebytes2ushort(cxdata + 1);
 					r = sc_pkcs15emu_add_rsa_prkey(p15card, &prkey_obj, &prkey_info);
 					break;
@@ -526,6 +531,10 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
 				break;
 			case SC_OPENPGP_KEYALGO_RSA:
 				if (cxdata_len >= 3) {
+					/* with Authentication pubkey, can only encrypt if can change MSE */
+					if (i == 2 && !(priv->ext_caps & EXT_CAP_MSE)) {
+						pubkey_info.usage &= ~PGP_ENC_PUBKEY_USAGE;
+					}
 					pubkey_info.modulus_length = bebytes2ushort(cxdata + 1);
 					r = sc_pkcs15emu_add_rsa_pubkey(p15card, &pubkey_obj, &pubkey_info);
 					break;