From d9fbfccd354c57a134c3a625272c970355377157 Mon Sep 17 00:00:00 2001
From: Roman Zeyde <roman.zeyde@gmail.com>
Date: Fri, 17 Jun 2016 09:32:43 +0300
Subject: [PATCH] gpg: load correct key if ECDH is requested

---
 trezor_agent/gpg/agent.py  | 4 ++--
 trezor_agent/gpg/decode.py | 7 ++++---
 trezor_agent/gpg/encode.py | 2 +-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/trezor_agent/gpg/agent.py b/trezor_agent/gpg/agent.py
index 6140cf1..c3e3156 100644
--- a/trezor_agent/gpg/agent.py
+++ b/trezor_agent/gpg/agent.py
@@ -41,7 +41,7 @@ def pksign(keygrip, digest, algo):
     assert algo == '8'
     pubkey_dict = decode.load_public_key(
         pubkey_bytes=keyring.export_public_key(user_id=None),
-        use_custom=True)
+        use_custom=True, ecdh=False)
     pubkey, conn = encode.load_from_public_key(pubkey_dict=pubkey_dict)
     with contextlib.closing(conn):
         assert pubkey.keygrip == binascii.unhexlify(keygrip)
@@ -85,7 +85,7 @@ def pkdecrypt(keygrip, conn):
 
     local_pubkey = decode.load_public_key(
         pubkey_bytes=keyring.export_public_key(user_id=None),
-        use_custom=True)
+        use_custom=True, ecdh=True)
     pubkey, conn = encode.load_from_public_key(pubkey_dict=local_pubkey)
     with contextlib.closing(conn):
         assert pubkey.keygrip == binascii.unhexlify(keygrip)
diff --git a/trezor_agent/gpg/decode.py b/trezor_agent/gpg/decode.py
index 8cbb454..13f2b36 100644
--- a/trezor_agent/gpg/decode.py
+++ b/trezor_agent/gpg/decode.py
@@ -268,7 +268,7 @@ def digest_packets(packets):
     return hashlib.sha256(data_to_hash.getvalue()).digest()
 
 
-def load_public_key(pubkey_bytes, use_custom=False):
+def load_public_key(pubkey_bytes, use_custom=False, ecdh=False):
     """Parse and validate GPG public key from an input stream."""
     stream = io.BytesIO(pubkey_bytes)
     packets = list(parse_packets(util.Reader(stream)))
@@ -288,8 +288,9 @@ def load_public_key(pubkey_bytes, use_custom=False):
     packet = pubkey
     while use_custom:
         if packet['type'] in ('pubkey', 'subkey') and signature['_is_custom']:
-            log.debug('found custom %s', packet['type'])
-            break
+            if ecdh == (packet['algo'] == proto.ECDH_ALGO_ID):
+                log.debug('found custom %s', packet['type'])
+                break
 
         packet, signature = packets[:2]
         packets = packets[2:]
diff --git a/trezor_agent/gpg/encode.py b/trezor_agent/gpg/encode.py
index 862d8f8..26df9f3 100644
--- a/trezor_agent/gpg/encode.py
+++ b/trezor_agent/gpg/encode.py
@@ -202,7 +202,7 @@ def load_from_public_key(pubkey_dict):
     conn = HardwareSigner(user_id, curve_name=curve_name)
     pubkey = proto.PublicKey(
         curve_name=curve_name, created=created,
-        verifying_key=conn.pubkey(), ecdh=ecdh)
+        verifying_key=conn.pubkey(ecdh=ecdh), ecdh=ecdh)
     assert pubkey.key_id() == pubkey_dict['key_id']
     log.info('%s created at %s for "%s"',
              pubkey, _time_format(pubkey.created), user_id)