2003-06-18 19:56:13 +00:00
|
|
|
/* pkglue.c - public key operations glue code
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
* Copyright (C) 2000, 2003, 2010 Free Software Foundation, Inc.
|
|
|
|
* Copyright (C) 2014 Werner Koch
|
2003-06-18 19:56:13 +00:00
|
|
|
*
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
*
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 19:49:40 +00:00
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-06-18 19:56:13 +00:00
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-06-18 19:56:13 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <errno.h>
|
|
|
|
|
|
|
|
#include "gpg.h"
|
2017-03-07 20:21:23 +09:00
|
|
|
#include "../common/util.h"
|
2003-06-18 19:56:13 +00:00
|
|
|
#include "pkglue.h"
|
2011-01-05 17:33:17 -08:00
|
|
|
#include "main.h"
|
2011-01-25 20:28:25 +01:00
|
|
|
#include "options.h"
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2015-11-16 12:41:46 +01:00
|
|
|
/* FIXME: Better change the function name because mpi_ is used by
|
2011-01-21 12:00:57 +01:00
|
|
|
gcrypt macros. */
|
2011-01-05 17:33:17 -08:00
|
|
|
gcry_mpi_t
|
2013-11-15 08:59:45 +01:00
|
|
|
get_mpi_from_sexp (gcry_sexp_t sexp, const char *item, int mpifmt)
|
2003-08-25 21:12:43 +00:00
|
|
|
{
|
|
|
|
gcry_sexp_t list;
|
|
|
|
gcry_mpi_t data;
|
2011-02-02 17:40:32 +01:00
|
|
|
|
2003-08-25 21:12:43 +00:00
|
|
|
list = gcry_sexp_find_token (sexp, item, 0);
|
2016-04-29 11:05:24 +02:00
|
|
|
log_assert (list);
|
2013-11-15 08:59:45 +01:00
|
|
|
data = gcry_sexp_nth_mpi (list, 1, mpifmt);
|
2016-04-29 11:05:24 +02:00
|
|
|
log_assert (data);
|
2003-08-25 21:12:43 +00:00
|
|
|
gcry_sexp_release (list);
|
|
|
|
return data;
|
|
|
|
}
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2021-12-10 15:39:32 +09:00
|
|
|
/*
|
|
|
|
* SOS (Simply, Octet String) is an attempt to handle opaque octet
|
|
|
|
* string in OpenPGP, where well-formed MPI cannot represent octet
|
|
|
|
* string with leading zero octets.
|
|
|
|
*
|
|
|
|
* To retain maximum compatibility to existing MPI handling, SOS
|
|
|
|
* has same structure, but allows leading zero octets. When there
|
|
|
|
* is no leading zero octets, SOS representation is as same as MPI one.
|
|
|
|
* With leading zero octets, NBITS is 8*(length of octets), regardless
|
|
|
|
* of leading zero bits.
|
|
|
|
*/
|
2020-06-09 10:32:47 +09:00
|
|
|
/* Extract SOS representation from SEXP for PARAM, return the result
|
2021-12-10 15:39:32 +09:00
|
|
|
* in R_SOS. It is represented by opaque MPI with GCRYMPI_FLAG_USER2
|
|
|
|
* flag. */
|
2020-06-09 10:32:47 +09:00
|
|
|
gpg_error_t
|
|
|
|
sexp_extract_param_sos (gcry_sexp_t sexp, const char *param, gcry_mpi_t *r_sos)
|
|
|
|
{
|
|
|
|
gpg_error_t err;
|
|
|
|
gcry_sexp_t l2 = gcry_sexp_find_token (sexp, param, 0);
|
|
|
|
|
|
|
|
*r_sos = NULL;
|
|
|
|
if (!l2)
|
|
|
|
err = gpg_error (GPG_ERR_NO_OBJ);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
size_t buflen;
|
|
|
|
void *p0 = gcry_sexp_nth_buffer (l2, 1, &buflen);
|
|
|
|
|
|
|
|
if (!p0)
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
gcry_mpi_t sos;
|
|
|
|
unsigned int nbits = buflen*8;
|
|
|
|
unsigned char *p = p0;
|
|
|
|
|
2020-10-30 15:21:20 +09:00
|
|
|
if (*p && nbits >= 8 && !(*p & 0x80))
|
2020-06-09 10:32:47 +09:00
|
|
|
if (--nbits >= 7 && !(*p & 0x40))
|
|
|
|
if (--nbits >= 6 && !(*p & 0x20))
|
|
|
|
if (--nbits >= 5 && !(*p & 0x10))
|
|
|
|
if (--nbits >= 4 && !(*p & 0x08))
|
|
|
|
if (--nbits >= 3 && !(*p & 0x04))
|
|
|
|
if (--nbits >= 2 && !(*p & 0x02))
|
|
|
|
if (--nbits >= 1 && !(*p & 0x01))
|
|
|
|
--nbits;
|
|
|
|
|
|
|
|
sos = gcry_mpi_set_opaque (NULL, p0, nbits);
|
|
|
|
if (sos)
|
|
|
|
{
|
|
|
|
gcry_mpi_set_flag (sos, GCRYMPI_FLAG_USER2);
|
|
|
|
*r_sos = sos;
|
|
|
|
err = 0;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
}
|
|
|
|
gcry_sexp_release (l2);
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2021-12-10 15:39:32 +09:00
|
|
|
/* "No leading zero octets" (nlz) version of the function above.
|
|
|
|
*
|
|
|
|
* This routine is used for backward compatibility to existing
|
|
|
|
* implementation with the weird handling of little endian integer
|
|
|
|
* representation with leading zero octets. For the sake of
|
|
|
|
* "well-fomed" MPI, which is designed for big endian integer, leading
|
|
|
|
* zero octets are removed when output, and they are recovered at
|
|
|
|
* input.
|
|
|
|
*
|
|
|
|
* Extract SOS representation from SEXP for PARAM, removing leading
|
|
|
|
* zeros, return the result in R_SOS. */
|
|
|
|
gpg_error_t
|
|
|
|
sexp_extract_param_sos_nlz (gcry_sexp_t sexp, const char *param,
|
|
|
|
gcry_mpi_t *r_sos)
|
|
|
|
{
|
|
|
|
gpg_error_t err;
|
|
|
|
gcry_sexp_t l2 = gcry_sexp_find_token (sexp, param, 0);
|
|
|
|
|
|
|
|
*r_sos = NULL;
|
|
|
|
if (!l2)
|
|
|
|
err = gpg_error (GPG_ERR_NO_OBJ);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
size_t buflen;
|
|
|
|
const void *p0 = gcry_sexp_nth_data (l2, 1, &buflen);
|
|
|
|
|
|
|
|
if (!p0)
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
gcry_mpi_t sos;
|
|
|
|
unsigned int nbits = buflen*8;
|
|
|
|
const unsigned char *p = p0;
|
|
|
|
|
|
|
|
/* Strip leading zero bits. */
|
|
|
|
for (; nbits >= 8 && !*p; p++, nbits -= 8)
|
|
|
|
;
|
|
|
|
|
|
|
|
if (nbits >= 8 && !(*p & 0x80))
|
|
|
|
if (--nbits >= 7 && !(*p & 0x40))
|
|
|
|
if (--nbits >= 6 && !(*p & 0x20))
|
|
|
|
if (--nbits >= 5 && !(*p & 0x10))
|
|
|
|
if (--nbits >= 4 && !(*p & 0x08))
|
|
|
|
if (--nbits >= 3 && !(*p & 0x04))
|
|
|
|
if (--nbits >= 2 && !(*p & 0x02))
|
|
|
|
if (--nbits >= 1 && !(*p & 0x01))
|
|
|
|
--nbits;
|
|
|
|
|
|
|
|
sos = gcry_mpi_set_opaque_copy (NULL, p, nbits);
|
|
|
|
if (sos)
|
|
|
|
{
|
|
|
|
gcry_mpi_set_flag (sos, GCRYMPI_FLAG_USER2);
|
|
|
|
*r_sos = sos;
|
|
|
|
err = 0;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
}
|
|
|
|
gcry_sexp_release (l2);
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2020-06-09 15:45:51 +09:00
|
|
|
static byte *
|
|
|
|
get_data_from_sexp (gcry_sexp_t sexp, const char *item, size_t *r_size)
|
|
|
|
{
|
|
|
|
gcry_sexp_t list;
|
|
|
|
size_t valuelen;
|
|
|
|
const char *value;
|
|
|
|
byte *v;
|
|
|
|
|
2020-06-23 10:10:29 +09:00
|
|
|
if (DBG_CRYPTO)
|
|
|
|
log_printsexp ("get_data_from_sexp:", sexp);
|
2020-06-09 15:45:51 +09:00
|
|
|
|
|
|
|
list = gcry_sexp_find_token (sexp, item, 0);
|
|
|
|
log_assert (list);
|
|
|
|
value = gcry_sexp_nth_data (list, 1, &valuelen);
|
|
|
|
log_assert (value);
|
|
|
|
v = xtrymalloc (valuelen);
|
|
|
|
memcpy (v, value, valuelen);
|
|
|
|
gcry_sexp_release (list);
|
|
|
|
*r_size = valuelen;
|
|
|
|
return v;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
/****************
|
|
|
|
* Emulate our old PK interface here - sometime in the future we might
|
|
|
|
* change the internal design to directly fit to libgcrypt.
|
|
|
|
*/
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
|
|
|
|
gcry_mpi_t *data, gcry_mpi_t *pkey)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
gcry_sexp_t s_sig, s_hash, s_pkey;
|
|
|
|
int rc;
|
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Make a sexp from pkey. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2], pkey[3]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL_E || pkalgo == PUBKEY_ALGO_ELGAMAL)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(elg(p%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_RSA || pkalgo == PUBKEY_ALGO_RSA_S)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(rsa(n%m)(e%m)))", pkey[0], pkey[1]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
char *curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(ecdsa(curve %s)(q%m)))",
|
|
|
|
curve, pkey[1]);
|
|
|
|
xfree (curve);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
|
|
|
char *curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
2011-01-31 09:27:06 +01:00
|
|
|
else
|
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
|
|
|
|
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
|
|
|
fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
|
|
|
|
else
|
|
|
|
fmt = "(public-key(ecc(curve %s)(q%m)))";
|
|
|
|
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pkey[1]);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
xfree (curve);
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
else
|
|
|
|
return GPG_ERR_PUBKEY_ALGO;
|
|
|
|
|
|
|
|
if (rc)
|
2009-02-24 11:47:25 +00:00
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Put hash into a S-Exp s_hash. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_EDDSA)
|
2013-11-15 08:59:45 +01:00
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
|
|
|
|
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
|
|
|
fmt = "(data(flags eddsa)(hash-algo sha512)(value %m))";
|
|
|
|
else
|
|
|
|
fmt = "(data(value %m))";
|
|
|
|
|
|
|
|
if (gcry_sexp_build (&s_hash, NULL, fmt, hash))
|
2013-11-15 08:59:45 +01:00
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if (gcry_sexp_build (&s_hash, NULL, "%m", hash))
|
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2009-02-24 11:47:25 +00:00
|
|
|
/* Put data into a S-Exp s_sig. */
|
|
|
|
s_sig = NULL;
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(dsa(r%m)(s%m)))", data[0], data[1]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(ecdsa(r%m)(s%m)))", data[0], data[1]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
2016-08-25 15:18:51 +02:00
|
|
|
gcry_mpi_t r = data[0];
|
|
|
|
gcry_mpi_t s = data[1];
|
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
2016-08-25 15:18:51 +02:00
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
size_t rlen, slen, n; /* (bytes) */
|
|
|
|
char buf[64];
|
|
|
|
unsigned int nbits;
|
|
|
|
unsigned int neededfixedlen = 256 / 8;
|
2020-06-09 10:32:47 +09:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
log_assert (neededfixedlen <= sizeof buf);
|
2020-06-09 10:32:47 +09:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (!r || !s)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else if ((rlen = (gcry_mpi_get_nbits (r)+7)/8) > neededfixedlen || !rlen)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else if ((slen = (gcry_mpi_get_nbits (s)+7)/8) > neededfixedlen || !slen)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* We need to fixup the length in case of leading zeroes.
|
|
|
|
* OpenPGP does not allow leading zeroes and the parser for
|
|
|
|
* the signature packet has no information on the use curve,
|
|
|
|
* thus we need to do it here. We won't do it for opaque
|
|
|
|
* MPIs under the assumption that they are known to be fine;
|
|
|
|
* we won't see them here anyway but the check is anyway
|
|
|
|
* required. Fixme: A nifty feature for gcry_sexp_build
|
|
|
|
* would be a format to left pad the value (e.g. "%*M"). */
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
if (rlen < neededfixedlen
|
|
|
|
&& !gcry_mpi_get_flag (r, GCRYMPI_FLAG_OPAQUE)
|
|
|
|
&& !(rc=gcry_mpi_print (GCRYMPI_FMT_USG, buf, sizeof buf, &n, r)))
|
|
|
|
{
|
|
|
|
log_assert (n < neededfixedlen);
|
|
|
|
memmove (buf + (neededfixedlen - n), buf, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
r = gcry_mpi_set_opaque_copy (NULL, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
else if (rlen < neededfixedlen
|
|
|
|
&& gcry_mpi_get_flag (r, GCRYMPI_FLAG_OPAQUE))
|
|
|
|
{
|
|
|
|
const unsigned char *p;
|
|
|
|
|
|
|
|
p = gcry_mpi_get_opaque (r, &nbits);
|
|
|
|
n = (nbits+7)/8;
|
|
|
|
memcpy (buf + (neededfixedlen - n), p, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
gcry_mpi_set_opaque_copy (r, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
if (slen < neededfixedlen
|
|
|
|
&& !gcry_mpi_get_flag (s, GCRYMPI_FLAG_OPAQUE)
|
|
|
|
&& !(rc=gcry_mpi_print (GCRYMPI_FMT_USG, buf, sizeof buf, &n, s)))
|
|
|
|
{
|
|
|
|
log_assert (n < neededfixedlen);
|
|
|
|
memmove (buf + (neededfixedlen - n), buf, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
s = gcry_mpi_set_opaque_copy (NULL, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
else if (slen < neededfixedlen
|
|
|
|
&& gcry_mpi_get_flag (s, GCRYMPI_FLAG_OPAQUE))
|
|
|
|
{
|
|
|
|
const unsigned char *p;
|
|
|
|
|
|
|
|
p = gcry_mpi_get_opaque (s, &nbits);
|
|
|
|
n = (nbits+7)/8;
|
|
|
|
memcpy (buf + (neededfixedlen - n), p, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
gcry_mpi_set_opaque_copy (s, buf, neededfixedlen * 8);
|
|
|
|
}
|
2020-06-09 10:32:47 +09:00
|
|
|
}
|
2020-06-24 10:05:03 +09:00
|
|
|
}
|
|
|
|
else
|
|
|
|
rc = 0;
|
2016-08-25 15:18:51 +02:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(eddsa(r%M)(s%M)))", r, s);
|
2016-08-25 15:18:51 +02:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (r != data[0])
|
|
|
|
gcry_mpi_release (r);
|
|
|
|
if (s != data[1])
|
|
|
|
gcry_mpi_release (s);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL || pkalgo == PUBKEY_ALGO_ELGAMAL_E)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(elg(r%m)(s%m)))", data[0], data[1]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_RSA || pkalgo == PUBKEY_ALGO_RSA_S)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%m)))", data[0]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
BUG ();
|
|
|
|
|
2009-02-24 11:47:25 +00:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
|
2003-06-18 19:56:13 +00:00
|
|
|
|
|
|
|
gcry_sexp_release (s_sig);
|
|
|
|
gcry_sexp_release (s_hash);
|
|
|
|
gcry_sexp_release (s_pkey);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/****************
|
|
|
|
* Emulate our old PK interface here - sometime in the future we might
|
|
|
|
* change the internal design to directly fit to libgcrypt.
|
2011-02-02 17:40:32 +01:00
|
|
|
* PK is only required to compute the fingerprint for ECDH.
|
2003-06-18 19:56:13 +00:00
|
|
|
*/
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
|
2011-02-02 17:40:32 +01:00
|
|
|
PKT_public_key *pk, gcry_mpi_t *pkey)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2014-09-08 18:25:06 +02:00
|
|
|
gcry_sexp_t s_ciph = NULL;
|
|
|
|
gcry_sexp_t s_data = NULL;
|
|
|
|
gcry_sexp_t s_pkey = NULL;
|
2003-06-18 19:56:13 +00:00
|
|
|
int rc;
|
2024-01-24 16:36:21 +09:00
|
|
|
int with_ecdh_cv25519 = 0;
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Make a sexp from pkey. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(elg(p%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2]);
|
2011-01-25 20:28:25 +01:00
|
|
|
/* Put DATA into a simplified S-expression. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", data);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_RSA || algo == PUBKEY_ALGO_RSA_E)
|
2003-07-03 18:08:16 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(rsa(n%m)(e%m)))",
|
|
|
|
pkey[0], pkey[1]);
|
2011-01-25 20:28:25 +01:00
|
|
|
/* Put DATA into a simplified S-expression. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", data);
|
2003-07-03 18:08:16 +00:00
|
|
|
}
|
2011-02-02 17:40:32 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_ECDH)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
2024-01-24 16:36:21 +09:00
|
|
|
with_ecdh_cv25519 = openpgp_oid_is_cv25519 (pkey[0]);
|
|
|
|
if (with_ecdh_cv25519)
|
|
|
|
{
|
|
|
|
unsigned char ephemkey[GCRY_KEM_ECC_X25519_ENCAPS_LEN+1];
|
|
|
|
unsigned int nbits;
|
|
|
|
const byte *oid;
|
|
|
|
const byte *pubkey;
|
|
|
|
const byte *kek_params;
|
|
|
|
unsigned char kdf_params[256];
|
|
|
|
size_t oidlen;
|
|
|
|
size_t pubkeylen;
|
|
|
|
size_t kdf_params_size;
|
|
|
|
byte fp[MAX_FINGERPRINT_LEN];
|
|
|
|
byte *kekkey;
|
|
|
|
size_t kekkeylen;
|
|
|
|
int kdf_encr_algo;
|
|
|
|
gcry_cipher_hd_t hd;
|
|
|
|
|
2024-01-26 15:34:03 +09:00
|
|
|
/*FIXME use build_kdf_params! */
|
2024-01-24 16:36:21 +09:00
|
|
|
oid = gcry_mpi_get_opaque (pkey[0], &nbits);
|
|
|
|
oidlen = (nbits + 7) / 8;
|
|
|
|
|
|
|
|
pubkey = (const byte *)gcry_mpi_get_opaque (pkey[1], &nbits) + 1;
|
|
|
|
pubkeylen = (nbits + 7) / 8 - 1;
|
|
|
|
/*FIXME check pubkeylen == GCRY_KEM_ECC_X25519_PUBKEY_LEN */
|
|
|
|
(void)pubkeylen;
|
|
|
|
|
|
|
|
kek_params = gcry_mpi_get_opaque (pkey[2], &nbits);
|
|
|
|
/*FIXME check nbits good: 4-byte long*/
|
|
|
|
kdf_encr_algo = kek_params[3];
|
|
|
|
|
|
|
|
if (kdf_encr_algo != CIPHER_ALGO_AES
|
|
|
|
&& kdf_encr_algo != CIPHER_ALGO_AES192
|
|
|
|
&& kdf_encr_algo != CIPHER_ALGO_AES256)
|
|
|
|
return gpg_error (GPG_ERR_BAD_PUBKEY);
|
|
|
|
|
|
|
|
kekkeylen = gcry_cipher_get_algo_keylen (kdf_encr_algo);
|
|
|
|
kekkey = xtrymalloc_secure (kekkeylen);
|
|
|
|
if (!kekkey)
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
|
|
|
fingerprint_from_pk (pk, fp, NULL);
|
|
|
|
memcpy (kdf_params, oid, oidlen);
|
|
|
|
kdf_params_size = oidlen;
|
|
|
|
kdf_params[kdf_params_size++] = PUBKEY_ALGO_ECDH;
|
|
|
|
memcpy (kdf_params + kdf_params_size, kek_params, 4);
|
|
|
|
kdf_params_size += 4;
|
|
|
|
memcpy (kdf_params + kdf_params_size, "Anonymous Sender ", 20);
|
|
|
|
kdf_params_size += 20;
|
|
|
|
memcpy (kdf_params + kdf_params_size, fp, 20);
|
|
|
|
kdf_params_size += 20;
|
|
|
|
|
|
|
|
rc = gcry_kem_encap (GCRY_KEM_PGP_X25519,
|
|
|
|
pubkey, GCRY_KEM_ECC_X25519_PUBKEY_LEN,
|
|
|
|
ephemkey+1, GCRY_KEM_ECC_X25519_ENCAPS_LEN,
|
|
|
|
kekkey, kekkeylen,
|
|
|
|
kdf_params, kdf_params_size);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
xfree (kekkey);
|
|
|
|
return rc;
|
|
|
|
}
|
2011-01-25 20:28:25 +01:00
|
|
|
|
2024-01-24 16:36:21 +09:00
|
|
|
rc = gcry_cipher_open (&hd, kdf_encr_algo, GCRY_CIPHER_MODE_AESWRAP, 0);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error ("ecdh failed to initialize AESWRAP: %s\n",
|
|
|
|
gpg_strerror (rc));
|
|
|
|
xfree (kekkey);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
rc = gcry_cipher_setkey (hd, kekkey, kekkeylen);
|
|
|
|
xfree (kekkey);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
gcry_cipher_close (hd);
|
|
|
|
log_error ("ecdh failed in gcry_cipher_setkey: %s\n",
|
|
|
|
gpg_strerror (rc));
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
|
|
|
byte *data_buf;
|
|
|
|
int data_buf_size;
|
|
|
|
byte *p = gcry_mpi_get_opaque (data, &nbits);
|
|
|
|
size_t ndata = (nbits + 7)/8;
|
|
|
|
byte *in;
|
|
|
|
gcry_mpi_t result;
|
|
|
|
|
|
|
|
data_buf_size = ndata;
|
|
|
|
data_buf = xtrymalloc_secure (1 + 2*data_buf_size + 8);
|
|
|
|
|
|
|
|
if (!data_buf)
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
|
|
|
in = data_buf + 1 + data_buf_size + 8;
|
|
|
|
memcpy (in, p, ndata);
|
|
|
|
|
|
|
|
gcry_cipher_encrypt (hd, data_buf+1, data_buf_size+8,
|
|
|
|
in, data_buf_size);
|
|
|
|
memset (in, 0, data_buf_size);
|
|
|
|
gcry_cipher_close (hd);
|
|
|
|
data_buf[0] = data_buf_size+8;
|
|
|
|
|
|
|
|
result = gcry_mpi_set_opaque (NULL, data_buf, 8 * (1+data_buf[0]));
|
|
|
|
if (!result)
|
|
|
|
{
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
xfree (data_buf);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
ephemkey[0] = 0x40;
|
|
|
|
resarr[0] = gcry_mpi_set_opaque_copy (NULL, ephemkey,
|
|
|
|
sizeof (ephemkey) * 8);
|
|
|
|
resarr[1] = result;
|
|
|
|
rc = 0;
|
|
|
|
}
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
else
|
2011-01-31 09:27:06 +01:00
|
|
|
{
|
2024-01-24 16:36:21 +09:00
|
|
|
gcry_mpi_t k;
|
2014-09-08 18:25:06 +02:00
|
|
|
|
2024-01-24 16:36:21 +09:00
|
|
|
rc = pk_ecdh_generate_ephemeral_key (pkey, &k);
|
|
|
|
if (!rc)
|
2014-09-08 18:25:06 +02:00
|
|
|
{
|
2024-01-24 16:36:21 +09:00
|
|
|
char *curve;
|
|
|
|
|
|
|
|
curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
int with_djb_tweak_flag = with_ecdh_cv25519;
|
|
|
|
|
|
|
|
/* Now use the ephemeral secret to compute the shared point. */
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
with_djb_tweak_flag ?
|
|
|
|
"(public-key(ecdh(curve%s)(flags djb-tweak)(q%m)))"
|
|
|
|
: "(public-key(ecdh(curve%s)(q%m)))",
|
|
|
|
curve, pkey[1]);
|
|
|
|
xfree (curve);
|
|
|
|
/* Put K into a simplified S-expression. */
|
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", k);
|
|
|
|
}
|
|
|
|
gcry_mpi_release (k);
|
2014-09-08 18:25:06 +02:00
|
|
|
}
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
else
|
2014-09-08 18:25:06 +02:00
|
|
|
rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Pass it to libgcrypt. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey);
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
gcry_sexp_release (s_data);
|
|
|
|
gcry_sexp_release (s_pkey);
|
|
|
|
|
|
|
|
if (rc)
|
|
|
|
;
|
2011-02-02 17:40:32 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_ECDH)
|
2011-01-25 20:28:25 +01:00
|
|
|
{
|
2020-06-09 15:45:51 +09:00
|
|
|
gcry_mpi_t public, result;
|
2011-02-02 17:40:32 +01:00
|
|
|
byte fp[MAX_FINGERPRINT_LEN];
|
2020-06-09 15:45:51 +09:00
|
|
|
byte *shared;
|
|
|
|
size_t nshared;
|
2011-01-25 20:28:25 +01:00
|
|
|
|
|
|
|
/* Get the shared point and the ephemeral public key. */
|
2020-06-09 15:45:51 +09:00
|
|
|
shared = get_data_from_sexp (s_ciph, "s", &nshared);
|
2021-05-11 09:04:19 +02:00
|
|
|
if (!shared)
|
|
|
|
{
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
goto leave;
|
|
|
|
}
|
2020-06-09 10:32:47 +09:00
|
|
|
rc = sexp_extract_param_sos (s_ciph, "e", &public);
|
2011-01-25 20:28:25 +01:00
|
|
|
gcry_sexp_release (s_ciph);
|
|
|
|
s_ciph = NULL;
|
2015-04-06 13:07:09 +02:00
|
|
|
if (DBG_CRYPTO)
|
2011-01-25 20:28:25 +01:00
|
|
|
{
|
|
|
|
log_debug ("ECDH ephemeral key:");
|
|
|
|
gcry_mpi_dump (public);
|
|
|
|
log_printf ("\n");
|
|
|
|
}
|
2011-02-02 17:40:32 +01:00
|
|
|
|
2011-01-25 20:28:25 +01:00
|
|
|
result = NULL;
|
2021-03-24 14:51:42 +09:00
|
|
|
fingerprint_from_pk (pk, fp, NULL);
|
2020-06-09 10:32:47 +09:00
|
|
|
|
|
|
|
if (!rc)
|
2020-06-09 15:45:51 +09:00
|
|
|
{
|
|
|
|
unsigned int nbits;
|
|
|
|
byte *p = gcry_mpi_get_opaque (data, &nbits);
|
|
|
|
rc = pk_ecdh_encrypt_with_shared_point (shared, nshared, fp, p,
|
|
|
|
(nbits+7)/8, pkey, &result);
|
|
|
|
}
|
|
|
|
xfree (shared);
|
2011-01-25 20:28:25 +01:00
|
|
|
if (!rc)
|
|
|
|
{
|
|
|
|
resarr[0] = public;
|
|
|
|
resarr[1] = result;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
gcry_mpi_release (public);
|
|
|
|
gcry_mpi_release (result);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else /* Elgamal or RSA case. */
|
|
|
|
{ /* Fixme: Add better error handling or make gnupg use
|
|
|
|
S-expressions directly. */
|
2013-11-15 08:59:45 +01:00
|
|
|
resarr[0] = get_mpi_from_sexp (s_ciph, "a", GCRYMPI_FMT_USG);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (!is_RSA (algo))
|
2013-11-15 08:59:45 +01:00
|
|
|
resarr[1] = get_mpi_from_sexp (s_ciph, "b", GCRYMPI_FMT_USG);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
|
|
|
|
2021-05-11 09:04:19 +02:00
|
|
|
leave:
|
2003-06-18 19:56:13 +00:00
|
|
|
gcry_sexp_release (s_ciph);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
|
2011-01-05 17:33:17 -08:00
|
|
|
/* Check whether SKEY is a suitable secret key. */
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
gcry_sexp_t s_skey;
|
|
|
|
int rc;
|
|
|
|
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3], skey[4]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL || pkalgo == PUBKEY_ALGO_ELGAMAL_E)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (is_RSA (pkalgo))
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3], skey[4],
|
|
|
|
skey[5]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA || pkalgo == PUBKEY_ALGO_ECDH)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
char *curve = openpgp_oid_to_str (skey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
2011-01-31 09:27:06 +01:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
"(private-key(ecc(curve%s)(q%m)(d%m)))",
|
|
|
|
curve, skey[1], skey[2]);
|
|
|
|
xfree (curve);
|
2013-11-15 08:59:45 +01:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
|
|
|
char *curve = openpgp_oid_to_str (skey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
2013-11-15 08:59:45 +01:00
|
|
|
else
|
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
|
|
|
|
|
|
|
if (openpgp_oid_is_ed25519 (skey[0]))
|
|
|
|
fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
|
|
|
|
else
|
|
|
|
fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))";
|
|
|
|
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, skey[1], skey[2]);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
xfree (curve);
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
|
|
|
else
|
|
|
|
return GPG_ERR_PUBKEY_ALGO;
|
|
|
|
|
|
|
|
if (!rc)
|
|
|
|
{
|
|
|
|
rc = gcry_pk_testkey (s_skey);
|
|
|
|
gcry_sexp_release (s_skey);
|
|
|
|
}
|
|
|
|
return rc;
|
|
|
|
}
|